From owner-freebsd-security Sun Aug 4 3:24:20 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 3541E37B401
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 03:24:15 -0700 (PDT)
Received: from borja.sarenet.es (borja.sarenet.es [192.148.167.77])
by mx1.FreeBSD.org (Postfix) with ESMTP id 7CE1843E6A
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 03:24:13 -0700 (PDT)
(envelope-from borjamar@sarenet.es)
Received: from nenuial.arnor.es (localhost [127.0.0.1])
by borja.sarenet.es (8.12.3/8.12.3) with ESMTP id g74AOAxh009554
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 12:24:11 +0200 (CEST)
(envelope-from borjamar@sarenet.es)
Content-Type: text/plain;
charset="iso-8859-1"
From: Borja Marcos <borjamar@sarenet.es>
To: <freebsd-security@FreeBSD.ORG>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG toipsec/racoontroubles, help please ...]
Date: Sun, 4 Aug 2002 12:24:10 +0200
User-Agent: KMail/1.4.2
References: <sd4ab7c6.030@aus-gwia.aus.dcnhs.org>
In-Reply-To: <sd4ab7c6.030@aus-gwia.aus.dcnhs.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-Id: <200208041224.10309.borjamar@sarenet.es>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Friday 02 August 2002 23:47, Matthew Grooms wrote:
> Its only backwards if you are used to implimenting IPSEC communications
> in a non-giff'd confguration. As mentioned before, this is endorsed by
> many how-to's available. If you don't like this method, don't use it. I
> for one prefer the giffed alternative but will be more than happy to
> admit that the benifits appear to be mostly cosmetic.
=09I am not using gif right now, but I see two important advantages.
=09I suppose it will be possible to put firewall rules in a gif interface=
=2E=20
Imagine that you establish a tunnel with a not so trusted party, only for=
a=20
limited purpose.
=09I suppose as well that it is possible to sniff traffic in a gif interf=
ace.=20
Tools such as Argus, Ntop, can be used with encrypted tunnels. Otherwise,=
you=20
are blind.
=09Borja.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 3:55:44 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 244AD37B400
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 03:55:38 -0700 (PDT)
Received: from mail.crypton.pl (ns.crypton.pl [195.216.109.11])
by mx1.FreeBSD.org (Postfix) with SMTP id B2C2943E5E
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 03:55:36 -0700 (PDT)
(envelope-from mailman@mail.crypton.pl)
Received: (qmail 34129 invoked by uid 1002); 4 Aug 2002 10:55:35 -0000
Date: Sun, 4 Aug 2002 12:55:35 +0200
From: Nomad <mailman@crypton.pl>
To: Brad Davis <striker_d@hotmail.com>
Cc: freebsd-security@freebsd.org
Subject: Re: SSH upgrade?
Message-ID: <20020804125535.A32133@killer.crypton.pl>
References: <F266Sbh29cM3oryKFRJ0001c00b@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <F266Sbh29cM3oryKFRJ0001c00b@hotmail.com>; from striker_d@hotmail.com on Fri, Aug 02, 2002 at 06:20:36PM -0600
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hello
I upgraded only openssh to 3_4_4 version on the same 4.5-RELEASE (without upgrading to 4.6-STABLE like you) and now I get "Host key for IP address 'ip_address' not known in list of known hosts'". The problem is that the this key is already in known_hosts but onlu for DNS name for specified host. So I added copy of host key with DNS name replaced by IP adress and everything is OK: no weird messages at all.
I think that's something wrong with this version of openssh. Maybe this fenomena in connection with some entries in ssh_config results in denying connections to outside world.
On my host this connections were possible, only this strange infos appeared.
Nomad
On Fri, Aug 02, 2002 at 06:20:36PM -0600, Brad Davis wrote:
> Hello,
>
> I just upgraded a machine from 4.5-RELEASE to 4.6-STABLE and included in the
> upgrade was to OpenSSH 3.4p1. Since then I have not been able to ssh from
> this box out to the world. I get an error that Host authentication failed.
