<html>
<head>
</head>
<body>
As part of the Redhat Network up2date subscription, I get these e-mails.
RHN Updates have really allowed me to keep on top off all security vulnerabilities...might
wanna check it out. <a class="moz-txt-link-abbreviated" href="http://www.redhat.com">www.redhat.com</a>.<br>
<br>
Nonetheless, Jeremy gets extreme cool points for posting the " heads up"
on the list.<br>
<br>
<br>
<br>
<br>
Reginald Reed wrote:<br>
<blockquote type="cite" cite="mid:008201c2e1d1$daf096d0$34286640@amer.cisco.com">
<pre wrap="">I really appreciate email like this! I've patched and restarted<br>sendmail on one of the co-located servers I manage part-time. As<br>everyone knows, security really doesn't happen "part-time," so notes<br>like this help me be more effective.<br><br>Thanks again.<br><br></pre>
<blockquote type="cite">
<pre wrap="">-----Original Message-----<br>From: <a class="moz-txt-link-abbreviated" href="mailto:trilug-admin@trilug.org">trilug-admin@trilug.org</a> <br>[<a class="moz-txt-link-freetext" href="mailto:trilug-admin@trilug.org">mailto:trilug-admin@trilug.org</a>] On Behalf Of Jeremy Portzer<br>Sent: Monday, March 03, 2003 1:11 PM<br>To: TriLUG List<br>Subject: [TriLUG] Critical sendmail vulnerability<br><br><br>Sendmail has *yet* another remote-root vulnerability discovered<br>recently. For details see<br><br></pre>
</blockquote>
<pre wrap=""><!----><a class="moz-txt-link-freetext" href="http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950">http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950</a><br><br>An excerpt from that advisory reads, "This vulnerability<br>is especially dangerous because the exploit can be delivered within an<br>email message and the attacker doesn't need any specific knowledge of<br>the target to launch a successful attack."<br><br>Red Hat has released errata packages here:<br><a class="moz-txt-link-freetext" href="https://rhn.redhat.com/errata/RHSA-2003-073.html">https://rhn.redhat.com/errata/RHSA-2003-073.html</a><br><br>Mandrake doesn't appear to have packages yet but I presume they and<br>other vendors will create some soon.<br><br>I'm working on syncing the TriLUG servers so the Red Hat updates should<br>be available soon there, for those of you using apt or current on the<br>TriLUG mirrors.<br><br>--Jeremy Portzer<br><br><br>_______________
________________________________<br>TriLUG mailing list<br> <a class="moz-txt-link-freetext" href="http://www.trilug.org/mailman/listinfo/trilug">http://www.trilug.org/mailman/listinfo/trilug</a><br>TriLUG Organizational FAQ:<br> <a class="moz-txt-link-freetext" href="http://www.trilug.org/~lovelace/faq/TriLUG-faq.html">http://www.trilug.org/~lovelace/faq/TriLUG-faq.html</a><br><br>_______________________________________________<br>TriLUG mailing list<br> <a class="moz-txt-link-freetext" href="http://www.trilug.org/mailman/listinfo/trilug">http://www.trilug.org/mailman/listinfo/trilug</a><br>TriLUG Organizational FAQ:<br> <a class="moz-txt-link-freetext" href="http://www.trilug.org/~lovelace/faq/TriLUG-faq.html">http://www.trilug.org/~lovelace/faq/TriLUG-faq.html</a><br></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="$mailwrapcol">--
JoJo Almario
Network Administrator
Intrah /UNC School of Medicine
Office - 919-843-5145
Fax - 919-966-6816
<a class="moz-txt-link-abbreviated" href="mailto:jalmario@intrah.org">jalmario@intrah.org</a>
</pre>
<br>
</body>
</html>