> I just read a CERT advisory for YASB. In the Vendor Comments, > Red Hat is working on it. When we have a fix the advisory will be posted > to ... > > The Sendmail Consortium has fixes. > > No comments from anyone else, I don't know whether they were asked.
http://people.redhat.com/laroche/ has src.rpms with appropriate patches included and you might want to change "errata" within the spec file to compile this for different Red Hat Linux releases. Official errata rpms for this are still within our QA department and should be released shortly. It is really bad for QA departments as well as for many sysadmins if such security problems show up on a sunny and nice saturday. ;-) greetings, Florian La Roche
