Debian: sendmail buffer overflow vulnerability
Summary
Michal Zalewski discovered a buffer overflow, triggered by a char to
int conversion, in the address parsing code in sendmail, a widely used
powerful, efficient, and scalable mail transport agent. This problem
is potentially remotely exploitable.
For the stable distribution (woody) this problem has been
fixed in version 8.12.3-6.2.
For the stable distribution (woody) this problem has been
fixed in version 8.9.3-26.
For the unstable distribution (sid) this problem has been
fixed in version 8.12.9-1.
We recommend that you upgrade your sendmail packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
Source archives:
Size/MD5 checksum: 649 f11b024ef774130f7918b882a7318c78
Size/MD5 checksum: 143360 2e9868662e4e28e548ed9f6da2982b41
Size/MD5 checksum: 1068290 efedacfbce84a71d1cfb0e617b84596e
Alpha architecture:
Size/MD5 checksum: 989736 a435c32c79785261bd0e7ec921718915
ARM architecture:
Size/MD5 checksum: 948306 1bdd277a28bd6a6c3c812053d11b1edd
Intel IA-32 architecture:
Size/MD5 checksum: 931838 36c569e21502a246dbdfba711b54842e
Motorola 680x0 architecture:
Size/MD5 checksum: 917632 8ed928ac433a6be8d3144bb435bf1cfd
PowerPC architecture:
Size/MD5 checksum: 933820 000557eff8d57fa2e479e8df52348f0b
Sun Sparc architecture:
Size/MD5 checksum: 945760 c2e0e3d1edb05a00d3e5b0d8ca1053c8
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 761 9eae4393094b7b163ecdddcd16dad19e
Size/MD5 checksum: 253152 1fcbf7838b267d06a8c6258d3ff56488
Size/MD5 checksum: 1840401 b198b346b10b3b5afc8cb4e12c07ff4d
Architecture independent components:
Size/MD5 checksum: 747408 5d83e06ac78cb55eabb9334235ec82ab
Alpha architecture:
Size/MD5 checksum: 267450 a8fd2edcabf581c8cef66fc1dcb5a8aa
Size/MD5 checksum: 1218398 cf5503083ecacd7049171922e2fe15c7
ARM architecture:
Size/MD5 checksum: 247160 2a01bee8674426bc1a3ef3c40a39e4a1
Size/MD5 checksum: 1066282 2dc41903235f6a88de369807e633f8c9
Intel IA-32 architecture:
Size/MD5 checksum: 236942 fb790940bcdfcd6231db136c6d381cb5
Size/MD5 checksum: 1003484 b995fe58b4669c44eb52182dd9418418
Intel IA-64 architecture:
Size/MD5 checksum: 281624 52e26ea36d2368392903adf05d89dd34
Size/MD5 checksum: 1482096 046c02549910b1a8392ddef7a562e5d9
HP Precision architecture:
Size/MD5 checksum: 261292 004fae2b6c8a12754521a18aa8086587
Size/MD5 checksum: 1183440 4fdef1c4f769dc00819e0c50baefb542
Motorola 680x0 architecture:
Size/MD5 checksum: 230756 eb81cfe3246e10351b018a16e29256cf
Size/MD5 checksum: 941698 18db8d5f9145f614525bca339b115aac
Big endian MIPS architecture:
Size/MD5 checksum: 254796 bde3bab2d8ca1cb7703284fb91ef1317
Size/MD5 checksum: 1125560 cb304f8b210a750d63596649ba4e7b98
Little endian MIPS architecture:
Size/MD5 checksum: 254492 94d3ac5c26ff850e528c8daa51b725d2
Size/MD5 checksum: 1126774 d47df658c70fa4f25fd83b1fa28c8a87
PowerPC architecture:
Size/MD5 checksum: 256894 a3b2e7c0ce91f7d539d9f0494b71a236
Size/MD5 checksum: 1073152 afd5d2e123ec40833f6e8b8143a0afbe
IBM S/390 architecture:
Size/MD5 checksum: 242242 a87e4e47fcaacc7d289b8431d5c665d5
Size/MD5 checksum: 1049752 32146f341d640d20afb522b4653e8b75
Sun Sparc architecture:
Size/MD5 checksum: 244946 d55d99adf61e55a08a0fa91a65ffca67
Size/MD5 checksum: 1069378 0383d42cdb29769f398df70bee7ea8b5
These files will probably be moved into the stable distribution on
its next revision.
For apt-get: deb Debian -- Security Information stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
