Sendmail vulnerability : is Debian falling behind?

To: debian-security@lists.debian.org
Subject: Sendmail vulnerability : is Debian falling behind?
From: Jor-el <jorel@austin.rr.com>
Date: Mon, 3 Mar 2003 15:17:16 -0600 (CST)
Message-id: <[🔎] Pine.LNX.3.96.1030303151200.27373A-100000@trillian.megadodo.umb>
Reply-to: jorel@austin.rr.com

Hi,

	In case noone noticed, news of a Sendmail vulnerability appeared
on Slashdot. The really interesting piece of the story for me was the
portion of the blurb with said "...RedHat and OpenBSD have already issued
patches.....links to an update from SuSE, too". 

	What about Debian? I just looked at http://security.debian.org and
see no mention of this vulnerability. I dont use Sendmail myself.
Nevertheless I am still concerned that the people who notify vendors are
not notifying Debian ahead of time before vulnerabilities are publicly
announced. Is that the case? Can someone in the know comment?

Thanks,
Jor-el

Reply to:

Follow-Ups:
- Re: Sendmail vulnerability : is Debian falling behind?
  - From: "Jeremy T. Bouse" <jbouse@debian.org>

Prev by Date: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail (fwd)
Next by Date: Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail (fwd)
Previous by thread: Re: CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail (fwd)
Next by thread: Re: Sendmail vulnerability : is Debian falling behind?
Index(es):
- Date
- Thread