Hop to it, 'nother sendmail patch released

Dagmar d'Surreal dagmar.wants at nospam.com
Sat Mar 29 23:46:28 PST 2003


This hit the Full Disclosure list a couple of days ago, so it's a little
shift of the Sendmail people to phrase their release the way they did,
but in any case, another bit of slightly screwey code involving parsing
addresses was found and now we have 8.12.9.  You're _probably_ not
vulnerable if you have taken steps to make your stack non-executeable,
but beyond that this one is somewhat easier to exploit than the last
one.  

Patches and new versions can be found from www.sendmail.org.  Hop to it.

-- 
The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar  Jabber: evilDagmar at jabber.org

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list