The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Sendmail: code execution via signals

Synthesis of the vulnerability 

An attacker can connect to a server to generate a race condition in asynchronous signals, and that could lead to code execution.
Impacted software: Debian, Fedora, FreeBSD, Tru64 UNIX, HP-UX, AIX, Mandriva Linux, Mandriva NF, NetBSD, OpenBSD, openSUSE, Solaris, Trusted Solaris, RHEL, RedHat Linux, Sendmail, Slackware, SLES, TurboLinux.
Severity of this computer vulnerability: 4/4.
Creation date: 22/03/2006.
Revisions dates: 22/03/2006, 23/03/2006.
Références of this announce: 102262, 200494, 20060302-01-P, 20060401-01-U, 6397275, 6403051, BID-17192, BID-17207, c00692635, CERTA-2002-AVI-006, CERTA-2006-AVI-124, CVE-2006-0058, DSA-1015-1, DUXKIT1000636-V40FB22-ES-20060519, emr_na-c00629555-7, FEDORA-2006-193, FEDORA-2006-194, FLSA-2006:186277, FreeBSD-SA-06:13.sendmail, HPSBTU02116, HPSBUX02108, IY82992, IY82993, IY82994, MDKSA-2006:058, NetBSD-SA2006-010, RHSA-2006:026, RHSA-2006:0264-01, RHSA-2006:0265-01, SSA:2006-081-01, SSRT061133, SSRT061135, SUSE-SA:2006:017, T64V51AB-IX-631-SENDMAIL-SSRT-061135, TLSA-2006-5, VIGILANCE-VUL-5710, VU#834865.

Description of the vulnerability 

The setjmp() et longjmp() functions save and restore the stack context.

A race condition occurs in libsm library during usage of these functions, and management of an asynchronous signal. This error can be exploited using a buffer in sm_syslog() function.

This error can not occur during email emission or reception. An attacker has to connect to port 25 of server and to run a serie of SMTP commands with a precise timing.

This vulnerability leads to code execution.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability announce impacts software or systems such as Debian, Fedora, FreeBSD, Tru64 UNIX, HP-UX, AIX, Mandriva Linux, Mandriva NF, NetBSD, OpenBSD, openSUSE, Solaris, Trusted Solaris, RHEL, RedHat Linux, Sendmail, Slackware, SLES, TurboLinux.

Our Vigil@nce team determined that the severity of this cybersecurity bulletin is critical.

The trust level is of type confirmed by the editor, with an origin of internet client.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a specialist ability can exploit this threat alert.

Solutions for this threat 

Sendmail: version 8.13.6.
Version 8.13.6 is corrected:
  ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz
  ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz.sig
  ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.Z
  ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.Z.sig
A patch is proposed :
  ftp://ftp.sendmail.org/pub/sendmail/8.12.11.p0
  ftp://ftp.sendmail.org/pub/sendmail/8.13.5.p0

AIX: APAR for Sendmail.
APARs will be available:
  AIX 5.1.0: IY82992 (July 19th, 2006)
  AIX 5.2.0: IY82993 (April 26th,2006)
  AIX 5.3.0: IY82994 (May 10th, 2006)
An interim fix is proposed :
  ftp://aix.software.ibm.com/aix/efixes/security/sendmail_vu834865.tar.Z

Debian: new sendmail packages.
New packages are available:
Debian GNU/Linux 3.0 alias woody
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_i386.deb
      Size/MD5 checksum: 237492 75116396559388f01e199773e2dda2a3
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_i386.deb
      Size/MD5 checksum: 917446 0fd30312a872b9a3d1ba7c3e6c3d46b5
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_ia64.deb
      Size/MD5 checksum: 282384 4ce505c68a5434df2a6d196b87884e78
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_ia64.deb
      Size/MD5 checksum: 1332476 863dd30db60027d3efe5028c09b12805
Debian GNU/Linux 3.1 alias sarge
  Intel IA-32 architecture:
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_i386.deb
      Size/MD5 checksum: 288740 029c9c000ac133ce3c72aef194fb927e
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_i386.deb
      Size/MD5 checksum: 213300 acfda80137ef82bac707e737af27c28b
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_i386.deb
      Size/MD5 checksum: 223850 79f561f32701ffc65b3286c9d2b15c2e
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_i386.deb
      Size/MD5 checksum: 813824 cf8af93fb4c550a746f56312b5378196
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_i386.deb
      Size/MD5 checksum: 198798 95278a3b872edbc954eb3587faae2ff3
  Intel IA-64 architecture:
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_ia64.deb
      Size/MD5 checksum: 330628 f8accd0b6b54d974f5f6d0eb0c01d098
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_ia64.deb
      Size/MD5 checksum: 220376 08c4cc7b20eff79b9b7b42c89203f1ee
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_ia64.deb
      Size/MD5 checksum: 239602 68274560ddbb6341bee00250bb3966c2
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_ia64.deb
      Size/MD5 checksum: 1162354 ef069d23929b49f045ec4b87af118490
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_ia64.deb
      Size/MD5 checksum: 198910 42814633feb7d12ba9b86b0b99b5898a

