anyone know details?

[pmetzger () lehman com (Perry E. Metzger)]

Xref: lehman.com comp.mail.sendmail:11850 comp.security.unix:3365
Path: lehman.com!uupsi!psinntp!news.columbia.edu!sol.ctr.columbia.edu!howland.reston.ans.net!agate!CS.Berkeley.EDU!eric
From: eric () CS Berkeley EDU (Eric Allman)
Newsgroups: comp.mail.sendmail,comp.security.unix
Subject: sendmail 8.6.7 released
Date: 14 Mar 1994 17:52:56 GMT
Organization: UC Berkeley Mammoth Project
Lines: 11
Sender: eric () mastodon CS Berkeley EDU (Eric Allman)
Distribution: world
Message-Id: <2m289o$cre () agate berkeley edu>
Reply-To: eric () CS Berkeley EDU
NNTP-Posting-Host: mastodon.cs.berkeley.edu

I regret that someone reported a nasty security problem to me less
that 24 hours after I released sendmail 8.6.6.  This bug is present
in all sendmail version 8 versions prior to 8.6.7, as well as in
many vendor versions.  It does not exist in IDA sendmail.  I urge
you to upgrade before the cracker scripts start circulating around
the network.  Sorry for the inconvenience -- I only heard about this
an hour ago myself.

Sendmail 8.6.7 is available on FTP.CS.Berkeley.EDU in /ucb/sendmail.

eric