These updated test packages for rh73, rh9 and fc1 fix problems with the previous sendmail update. --------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-186277 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186277 2006-03-28 --------------------------------------------------------------------- Name : sendmail Versions : rh73: sendmail-8.12.11-4.22.10.legacy Versions : rh9: sendmail-8.12.11-4.24.3.legacy Versions : fc1: sendmail-8.12.11-4.25.3.legacy Summary : A widely used Mail Transport Agent (MTA). Description : The Sendmail program is a very widely used Mail Transport Agent (MTA). MTAs send mail from one machine to another. Sendmail is not a client program, which you use to read your email. Sendmail is a behind-the-scenes program which actually moves your email over networks or the Internet to where you want it to go. --------------------------------------------------------------------- Update Information: Updated sendmail packages that fix a flaw in the handling of asynchronous signals are now available. A flaw in the handling of asynchronous signals was discovered in Sendmail. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0058 to this issue. In order to correct this issue for RHL 7.3 users, it was necessary to upgrade the version of Sendmail from 8.11 as originally shipped to Sendmail 8.12.11 with the addition of the security patch supplied by Sendmail Inc. This erratum provides updated packages based on Sendmail 8.12 with a compatibility mode enabled as provided by Red Hat for RHEL 2.1. After updating to these packages, users should pay close attention to their sendmail logs to ensure that the upgrade completed sucessfully. In order to correct this issue for RHL 9 and FC1 users, it was necessary to upgrade the version of Sendmail from 8.12.8 and 8.12.10 respectively to 8.12.11 with the addition of the security patch supplied by Sendmail Inc. After updating to these packages, users should pay close attention to their sendmail logs to ensure that the upgrade completed sucessfully. Users of Sendmail should upgrade to this updated package, which contains a backported patch to correct this issue. --------------------------------------------------------------------- Changelogs rh73: * Sat Mar 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 8.12.11-4.22.10.legacy - Added hesiod-devel to BuildRequires - Reverted to previous alternatives files - Removed new triggers - Modified instructions in sendmail.mc * Wed Mar 22 2006 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> 8.12.11-4.22.9.legacy - Sourced in for RHL7.3 - Added groff buildreq - Enable alternatives rh9: * Sun Mar 26 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> - 8.12.11-4.24.3.legacy - Reverted statistics file path in mc file - Reverted CERT paths in mc file - Don't enable statistics by default * Sat Mar 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> - 8.12.11-4.24.2.legacy - Reverted statistics file to /etc/mail - Reverted to previous alternatives files * Wed Mar 22 2006 Jesse Keating <jkeating@xxxxxxxxxx> - 8.12.11-4.24.1.legacy - fixed VU#834865 (#186277) - disable -fpie - enable old_setup - Add BuildReq gdbm-devel - Use sasl1 fc1: * Sun Mar 26 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> - 8.12.11-4.25.3.legacy - Reverted statistics file path in mc file - Reverted CERT paths in mc file - Don't enable statistics by default * Sat Mar 25 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> - 8.12.11-4.25.2.legacy - Reverted statistics file to /etc/mail - Reverted to previous alternatives files - Added gdbm-devel to BuildRequires * Wed Mar 22 2006 Jesse Keating <jkeating@xxxxxxxxxx> - 8.12.11-4.25.1.legacy - fixed VU#834865 (#186277) - enable old_setup --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh73: 950fc853550d93f521d4203b9f78023721fbdecd redhat/7.3/updates-testing/i386/sendmail-8.12.11-4.22.10.legacy.i386.rpm d8c06f3f92d7dd526426b86e52bdd244e75c061a redhat/7.3/updates-testing/i386/sendmail-cf-8.12.11-4.22.10.legacy.i386.rpm dde44f59a60481edae75ddf6d854341308e4ce62 redhat/7.3/updates-testing/i386/sendmail-devel-8.12.11-4.22.10.legacy.i386.rpm faf27d20eb151227225cc4e2ac5014bb205aa350 redhat/7.3/updates-testing/i386/sendmail-doc-8.12.11-4.22.10.legacy.i386.rpm e0b9ece564e8103a254311da19c6bc41a21c8ffc redhat/7.3/updates-testing/SRPMS/sendmail-8.12.11-4.22.10.legacy.src.rpm rh9: 9f1caeadce45e2922f6bc29ea0f4e7bce4e26d02 redhat/9/updates-testing/i386/sendmail-8.12.11-4.24.3.legacy.i386.rpm 6b7b437bb58ac9f805185ae992da9a157a0d755d redhat/9/updates-testing/i386/sendmail-cf-8.12.11-4.24.3.legacy.i386.rpm ae48cf1d3a5d8f5bfc789a408de392fe27e84b73 redhat/9/updates-testing/i386/sendmail-devel-8.12.11-4.24.3.legacy.i386.rpm 4571b20f603bf6f90558aa09107f5b2ae17e8111 redhat/9/updates-testing/i386/sendmail-doc-8.12.11-4.24.3.legacy.i386.rpm 4b4ed7d51e710a447c6a839dcf203bc4636c2f62 redhat/9/updates-testing/SRPMS/sendmail-8.12.11-4.24.3.legacy.src.rpm fc1: 3f6edb4bdcd42cca1f01fce9482d3ac10b56f530 fedora/1/updates-testing/i386/sendmail-8.12.11-4.25.3.legacy.i386.rpm 7aaa9743d312b7ebc95baa83e186acaa267f6915 fedora/1/updates-testing/i386/sendmail-cf-8.12.11-4.25.3.legacy.i386.rpm dfabadaa764d471b2c5963547643ca4bbe5ca0e7 fedora/1/updates-testing/i386/sendmail-devel-8.12.11-4.25.3.legacy.i386.rpm 121433ec0c71a163993cf2a94f33fa67df786b11 fedora/1/updates-testing/i386/sendmail-doc-8.12.11-4.25.3.legacy.i386.rpm d41f7652ea88a068e21c7f68bb018b8462695754 fedora/1/updates-testing/SRPMS/sendmail-8.12.11-4.25.3.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