> It does work from the root account but not from my user account so I deleted
> ~/.ssh and that hasn't helped either. Any ideas?
>
>
> Thanks,
> Brad
>
>
>
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 4:11:24 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 80B9C37B400
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 04:11:13 -0700 (PDT)
Received: from mail.crypton.pl (ns.crypton.pl [195.216.109.11])
by mx1.FreeBSD.org (Postfix) with SMTP id 6EE4E43E42
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 04:11:12 -0700 (PDT)
(envelope-from mailman@mail.crypton.pl)
Received: (qmail 35073 invoked by uid 1002); 4 Aug 2002 11:11:11 -0000
Date: Sun, 4 Aug 2002 13:11:11 +0200
From: Nomad <mailman@crypton.pl>
To: Borja Marcos <borjamar@sarenet.es>
Cc: freebsd-security@freebsd.org
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG toipsec/racoontroubles, help please ...]
Message-ID: <20020804131111.B32133@killer.crypton.pl>
References: <sd4ab7c6.030@aus-gwia.aus.dcnhs.org> <200208041224.10309.borjamar@sarenet.es>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <200208041224.10309.borjamar@sarenet.es>; from borjamar@sarenet.es on Sun, Aug 04, 2002 at 12:24:10PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hello,
Hm, advantages or disadvantages... possibility of sniffing packets is disadvantage in security manner I thing...
Anyway building firewall rules to the IPSec connection configured without gif interface is also possible. I have this on my IPSEc VPN gateway.
Packets goes via ipfw 2 times: first encoded, in normal IPv4 form, second time encapsulated in EPS frames.
Of course my rules are applied on the first visit of packets in my ipfw.
I don't know if it works the same whet sysctl's fw_onepass is set to 1 (on my gateway is set to 0) but filtering packets before they passed to the IPSec tunnel is possible and it works without gif's.
I think that it will be work on workstations (in my case there are gateways).
Of course in that case sniffing is possible to:with ipfw's tee, fwd or divert rules. On gateway it's posiible to sniff on "clear" interface and compare it with ESP traffic on "encrypted" interface.
Anyway: without gif's you are not blind.
Nomad
On Sun, Aug 04, 2002 at 12:24:10PM +0200, Borja Marcos wrote:
> On Friday 02 August 2002 23:47, Matthew Grooms wrote:
> > Its only backwards if you are used to implimenting IPSEC communications
> > in a non-giff'd confguration. As mentioned before, this is endorsed by
> > many how-to's available. If you don't like this method, don't use it. I
> > for one prefer the giffed alternative but will be more than happy to
> > admit that the benifits appear to be mostly cosmetic.
>
> I am not using gif right now, but I see two important advantages.
>
> I suppose it will be possible to put firewall rules in a gif interface.
> Imagine that you establish a tunnel with a not so trusted party, only for a
> limited purpose.
>
> I suppose as well that it is possible to sniff traffic in a gif interface.
> Tools such as Argus, Ntop, can be used with encrypted tunnels. Otherwise, you
> are blind.
>
>
> Borja.
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 5:21:24 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 19C8A37B401
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 05:21:19 -0700 (PDT)
Received: from smx.pair.com (smx.pair.com [209.68.1.56])
by mx1.FreeBSD.org (Postfix) with SMTP id 9BA8143E6A
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 05:21:18 -0700 (PDT)
(envelope-from sigma@smx.pair.com)
Received: (qmail 82778 invoked by uid 1000); 4 Aug 2002 12:21:15 -0000
Message-ID: <20020804122115.82777.qmail@smx.pair.com>
From: sigma@smx.pair.com
Subject: zlib 1.1.4
To: freebsd-security@freebsd.org
Date: Sun, 4 Aug 2002 08:21:15 -0400 (EDT)
X-Mailer: ELM [version 2.4ME+ PL40 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Is there some reason zlib 1.1.3 seems to be part of 4.6-STABLE? cvsweb
shows 1.1.4 imported "on the vendor branch". There was a major security
advisory in March 2002 for 1.1.3. A diff suggests only minor changes
between the 1.1.4 source (from gzip.org) and the source used by 4.6-STABLE,
but it's still labeled 1.1.3, which is enough to raise questions.
