Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 42664 - Race condition in older versions of sendmail is fixed in version 8.11.4
Race condition in older versions of sendmail is fixed in version 8.11.4
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: sendmail (Show other bugs)
6.2
All Linux
medium Severity high
: ---
: ---
Assigned To: Florian La Roche
David Lawrence
http://www.securityfocus.com/archive/...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-05-29 05:15 EDT by Peter Ajamian
Modified: 2007-04-18 12:33 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-05-29 05:15:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Peter Ajamian 2001-05-29 05:15:25 EDT 
From Bugzilla Helper:
User-Agent: Mozilla/4.73 [en] (Win95; U)

Description of problem:
Sendmail versions prior to 8.11.4 have a documented race condition having to do with signal handling which can lead to heap corruption and a 
possible local root exploit (none are currently known).

How reproducible:
Didn't try

Steps to Reproduce:


Additional info:

Although difficult to expliot, this is a potentially serious bug which IMHO warrants an errata with packages for all currently supported versions to 
upgrade to 8.11.4.

References:
http://www.securityfocus.com/archive/1/187126
http://www.securityfocus.com/archive/1/187127
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.