Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2006.0226 -- [RedHat] Critical: sendmail security update 23 March 2006 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: sendmail Publisher: Red Hat Operating System: Red Hat Enterprise Linux Desktop 4 Red Hat Enterprise Linux AS/ES/WS 4 Red Hat Desktop 3 Red Hat Enterprise Linux AS/ES/WS 3 Red Hat Linux Advanced Workstation 2.1 Red Hat Enterprise Linux AS/ES/WS 2.1 Impact: Execute Arbitrary Code/Commands Access: Remote/Unauthenticated CVE Names: CVE-2006-0058 Ref: AL-2006.0020 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2006-0265.html Comment: Please note that there are two Red Hat bulletins included in this ESB - one for the 2.1 line and one for the 3 and 4 lines of Red Hat Linux. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: sendmail security update Advisory ID: RHSA-2006:0265-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0265.html Issue date: 2006-03-22 Updated on: 2006-03-22 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0058 - - --------------------------------------------------------------------- 1. Summary: Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: Sendmail is a Mail Transport Agent (MTA) used to send mail between machines. A flaw in the handling of asynchronous signals was discovered in Sendmail. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0058 to this issue. By default on Red Hat Enterprise Linux 2.1, Sendmail is configured to only accept connections from the local host. Therefore only users who have configured Sendmail to listen to remote hosts would be able to be remotely exploited by this vulnerability. In order to correct this issue for Red Hat Enterprise Linux 2.1 users, it was necessary to upgrade the version of Sendmail from 8.11 as originally shipped to Sendmail 8.12 with the addition of the security patch supplied by Sendmail Inc. This erratum provides updated packages based on Sendmail 8.12 with a compatibility mode enabled. After updating to these packages, users should pay close attention to their sendmail logs to ensure that the upgrade completed sucessfully. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 184465 - CVE-2006-0058 Sendmail race condition issue 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/sendmail-8.12.11-4.21AS.8.src.rpm f5abfd6edcababd2bab542f836950d16 sendmail-8.12.11-4.21AS.8.src.rpm i386: aaf362f3da9cfbeac698bd0cae38849a sendmail-8.12.11-4.21AS.8.i386.rpm edf605382c1edceeb3520494ef1defa4 sendmail-cf-8.12.11-4.21AS.8.i386.rpm f410e2be904b29607c8b57c598d6e86a sendmail-devel-8.12.11-4.21AS.8.i386.rpm 7920ac760db2f52d85c942817b0a1a84 sendmail-doc-8.12.11-4.21AS.8.i386.rpm ia64: 87d8a88331ca8d816d779129033a2545 sendmail-8.12.11-4.21AS.8.ia64.rpm 7c1f0fbd3490bf7007115c19aa320a79 sendmail-cf-8.12.11-4.21AS.8.ia64.rpm 7fd463f112b365cb9d8b63eebaa67718 sendmail-devel-8.12.11-4.21AS.8.ia64.rpm 4d6b4f4cccb65dad389887ea6d974181 sendmail-doc-8.12.11-4.21AS.8.