Thanks,
Kevin
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 6:14:58 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id CE79237B400
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 06:14:55 -0700 (PDT)
Received: from ik.ku.lt (ik.ku.lt [193.219.76.193])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9BB9E43E42
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 06:14:54 -0700 (PDT)
(envelope-from garska@ik.ku.lt)
Received: from daemon (daemon.ku.lt [193.219.76.199])
by ik.ku.lt (8.11.6/8.11.6) with ESMTP id g74DIgN26924
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 15:18:42 +0200 (EET)
(envelope-from garska@ik.ku.lt)
Reply-To: <rolandas.garska@ik.ku.lt>
From: "Rolandas Garska" <garska@ik.ku.lt>
To: <freebsd-security@FreeBSD.ORG>
Subject: FW: SA-02:35
Date: Sun, 4 Aug 2002 15:14:44 +0200
Organization: Klaipeda University
Message-ID: <000401c23bb8$e9b9bbc0$c74cdbc1@daemon>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Does anyone know something about SA-02:35?
-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Oleg Derevenetz
Sent: Friday, August 02, 2002 8:16 PM
To: freebsd-security@FreeBSD.ORG
Subject: SA-02:35
Hi all,
I recently visited ftp.freebsd.org, and found directory SA-02:35 in
CERT/patches
without corresponding advisory in CERT/advisories. Does anyone know
something
about this SA ? As I understand, it belongs to ffs subsystem. Is it
recommended ?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 8: 2:59 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 23D1937B400
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 08:02:57 -0700 (PDT)
Received: from ho.com (vic-dial-196-30-233-7.mweb.co.za [196.30.233.7])
by mx1.FreeBSD.org (Postfix) with SMTP id CAEBF43E3B
for <freebsd-security@freebsd.org>; Sun, 4 Aug 2002 08:02:52 -0700 (PDT)
(envelope-from l.@ho.com)
From: "." <"l."@ho.com>
To: <freebsd-security@freebsd.org>
Subject:
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Date: Sun, 4 Aug 2002 23:02:12 +0800
X-Priority: 1 (Highest)
Content-Transfer-Encoding: 8bit
Message-Id: <20020804150252.CAEBF43E3B@mx1.FreeBSD.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 9:10:33 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id C8ECF37B400
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:10:29 -0700 (PDT)
Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143])
by mx1.FreeBSD.org (Postfix) with ESMTP id 6010F43E5E
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:10:25 -0700 (PDT)
(envelope-from smithi@nimnet.asn.au)
Received: from localhost (smithi@localhost)
by gaia.nimnet.asn.au (8.8.8/8.8.8R1.2) with SMTP id BAA09130
for <freebsd-security@FreeBSD.org>; Mon, 5 Aug 2002 01:46:18 +1000 (EST)
(envelope-from smithi@nimnet.asn.au)
Date: Mon, 5 Aug 2002 01:46:18 +1000 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: freebsd-security@FreeBSD.org
Subject: port 6112 ?
Message-ID: <Pine.BSF.3.96.1020805010404.7929A-100000@gaia.nimnet.asn.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
I'd been seeing lots of widely sourced, irregular scans over our public
subnet for TCP port 6112 ('dtspcd'?), along with some other ports that
are also being scanned semi-regularly, including 1524 (ingreslock, more
likely pcserver trojan) and TCP 17300 (?) along with bucketloads of TCP
1433 (ms-sql-s) .. as does everyone else, I guess.
