On Tue, 5 Sep 2006, Matthew Schumacher wrote:
> List,
>
> Sendmail has a DOS attack vulnerability documented here:
>
> http://www.securityfocus.com/bid/19714/info
>
> This means that you should upgrade if you run sendmail.
I did upgrade, but I based on the description I haven't figured out a way to
trigger the exploit myself. I am, however, using confMAX_HEADERS_LENGTH and
confMAX_MIME_HEADER_LENGTH as part of my default config.
> I run slackware and use my own slackware packages for everything so for
> me upgrading sendmail was pretty simple:
>
> # upgradepkg sendmail-8.13.8-i486-1.tgz
> # cd /etc/mail/
> # m4 sendmail.mc > sendmail.cf
> # /etc/rc.d/rc.sendmail restart
:-) Basically the process for me:
nlbuild -c -r sendmail
touch /etc/mail/sendmail.mc
make -C /etc/mail
services restart sendmail
--Arthur Corliss
Bolverk's Lair -- http://arthur.corlissfamily.org/
Digital Mages -- http://www.digitalmages.com/
"Live Free or Die, the Only Way to Live" -- NH State Motto
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Sep 5 19:16:41 2006
This archive was generated by hypermail 2.1.8 : Tue Sep 05 2006 - 19:16:42 AKDT