Linux/Sendmail Pro Security Alert (fwd)

Rich Graves rcgraves at brandeis.edu
Thu Jun 8 12:30:47 EDT 2000


On Thu, 8 Jun 2000, Derek Martin wrote:

> I received this yesterday from an employee of Sendmail Inc.  FYI.
> Personally I think it's a marketing ploy... ;)

I think they did the right thing. The exploit was reported to them as a
bug in sendmail. Details of the vulnerability were publicly known. They
worked with Alan Cox and company to find and fix the bug. Then they
notified everyone registered at sendmail.{org,com}.

I'm happy they did. It's not often I can fix a hole before it's even
posted to BUGTRAQ, or download a new kernel version before the mirrors get
loaded.
-- 
Rich Graves <rcgraves at brandeis.edu>
UNet Systems Administrator

Please don't talk to me about Windows 2000. If you did, it might become illegal
for me to support it. http://www.salon.com/tech/log/2000/05/11/slashdot_censor/

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).



More information about the Discuss mailing list