I recently added ipfw rules to separate these out from the general
(denied) cruft, so as not to blow out the log limiting and thus
obscuring the more interesting stuff,
Today I notice a dialup user getting and sending UDP packets on 6112,
with various IPs; looks to be a fairly steady stream of in- and outbound
traffic at about 800cps each way over, say, half-hour sessions.
Game, trojan, or yet another messenger type thing?
I've already checked http://www.robertgraham.com/pubs/firewall-seen.html
Cheers, Ian
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 9:15:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E15BA37B400
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:15:35 -0700 (PDT)
Received: from bastet.rfc822.net (bastet.rfc822.net [64.81.113.233])
by mx1.FreeBSD.org (Postfix) with ESMTP id 8DE1043E6A
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:15:35 -0700 (PDT)
(envelope-from pde@bastet.rfc822.net)
Received: by bastet.rfc822.net (Postfix, from userid 1001)
id 984EB9ECDA; Sun, 4 Aug 2002 11:16:18 -0500 (CDT)
Date: Sun, 4 Aug 2002 11:16:18 -0500
From: Pete Ehlke <pde@rfc822.net>
To: Ian Smith <smithi@nimnet.asn.au>
Cc: freebsd-security@FreeBSD.org
Subject: Re: port 6112 ?
Message-ID: <20020804161618.GA40069@rfc822.net>
References: <Pine.BSF.3.96.1020805010404.7929A-100000@gaia.nimnet.asn.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.BSF.3.96.1020805010404.7929A-100000@gaia.nimnet.asn.au>
User-Agent: Mutt/1.3.27i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Mon, Aug 05, 2002 at 01:46:18AM +1000, Ian Smith wrote:
>
> Today I notice a dialup user getting and sending UDP packets on 6112,
> with various IPs; looks to be a fairly steady stream of in- and outbound
> traffic at about 800cps each way over, say, half-hour sessions.
>
> Game, trojan, or yet another messenger type thing?
>
Gamer. Probably starcraft or one of its cousins.
-P.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 9:21:25 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 5551C37B400
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:21:22 -0700 (PDT)
Received: from patrocles.silby.com (d118.as6.nwbl0.wi.voyager.net [169.207.128.118])
by mx1.FreeBSD.org (Postfix) with ESMTP id E4FD743E4A
for <freebsd-security@FreeBSD.org>; Sun, 4 Aug 2002 09:21:20 -0700 (PDT)
(envelope-from silby@silby.com)
Received: from patrocles.silby.com (localhost [127.0.0.1])
by patrocles.silby.com (8.12.5/8.12.5) with ESMTP id g74GOIB1031437;
Sun, 4 Aug 2002 11:24:18 -0500 (CDT)
(envelope-from silby@silby.com)
Received: from localhost (silby@localhost)
by patrocles.silby.com (8.12.5/8.12.5/Submit) with ESMTP id g74GOD3p031434;
Sun, 4 Aug 2002 11:24:16 -0500 (CDT)
X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs
Date: Sun, 4 Aug 2002 11:24:13 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Ian Smith <smithi@nimnet.asn.au>
Cc: freebsd-security@FreeBSD.org
Subject: Re: port 6112 ?
In-Reply-To: <Pine.BSF.3.96.1020805010404.7929A-100000@gaia.nimnet.asn.au>
Message-ID: <20020804112115.M31370-100000@patrocles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Mon, 5 Aug 2002, Ian Smith wrote:
> Today I notice a dialup user getting and sending UDP packets on 6112,
> with various IPs; looks to be a fairly steady stream of in- and outbound
> traffic at about 800cps each way over, say, half-hour sessions.
>
> Game, trojan, or yet another messenger type thing?
>
> I've already checked http://www.robertgraham.com/pubs/firewall-seen.html
>
> Cheers, Ian
6112 is Starcraft, Warcraft 3, and probably Diablo as well. No need to be
concerned.
