[cobalt-security] New Sendmail vulnerability :o(

[Barbara <thebizworkers@xxxxxxxxx>]

Hey Michael,

Just a quick follow-up to my last post to give you
some feedback.. It looks like (as best as I can tell)
I'm still running the Solarspeed previously patched
version of sendmail -hence the RPM showing up as:

sendmail-8.10.2-C1sol1

I'm thinking the latest patch (sol2) tried to grab and
roll-back to the Cobalt RPM's (for some reason), but
it wasn't able to get to the Cobalt FTP server because
of my firewall -so it left the sol1 version in place..
I'm still not sure/clear why it would try and do so,
but apparently it tried (hence the message I recv'd
while trying to upgrade to sol2)..  I don't have
mailscanner or really anything else installed on the
RaQ4 - except neomail and webalizer (from pkgmaster),
as well as your BIND/Qpopper and Sendmail patches..
The only other pkgs installed have been official
Cobalt pkg's. I was looking over the scripts in the
sol2 pkg - and I don't have the Cobalt patch 16402
installed (heck I can't even find it on Cobalt's site
-did they pull it..?) 

Just giving some feed-back on my setup/experience..
I'm trying to see where/why the script failed and
tried to fall back to Cobalt's RPM's -when it was
already running sendmail-8.10.2-C1sol1...?  I'm
-thinking- (that's always dangerous) that I probably
could just try and reinstall the pkg again and it
might go in now since the sendmail-8.10.2-C1sol1
uninstaller and md5 scripts/files have been removed..
But I'll hold off until tomorrow to play with it a bit
more.. It's late and I'm tired and don't want to be
pulling an all nighter (just in case)...  :-)

Thanks again..!

Barbara


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com