Information for VU#834865

Sendmail signal I/O race condition



Vendor Statement

Sendmail Consortium

The Sendmail Consortium strongly recommends that Open Source sendmail users upgrade to 8.13.6 whenever possible. If that is not possible, source code patches are available for 8.12.11 and 8.13.5, but these are fairly extensive and may be difficult to apply cleanly. There are no patches available for 8.11, nor will there be, since 8.11 and earlier versions do not have the necessary support infrastructure.

Further information is available at

Sendmail, Inc.

Sendmail, Inc. recommends patching commercial products incorporating the sendmail MTA (including all current versions of Sendmail Switch, Sendmail Multi-Switch, Sendmail Managed MTA, and Sendmail Message Store/SAMS on all systems except Windows, as well as Sendmail Sentrion. Free patches and/or upgrades are available to all Sendmail customers, regardless of support status. Customers will be required to upgrade to the latest product version.

Further information is available at, by email at, or by telephone at 1(877)363-6245 (1-87-SENDMAIL) (press 1) or +1(510)594-5598

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.