[Dshield] New critical security hole in sendmail.

Nels Lindquist nlindq at maei.ca
Thu Sep 18 19:40:29 GMT 2003


On 18 Sep 2003 at 9:55, Jon R. Kibler wrote:

> Looks like the same thing. The fact RedHat published their fix (and
> thus made everyone aware of the exploit) before sendmail published an
> official release is probably why sendmail pushed up the release of
> 8.12.10 by a week. 

Actually, the BugTraq announcement from Michael Zalewski includes the 
following line as part of the overview:

> This is an early release, thanks to my sheer stupidity.

RedHat's announcement of their published fix didn't occur until after 
Zalewski's post.  I don't think they jumped the gun this time.

----
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.




More information about the list mailing list