RHN Errata Alert: Updated sendmail packages fix vulnerability

stargate

systemengineer[MOD]
Beiträge
845
Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
https://rhn.redhat.com/network/errata/errata_details.pxt?eid=1565

Security Advisory - RHSA-2003:120-07
------------------------------------------------------------------------------
Summary:
Updated sendmail packages fix vulnerability

Updated Sendmail packages are available to fix a vulnerability that
allows local and possibly remote attackers to gain root privileges.

Description:
Sendmail is a widely used Mail Transport Agent (MTA) which is included
in all Red Hat Linux distributions.

There is a vulnerability in Sendmail versions prior to and including
8.12.8. The address parser performs insufficient bounds checking in certain
conditions due to a char to int conversion, making it possible for an
attacker to take control of the application. Although no exploit currently
exists, this issue is probably locally exploitable and may also be remotely
exploitable.

All users are advised to update to these erratum packages containing a
backported patch which corrects these vulnerabilities.

Red Hat would like to thank Michal Zalewski for finding and reporting this
issue.
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

- select your server name by clicking on its name from the list
available at the following location, and then schedule an
errata update for it:
https://rhn.redhat.com/network/systemlist/system_list.pxt

- run the Update Agent on each affected server.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


----------------
Affected Systems
----------------
According to our records, this errata may apply to one or more of the
systems that you've profiled with Red Hat Network. To see precisely which
systems are affected, please go to:
https://rhn.redhat.com/network/errata/systems_affected.pxt?eid=1565



The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
RHN user login: hugo
Email address on file: <anyone@anyone.de>

If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:
https://rhn.redhat.com/forgot_password.pxt

To cancel these notices, go to:
https://rhn.redhat.com/oo.pxt?uid=544370&oid=950485
 

Ähnliche Themen

Nginx als Reverse Proxy für Nextcloud und Emby

Zugriff Ubuntu 16.04. auf Freigabe 18.04. LTS nicht möglich

CentOS 5.8 –SQL Abfrage– HTML wird generiert und daraus müssen mehrere Mails versendet werden

Senior System & Network Admin in Berlin

rpm mittels yum

Oben