AW: [suse-security] How to tell if update succeded? [suse-security] SuSE Security Announcement: sendmail (SuSE-SA:2003:013)
On the sendmail.org site I found the following test to check if your hand-patching was successful. I guess that should be the same for the suse patched sendmail.
From sendmail.org: (http://www.sendmail.org/patchcr.html)
To check whether the new sendmail binary contains the patch, run this command (in the directory where the binary is located): strings sendmail | grep 'Dropped invalid comments from header address' The command must print the string Dropped invalid comments from header address Regards, uli -----Original Message----- From: Sven 'Darkman' Michels [mailto:sven@darkman.de] Sent: Dienstag, 4. März 2003 10:46 To: suse-security@suse.com Subject: Re: AW: [suse-security] How to tell if update succeded? [suse-security] SuSE Security Announcement: sendmail (SuSE-SA:2003:013) Sebastian Stadtlich wrote:
Hi
I did :
rcsendmail stop rcsendmail start
still the header is the same as before...
sorry. i forgot to write that in the first mail :-(
As SuSE only patches the current running version on each distro you have to take a look into the changelog: rpm -q sendmail --changelog there should be something that informs you about the patch. Otherwise check the installed version: rpm -q sendmail if it's the announced version for your SuSE distro (like sendmail-8.12.6-91 for 8.1) you're safe now (as long as someonw who runs sendmail can be safe ;) Regards, Sven -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
All, I downloaded the patch from the FTP site and installed it using the standard 'rpm -Uvh...' command on a few servers running different versions of SuSE. I then restarted Sendmail to ensure it was running with the new configuration. I ran the strings command previously listed in the group and the appropriate patch line shows. Just giving a heads up! ============================================ Drew J. Como Phone: 631-434-6600 Systems Administrator Fax: 631-434-7800 dcomo@bascom.com Web: www.bascom.com Bascom Global Internet Services, Inc. -------------------------------------------- "When quality is the goal, winning is guaranteed." -----Original Message----- From: Uli Zug [mailto:security@ulizug.de] Sent: Monday, March 03, 2003 1:14 PM To: suse-security@suse.com Subject: AW: [suse-security] How to tell if update succeded? [suse-security] SuSE Security Announcement: sendmail (SuSE-SA:2003:013) On the sendmail.org site I found the following test to check if your hand-patching was successful. I guess that should be the same for the suse patched sendmail.
From sendmail.org: (http://www.sendmail.org/patchcr.html)
To check whether the new sendmail binary contains the patch, run this command (in the directory where the binary is located): strings sendmail | grep 'Dropped invalid comments from header address' The command must print the string Dropped invalid comments from header address Regards, uli -----Original Message----- From: Sven 'Darkman' Michels [mailto:sven@darkman.de] Sent: Dienstag, 4. März 2003 10:46 To: suse-security@suse.com Subject: Re: AW: [suse-security] How to tell if update succeded? [suse-security] SuSE Security Announcement: sendmail (SuSE-SA:2003:013) Sebastian Stadtlich wrote:
Hi
I did :
rcsendmail stop rcsendmail start
still the header is the same as before...
sorry. i forgot to write that in the first mail :-(
As SuSE only patches the current running version on each distro you have to take a look into the changelog: rpm -q sendmail --changelog there should be something that informs you about the patch. Otherwise check the installed version: rpm -q sendmail if it's the announced version for your SuSE distro (like sendmail-8.12.6-91 for 8.1) you're safe now (as long as someonw who runs sendmail can be safe ;) Regards, Sven -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (2)
-
Drew J. Como -
Uli Zug