Mike "Silby" Silbersack
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 10:20:21 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 0578137B401
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 10:20:13 -0700 (PDT)
Received: from gaia.nimnet.asn.au (nimbin.lnk.telstra.net [139.130.45.143])
by mx1.FreeBSD.org (Postfix) with ESMTP id 346AA43E65
for <freebsd-security@FreeBSD.ORG>; Sun, 4 Aug 2002 10:20:11 -0700 (PDT)
(envelope-from smithi@nimnet.asn.au)
Received: from localhost (smithi@localhost)
by gaia.nimnet.asn.au (8.8.8/8.8.8R1.2) with SMTP id DAA11166;
Mon, 5 Aug 2002 03:19:46 +1000 (EST)
(envelope-from smithi@nimnet.asn.au)
Date: Mon, 5 Aug 2002 03:19:46 +1000 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: Mike Silbersack <silby@silby.com>
Cc: Putinas Piliponis <putinas.piliponis@icnspot.net>,
Pete Ehlke <pde@rfc822.net>, freebsd-security@FreeBSD.ORG
Subject: Re: port 6112 ?
In-Reply-To: <20020804112115.M31370-100000@patrocles.silby.com>
Message-ID: <Pine.BSF.3.96.1020805031403.9430A-100000@gaia.nimnet.asn.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Sun, 4 Aug 2002, Mike Silbersack wrote:
> 6112 is Starcraft, Warcraft 3, and probably Diablo as well. No need to be
> concerned.
Thanks Mike, Putinas, Pete.
I've seen what some games can do to our V.90 net connection, but this
one looks relatively tame. Will look it up, and quietly let it pass.
Cheers, Ian
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sun Aug 4 14: 8:56 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 55FEC37B400
for <security@freebsd.org>; Sun, 4 Aug 2002 14:08:54 -0700 (PDT)
Received: from spiral.inspiral.net (spiral.inspiral.net [194.204.49.249])
by mx1.FreeBSD.org (Postfix) with ESMTP id 4F2B543E5E
for <security@freebsd.org>; Sun, 4 Aug 2002 14:08:53 -0700 (PDT)
(envelope-from mauri@spiral.inspiral.net)
Received: (from root@localhost)
by spiral.inspiral.net (8.12.2/8.12.2) id g74L8p5K075271
for security@freebsd.org; Mon, 5 Aug 2002 00:08:51 +0300 (EEST)
(envelope-from mauri@spiral.inspiral.net)
Received: from spiral.inspiral.net (localhost [127.0.0.1])
by spiral.inspiral.net (8.12.2/8.12.2av) with ESMTP id g74L8llU075263
for <security@freebsd.org>; Mon, 5 Aug 2002 00:08:47 +0300 (EEST)
(envelope-from mauri@spiral.inspiral.net)
Received: from localhost (mauri@localhost)
by spiral.inspiral.net (8.12.2/8.12.2/Submit) with ESMTP id g74L8kWG075260
for <security@freebsd.org>; Mon, 5 Aug 2002 00:08:47 +0300 (EEST)
Date: Mon, 5 Aug 2002 00:08:46 +0300 (EEST)
From: Lauri Laupmaa <mauri@spiral.inspiral.net>
To: security@freebsd.org
Subject: resolv bug & compat3x
Message-ID: <20020805000550.B75251-100000@spiral.inspiral.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by AMaViS perl-11
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hi
As I understand from SA-02:28, older libraries are also vulnerable to
buffer overflow. But if I take a look @ /usr/src/lib/compat/compat3x.i386/
then all files are from Feb 10 2001.
Is there some probability those will be updated sometime soon?
