Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora Core: 5 Sendmail 8.13.6 Critical Arbitrary Code Execution

fedora
Calendar Grey March 22, 2006
Dist Fedora Esm H88
Update for Fedora Core 5 resolves a critical flaw in sendmail that allows remote code execution via signal handling.
A flaw in the handling of asynchronous signals

Summary

The Sendmail program is a very widely used Mail Transport Agent (MTA).

MTAs send mail from one machine to another. Sendmail is not a client

program, which you use to read your email. Sendmail is a

behind-the-scenes program which actually moves your email over

networks or the Internet to where you want it to go.

If you ever need to reconfigure Sendmail, you will also need to have

the sendmail.cf package installed. If you need documentation on

Sendmail, you can install the sendmail-doc package.

Fixes CVE-2006-0058:

A flaw in the handling of asynchronous signals.

A remote attacker may be able to exploit a race condition to

execute arbitrary code as root.

- new version 8.13.6 (fixes VU#834865)

- dropped libmilter-sigwait patch (fixed in 8.13.6)

84bb2a3408fe450b41addd82548da81d09c23b0a SRPMS/sendmail-8.13.6-0.FC5.1.src.rpm

71c2f024ded28a81c337eee7a3985c0171ac604a ppc/sendmail-8.13.6-0.FC5.1.ppc.rpm

1c5060be274f4dbbd241dfc31c4faa682fd3b8ed ppc/sendmail-doc-8.13.6-0.FC5.1.ppc.rpm

c02ecff13657b16e3fb28839ca77e7c3bc499be7 ppc/sendmail-devel-8.13.6-0.FC5.1.ppc.rpm

10cd721ec9cd18608350733a539b691a4836cc23 ppc/sendmail-cf-8.13.6-0.FC5.1.ppc.rpm

e7437a186b671ff29ae0a4b3b9714172c35329ae ppc/debug/sendmail-debuginfo-8.13.6-0.FC5.1.ppc.rpm

9d0f2a434d192be296c9fa8e91051efbd31e7d55 x86_64/sendmail-8.13.6-0.FC5.1.x86_64.rpm

9dac3a549b1125b3f45fe08190127d7c1e847d9b x86_64/sendmail-doc-8.13.6-0.FC5.1.x86_64.rpm

2f30755b801c75bc7a3f0ac386ebf1e7dcf2a258 x86_64/sendmail-devel-8.13.6-0.FC5.1.x86_64.rpm

e3af65815df8eaf3f82ae40256b324fd6175d513 x86_64/sendmail-cf-8.13.6-0.FC5.1.x86_64.rpm

ad288bdb73025866e7ac764de4e15aa7d40ade39 x86_64/debug/sendmail-debuginfo-8.13.6-0.FC5.1.x86_64.rpm

731f505c7112a0c5bb248fda3d8c7661364a045f i386/sendmail-8.13.6-0.FC5.1.i386.rpm

80a1fb684bc4c1cabf0c90a3ae9499af6dbb2d50 i386/sendmail-doc-8.13.6-0.FC5.1.i386.rpm

b65f27439ecd608d4df58737db53f56413ae9a5d i386/sendmail-devel-8.13.6-0.FC5.1.i386.rpm

161e75cba788602dd682070195115c42c6cb250b i386/sendmail-cf-8.13.6-0.FC5.1.i386.rpm

d4270d8d3d5290c0a58aa460cd0fbb1f0b6be1f0 i386/debug/sendmail-debuginfo-8.13.6-0.FC5.1.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory critical issue code execution sendmail remote attack Fedora Core

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: sendmail
Version: 8.13.6
Release: 0.FC5.1
Summary: A widely used Mail Transport Agent (MTA).

Topics%20covered

Topics Covered

security advisory critical issue code execution sendmail remote attack Fedora Core

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here