[CentOS-mirror] Sendmail

Wed Mar 22 20:26:56 UTC 2006
Lance Davis <lance at uklinux.net>

On Thu, 23 Mar 2006, Tony Wicks wrote:

> Here is another question, would installing the official Redhat packages 
> on a CentOS machine ? I'm thinking it shouldn't be an issue.

The CentOS packages have been released.

Lance
> 
> Tony Wicks wrote:
> > HI guys, If the rpm for this could be produced as soon as humanly 
> > possible it would be appreciates ! thanks guys -
> > 
> > Synopsis
> > Critical: sendmail security update
> > 
> > Issued:     3/22/06
> > Updated:     3/22/06
> > Topic
> > Updated sendmail packages to fix a security issue are now available for Red
> > Hat Enterprise Linux 3 and 4.
> > 
> > This update has been rated as having critical security impact by the Red
> > Hat Security Response Team.
> > Description
> > Sendmail is a Mail Transport Agent (MTA) used to send mail between 
> > machines.
> > 
> > A flaw in the handling of asynchronous signals was discovered in Sendmail.
> > A remote attacker may be able to exploit a race condition to execute
> > arbitrary code as root. The Common Vulnerabilities and Exposures project
> > assigned the name CVE-2006-0058 to this issue.
> > 
> > By default on Red Hat Enterprise Linux 3 and 4, Sendmail is configured to
> > only accept connections from the local host. Therefore, only users who have
> > configured Sendmail to listen to remote hosts would be able to be remotely
> > exploited by this vulnerability.
> > 
> > Users of Sendmail are advised to upgrade to these erratum packages, which
> > contain a backported patch from the Sendmail team to correct this issue.
> > Solution
> > Before applying this update, make sure all previously released errata
> > relevant to your system have been applied.
> > 
> > This update is available via Red Hat Network. To use Red Hat Network,
> > launch the Red Hat Update Agent with the following command:
> > 
> > up2date
> > 
> > This will start an interactive process that will result in the appropriate
> > RPMs being upgraded on your system.
> > Affected Channels
> > Red Hat Enterprise Linux ES (v. 3 for AMD64/Intel EM64T)
> > Red Hat Enterprise Linux ES (v. 3 for Itanium)
> > Red Hat Enterprise Linux ES (v. 3 for x86)
> > Red Hat Enterprise Linux ES (v. 4 for 32-bit x86)
> > Red Hat Enterprise Linux ES (v. 4 for 64-bit Intel Itanium)
> > Red Hat Enterprise Linux ES (v. 4 for AMD64/Intel EM64T)
> > 
> > 
> > _______________________________________________
> > CentOS-mirror mailing list
> > CentOS-mirror at centos.org
> > http://lists.centos.org/mailman/listinfo/centos-mirror
> 
> 
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> http://lists.centos.org/mailman/listinfo/centos-mirror
> 

-- 
uklinux.net - 
The ISP of choice for the discerning Linux user.