[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- Subject: Re: [cobalt-security] Remote Sendmail Header Processing Vulnerability
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Tue, 4 Mar 2003 14:38:58 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Julian
> Any plans to make one for a raq2?
I gave it a brief look, but I hit an obstacle here. On a fully patched RaQ2
there is sendmail-8.9.3-C7 installed. However, the SRPM on ftp.cobalt.com is
for sendmail-8.9.3-C5.
If I use the SRPM for sendmail-8.9.3-C5 and patch it, then it could open up
other holes which Sun Cobalt's C6 and C7 fixed. :o/
But it's great that Harald posted his sendmail 8.11.6 binary. So there's also
an upgrade path for those with a RaQ2.
--
With best regards,
Michael Stauber