Linux Security
    Linux Security
    Linux Security

    Debian: sendmail fix denial of service DSA-1155-1

    Date 23 Aug 2006
    3334
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1155-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    August 24th, 2006                       https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : sendmail
    Vulnerability  : programming error
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-1173
    CERT advisory  : VU#146718
    BugTraq ID     : 18433
    Debian Bug     : 373801 380258
    
    Frank Sheiness discovered that a MIME conversion routine in sendmail,
    a powerful, efficient, and scalable mail transport agent, could be
    tricked by a specially crafted mail to perform an endless recursion.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 8.13.4-3sarge2.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 8.13.7-1.
    
    We recommend that you upgrade your sendmail package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given at the end of this advisory:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2.dsc
          Size/MD5 checksum:      910 960ea60c4191d0dffc223bc87bdc8b60
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2.diff.gz
          Size/MD5 checksum:   384830 5746beee4bf07d3ed740f4835bc7fa36
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4.orig.tar.gz
          Size/MD5 checksum:  1968047 d80dc659df96c63d227ed80c0c71b708
    
      Architecture independent components:
    
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-base_8.13.4-3sarge2_all.deb
          Size/MD5 checksum:   342338 33201cb38ffe42ee9f13e7cfd534cd77
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-cf_8.13.4-3sarge2_all.deb
          Size/MD5 checksum:   280724 fc323a1ae0ba4207bf485d0950838126
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.13.4-3sarge2_all.deb
          Size/MD5 checksum:   815978 b96cb196d23aa2f66dba83a3f4220fe6
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2_all.deb
          Size/MD5 checksum:   193664 014094391c524db1f1eae96f6c7bae22
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_alpha.deb
          Size/MD5 checksum:   319036 3f4eb80c71a8bc63b7dc74af4d330e39
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_alpha.deb
          Size/MD5 checksum:   215600 5f2a9cbb0a24465ed648926037038edd
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_alpha.deb
          Size/MD5 checksum:   228830 e8d15c3f6d26ca8d908e42b07bc7042f
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_alpha.deb
          Size/MD5 checksum:   953944 46d247fc609bbb701634f51173d04a33
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_alpha.deb
          Size/MD5 checksum:   198126 f8cce9c9d0f6b8a393e70f37b4078769
    
