Anyone know what the details are on the new sendmail IDENT hole? Is it yet another clobber-the-string-buffer-and-run-commands hole as we have seen in previous (buggy) versions of sendmail, or somethng more esoteric? CERT has released an advisory on this, and we're intrested. -john