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/sendmail-8.12.11-4.21AS.8.src.rpm f5abfd6edcababd2bab542f836950d16 sendmail-8.12.11-4.21AS.8.src.rpm ia64: 87d8a88331ca8d816d779129033a2545 sendmail-8.12.11-4.21AS.8.ia64.rpm 7c1f0fbd3490bf7007115c19aa320a79 sendmail-cf-8.12.11-4.21AS.8.ia64.rpm 7fd463f112b365cb9d8b63eebaa67718 sendmail-devel-8.12.11-4.21AS.8.ia64.rpm 4d6b4f4cccb65dad389887ea6d974181 sendmail-doc-8.12.11-4.21AS.8.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/sendmail-8.12.11-4.21AS.8.src.rpm f5abfd6edcababd2bab542f836950d16 sendmail-8.12.11-4.21AS.8.src.rpm i386: aaf362f3da9cfbeac698bd0cae38849a sendmail-8.12.11-4.21AS.8.i386.rpm edf605382c1edceeb3520494ef1defa4 sendmail-cf-8.12.11-4.21AS.8.i386.rpm f410e2be904b29607c8b57c598d6e86a sendmail-devel-8.12.11-4.21AS.8.i386.rpm 7920ac760db2f52d85c942817b0a1a84 sendmail-doc-8.12.11-4.21AS.8.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/sendmail-8.12.11-4.21AS.8.src.rpm f5abfd6edcababd2bab542f836950d16 sendmail-8.12.11-4.21AS.8.src.rpm i386: aaf362f3da9cfbeac698bd0cae38849a sendmail-8.12.11-4.21AS.8.i386.rpm edf605382c1edceeb3520494ef1defa4 sendmail-cf-8.12.11-4.21AS.8.i386.rpm f410e2be904b29607c8b57c598d6e86a sendmail-devel-8.12.11-4.21AS.8.i386.rpm 7920ac760db2f52d85c942817b0a1a84 sendmail-doc-8.12.11-4.21AS.8.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kb.cert.org/vuls/id/834865 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEIXjlXlSAg2UNWIIRAhRuAJ9csgzboVXDo8RWQHCufu5EubSTcACdF3gF 7BwYoPLST/+CwCmbyDkvbt0= =GcVT - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: sendmail security update Advisory ID: RHSA-2006:0264-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0264.html Issue date: 2006-03-22 Updated on: 2006-03-22 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0058 - - --------------------------------------------------------------------- 1. Summary: Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Sendmail is a Mail Transport Agent (MTA) used to send mail between machines. A flaw in the handling of asynchronous signals was discovered in Sendmail. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0058 to this issue. By default on Red Hat Enterprise Linux 3 and 4, Sendmail is configured to only accept connections from the local host. Therefore, only users who have configured Sendmail to listen to remote hosts would be able to be remotely exploited by this vulnerability. Users of Sendmail are advised to upgrade to these erratum packages, which contain a backported patch from the Sendmail team to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 184465 - CVE-2006-0058 Sendmail race condition issue 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/sendmail-8.12.11-4.RHEL3.4.src.rpm 7d2875e6d9a3b4ddfa54e3be67888070 sendmail-8.12.11-4.RHEL3.4.src.rpm i386: 944e64db10b061dff22a10117c7f4a31 sendmail-8.12.11-4.RHEL3.4.i386.rpm c8fc53343bff73624542b4ea77c2b565 sendmail-cf-8.12.11-4.RHEL3.4.i386.rpm 090525584bce022b9e04bafbefb9d71a sendmail-devel-8.12.11-4.RHEL3.4.i386.rpm c3ea9cb0ab86047422d58447e93415fb sendmail-doc-8.12.11-4.RHEL3.4.i386.rpm ia64: bc6715fefbd6bd9349b8116a13127d6b sendmail-8.12.11-4.RHEL3.4.ia64.rpm beb6de13a56f2fffdfed69ae7a050137 sendmail-cf-8.12.11-4.RHEL3.4.ia64.rpm 