[SECURITY] Fedora 19 Update: sendmail-8.14.7-2.fc19

updates at fedoraproject.org updates at fedoraproject.org
Thu Jun 19 23:00:43 UTC 2014


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-7095
2014-06-05 03:33:35
--------------------------------------------------------------------------------

Name        : sendmail
Product     : Fedora 19
Version     : 8.14.7
Release     : 2.fc19
URL         : http://www.sendmail.org/
Summary     : A widely used Mail Transport Agent (MTA)
Description :
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.

If you ever need to reconfigure Sendmail, you will also need to have
the sendmail-cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.

--------------------------------------------------------------------------------
Update Information:

This is an update that fixes bug which can lead to sendmail leaking file descriptors to processes it spawns.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun  4 2014 Jaroslav Škarvada <jskarvad at redhat.com> - 8.14.7-2
- Properly set the close-on-exec flag for file descriptors
  (by close-on-exec patch)
  Resolves: CVE-2014-3956
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1102174 - CVE-2014-3956 sendmail: Properly set the close-on-exec flag for file descriptors
        https://bugzilla.redhat.com/show_bug.cgi?id=1102174
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update sendmail' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list