New version of sendmail released

    Date13 Dec 1999
    CategoryDebian
    2902
    Posted ByLinuxSecurity Advisories
    The version of sendmail that was distributed with Debian GNU/Linux 2.1 has a slight problem in the code to regenerate the aliases database. Sendmail allowed any user to run sendmail with the -bi option to (re)initialize the aliases database. The user could then interrupt sendmail and leave the system with a broken aliases database.
    -----BEGIN PGP SIGNED MESSAGE-----
    
    - ------------------------------------------------------------------------
    Debian Security Advisory                             This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/      
                       Wichert Akkerman
    December  7, 1999
    - ------------------------------------------------------------------------
    
    
    The version of sendmail that was distributed with Debian GNU/Linux 2.1
    has a slight problem in the code to regenerate the aliases database.
    Sendmail allowed any user to run sendmail with the -bi option to
    (re)initialize the aliases database. The user could then interrupt sendmail
    and leave the system with a broken aliases database.
    
    This has been fixed in version 8.9.3-3slink1 by only allowing root
    and trusted users to regenerate the aliases database.
    
    We recommend you upgrade your sendmail package to new version.
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    Debian GNU/Linux 2.1 alias slink
    - --------------------------------
    
      This version of Debian was released only for Intel ia32, the Motorola
      680x0, the alpha and the Sun sparc architecture.
    
    
      Source archives:
        http://security.debian.org/dists/stable/updates/source/sendmail
    _8.9.3-3slink1.diff.gz
          MD5 checksum: 728f0a837a7938cce72203abb23e7c3f
        http://security.debian.org/dists/stable/updates/source/sendmail_8.9
    .3-3slink1.dsc
          MD5 checksum: bca6225d21bfb8e1152f725100966629
        http://security.debian.org/dists/stable/updates/source/sendmail_8.9.3.o
    rig.tar.gz
          MD5 checksum: efedacfbce84a71d1cfb0e617b84596e
    
      Alpha architecture:
        http://security.debian.org/dists/stable/updates/binary-
    alpha/sendmail_8.9.3-3slink1_alpha.deb
          MD5 checksum: 91ba4f7c50942a0c712e9d2fe14e4516
    
      Intel ia32 architecture:
        http://security.debian.org/dists/stable/updates/binary-
    i386/sendmail_8.9.3-3slink1_i386.deb
          MD5 checksum: e7843eebfe8df6174d48f2ae6ff87fd0
    
      Motorola 680x0 architecture:
        http://security.debian.org/dists/stable/updates/binary-
    m68k/sendmail_8.9.3-3slink1_m68k.deb
          MD5 checksum: aca29516909180ed5ef4c1dbcaf60140
    
      Sun Sparc architecture:
        http://security.debian.org/dists/stable/updates/binary-
    sparc/sendmail_8.9.3-3slink1_sparc.deb
          MD5 checksum: 30e71411552430924b649db64ec2048b
    
    
      These files will be moved into
      ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
    
    
    For not yet released architectures please refer to the appropriate
    directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    
    - -- 
    - ----------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable 
    updates
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.3ia
    Charset: noconv
    
    iQB1AwUBOE0Ie6jZR/ntlUftAQFP0AL9EIhDUNWciCrm4VOtOlwFkazF5ch+B6K3
    ki3zOSZosAXmJd4dlG6UuJz5Ge1+mN/ITqA2RXQ85drxnSWLv7KRbYtb8y1BU06J
    WkxxeFJ/7dbJtZ3+XeyRyWztV5K0tJlv
    =xcDF
    -----END PGP SIGNATURE-----
    
    

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.