2ad6d475f92907b535b175a10572c897 sendmail-devel-8.12.11-4.RHEL3.4.ia64.rpm 231ea97fa236e429ecc6f7734f950025 sendmail-doc-8.12.11-4.RHEL3.4.ia64.rpm ppc: e548c09d3101ee937fa900dee199c207 sendmail-8.12.11-4.RHEL3.4.ppc.rpm d4e14142aa623898b6a978e7658f036a sendmail-cf-8.12.11-4.RHEL3.4.ppc.rpm 813ba2da17685d2923796826d0720735 sendmail-devel-8.12.11-4.RHEL3.4.ppc.rpm 2dc1c320d39a5733d7e2594a38d2c681 sendmail-doc-8.12.11-4.RHEL3.4.ppc.rpm s390: 28995c615c097f06b93566bcf7e7e620 sendmail-8.12.11-4.RHEL3.4.s390.rpm f9f3328d6170be64beaa4f1f43cca5a4 sendmail-cf-8.12.11-4.RHEL3.4.s390.rpm 6d28c9d70fb26c3ae7916f4c20937095 sendmail-devel-8.12.11-4.RHEL3.4.s390.rpm 1f16f02650a63249180b285e98fca603 sendmail-doc-8.12.11-4.RHEL3.4.s390.rpm s390x: 4ef7001ea500dc64f7f14d42e5ef419b sendmail-8.12.11-4.RHEL3.4.s390x.rpm f6607a113c0efa597fdea8926c060436 sendmail-cf-8.12.11-4.RHEL3.4.s390x.rpm 65122cedf0c82b7491fcaa30bf135f63 sendmail-devel-8.12.11-4.RHEL3.4.s390x.rpm 9df7ab571f5ad111db83bf403d58ef88 sendmail-doc-8.12.11-4.RHEL3.4.s390x.rpm x86_64: 33764d084b7cfbb9687ec3a55f6e466c sendmail-8.12.11-4.RHEL3.4.x86_64.rpm ea1690edc3270c917b63c10b3c2b47a3 sendmail-cf-8.12.11-4.RHEL3.4.x86_64.rpm 0a5290a0b2b2c96558fa120120eb316d sendmail-devel-8.12.11-4.RHEL3.4.x86_64.rpm 48a4b96f92aea23a54b7e2740dcc8f87 sendmail-doc-8.12.11-4.RHEL3.4.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/sendmail-8.12.11-4.RHEL3.4.src.rpm 7d2875e6d9a3b4ddfa54e3be67888070 sendmail-8.12.11-4.RHEL3.4.src.rpm i386: 944e64db10b061dff22a10117c7f4a31 sendmail-8.12.11-4.RHEL3.4.i386.rpm c8fc53343bff73624542b4ea77c2b565 sendmail-cf-8.12.11-4.RHEL3.4.i386.rpm 090525584bce022b9e04bafbefb9d71a sendmail-devel-8.12.11-4.RHEL3.4.i386.rpm c3ea9cb0ab86047422d58447e93415fb sendmail-doc-8.12.11-4.RHEL3.4.i386.rpm x86_64: 33764d084b7cfbb9687ec3a55f6e466c sendmail-8.12.11-4.RHEL3.4.x86_64.rpm ea1690edc3270c917b63c10b3c2b47a3 sendmail-cf-8.12.11-4.RHEL3.4.x86_64.rpm 0a5290a0b2b2c96558fa120120eb316d sendmail-devel-8.12.11-4.RHEL3.4.x86_64.rpm 48a4b96f92aea23a54b7e2740dcc8f87 sendmail-doc-8.12.11-4.RHEL3.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/sendmail-8.12.11-4.RHEL3.4.src.rpm 7d2875e6d9a3b4ddfa54e3be67888070 sendmail-8.12.11-4.RHEL3.4.src.rpm i386: 944e64db10b061dff22a10117c7f4a31 sendmail-8.12.11-4.RHEL3.4.i386.rpm c8fc53343bff73624542b4ea77c2b565 sendmail-cf-8.12.11-4.RHEL3.4.i386.rpm 090525584bce022b9e04bafbefb9d71a sendmail-devel-8.12.11-4.RHEL3.4.i386.rpm c3ea9cb0ab86047422d58447e93415fb sendmail-doc-8.12.11-4.RHEL3.4.i386.rpm ia64: bc6715fefbd6bd9349b8116a13127d6b sendmail-8.12.11-4.RHEL3.4.ia64.rpm beb6de13a56f2fffdfed69ae7a050137 sendmail-cf-8.12.11-4.RHEL3.4.ia64.rpm 2ad6d475f92907b535b175a10572c897 sendmail-devel-8.12.11-4.RHEL3.4.ia64.rpm 231ea97fa236e429ecc6f7734f950025 sendmail-doc-8.12.11-4.RHEL3.4.ia64.rpm x86_64: 33764d084b7cfbb9687ec3a55f6e466c sendmail-8.12.11-4.RHEL3.4.x86_64.rpm ea1690edc3270c917b63c10b3c2b47a3 sendmail-cf-8.12.11-4.RHEL3.4.x86_64.rpm 0a5290a0b2b2c96558fa120120eb316d sendmail-devel-8.12.11-4.RHEL3.4.x86_64.rpm 48a4b96f92aea23a54b7e2740dcc8f87 sendmail-doc-8.12.11-4.RHEL3.4.