Slashdot Mirror

← Back to Stories (view on slashdot.org)

FreeBSD Users: Time To Patch Sendmail Again

Posted by timothy on Sunday March 30, 2003 @12:12PM from the and-not-just-only-them dept.

Barrett Lyon writes "The FreeBSD Project just submitted this security advisory out to the masses: "FreeBSD-SA-03:07.sendmail, a second sendmail header parsing buffer overflow." It seems that the overflow is not limited to FreeBSD and that there is currently no workaround "other than not using sendmail." Yet another good reason to run Qmail!"

1 of 39 comments (clear)

Min score:

Reason:

Sort:

Same hole as yesterday, fixed in Sendmail 8.12.9 by Phaid · 2003-03-30 13:27 · Score: 3, Informative

Just in case anyone's wondering, this is the same hole reported on Slashdot yesterday and reported in this CERT advisory.

I mention this because the FreeBSD posting doesn't explicitly mention which version of Sendmail this affects, but it does link to the CERT article.