From owner-freebsd-ports Fri Jul 7 21:53:15 2000 Delivered-To: freebsd-ports@freebsd.org Received: from racine.cybercable.fr (racine.cybercable.fr [212.198.0.201]) by hub.freebsd.org (Postfix) with SMTP id 9690037B8C5 for ; Fri, 7 Jul 2000 21:53:07 -0700 (PDT) (envelope-from root@gits.dyndns.org) Received: (qmail 7091989 invoked from network); 8 Jul 2000 04:53:05 -0000 Received: from r224m65.cybercable.tm.fr (HELO gits.dyndns.org) ([195.132.224.65]) (envelope-sender ) by racine.cybercable.fr (qmail-ldap-1.03) with SMTP for ; 8 Jul 2000 04:53:05 -0000 Received: (from root@localhost) by gits.dyndns.org (8.9.3/8.9.3) id GAA36812; Sat, 8 Jul 2000 06:53:05 +0200 (CEST) (envelope-from root) Posted-Date: Sat, 8 Jul 2000 06:53:05 +0200 (CEST) To: Cy Schubert - ITSD Open Systems Group Cc: freebsd-ports@FreeBSD.ORG Subject: Re: ports/19503: isc-dhcp3 port root exploit References: <200006261340.GAA91530@freefall.freebsd.org> Reply-To: clefevre@citeweb.net X-Face: V|+c;4!|B?E%BE^{E6);aI.[<97Zd*>^#%Y5Cxv;%Y[PT-LW3;A:fRrJ8+^k"e7@+30g0YD0*^^3jgyShN7o?a]C la*Zv'5NA,=963bM%J^o]C From: Cyrille Lefevre Date: 08 Jul 2000 06:53:03 +0200 In-Reply-To: Cy Schubert - ITSD Open Systems Group's message of "Mon, 26 Jun 2000 06:40:04 -0700 (PDT)" Message-ID: Lines: 52 X-Mailer: Gnus v5.6.45/XEmacs 21.1 - "Canyonlands" Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Cy Schubert - ITSD Open Systems Group writes: > The following reply was made to PR ports/19503; it has been noted by GNATS. > > From: Cy Schubert - ITSD Open Systems Group > To: Will Andrews > Cc: Cy.Schubert@uumail.gov.bc.ca, FreeBSD-gnats-submit@FreeBSD.ORG > Subject: Re: ports/19503: isc-dhcp3 port root exploit > Date: Mon, 26 Jun 2000 06:32:55 -0700 > > In message <20000625150950.A85886@argon.gryphonsoft.com>, Will Andrews > writes: > > On Sun, Jun 25, 2000 at 08:20:26AM -0700, Cy.Schubert@uumail.gov.bc.ca wrote: > > > >Synopsis: isc-dhcp3 root exploit > > > > isc-dhcp3 is not vulnerable, according to your quote. However, > > isc-dhcp2 IS vulnerable and needs to be updated. > > The advisory makes the statement, "this exploit is present in all > versions of the ISC DHCP client prior to 2.0pl1 and 3.0b1pl14". > Because of this statement, the version 2 port needs to be updated to > 2.0pl1 and the version 3 port needs to be updated to 3.0b1pl14. well. update your port tree. mine says : # cd /usr/ports # make search key=isc-dhcp3 Port: isc-dhcp3-3.0.b1.14 Path: /usr/ports/net/isc-dhcp3 Info: ISC Dynamic Host Configuration Protocol client and server code Maint: obrien@FreeBSD.org Index: net B-deps: bind-8.2.2.p5 R-deps: so, it was just up to date on time you send your message :) # cd /usr/ports/net/isc-dhcp3 # cvs log Makefile ... revision 1.34 date: 2000/06/25 21:08:07; author: obrien; state: Exp; lines: +7 -3 Update to 3.0b1pl14 PR: 19493, 18475 Submitted by: Cyrille Lefevre ... Cyrille. -- home:mailto:clefevre@no-spam.citeweb.net Supprimer "no-spam." pour me repondre. work:mailto:Cyrille.Lefevre@no-spam.edf.fr Remove "no-spam." to answer me back. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message