I installed a patched Sendmail package last week, correcting the recent vulnerability.

Sendmail.org provided a simple patch for all 8.12.x Sendmail sources that corrected this vulnerability. I added the patch to the FreeBSD package directory on the build system and created a new sendmail package (sendmail-sasl-8.12.6_4ecs) for installation on KE.

OpenSSH has been upgraded on all the FreeBSD servers to the latest openssh-portable package, correcting the vulnerabilities discovered last week.

FreeBSD 4.4 packages were installed on HEIWA, KE, and SHANTI. A FreeBSD 4.7 package was installed on PAX. These are all openssh-portable-3.6.1p2_3. They install into /usr/local and require the following changes to /etc/rc.conf:

sshd_program="/usr/local/sbin/sshd"

sshd_flags="-f /etc/ssh/sshd_config"

PAX is the only server that currently required these changes, as the others had previously been upgraded to OpenSSH-portable. PAX also required minor changes in the /etc/ssh/sshd_config file.