      AMD64 architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_amd64.deb
          Size/MD5 checksum:   296580 dbb1c9930fdd39d78f00165ab3bd4103
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_amd64.deb
          Size/MD5 checksum:   213218 5bf6afa8b44b7a85a639809c82294635
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_amd64.deb
          Size/MD5 checksum:   225286 f0eb29825d98fae3ae47aca60cc25d59
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_amd64.deb
          Size/MD5 checksum:   851166 2ab733eb6108e0cb75f461ee855f602a
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_amd64.deb
          Size/MD5 checksum:   197680 edb148b36ded61b6bd0615d120508605
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_arm.deb
          Size/MD5 checksum:   291930 5e7634c0a8733b0bce07d65e73a4ef16
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_arm.deb
          Size/MD5 checksum:   211570 6b4962041621b2dda3d2201f7107a8d3
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_arm.deb
          Size/MD5 checksum:   223674 f10af1dde65c5055fdec8cb31e089264
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_arm.deb
          Size/MD5 checksum:   829316 da778ae1e36441fc81219ba1c9424e94
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_arm.deb
          Size/MD5 checksum:   197238 e35b5bc8eb4f209b556ffae5f5b182ca
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_i386.deb
          Size/MD5 checksum:   287210 b0906f03f7965d82207c9510cafb6bca
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_i386.deb
          Size/MD5 checksum:   211614 1b239843c9a627900d62208144c4425c
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_i386.deb
          Size/MD5 checksum:   222384 101b1290a634f1f3b0fbe385fa3f00ea
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_i386.deb
          Size/MD5 checksum:   812502 f4533171ad66b3d3bb5e3457b8f072eb
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_i386.deb
          Size/MD5 checksum:   197280 bb50d3704bcd94d8fc391dd2b6bf4a89
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_ia64.deb
          Size/MD5 checksum:   330728 ce5076cdb2b4d6841697f8441b903c4b
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_ia64.deb
          Size/MD5 checksum:   220454 1bf7b131f12c5efedf329a8c606a6905
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_ia64.deb
          Size/MD5 checksum:   239680 702d539a34fd1b1316fedda55b7e5ae1
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_ia64.deb
          Size/MD5 checksum:  1162596 3f9c5fd6e4e58d09c488d1e18e5e8199
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_ia64.deb
          Size/MD5 checksum:   198966 82381861fc653cc8bcc0bdd11b6c982e
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_hppa.deb
          Size/MD5 checksum:   301512 c527f00a3851404869c148a30de682e0
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_hppa.deb
          Size/MD5 checksum:   215652 e9019f514e994d2b2582250d06f65ea0
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_hppa.deb
          Size/MD5 checksum:   229404 030689791d9ab55108b00d22147cde0a
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_hppa.deb
          Size/MD5 checksum:   919820 3309c8104d8eaa73abdcf90d1802204e
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_hppa.deb
          Size/MD5 checksum:   198126 49d18720f3e53fe2f1d8e092e98cf105
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_m68k.deb
          Size/MD5 checksum:   272812 11e4cc568a7889458d932db6d4ac61b6
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_m68k.deb
          Size/MD5 checksum:   210862 d51962d3877927d9e222d9ef941885bb
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_m68k.deb
          Size/MD5 checksum:   218874 fa8b57e8b977426f6a6acb8a7c6a7c22
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_m68k.deb
          Size/MD5 checksum:   728524 3c3a0ed89e720c9b5b676238fd4906cb
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_m68k.deb
          Size/MD5 checksum:   197172 6da127ab094398d33fdce92e4cdb0877
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_mips.deb
          Size/MD5 checksum:   293164 1da7ab05880c74c77e1cfe49d1c6b186
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_mips.deb
          Size/MD5 checksum:   212044 ea8f0785e2e23695b5a8ce9a6db0b241
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_mips.deb
          Size/MD5 checksum:   227376 38b9b47ea73e44456eb0ef18b5575f8c
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_mips.deb
          Size/MD5 checksum:   883436 4880521485f9c36548703ca007286f7e
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_mips.deb
          Size/MD5 checksum:   198136 5d31a8e053390f018f549fcdcff7c8cf
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_mipsel.deb
          Size/MD5 checksum:   293964 07b24d641a5badff3feebb780f62d335
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_mipsel.deb
          Size/MD5 checksum:   212342 e3e0903028c33b5f74e5f51d65513069
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_mipsel.deb
          Size/MD5 checksum:   227662 224ac71024df656f978bf77c02179a5e
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_mipsel.deb
          Size/MD5 checksum:   887092 c8226b40bacb22ea6141657fd7ac5566
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_mipsel.deb
          Size/MD5 checksum:   198308 9007cddf32c14fb0d26206a80be71953
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_powerpc.deb
          Size/MD5 checksum:   296008 826ce4a9a5269b1be8867f3f119ff58b
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_powerpc.deb
          Size/MD5 checksum:   216294 078a2c789c479c1382b9b639a0738b88
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_powerpc.deb
          Size/MD5 checksum:   228474 2b02f60ae2c6dfa8de9f5e5c62bf3d59
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_powerpc.deb
          Size/MD5 checksum:   867134 32296265a4e142ac4ec55a50b28bc050
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_powerpc.deb
          Size/MD5 checksum:   199352 7abc4f13f6351f1d93e548e2ecfd215e
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_s390.deb
          Size/MD5 checksum:   295158 5b5e75a74f2ff91c4a301057e22c26fb
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_s390.deb
          Size/MD5 checksum:   213298 fff5231f97b037d64e6fad5b200f558e
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_s390.deb
          Size/MD5 checksum:   228670 f3aaf184734fdfdd7cb1aecac78f4827
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_s390.deb
          Size/MD5 checksum:   875180 ba43126125f6da96878fc89fd971765c
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_s390.deb
          Size/MD5 checksum:   197662 b59525ac3fc1d4ab781646c50c35217e
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_sparc.deb
          Size/MD5 checksum:   285396 bdfb343b56374589948a271ca0a83acd
        https://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_sparc.deb
          Size/MD5 checksum:   211612 776d54b96a9a5dbc465d97492025a050
        https://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_sparc.deb
          Size/MD5 checksum:   222882 fc69af2a76b50b938d9aacf8f978c025
        https://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_sparc.deb
          Size/MD5 checksum:   819474 cdafeb8dadc08275dd9cb2db5397b6f8
        https://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_sparc.deb
          Size/MD5 checksum:   197400 11d3a7c2a52c824eb4002c5954d1c81a
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.