|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Richard A Nelson (cowboy
debian.org)Date: Thu May 31 2001 - 10:29:04 CDT
On Wed, 30 May 2001, David Luyer wrote:
> Package: sendmail
> Version: 8.11.4+8.12.0.Beta10-1
>
> (now the headers for Debian bug tracking are out of the way...)
>
> Someone got the time to see if there's a security problem here?
>
> sendmail -t segfaults on a pair of addresses separated by a semicolon,
> and sendmail segfaults make me uneasy...
I understand you're concern about segfaults - but would strongly urge
you to send Debian Sendmail problems through me *FIRST*... If you don't
get an answer in a reasonable time, by all means hit other lists...
Note also, that with 8.12, the most that could happen here is obtaining
group mail -- only the listener/delivery daemon is running suid root!
> typhaon; sendmail -t
> To: axyzzy.com; bxyzzy.com
>
> blah
> .
> axyzzy.com; bxyzzy.com... Invalid route address
> segmentation violation
Not here:
# sendmail -t
To: axyzzy.com; bxyzzy.com
blah
.
axyzzy.com; bxyzzy.com... Invalid route address
#
I just get the expected return mail notice !
What Kernel and hardware ?
Please try to strace it - and send me the output (and
/etc/mail/{sendmail,submit}.mc)
-- Rick Nelson ----==-- _ / / \ ---==---(_)__ __ ____ __ / / /\ \ --==---/ / _ \/ // /\ \/ / / /_/\ \ \ -=====/_/_//_/\_,_/ /_/\_\ /______\ \ \ A proud member of TeamLinux \_________\/ -- CHaley (HAC), haley
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]