Fedora Core 4: new sendmail packages.
New packages are available:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
2f41bf9a76d532bfd18894449b55b4e03fbb69e0 SRPMS/sendmail-8.13.6-0.FC4.1.src.rpm
1f4f77d16904cfaf7eae51d00c0b95d36a067bd3 ppc/sendmail-8.13.6-0.FC4.1.ppc.rpm
1810117898534bc17a2e13b8974bda21d1bacc22 ppc/sendmail-doc-8.13.6-0.FC4.1.ppc.rpm
d3c3dafc635f0b5830eaa84639f5e20c5f19b7bc ppc/sendmail-devel-8.13.6-0.FC4.1.ppc.rpm
7e36bb934ed5520cdfea8fb06f08c1aa693b34e2 ppc/sendmail-cf-8.13.6-0.FC4.1.ppc.rpm
7d3f327c6868a41b42f890466a9cdfc0fdf12666 ppc/debug/sendmail-debuginfo-8.13.6-0.FC4.1.ppc.rpm
0f0fa8a62d665cf4b2c64d40a32a6c7e293fabef x86_64/sendmail-8.13.6-0.FC4.1.x86_64.rpm
ba1c492c9170d93c59569f42d6db98f99bb74ad6 x86_64/sendmail-doc-8.13.6-0.FC4.1.x86_64.rpm
89d9870850e5897ab80d750eab573a35df55da67 x86_64/sendmail-devel-8.13.6-0.FC4.1.x86_64.rpm
25a6aa61aaeb6444cfe2d49ff8e6f38f708df7c3 x86_64/sendmail-cf-8.13.6-0.FC4.1.x86_64.rpm
20925139af12915cac541aeac5245e5bd93a9c66 x86_64/debug/sendmail-debuginfo-8.13.6-0.FC4.1.x86_64.rpm
8a778e471c555d3ef69a81c03f176dee42303ec2 i386/sendmail-8.13.6-0.FC4.1.i386.rpm
8ccf754fb3c3fc97d81d5883c2ccf21c8ed381be i386/sendmail-doc-8.13.6-0.FC4.1.i386.rpm
a65d56ffda4cdc16569755cc4998c169cbb576af i386/sendmail-devel-8.13.6-0.FC4.1.i386.rpm
2d0ad2eec6de626659aa5e0c7d3a66221c2978e4 i386/sendmail-cf-8.13.6-0.FC4.1.i386.rpm
67fd85127ae4edaf73b5decd36364282a1392aca i386/debug/sendmail-debuginfo-8.13.6-0.FC4.1.i386.rpm

