-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200303-27 - - --------------------------------------------------------------------- PACKAGE : sendmail SUMMARY : buffer overflow DATE : 2003-03-31 09:13 UTC EXPLOIT : remote VERSIONS AFFECTED : <8.12.9 FIXED VERSION : >=8.12.9 CVE : CAN-2003-0161 - - --------------------------------------------------------------------- - From advisory: "There is a vulnerability in sendmail that can be exploited to cause a denial-of-service condition and could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root." Read the full advisory at http://www.cert.org/advisories/CA-2003-12.html SOLUTION It is recommended that all Gentoo Linux users who are running net-mail/sendmail upgrade to sendmail-8.12.9 as follows: emerge sync emerge sendmail emerge clean - - --------------------------------------------------------------------- alizat_private - GnuPG key is available at http://cvs.gentoo.org/~aliz avenjat_private - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+iAbNfT7nyhUpoZMRAuQWAJ9DKi8B6JxgHVyxRLZfM1e5N0YyNQCgqM7Y NwuiPB4hihTbTLAXIKg9/J8= =RiMh -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Mon Mar 31 2003 - 15:30:20 PST