https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118527#M748043 For HP-UX 10.20:<BR /><BR />PHNE_28760 - sendmail(1m) 8.9.3 cumulative patch.<BR /><BR />FYI, there is another sendmail advisory for which a patch has yet to be issued.<BR /> Mon, 17 Nov 2003 14:27:14 GMT Tom Danzig 2003-11-17T14:27:14Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118522#M748038 Hi,<BR /><BR />HP-UX 10.20<BR />Sendmail version 8.8.6<BR />For the potential buffer overflow security vulnerability in sendmail(CERT advisory CA-2003-25 and HP reference SSRT3631) is there a patch available for HP-UX 10.20 running sendmail version 8.8.6.<BR /><BR />Thanks.<BR />Jeny Thu, 13 Nov 2003 12:14:53 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118522#M748038 Jeny Joseph 2003-11-13T12:14:53Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118523#M748039 Two problems:<BR /><BR />The sendmail patches I've seen support sendmail 8.9 and up.<BR /><BR />Of course HP-UX 10.20 is no longer supported though I thought important security patches would still happen.<BR /><BR />You might want to go to <A href="http://www.sendmail.org" target="_blank">http://www.sendmail.org</A> download and compile a new sendmail on your system. You can go 8.12 and have better security than me.!!!<BR /><BR />SEP Thu, 13 Nov 2003 12:19:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118523#M748039 Steven E. Protter 2003-11-13T12:19:45Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118524#M748040 The first problem can be solved by applying an available patch to upgrade to sendmail 8.9.3. <BR /><BR />So now I need to know if a patch is available for HP-UX 10.20 running sendmail 8.9.3. I saw documentation that a patch is available for HP-UX 11.0 and higher. No mention of 10.20. Does that mean no patch will be available for 10.20 since it is no longer supported?<BR /><BR />Thanks.<BR />Jeny<BR /> Thu, 13 Nov 2003 13:24:46 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118524#M748040 Jeny Joseph 2003-11-13T13:24:46Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118525#M748041 Jeny, open a call with the response center for this one or email me with relative information. HP's policy is that it no longer issues patches for unsupported/obsolete operating system versions.<BR /><BR />Berlene.herren@ Fri, 14 Nov 2003 05:58:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118525#M748041 Berlene Herren 2003-11-14T05:58:36Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118526#M748042 This first showed up quite a while ago.<BR /><BR />The HP Security Bulletin is HPSBUX0304-253, which is in reference to CERT Advisory CA-2003-12, CERT Vulnerability Note VU#897604.<BR /><BR />In it, patch PHNE_28760 gets you to Sendmail 8.9.3 on HP-UX 10.20, including the fix for this problem. Read the entire bulletin, since this Sendmail change could affect normal operations involving normal users traversing mail queues. Mon, 17 Nov 2003 13:08:34 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118526#M748042 Clyde Mehornay Jr 2003-11-17T13:08:34Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118527#M748043 For HP-UX 10.20:<BR /><BR />PHNE_28760 - sendmail(1m) 8.9.3 cumulative patch.<BR /><BR />FYI, there is another sendmail advisory for which a patch has yet to be issued.<BR /> Mon, 17 Nov 2003 14:27:14 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118527#M748043 Tom Danzig 2003-11-17T14:27:14Z https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118528#M748044 Thanks everybody for your responses. <BR />I will follow Berlene Herren's suggestion.<BR /><BR />Thanks again. <BR /> Tue, 25 Nov 2003 15:43:23 GMT https://community.hpe.com/t5/operating-system-hp-ux/patch-for-sendmail-for-potential-buffer-overflow/m-p/3118528#M748044 Jeny Joseph 2003-11-25T15:43:23Z