rPSA-2006-0134-1 sendmail sendmail-cf

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2006-0134-1 sendmail sendmail-cf
From: "Justin M. Forbes" <jmforbes@xxxxxxxxx>
Date: Fri, 21 Jul 2006 10:54:42 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2006-0134-1
Published: 2006-07-21
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Remote Deterministic Denial of Service
Updated Versions:
    sendmail=/conary.rpath.com@rpl:devel//1/8.13.7-0.1-1
    sendmail-cf=/conary.rpath.com@rpl:devel//1/8.13.7-0.1-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
    https://issues.rpath.com/browse/RPL-526

Description:
    Previous versions of the sendmail package are vulnerable to a denial
    of service attack in which malformed multipart MIME messages can
    halt sendmail from delivering messages and possibly exhaust disk
    space with core dump files when sendmail crashes.

Prev by Date: [SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service
Next by Date: [security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006
Previous by thread: [SECURITY] [DSA 1117-1] New libgd2 packages fix denial of service
Next by thread: [security bulletin] HPSBMA02133 SSRT061201 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update July 2006
Index(es):
- Date
- Thread