Fedora Core 5: new sendmail packages.
New packages are available:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
84bb2a3408fe450b41addd82548da81d09c23b0a SRPMS/sendmail-8.13.6-0.FC5.1.src.rpm
71c2f024ded28a81c337eee7a3985c0171ac604a ppc/sendmail-8.13.6-0.FC5.1.ppc.rpm
1c5060be274f4dbbd241dfc31c4faa682fd3b8ed ppc/sendmail-doc-8.13.6-0.FC5.1.ppc.rpm
c02ecff13657b16e3fb28839ca77e7c3bc499be7 ppc/sendmail-devel-8.13.6-0.FC5.1.ppc.rpm
10cd721ec9cd18608350733a539b691a4836cc23 ppc/sendmail-cf-8.13.6-0.FC5.1.ppc.rpm
e7437a186b671ff29ae0a4b3b9714172c35329ae ppc/debug/sendmail-debuginfo-8.13.6-0.FC5.1.ppc.rpm
9d0f2a434d192be296c9fa8e91051efbd31e7d55 x86_64/sendmail-8.13.6-0.FC5.1.x86_64.rpm
9dac3a549b1125b3f45fe08190127d7c1e847d9b x86_64/sendmail-doc-8.13.6-0.FC5.1.x86_64.rpm
2f30755b801c75bc7a3f0ac386ebf1e7dcf2a258 x86_64/sendmail-devel-8.13.6-0.FC5.1.x86_64.rpm
e3af65815df8eaf3f82ae40256b324fd6175d513 x86_64/sendmail-cf-8.13.6-0.FC5.1.x86_64.rpm
ad288bdb73025866e7ac764de4e15aa7d40ade39 x86_64/debug/sendmail-debuginfo-8.13.6-0.FC5.1.x86_64.rpm
731f505c7112a0c5bb248fda3d8c7661364a045f i386/sendmail-8.13.6-0.FC5.1.i386.rpm
80a1fb684bc4c1cabf0c90a3ae9499af6dbb2d50 i386/sendmail-doc-8.13.6-0.FC5.1.i386.rpm
b65f27439ecd608d4df58737db53f56413ae9a5d i386/sendmail-devel-8.13.6-0.FC5.1.i386.rpm
161e75cba788602dd682070195115c42c6cb250b i386/sendmail-cf-8.13.6-0.FC5.1.i386.rpm
d4270d8d3d5290c0a58aa460cd0fbb1f0b6be1f0 i386/debug/sendmail-debuginfo-8.13.6-0.FC5.1.i386.rpm

FreeBSD: patch for sendmail.
A patch is available:
[FreeBSD 4.10]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch.asc
[FreeBSD 4.11 and FreeBSD 5.3]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch.asc
[FreeBSD 5.4, and FreeBSD 6.x]
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch.asc

HP-UX: solution for Sendmail.
A solution is to install patches or new revisions, as indicated in HP announce.

