RE: [cobalt-users] IMPORTANT: Sendmail vulnrability - Sun Cobalt-specific Instructions

[aljuhani <aljuhani@xxxxxxxxx>]

Hello Grant.

I have posted the URL at the bottom of my last message.  Anyway, the URL is 
under Sun's Support Fourm:
http://supportforum.sun.com/cgi-bin/WebX.cgi?13@xxxxxxxxxxxxxxx^0@.eeb7a0d

and from Sendmail List, here is a command that you can you issue to check if 
your sendmail is updated.

[root]# strings /usr/sbin/sendmail | grep "Dropped invalid comments"
Dropped invalid comments from header address

You should get the above output.  Not to fotget to upgrade your mail directory 
(sendmail.cf, access, etc) beofre applying the RPMs.

aljuhani@xxxxxxxxx


====Original Message====
In a previous message, aljuhani typed vigorously:

>Instructions below are posted at sun.com regarding patching up sendmail.
>The instructions were posted on 4th March while the pkgmaster.com package
>is dated a day earlier (3rd of March).  My Question should we use these
>instructions and install RPMs from sun or installing pkgmaster.com
>package is enough.

Wow. I'm impressed. You were actually able to find this information on 
the Sun site. I've been looking for half and hour and can't find thing 
one. Could you please post the URL where you found this information? 
Thanks.

By the way, there are RPMs for the Qube2 in:

ftp://ftp-eng.cobalt.com/pub/experimental/security/sendmail/qube2/

The read me is here:

ftp://ftp-eng.cobalt.com/pub/experimental/security/sendmail/README.all

g.

......................................................................

Grant Hutchinson
Interface Considerations & Toys