Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail
At 09:11 AM 03/03/2003 -0800, FreeBSD Security Advisories wrote: >Module: contrib_sendmail >Announced: 2003-03-03 >Credits:Mark Dowd (ISS) >Affects:All releases prior to 4.8-RELEASE and 5.0-RELEASE-p4 > FreeBSD 4-STABLE prior to the correction date >Corrected: 2003-03-03 >1) Upgrade your vulnerable system to 4-STABLE; or to the RELENG_5_0, I still have a FreeBSD-2.8 (-STABLE) system running which includes sendmail-8.8.8. As the patches on sendmail.org only apply to sendmail-8.9 - sendmail-8.12, i ported the patch. Perhaps someone else needs this patch, so I've put it up for ftp at ftp://ftp.42.org/sendmail.8.8.8.patch As I don't have an example E-Mail to test, I can not _guarantee_ that this fixes it. But given the fact that I only had to change two lines (which both were function declarations) from the official supported patch, I'm sure that this patch fixes the problem. CU, Sec -- ``oh no! the gronkulator is broken!'' To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In article <[EMAIL PROTECTED]> Barney Wolff writes: >As of 13:06 EST, the commits had made it to head but were NOT tagged >with RELENG_4 or RELENG_5_0 from cvsup3. cvsup3 updates every hour at 15 after. I'm afraid you were just unlucky. - -GAWollman -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE+Y6adI+eG6b7tlG4RAm8mAJ9zvDTk24BAwUdcPCyOgunxCaVTTwCfZG3s 4XdMunELySmG5NpUTrOuMnA= =Cw+h -END PGP SIGNATURE- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail
On Mon, Mar 03, 2003 at 09:57:06AM -0800, Bruce A. Mah wrote: > > Every cvsup mirror updates on a periodic schedule. The commits to the > src tree (which happened about 30 minutes ago) probably haven't made > it to all the mirrors yet. (You can see the changes in cvsweb, > probably the cvs-all mailing list archives as well.) As of 13:06 EST, the commits had made it to head but were NOT tagged with RELENG_4 or RELENG_5_0 from cvsup3. I gave up and downloaded the patch, which worked fine on both of the above. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail
If memory serves me right, Mike Tancsa wrote: > At 09:11 AM 03/03/2003 -0800, FreeBSD Security Advisories wrote: > >Module: contrib_sendmail > >Announced: 2003-03-03 > >Credits:Mark Dowd (ISS) > >Affects:All releases prior to 4.8-RELEASE and 5.0-RELEASE-p4 > >FreeBSD 4-STABLE prior to the correction date > >Corrected: 2003-03-03 > >1) Upgrade your vulnerable system to 4-STABLE; or to the RELENG_5_0, > > > Hi, > I dont see this in the cvsup commit logs yet ? Every cvsup mirror updates on a periodic schedule. The commits to the src tree (which happened about 30 minutes ago) probably haven't made it to all the mirrors yet. (You can see the changes in cvsweb, probably the cvs-all mailing list archives as well.) Bruce. pgp0.pgp Description: PGP signature
Re: FreeBSD Security Advisory FreeBSD-SA-03:04.sendmail
At 09:11 AM 03/03/2003 -0800, FreeBSD Security Advisories wrote: Module: contrib_sendmail Announced: 2003-03-03 Credits:Mark Dowd (ISS) Affects:All releases prior to 4.8-RELEASE and 5.0-RELEASE-p4 FreeBSD 4-STABLE prior to the correction date Corrected: 2003-03-03 1) Upgrade your vulnerable system to 4-STABLE; or to the RELENG_5_0, Hi, I dont see this in the cvsup commit logs yet ? ---Mike To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message