RedHat / SUSE security advisory for sendmail
Posted: Wed Mar 22, 2006 12:51 pm
Another security advisory for a potential remote exploit when using sendmail with RHEL3, RHEL4 as well as all SUSE products has been released.
The details can be found at http://rhn.redhat.com/errata/RHSA-2006-0515.html
SUSE customers, please read below.
For Scalix customers, this shouldn't cause too much concern as, by default, the SMTP Relay is listening on the external IP address and sendmail should only be listening on the localhost ( 127.0.0.1 ) address.
However, the errata will provide a new sendmail.cf and submit.cf with .rpmnew extensions. Usual practice is that customers should analyse the differences between the original and the .rpmnew versions and apply any changes to the .rpmnew version. They should then copy the .rpmnew version over the original.
If you have configured a milter such as SpamAssassin, you will need to re-apply the changes as documented in the technote. Details are at http://www.scalix.com/community/viewtopic.php?t=929.
After copying the .rpmnew version over the original, you should run the Scalix command to re-apply the Scalix-specific rules.
Once that is complete, restart sendmail with.
Customers that are currently using the dual IP address solution from previous SpamAssassin technotes should take the time to read the new technote as there is no longer any need to have that dual IP solution in place. The SMTPFILTER option to smtpd.cfg has been available since 9.4.
If there are any questions, please post them to the forum.
Regards,
Scalix Support Team
SUSE patches:
86 Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... 3.i586.rpm
1e3fa1b7a729d2b260a4da6d9ff962f4
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
70a41db80164fb7d50e823774566ea9e
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
94679162ea3b479f20362f0d01ea4d72
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
10e79f3a40ec0c25911cf2549009d609
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update ... 7.i586.rpm
adc59ac9fa4ba76743bd073e0334b9d9
Power PC Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... .3.ppc.rpm
81580c25511daa9862a1dd8f5ca7d48b
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.ppc.rpm
ff81143d1dee29c58aea6038a952c903
x86-64 Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... x86_64.rpm
8f724bcf3c0aaac8923241c9f3288c40
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
40fc8a5f7ad12159528b8cc1d4c2173f
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
d8b8ba804ac1a04b22d673c52d654f69
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
6dcf297dbbcfb5d2b7d0a55efb9c3099
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/upda ... x86_64.rpm
dd3ed5bd5318928a9bfe4320eed67027
Sources:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... .3.src.rpm
7ed5b46eb2ed2a18becadf43b8cba7b1
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
0f93d3d608305d44667ec1b35a76e626
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
c9ac83c770a63f94fe18a156898ffe70
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
6dd980cf9e4ee2d14d9ec1e8f7c804f5
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update ... .7.src.rpm
d312bd0544a7e3b7456abfb79a296383
ftp://ftp.suse.com/pub/suse/x86_64/upda ... .7.src.rpm
c1bfd5c0dbd95faee42ae0a2694147bf
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
UnitedLinux 1.0
http://support.novell.com/cgi-bin/searc ... 761b3.html
SUSE SLES 9
http://support.novell.com/cgi-bin/searc ... 761b3.html
SuSE Linux Enterprise Server 8
http://support.novell.com/cgi-bin/searc ... 761b3.html
The details can be found at http://rhn.redhat.com/errata/RHSA-2006-0515.html
SUSE customers, please read below.
For Scalix customers, this shouldn't cause too much concern as, by default, the SMTP Relay is listening on the external IP address and sendmail should only be listening on the localhost ( 127.0.0.1 ) address.
However, the errata will provide a new sendmail.cf and submit.cf with .rpmnew extensions. Usual practice is that customers should analyse the differences between the original and the .rpmnew versions and apply any changes to the .rpmnew version. They should then copy the .rpmnew version over the original.
If you have configured a milter such as SpamAssassin, you will need to re-apply the changes as documented in the technote. Details are at http://www.scalix.com/community/viewtopic.php?t=929.
After copying the .rpmnew version over the original, you should run the Scalix command
Code: Select all
omsendinOnce that is complete, restart sendmail with
Code: Select all
/etc/init.d/sendmail restartCustomers that are currently using the dual IP address solution from previous SpamAssassin technotes should take the time to read the new technote as there is no longer any need to have that dual IP solution in place. The SMTPFILTER option to smtpd.cfg has been available since 9.4.
If there are any questions, please post them to the forum.
Regards,
Scalix Support Team
SUSE patches:
86 Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... 3.i586.rpm
1e3fa1b7a729d2b260a4da6d9ff962f4
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
70a41db80164fb7d50e823774566ea9e
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
94679162ea3b479f20362f0d01ea4d72
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... 6.i586.rpm
10e79f3a40ec0c25911cf2549009d609
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update ... 7.i586.rpm
adc59ac9fa4ba76743bd073e0334b9d9
Power PC Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... .3.ppc.rpm
81580c25511daa9862a1dd8f5ca7d48b
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.ppc.rpm
ff81143d1dee29c58aea6038a952c903
x86-64 Platform:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... x86_64.rpm
8f724bcf3c0aaac8923241c9f3288c40
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
40fc8a5f7ad12159528b8cc1d4c2173f
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
d8b8ba804ac1a04b22d673c52d654f69
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... x86_64.rpm
6dcf297dbbcfb5d2b7d0a55efb9c3099
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/upda ... x86_64.rpm
dd3ed5bd5318928a9bfe4320eed67027
Sources:
SUSE LINUX 10.1:
ftp://ftp.suse.com/pub/suse/update/10.1 ... .3.src.rpm
7ed5b46eb2ed2a18becadf43b8cba7b1
SUSE LINUX 10.0:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
0f93d3d608305d44667ec1b35a76e626
SUSE LINUX 9.3:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
c9ac83c770a63f94fe18a156898ffe70
SUSE LINUX 9.2:
ftp://ftp.suse.com/pub/suse/i386/update ... .6.src.rpm
6dd980cf9e4ee2d14d9ec1e8f7c804f5
SUSE LINUX 9.1:
ftp://ftp.suse.com/pub/suse/i386/update ... .7.src.rpm
d312bd0544a7e3b7456abfb79a296383
ftp://ftp.suse.com/pub/suse/x86_64/upda ... .7.src.rpm
c1bfd5c0dbd95faee42ae0a2694147bf
Our maintenance customers are notified individually. The packages are
offered for installation from the maintenance web:
UnitedLinux 1.0
http://support.novell.com/cgi-bin/searc ... 761b3.html
SUSE SLES 9
http://support.novell.com/cgi-bin/searc ... 761b3.html
SuSE Linux Enterprise Server 8
http://support.novell.com/cgi-bin/searc ... 761b3.html