Regarding the latest vulnerability discivered...
The rpm that is available for download from RH site is sendmail-8.11.6-23.72.i386.rpm and it is rather small - 304K.
According to the size I assume it a 'security fix' , not the real upgrade package. (Thogh they don't state it explicitly)
The only way I can apply it is using rpm -U option.

If anyone tried to apply this patch, can you confirm the following:
1. sendmail-8.11.6-23.72.i386.rpm available at is a fix and not the full upgrade package
2. It should be used with rpm -U

Sorry for asking those questions but I'm about to apply it to production box and I couldn't find instructions on teh RH site.