IRIX: patch for Sendmail.
Patch 7082 is available:
  http://support.sgi.com/

Mandriva: new sendmail packages.
New packages are available:
 Mandriva Linux 10.2:
 95305a1dfe64cfeabdca98fb008cfd91 10.2/RPMS/sendmail-8.13.3-2.1.102mdk.i586.rpm
 5215408069e99b0ff2994db3af55d62e 10.2/RPMS/sendmail-cf-8.13.3-2.1.102mdk.i586.rpm
 02deae8e6e131ac7cb847e9ab47a9885 10.2/RPMS/sendmail-devel-8.13.3-2.1.102mdk.i586.rpm
 356978837f0dbf3ab9dcce39e9f58f7d 10.2/RPMS/sendmail-doc-8.13.3-2.1.102mdk.i586.rpm
 9bff19f2f9b0b8502bf5f27dd2895f8e 10.2/SRPMS/sendmail-8.13.3-2.1.102mdk.src.rpm
 Mandriva Linux 10.2/X86_64:
 f148c878ea5b30370fc94e6a7255de5d x86_64/10.2/RPMS/sendmail-8.13.3-2.1.102mdk.x86_64.rpm
 3968115b895ce937e2d4e2180d577168 x86_64/10.2/RPMS/sendmail-cf-8.13.3-2.1.102mdk.x86_64.rpm
 0f6226a324a5285b1ce81ce699de723b x86_64/10.2/RPMS/sendmail-devel-8.13.3-2.1.102mdk.x86_64.rpm
 461e896f92cdd4cea5f0ba56c68ba7a9 x86_64/10.2/RPMS/sendmail-doc-8.13.3-2.1.102mdk.x86_64.rpm
 9bff19f2f9b0b8502bf5f27dd2895f8e x86_64/10.2/SRPMS/sendmail-8.13.3-2.1.102mdk.src.rpm
 Mandriva Linux 2006.0:
 12616264669772849dc402ae7425229a 2006.0/RPMS/sendmail-8.13.4-6.1.20060mdk.i586.rpm
 d551d0ed690a5f3da78842071472d386 2006.0/RPMS/sendmail-cf-8.13.4-6.1.20060mdk.i586.rpm
 79c647c58c53c27e1a2555f5af71ef37 2006.0/RPMS/sendmail-devel-8.13.4-6.1.20060mdk.i586.rpm
 94fd6a9ffa27388a80e5e1d1cb9543ed 2006.0/RPMS/sendmail-doc-8.13.4-6.1.20060mdk.i586.rpm
 a996c91d8899ecb76ff1d961c6c0177a 2006.0/SRPMS/sendmail-8.13.4-6.1.20060mdk.src.rpm
 Mandriva Linux 2006.0/X86_64:
 7768a1368faf4890343b97ef868aae78 x86_64/2006.0/RPMS/sendmail-8.13.4-6.1.20060mdk.x86_64.rpm
 35f33c64846459eeca8587f7150d3978 x86_64/2006.0/RPMS/sendmail-cf-8.13.4-6.1.20060mdk.x86_64.rpm
 a70a4dc0ef6944f43614f83e742a80a2 x86_64/2006.0/RPMS/sendmail-devel-8.13.4-6.1.20060mdk.x86_64.rpm
 aaa7adbd147cab2bbad3bea812eb32c2 x86_64/2006.0/RPMS/sendmail-doc-8.13.4-6.1.20060mdk.x86_64.rpm
 a996c91d8899ecb76ff1d961c6c0177a x86_64/2006.0/SRPMS/sendmail-8.13.4-6.1.20060mdk.src.rpm
 Corporate 3.0:
 be7c8df48bcf0790c64ac389b37754cb corporate/3.0/RPMS/sendmail-8.12.11-1.1.C30mdk.i586.rpm
 631dfdb5d0fc43185af6084e17714ffb corporate/3.0/RPMS/sendmail-cf-8.12.11-1.1.C30mdk.i586.rpm
 96b84769e995ac2595cb8d7ae4918b91 corporate/3.0/RPMS/sendmail-devel-8.12.11-1.1.C30mdk.i586.rpm
 58337a123a60b64e6f414de744959337 corporate/3.0/RPMS/sendmail-doc-8.12.11-1.1.C30mdk.i586.rpm
 3d46a60520cc65d595c17db6bae809c7 corporate/3.0/SRPMS/sendmail-8.12.11-1.1.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 c22a4c20960c29b647532b4d966234b1 x86_64/corporate/3.0/RPMS/sendmail-8.12.11-1.1.C30mdk.x86_64.rpm
 ee7aad2adb440347519f5888200e923d x86_64/corporate/3.0/RPMS/sendmail-cf-8.12.11-1.1.C30mdk.x86_64.rpm
 6d0b3c65952995c3f12b076134c8a8e8 x86_64/corporate/3.0/RPMS/sendmail-devel-8.12.11-1.1.C30mdk.x86_64.rpm
 c2e31e2fa472f4bb34db27526c25cc92 x86_64/corporate/3.0/RPMS/sendmail-doc-8.12.11-1.1.C30mdk.x86_64.rpm
 3d46a60520cc65d595c17db6bae809c7 x86_64/corporate/3.0/SRPMS/sendmail-8.12.11-1.1.C30mdk.src.rpm
 Multi Network Firewall 2.0:
 d1f8e453ab9456d0bb7f34acf1388d3c mnf/2.0/RPMS/sendmail-8.12.11-1.1.M20mdk.i586.rpm
 6b0f02721103c1b25622e3d54e474c19 mnf/2.0/RPMS/sendmail-cf-8.12.11-1.1.M20mdk.i586.rpm
 03f66672c6792fcf40d84a1dc4b686ef mnf/2.0/RPMS/sendmail-devel-8.12.11-1.1.M20mdk.i586.rpm
 b966f80b82cd054474ec43e9ff3be679 mnf/2.0/RPMS/sendmail-doc-8.12.11-1.1.M20mdk.i586.rpm
 244093bf42df7c6db16246c56b7e6495 mnf/2.0/SRPMS/sendmail-8.12.11-1.1.M20mdk.src.rpm

NetBSD: patch for sendmail.
CVS version is corrected.
Procedure is described in NetBSD's announce.

