-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


We would like to make a correction in regard to a statement
made in the security advisory that was posted on February 22 for the
package "sendmail-8.11.2-5".  In the advisory, it is stated
that "A user can gain root access privileges."  This is NOT the
case.

The -bt index bug is NOT exploitable, and therefore, has no security
impact.  Special thanks to Kris Kenneway for pointing this out.  For more
information on this issue, please review the following URL:

archive.pike%3Ftid%3D138299%26threads%3D1%26end%3D2000-10-14%26list%3D1%26start%3D2000-10-08%26

The package sendmail-8.11.2-5 will remain available on our ftp site as it
does contain the fixes to prevent the -bt index bug.

Turbolinux is committed to developing quality products with a strong
emphasis on security.

Thank you.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: pgpenvelope 2.10.0 - http://pgpenvelope.sourceforge.net/

iD8DBQE6/Jmecpw52/ZatwoRAo0tAJ0UOydkssrLH6JYZheHAkkPU6B4BgCgj4i7
rREQTK23pox5zvL0jsdtygE=
=5MI2
-----END PGP SIGNATURE-----



_______________________________________________
TL-Security-Announce mailing list
TL-Security-Announce@www.turbolinux.com
http://www.turbolinux.com/mailman/listinfo/tl-security-announce