[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- Subject: Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- From: Harald Kapper <hk@xxxxxxxxxx>
- Date: Tue, 04 Mar 2003 11:47:20 +0100
- Organization: kapper.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tue, 04 Mar 2003 10:07:16 GMT, you wrote:
>Thank you for the painless patch for the 550s.
>
>Any plans to make one for a raq2? If not, do you recommend installing
>sendmail 8.12.8 from an rpm or patching the version 8.9.3 that our raq2 runs
>and recompiling it?
>
>Thanks, Julian
hi,
as I maintain a whole bunch of raq2-boxes, I've setup a patched 8.11.6 here
http://www.knet.at/~hk/raq2/
please do only modify your system if you know what you're doing, otherwise
instruct some professional to do it for you - honestly - this saves time + money.
it's 8.11.6 because some features faded out in 8.12 that the raq2 still
relays on (I guess I remember auto-reloadling alias-files as one of these).
the 8.11.6 located at the above url was originally built 2001 - so it is
hardened and tested on our raq2-setups, the patch was applied this morning (CET)
and the executable was recompiled then and deployed - so far our systems work.
this of course makes no warranty that it will work for you.
if anyone got the time to make a pkg (and some users could confirm it works on their raq2's)
I'd be grateful.
best,
Harald Kapper, icq# 36178328 kapper.net, inc.
managing director loeblichgasse 6
chief software development 1090 vienna, .at
tel +43 1 3195500-0, fax +43 1 3195502, hk@xxxxxxxxxx