From owner-cvs-src@FreeBSD.ORG  Thu Nov 29 18:00:38 2007
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@FreeBSD.org
Received: by hub.freebsd.org (Postfix, from userid 1033)
	id C6DA616A46C; Thu, 29 Nov 2007 18:00:38 +0000 (UTC)
Date: Thu, 29 Nov 2007 18:00:38 +0000
From: Alexey Dokuchaev <danfe@FreeBSD.org>
To: "Simon L. Nielsen" <simon@FreeBSD.org>
Message-ID: <20071129180038.GA598@FreeBSD.org>
References: <200711291608.lATG8s7Q067912@repoman.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <200711291608.lATG8s7Q067912@repoman.freebsd.org>
User-Agent: Mutt/1.4.2.1i
Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/contrib/tar/src misc.c src/sys/dev/random
	yarrow.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Nov 2007 18:00:38 -0000

On Thu, Nov 29, 2007 at 04:08:54PM +0000, Simon L. Nielsen wrote:
> simon       2007-11-29 16:08:54 UTC
> 
>   FreeBSD src repository
> 
>   Modified files:        (Branch: RELENG_5)
>     contrib/tar/src      misc.c 
>     sys/dev/random       yarrow.c 
>   Log:
>   Correct a random value disclosure in random(4). [07:09]
>   
>   Correct a gtar directory traversal vulnerability. [07:10]
>   
>   Security:       FreeBSD-SA-07:09.random
>   Security:       FreeBSD-SA-07:10.gtar

Is 4.x vulnerable?  Is it going to be fixed?  I can test patches.  :-)

./danfe