Bug 202311 - CVE-2006-4434 - sendmail 8.13.8 is released
CVE-2006-4434 - sendmail 8.13.8 is released
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: sendmail (Show other bugs)
rawhide
All Linux
medium Severity urgent
: ---
: ---
Assigned To: Thomas Woerner
David Lawrence
http://www.sendmail.org/releases/8.13...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-08-12 12:48 EDT by Robert Scheck
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 8.13.8-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-02 08:05:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Robert Scheck 2006-08-12 12:48:01 EDT
Description of problem:
Sendmail, Inc., and the Sendmail Consortium announce the availability of 
sendmail 8.13.8. It fixes some problems introduced in 8.13.7, as well as
some other bugs.

Version-Release number of selected component (if applicable):
sendmail-8.13.7-3.1

Actual results:
A simple upgrade (new versions in the spec file) did it for me - without
any patch merging.

Expected results:
Upgrade to 8.13.8... ;-)

Additional info:
Resolving this bug report by upgrading should resolve bug #198099.
Comment 1 Robert Scheck 2006-08-29 13:33:01 EDT
Okay...while doing nothing instead of my expected result, this bug now got
a security bug ;-) Secunia and FrSIRT are reporting possible DoS cases for 
sendmail < 8.13.8. Please update Rawhide to 8.13.8 soon...
Comment 2 Gilbert Sebenste 2006-08-29 14:01:06 EDT
Here is the direct link to that FrSIRT advisory:

http://www.frsirt.com/english/advisories/2006/3393
Comment 3 Gilbert Sebenste 2006-08-29 14:09:30 EDT
Here's the official links:

http://www.frsirt.com/english/advisories/2006/3393

Also just starting to get reports of possible DOS's from Secunia on
this vulnerability.

http://secunia.com/advisories/21637/
Comment 4 Robert Scheck 2006-09-02 08:05:23 EDT
This bug is CVE-2006-4434. Fixed in Rawhide, closing now.

Note You need to log in before you can comment on or make changes to this bug.