Hosting Provided By

(no subject)

From: Miod Vallat <miod(at)openbsd.org>
Date: Wed Nov 06 2002 - 20:55:51 EST

OpenBSD 3.2 ships with sendmail's restricted shell, smrsh, being vulnerable to a local attack described in

http://www.sendmail.org/smrsh.adv.txt OpenBSD 3.0 and 3.1 are also affected.

A fix addressing this problem is available in the -STABLE branch of the aforementioned three releases, as well as standalone patch files.

Also, two reliability fixes affecting OpenBSD 3.2, already available in the -STABLE branch, have been released as standalone patch files.

For more information about errata and patches for your release, please read the appropriate OpenBSD errata page:

  
http://www.openbsd.org/errata.html       (for OpenBSD 3.2)
  
http://www.openbsd.org/errata31.html     (for OpenBSD 3.1)
  
http://www.openbsd.org/errata30.html     (for OpenBSD 3.0)

Received on Wed Nov 6 23:36:46 2002

This message: [ Message body ]
Next message: Todd C. Miller: "patch for named buffer overflow now available"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 13:46:07 EDT