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/sendmail-8.12.11-4.RHEL3.4.src.rpm 7d2875e6d9a3b4ddfa54e3be67888070 sendmail-8.12.11-4.RHEL3.4.src.rpm i386: 944e64db10b061dff22a10117c7f4a31 sendmail-8.12.11-4.RHEL3.4.i386.rpm c8fc53343bff73624542b4ea77c2b565 sendmail-cf-8.12.11-4.RHEL3.4.i386.rpm 090525584bce022b9e04bafbefb9d71a sendmail-devel-8.12.11-4.RHEL3.4.i386.rpm c3ea9cb0ab86047422d58447e93415fb sendmail-doc-8.12.11-4.RHEL3.4.i386.rpm ia64: bc6715fefbd6bd9349b8116a13127d6b sendmail-8.12.11-4.RHEL3.4.ia64.rpm beb6de13a56f2fffdfed69ae7a050137 sendmail-cf-8.12.11-4.RHEL3.4.ia64.rpm 2ad6d475f92907b535b175a10572c897 sendmail-devel-8.12.11-4.RHEL3.4.ia64.rpm 231ea97fa236e429ecc6f7734f950025 sendmail-doc-8.12.11-4.RHEL3.4.ia64.rpm x86_64: 33764d084b7cfbb9687ec3a55f6e466c sendmail-8.12.11-4.RHEL3.4.x86_64.rpm ea1690edc3270c917b63c10b3c2b47a3 sendmail-cf-8.12.11-4.RHEL3.4.x86_64.rpm 0a5290a0b2b2c96558fa120120eb316d sendmail-devel-8.12.11-4.RHEL3.4.x86_64.rpm 48a4b96f92aea23a54b7e2740dcc8f87 sendmail-doc-8.12.11-4.RHEL3.4.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/sendmail-8.13.1-3.RHEL4.3.src.rpm e83dd254437bf7d4415a6be12c7a58da sendmail-8.13.1-3.RHEL4.3.src.rpm i386: fba1a601a1ab106f67b22030ad090c28 sendmail-8.13.1-3.RHEL4.3.i386.rpm 8ed398a86f127e08ee31b19f14deafc4 sendmail-cf-8.13.1-3.RHEL4.3.i386.rpm dade78569735970629e880969892b9f3 sendmail-devel-8.13.1-3.RHEL4.3.i386.rpm 3e656f2c678aa19f32eaad782abada8a sendmail-doc-8.13.1-3.RHEL4.3.i386.rpm ia64: 7b366e3fbfab8ce2a4cabff56c5dae2b sendmail-8.13.1-3.RHEL4.3.ia64.rpm 4d2625fc1981329a7a348b360c9c2209 sendmail-cf-8.13.1-3.RHEL4.3.ia64.rpm 23e84e296ce17c5a18d2dd8ed3189d7e sendmail-devel-8.13.1-3.RHEL4.3.ia64.rpm 5d4ca9a18cc0cd9148679fc8e4b9b339 sendmail-doc-8.13.1-3.RHEL4.3.ia64.rpm ppc: 5d46ed345d357e23637ee93538c9bf6c sendmail-8.13.1-3.RHEL4.3.ppc.rpm 94419ba6a9ca2b2c5fd6c270e27a0c0a sendmail-cf-8.13.1-3.RHEL4.3.ppc.rpm 605283ccb19d98bc52c28455c4cb33ef sendmail-devel-8.13.1-3.RHEL4.3.ppc.rpm f94dff61d5f788c40a6da60bc54f35fd sendmail-doc-8.13.1-3.RHEL4.3.ppc.rpm s390: c4a8cae7959a00d193e839219c451ccf sendmail-8.13.1-3.RHEL4.3.s390.rpm de299b0e3f4fd221c13ae2112a1cc8db sendmail-cf-8.13.1-3.RHEL4.3.s390.rpm af0b3dd5a26d1c2c375b9aa83bce4d66 sendmail-devel-8.13.1-3.RHEL4.3.s390.rpm 4839491332c2ff2fff4316655e3004b4 sendmail-doc-8.13.1-3.RHEL4.3.s390.rpm s390x: 035e31b624879ea90785783a4565b91e sendmail-8.13.1-3.RHEL4.3.s390x.rpm a435f54801fe106550537e35078c115e sendmail-cf-8.13.1-3.RHEL4.3.s390x.rpm 585b0b0c27f4fb729c31037f0887c375 sendmail-devel-8.13.1-3.RHEL4.3.s390x.rpm 8ba7aabd895330273240c1bcdbe295a8 sendmail-doc-8.13.1-3.RHEL4.3.s390x.rpm x86_64: 798fc57962c9588440de9556f06fe3ab sendmail-8.13.1-3.RHEL4.3.x86_64.rpm 126a565b097fcf2d48b94e735686d083 sendmail-cf-8.13.1-3.RHEL4.3.x86_64.rpm 8d60a35991c05a6fe959a529ade0959c sendmail-devel-8.13.1-3.RHEL4.3.x86_64.rpm 0bcbe2d9682b2505c439650f693a0b6c sendmail-doc-8.13.1-3.RHEL4.