From: Brett Glass (brettlariat.org)
Date: Wed Mar 05 2003 - 11:18:03 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 05:50 AM 3/5/2003, David Schultz wrote:

>It looks like you've applied a patch for the wrong version of
>sendmail. (Perhaps these are pre-4.6 sources, for instance.)
>The easiest way to recover is probably to fetch fresh patched
>sources via anoncvs or cvsup.

It turns out that it was 4.5-RELEASE-p4, just a sliver before
4.6. (The system had been patched for later problems rather
than upgraded, because it's a production machine.) Quite recent.
(You don't want to change point versions constantly on
production machines.)

I was lucky I noticed the problem. The messages just rolled
by, and if I hadn't scrolled back I would not have caught
them. I'll bet some folks missed this and are unprotected.
(The hunks that are rejected are important, but the message
about dropping the comments is in one of the hunks that's
accepted, so it looks as if the patch took!)

What I have done on that machine is install the 4.6 binary,
which seems to run just fine on 4.5 and even 4.4 (though
you may need to add the misssing group).

Patches should be provided back to 4.4, IMHO.

--Brett

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]