Sendmail package version weirdness

To: debian-security@lists.debian.org
Subject: Sendmail package version weirdness
From: Robert Brockway <robert@timetraveller.org>
Date: Thu, 18 Sep 2003 22:58:49 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.58.0309182251540.4401@zen.canint.timetraveller.org>

Hi all.  I took preventative measures to protect my exploitable sendmail
until I could get the new package installed on my mail server (running
Debian Stable).  I did the usual sudo apt-get update && sudo apt-get
upgrade but wasn't seeing the new package.

A little bit of investigation showed the problem.  The version I was
running (exploitable) was 8.12.3-7woody so when I tried to upgrade to the
newer fixed version (8.12.3-6.6) it ways always seeing this as an older
version & failing to install it.

Was there any particular reason that this newer fixed version has a
version number the makes it look older than the exploitable version?
Surely this will make life harder for people wanting to upgrade since the
normal apt0-get method will fail.  Was it just a mjessup with version
numbering? :)  If it was I'd suggest the fixed sendmail be re-issued with
a higher version number to fix the problem.

Thanks again, must have been a busy few days for you :)

Cheers,
	Rob

-- 
Robert Brockway B.Sc. email: robert@timetraveller.org, zzbrock@uqconnect.net
Linux counter project ID #16440 (http://counter.li.org)
"The earth is but one country and mankind its citizens" -Baha'u'llah

Reply to:

Follow-Ups:
- Re: Sendmail package version weirdness
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: ***DEB*: Re: [sec] Re: Strange segmentation faults and Zombies
Next by Date: Re: Remote update of ssh(d)
Previous by thread: Postfix and SSL
Next by thread: Re: Sendmail package version weirdness
Index(es):
- Date
- Thread