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/sendmail-8.13.1-3.RHEL4.3.src.rpm e83dd254437bf7d4415a6be12c7a58da sendmail-8.13.1-3.RHEL4.3.src.rpm i386: fba1a601a1ab106f67b22030ad090c28 sendmail-8.13.1-3.RHEL4.3.i386.rpm 8ed398a86f127e08ee31b19f14deafc4 sendmail-cf-8.13.1-3.RHEL4.3.i386.rpm dade78569735970629e880969892b9f3 sendmail-devel-8.13.1-3.RHEL4.3.i386.rpm 3e656f2c678aa19f32eaad782abada8a sendmail-doc-8.13.1-3.RHEL4.3.i386.rpm x86_64: 798fc57962c9588440de9556f06fe3ab sendmail-8.13.1-3.RHEL4.3.x86_64.rpm 126a565b097fcf2d48b94e735686d083 sendmail-cf-8.13.1-3.RHEL4.3.x86_64.rpm 8d60a35991c05a6fe959a529ade0959c sendmail-devel-8.13.1-3.RHEL4.3.x86_64.rpm 0bcbe2d9682b2505c439650f693a0b6c sendmail-doc-8.13.1-3.RHEL4.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/sendmail-8.13.1-3.RHEL4.3.src.rpm e83dd254437bf7d4415a6be12c7a58da sendmail-8.13.1-3.RHEL4.3.src.rpm i386: fba1a601a1ab106f67b22030ad090c28 sendmail-8.13.1-3.RHEL4.3.i386.rpm 8ed398a86f127e08ee31b19f14deafc4 sendmail-cf-8.13.1-3.RHEL4.3.i386.rpm dade78569735970629e880969892b9f3 sendmail-devel-8.13.1-3.RHEL4.3.i386.rpm 3e656f2c678aa19f32eaad782abada8a sendmail-doc-8.13.1-3.RHEL4.3.i386.rpm ia64: 7b366e3fbfab8ce2a4cabff56c5dae2b sendmail-8.13.1-3.RHEL4.3.ia64.rpm 4d2625fc1981329a7a348b360c9c2209 sendmail-cf-8.13.1-3.RHEL4.3.ia64.rpm 23e84e296ce17c5a18d2dd8ed3189d7e sendmail-devel-8.13.1-3.RHEL4.3.ia64.rpm 5d4ca9a18cc0cd9148679fc8e4b9b339 sendmail-doc-8.13.1-3.RHEL4.3.ia64.rpm x86_64: 798fc57962c9588440de9556f06fe3ab sendmail-8.13.1-3.RHEL4.3.x86_64.rpm 126a565b097fcf2d48b94e735686d083 sendmail-cf-8.13.1-3.RHEL4.3.x86_64.rpm 8d60a35991c05a6fe959a529ade0959c sendmail-devel-8.13.1-3.RHEL4.3.x86_64.rpm 0bcbe2d9682b2505c439650f693a0b6c sendmail-doc-8.13.1-3.RHEL4.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/sendmail-8.13.1-3.RHEL4.3.src.rpm e83dd254437bf7d4415a6be12c7a58da sendmail-8.13.1-3.RHEL4.3.src.rpm i386: fba1a601a1ab106f67b22030ad090c28 sendmail-8.13.1-3.RHEL4.3.i386.rpm 8ed398a86f127e08ee31b19f14deafc4 sendmail-cf-8.13.1-3.RHEL4.3.i386.rpm dade78569735970629e880969892b9f3 sendmail-devel-8.13.1-3.RHEL4.3.i386.rpm 3e656f2c678aa19f32eaad782abada8a sendmail-doc-8.13.1-3.RHEL4.3.i386.rpm ia64: 7b366e3fbfab8ce2a4cabff56c5dae2b sendmail-8.13.1-3.RHEL4.3.ia64.rpm 4d2625fc1981329a7a348b360c9c2209 sendmail-cf-8.13.1-3.RHEL4.3.ia64.rpm 23e84e296ce17c5a18d2dd8ed3189d7e sendmail-devel-8.13.1-3.RHEL4.3.ia64.rpm 5d4ca9a18cc0cd9148679fc8e4b9b339 sendmail-doc-8.13.1-3.RHEL4.3.ia64.rpm x86_64: 798fc57962c9588440de9556f06fe3ab sendmail-8.13.1-3.RHEL4.3.x86_64.rpm 126a565b097fcf2d48b94e735686d083 sendmail-cf-8.13.1-3.RHEL4.3.x86_64.rpm 8d60a35991c05a6fe959a529ade0959c sendmail-devel-8.13.1-3.RHEL4.3.x86_64.rpm 0bcbe2d9682b2505c439650f693a0b6c sendmail-doc-8.13.1-3.RHEL4.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kb.cert.org/vuls/id/834865 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEIXjDXlSAg2UNWIIRAg2SAJ90YhR0H8+1YtVFl3/ul/zxclypYACeK5db l6zmqM3K34PhxzKPhn+AniY= =SWob - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRCH6Dyh9+71yA2DNAQK2XQP8DKLPNSHzmtZmKPMwiN/QFp74e/FAWBSf Ab5fPN7fh+j0zLugk4fADQ7i2jOGH+twd1XStYTM6CBx7ca6tv9qxLyM+QIb1bR7 enJxXWWjU1SXEOQgKps5e5jF/7TIPXwmVKAA+s4PXTj81sUL/Lm45eV+2EF8vCg6 TkXGtKvtuk4= =9FLC -----END PGP SIGNATURE-----