TIA
L.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 1:17:28 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 5687F37B400
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 01:17:27 -0700 (PDT)
Received: from m-net.arbornet.org (m-net.arbornet.org [209.142.209.161])
by mx1.FreeBSD.org (Postfix) with ESMTP id BCFB943E7B
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 01:17:26 -0700 (PDT)
(envelope-from polytarp@m-net.arbornet.org)
Received: from m-net.arbornet.org (localhost [127.0.0.1])
by m-net.arbornet.org (8.12.3/8.11.2) with ESMTP id g758JlcD007927;
Mon, 5 Aug 2002 04:19:47 -0400 (EDT)
(envelope-from polytarp@m-net.arbornet.org)
Received: from localhost (polytarp@localhost)
by m-net.arbornet.org (8.12.3/8.12.3/Submit) with ESMTP id g758JlTx007924;
Mon, 5 Aug 2002 04:19:47 -0400 (EDT)
Date: Mon, 5 Aug 2002 04:19:46 -0400 (EDT)
From: pgreen <polytarp@m-net.arbornet.org>
To: sonam singh <sonamsinghl@yahoo.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: testing please donot reply
In-Reply-To: <20020801100253.49251.qmail@web14407.mail.yahoo.com>
Message-ID: <20020805041938.O7894-100000@m-net.arbornet.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Okay.
On Thu, 1 Aug 2002, sonam singh wrote:
> testing please donot reply
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Health - Feel better, live better
> http://health.yahoo.com
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 5:13:53 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id AD9B437B401
for <freebsd-security@freebsd.org>; Mon, 5 Aug 2002 05:13:45 -0700 (PDT)
Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104])
by mx1.FreeBSD.org (Postfix) with ESMTP id 3C6B343E3B
for <freebsd-security@freebsd.org>; Mon, 5 Aug 2002 05:13:45 -0700 (PDT)
(envelope-from hawkeyd@visi.com)
Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193])
by bodb.mc.mpls.visi.com (Postfix) with ESMTP
id 362005A72; Mon, 5 Aug 2002 07:13:42 -0500 (CDT)
Received: (from hawkeyd@localhost)
by sheol.localdomain (8.11.6/8.11.6) id g75CDfn31929;
Mon, 5 Aug 2002 07:13:41 -0500 (CDT)
(envelope-from hawkeyd)
Date: Mon, 5 Aug 2002 07:13:41 -0500 (CDT)
Message-Id: <200208051213.g75CDfn31929@sheol.localdomain>
Mime-Version: 1.0
X-Newsreader: knews 1.0b.1
Reply-To: hawkeyd@visi.com
Organization: if (!FIFO) if (!LIFO) break;
References: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net>
In-Reply-To: <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net>
From: hawkeyd@visi.com (D J Hawkey Jr)
Subject: Re: FW: SA-02:35
X-Original-Newsgroups: sol.lists.freebsd.security
To: garska@ik.ku.lt, freebsd-security@freebsd.org
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
In article <000401c23bb8$e9b9bbc0$c74cdbc1_daemon@ns.sol.net>,
garska@ik.ku.lt writes:
> Does anyone know something about SA-02:35?
---8<--- ftp://ftp.FreeBSD.org:21/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch
RCS file: /home/ncvs/src/sys/ufs/ffs/ffs_vfsops.c,v
retrieving revision 1.117.2.9
retrieving revision 1.117.2.10
diff -u -p -r1.117.2.9 -r1.117.2.10
--- sys/ufs/ffs/ffs_vfsops.c 2002/04/08 09:39:30 1.117.2.9
+++ sys/ufs/ffs/ffs_vfsops.c 2002/06/23 22:34:52 1.117.2.10
@@ -758,6 +758,9 @@ ffs_mountfs(devvp, mp, p, malloctype)
ump->um_savedmaxfilesize = fs->fs_maxfilesize; /* XXX */
maxfilesize = (u_int64_t)0x40000000 * fs->fs_bsize - 1; /* XXX */
+ /* Enforce limit caused by vm object backing (32 bits vm_pindex_t). */
+ if (maxfilesize > (u_int64_t)0x80000000u * PAGE_SIZE - 1)
+ maxfilesize = (u_int64_t)0x80000000u * PAGE_SIZE - 1;
if (fs->fs_maxfilesize > maxfilesize) /* XXX */
fs->fs_maxfilesize = maxfilesize; /* XXX */
if (ronly == 0) {
--->8---
---8<--- /var/tmp/cvsup.out
Script started on Wed Jul 31 15:45:59 2002
Parsing supfile "/usr/sup/standard-supfile"
....
