From owner-freebsd-hackers  Mon Oct 23 16:08:04 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id QAA04654
          for hackers-outgoing; Mon, 23 Oct 1995 16:08:04 -0700
Received: from rover.village.org (rover.village.org [198.137.146.49])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id QAA04649
          for <freebsd-hackers@FreeBSD.ORG>; Mon, 23 Oct 1995 16:08:00 -0700
Received: from localhost (localhost [127.0.0.1]) by rover.village.org (8.6.11/8.6.6) with SMTP id QAA19117; Mon, 23 Oct 1995 16:57:42 -0600
Message-Id: <199510232257.QAA19117@rover.village.org>
To: peter@haywire.dialix.com (Peter Wemm)
Subject: Re: (fwd) CERT Advisory CA-95:13 - Syslog Vulnerability (with sendmail workaround) 
Cc: freebsd-hackers@FreeBSD.ORG
In-reply-to: Your message of 24 Oct 1995 02:14:48 +0800
Date: Mon, 23 Oct 1995 16:57:41 -0600
From: Warner Losh <imp@village.org>
Sender: owner-hackers@FreeBSD.ORG
Precedence: bulk

: FreeBSD has fixed the hole, IMHO better than the others, but it used
: one of the advanced 4.4BSD stdio features to do it more securely
: (fwopen()/vfprintf() instead of umpteen strlen()/snprintf()).
: 
: They covered FreeBSD/NetBSD (not by name) by saying: there are
: different patches available for other operating systems, but these
: have not been evaluated by cert, blah, blah.  Both Free/NetBSD did it
: their own way.

Does somebody have just this patch?  I must have missed it as it went
by.  I know that it is in current, but I need to patch a 1.1.5.1R
router....

Warner