OpenBSD: patch for Sendmail.
A patch is available:
OpenBSD 3.7:
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch
OpenBSD 3.8:
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/006_sendmail.patch
OpenBSD 3.9:
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/001_sendmail.patch

Red Hat Linux, Fedora Core: new sendmail packages.
New packages are available:
Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/sendmail-8.12.11-4.22.10.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/sendmail-8.12.11-4.22.10.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/sendmail-cf-8.12.11-4.22.10.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/sendmail-devel-8.12.11-4.22.10.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/sendmail-doc-8.12.11-4.22.10.legacy.i386.rpm
Red Hat Linux 9:
SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/sendmail-8.12.11-4.24.3.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/sendmail-8.12.11-4.24.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/sendmail-cf-8.12.11-4.24.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/sendmail-devel-8.12.11-4.24.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/sendmail-doc-8.12.11-4.24.3.legacy.i386.rpm
Fedora Core 1:
SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/sendmail-8.12.11-4.25.3.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/sendmail-8.12.11-4.25.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/sendmail-cf-8.12.11-4.25.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/sendmail-devel-8.12.11-4.25.3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/sendmail-doc-8.12.11-4.25.3.legacy.i386.rpm
Fedora Core 2:
SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/sendmail-8.12.11-4.26.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/2/updates/i386/sendmail-8.12.11-4.26.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/sendmail-cf-8.12.11-4.26.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/sendmail-devel-8.12.11-4.26.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/sendmail-doc-8.12.11-4.26.legacy.i386.rpm
Fedora Core 3:
SRPM:
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/sendmail-8.13.1-3.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/3/updates/i386/sendmail-8.13.1-3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/sendmail-cf-8.13.1-3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/sendmail-devel-8.13.1-3.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/sendmail-doc-8.13.1-3.legacy.i386.rpm
x86_64:
http://download.fedoralegacy.org/fedora/3/updates/x86_64/sendmail-8.13.1-3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/sendmail-cf-8.13.1-3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/sendmail-devel-8.13.1-3.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/sendmail-doc-8.13.1-3.legacy.x86_64.rpm

RHEL 2.1: new sendmail packages.
New packages are available:
Red Hat Enterprise Linux version 2.1: sendmail-8.12.11-4.21AS.8

RHEL 3, 4: new sendmail packages.
New packages are available:
Red Hat Enterprise Linux version 3: sendmail-8.12.11-4.RHEL3.4
Red Hat Enterprise Linux version 4: sendmail-8.13.1-3.RHEL4.3

SGI ProPack 3 SP6: new cdrtools, gdb, gnupg, initscripts, mailman, python, sendmail, squid, vixie-cron packages.
Patch 10291 is available:
  http://support.sgi.com/
New packages are also available:
  ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
  ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS

Slackware: new sendmail packages.
New packages are available:
Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sendmail-8.13.6-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sendmail-8.13.6-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sendmail-8.13.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/sendmail-8.13.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/sendmail-8.13.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/sendmail-8.13.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/sendmail-cf-8.13.6-noarch-1.tgz
Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/sendmail-8.13.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/sendmail-cf-8.13.6-noarch-1.tgz

Solaris: workaround for sendmail.
A patch is available:
  SPARC Platform
    Solaris 8 : patch 110615-14
    Solaris 9 : patch 113575-06
    Solaris 10 : patch 122856-01
  x86 Platform
    Solaris 8 : patch 110616-14
    Solaris 9 : patch 114137-05
    Solaris 10 : patch 122857-01

SUSE: new sendmail packages.
New packages are available:
   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/sendmail-8.13.4-8.3.i586.rpm
         06ab5c69929cb50f26f54588f66146b4
   
   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/sendmail-8.13.3-5.3.i586.rpm
         df6e12d411035bf7ab3ad996f92ac5cf
   
   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/sendmail-8.13.1-5.3.i586.rpm
         17c91fd6341147c689dc2cd7dc71d911
   
   SUSE LINUX 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/sendmail-8.12.11-2.2.i586.rpm
         157dfa4779aff534e835215492697cbb

Tru64 UNIX: patch for Internet Express sendmail.
A patch is available. Its installation procedure is detailled in HP's announce.

Turbolinux: new sendmail packages.
New packages are available:
Turbolinux Appliance Server 2.0 : sendmail-8.13.1-6
Turbolinux Appliance Server 1.0 : sendmail-8.12.10-6
Turbolinux 8 Server : sendmail-8.12.10-6
Turbolinux 8 Workstation : sendmail-8.13.6-3
Turbolinux 7 Server : sendmail-8.13.6-3
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides system vulnerability announces. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.