Edit src/sys/ufs/ffs/ffs_vfsops.c
Add delta 1.117.2.7.2.1 2002.07.31.17.55.12 jedgar
....
--->8---
---8<--- /usr/src/UPDATING
....
20020731: p14
A bounds checking error in FFS filesize limits was corrected.
....
--->8---
Whatever it does exactly, it made it into the RELENG_4_5 CVS tree.
My guess is that someone didn't get it into the advisories.
Dave
--
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
> -----Original Message-----
> From: owner-freebsd-security@FreeBSD.ORG
> [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Oleg Derevenetz
> Sent: Friday, August 02, 2002 8:16 PM
> To: freebsd-security@FreeBSD.ORG
> Subject: SA-02:35
>
> Hi all,
>
> I recently visited ftp.freebsd.org, and found directory SA-02:35 in
> CERT/patches
> without corresponding advisory in CERT/advisories. Does anyone know
> something
> about this SA ? As I understand, it belongs to ffs subsystem. Is it
> recommended ?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 7:10:23 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id CEEBF37B400
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 07:10:20 -0700 (PDT)
Received: from musique.teaser.net (musique.teaser.net [213.91.2.11])
by mx1.FreeBSD.org (Postfix) with ESMTP id D3D6F43E4A
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 07:10:19 -0700 (PDT)
(envelope-from e-masson@kisoft-services.com)
Received: from notbsdems.nantes.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243])
by musique.teaser.net (Postfix) with ESMTP
id 71D817252A; Mon, 5 Aug 2002 16:10:12 +0200 (CEST)
Received: by notbsdems.nantes.kisoft-services.com (Postfix, from userid 1001)
id EA2DB5AAE8; Mon, 5 Aug 2002 16:09:52 +0200 (CEST)
To: cjclark@alum.mit.edu
Cc: Matthew Grooms <mgrooms@seton.org>, dlavigne6@cogeco.ca,
Mailing List FreeBSD Security <freebsd-security@FreeBSD.ORG>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon
troubles, help please ...]
References: <sd455602.090@aus-gwia.aus.dcnhs.org>
<20020730074813.GF89241@blossom.cjclark.org>
<86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com>
<86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com>
<20020802172729.GA6880@blossom.cjclark.org>
From: Eric Masson <e-masson@kisoft-services.com>
In-Reply-To: <20020802172729.GA6880@blossom.cjclark.org> ("Crist J. Clark"'s
message of "Fri, 2 Aug 2002 10:27:29 -0700")
X-Operating-System: FreeBSD 4.6-STABLE i386
Date: Mon, 05 Aug 2002 16:09:51 +0200
Message-ID: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
Lines: 26
User-Agent: Gnus/5.090007 (Oort Gnus v0.07) XEmacs/21.4 (Common Lisp,
i386--freebsd)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
>>>>> "Crist" == Crist J Clark <crist.clark@attbi.com> writes:
Crist> It's pretty much automagically done by way of the SPD entry. Any
Crist> packet that matches the source and destination in the SPD gets
Crist> put through the appropriate tunnel with the specified end
Crist> points.
Ok, I do understand now.
Crist> It's not the same as the regular routing table and will not show
Crist> up in 'netstat -rn.'
It would be nice to have netstat -r show these routes with a new flag
(like T for example), tunnelled end address as destination, tunneled
origin address as gateway, and interface bound to tunnel origin address
as netif.
Does this look interesting or is this plain dumb ?
