On Mon, 2003-03-03 at 13:10, Jeremy Portzer wrote: > Sendmail has *yet* another remote-root vulnerability discovered > recently. For details see > > http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 > > An excerpt from that advisory reads, "This vulnerability > is especially dangerous because the exploit can be delivered within an > email message and the attacker doesn't need any specific knowledge of > the target to launch a successful attack." > > Red Hat has released errata packages here: > https://rhn.redhat.com/errata/RHSA-2003-073.html > > Mandrake doesn't appear to have packages yet but I presume they and > other vendors will create some soon.
Mandrake has now released errata packages, available here: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:028 I haven't seen evidence of a Debian announcement yet. Strange because they are usually pretty fast. > I'm working on syncing the TriLUG servers so the Red Hat updates should > be available soon there, for those of you using apt or current on the > TriLUG mirrors. The TriLUG apt for rpm repository is now updated; the current server should be updated by tomorrow AM. --Jeremy _______________________________________________ TriLUG mailing list http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ: http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
