https://rhn.redhat.com/errata/RHSA-2005-136.html refers updated files are :- updates/i386/RPMS/mailman-2.1.5-24.rhel3.i386.rpm updates/i386/SRPMS/mailman-2.1.5-24.rhel3.src.rpm To update CentOS 3.4 to this new version run 'yum update mailman' CentOS 3.3 shipped with an earlier version of mailman - mailman-2.0.13-5 - in the extras repo. This version has not been supported since 3.4 was released, ( http://www.centos.org/modules/news/article.php?storyid=34) however this version may be vulnerable to the exploit so it is recommended that all users upgrade. Details of the upgrade procedure may be found at http://www.centos.org/mailman Lance -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20050210/c4362628/attachment-0005.sig>