Ubuntu
sendmail package

Is sendmail package going to be updated to 8.14.4

Asked by Dan Sargeant

Hi,

I am trying to get a PCI (Credit Card) Compliance and the security scan failed due to the null character vulnerability in the package available from the repostitory (8.14.3). See http://www.sendmail.org/releases/8.14.4 for details on the vulnerability fix.

I tried to build and install the latest version from source but ended up in a complete mess as I could not match the configuration and build settings in the repository version.

I am wondering if there are plans to update this package to version 8.14.4 to fix this vulnerability?

Thanks

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu sendmail Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
marcobra (Marco Braida) (marcobra) said : 		#1

Please be free to fill a bug as an update request from here:

https://bugs.launchpad.net/ubuntu/+source/sendmail/+filebug

Hth

Can you help with this problem?

Provide an answer of your own, or ask Dan Sargeant for more information if necessary.

To post a message you must log in.