You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa sendmail

Sigurnosni nedostatak programskog paketa sendmail

by ncert - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2014-7093
2014-06-05 03:33:31
——————————————————————————–

Name : sendmail
Product : Fedora 20
Version : 8.14.8
Release : 2.fc20
URL : http://www.sendmail.org/
Summary : A widely used Mail Transport Agent (MTA)
Description :
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.

If you ever need to reconfigure Sendmail, you will also need to have
the sendmail-cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.

——————————————————————————–
Update Information:

This is an update that fixes bug which can lead to sendmail leaking file descriptors to processes it spawns.
——————————————————————————–
ChangeLog:

* Wed Jun 4 2014 Jaroslav Škarvada <jskarvad@redhat.com> – 8.14.8-2
– Properly set the close-on-exec flag for file descriptors
(by close-on-exec patch)
Resolves: CVE-2014-3956
* Tue Feb 11 2014 Jaroslav Škarvada <jskarvad@redhat.com> – 8.14.8-1
– New version
Resolves: rhbz#1059665
– Updated/defuzzified patches
——————————————————————————–
References:

[ 1 ] Bug #1102174 – CVE-2014-3956 sendmail: Properly set the close-on-exec flag for file descriptors
https://bugzilla.redhat.com/show_bug.cgi?id=1102174
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update sendmail’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-7095
2014-06-05 03:33:35
--------------------------------------------------------------------------------

Name        : sendmail
Product     : Fedora 19
Version     : 8.14.7
Release     : 2.fc19
URL         : http://www.sendmail.org/
Summary     : A widely used Mail Transport Agent (MTA)
Description :
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.

If you ever need to reconfigure Sendmail, you will also need to have
the sendmail-cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.

--------------------------------------------------------------------------------
Update Information:

This is an update that fixes bug which can lead to sendmail leaking file descriptors to processes it spawns.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  4 2014 Jaroslav Škarvada  - 8.14.7-2
- Properly set the close-on-exec flag for file descriptors
  (by close-on-exec patch)
  Resolves: CVE-2014-3956
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1102174 - CVE-2014-3956 sendmail: Properly set the close-on-exec flag for file descriptors
        https://bugzilla.redhat.com/show_bug.cgi?id=1102174
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update sendmail' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa GnuTLS

Otkriveni su sigurnosni nedostaci u programskom paketu GnuTLS za operacijski sustav Suse. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close