[Dshield] New critical security hole in sendmail.
nlindq at maei.ca
Thu Sep 18 19:40:29 GMT 2003
On 18 Sep 2003 at 9:55, Jon R. Kibler wrote:
> Looks like the same thing. The fact RedHat published their fix (and
> thus made everyone aware of the exploit) before sendmail published an
> official release is probably why sendmail pushed up the release of
> 8.12.10 by a week.
Actually, the BugTraq announcement from Michael Zalewski includes the
following line as part of the overview:
> This is an early release, thanks to my sheer stupidity.
RedHat's announcement of their published fix didn't occur until after
Zalewski's post. I don't think they jumped the gun this time.
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.
More information about the list