Eric Masson
--
> dvips -o $@ $<
Faut faire gffe de pas te couper avec ton truc, t'as mis des ciseaux ($<)
partout :))
-+- Dom in Guide du linuxien pervers - "J'aime pas les Makefile !" -+-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 7:23:48 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 3DC9437B405
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 07:23:44 -0700 (PDT)
Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1])
by mx1.FreeBSD.org (Postfix) with ESMTP id 5925543E6A
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 07:23:43 -0700 (PDT)
(envelope-from mike@sentex.net)
Received: from house.sentex.net (fcage [192.168.0.2])
by cage.simianscience.com (8.12.5/8.12.5) with ESMTP id g75ENg6A005952;
Mon, 5 Aug 2002 10:23:42 -0400 (EDT)
(envelope-from mike@sentex.net)
Message-Id: <5.1.0.14.0.20020805102513.07c350b8@192.168.0.12>
X-Sender: mdtancsa@192.168.0.12
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Mon, 05 Aug 2002 10:26:07 -0400
To: Eric Masson <e-masson@kisoft-services.com>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to
ipsec/racoon troubles, help please ...]
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
References: <20020802172729.GA6880@blossom.cjclark.org>
<sd455602.090@aus-gwia.aus.dcnhs.org>
<20020730074813.GF89241@blossom.cjclark.org>
<86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com>
<86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com>
<20020802172729.GA6880@blossom.cjclark.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: amavis-20020220
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
At 04:09 PM 8/5/2002 +0200, Eric Masson wrote:
> Crist> It's not the same as the regular routing table and will not show
> Crist> up in 'netstat -rn.'
>
>It would be nice to have netstat -r show these routes with a new flag
>(like T for example), tunnelled end address as destination, tunneled
>origin address as gateway, and interface bound to tunnel origin address
>as netif.
>
>Does this look interesting or is this plain dumb ?
Something like this would make things much more clear IMHO.
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike@sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 10:42:11 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 6A7FB37B400
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 10:42:08 -0700 (PDT)
Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61])
by mx1.FreeBSD.org (Postfix) with ESMTP id 72A1F43E4A
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 10:42:07 -0700 (PDT)
(envelope-from crist.clark@attbi.com)
Received: from blossom.cjclark.org ([12.234.91.48]) by sccrmhc01.attbi.com
(InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
id <20020805174206.PLTJ23732.sccrmhc01.attbi.com@blossom.cjclark.org>;
Mon, 5 Aug 2002 17:42:06 +0000
Received: from blossom.cjclark.org (localhost. [127.0.0.1])
by blossom.cjclark.org (8.12.3/8.12.3) with ESMTP id g75Hg5JK063133;
Mon, 5 Aug 2002 10:42:05 -0700 (PDT)
(envelope-from crist.clark@attbi.com)
Received: (from cjc@localhost)
by blossom.cjclark.org (8.12.3/8.12.3/Submit) id g75HfuNC063132;
Mon, 5 Aug 2002 10:41:56 -0700 (PDT)
X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f
Date: Mon, 5 Aug 2002 10:41:56 -0700
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Eric Masson <e-masson@kisoft-services.com>
Cc: Matthew Grooms <mgrooms@seton.org>, dlavigne6@cogeco.ca,
Mailing List FreeBSD Security <freebsd-security@FreeBSD.ORG>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon troubles, help please ...]
Message-ID: <20020805174156.GA62935@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <sd455602.090@aus-gwia.aus.dcnhs.org> <20020730074813.GF89241@blossom.cjclark.org> <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com> <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com> <20020802172729.GA6880@blossom.cjclark.org> <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
User-Agent: Mutt/1.4i
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Mon, Aug 05, 2002 at 04:09:51PM +0200, Eric Masson wrote:
> >>>>> "Crist" == Crist J Clark <crist.clark@attbi.com> writes:
>
> Crist> It's pretty much automagically done by way of the SPD entry. Any
> Crist> packet that matches the source and destination in the SPD gets
> Crist> put through the appropriate tunnel with the specified end
> Crist> points.
>
> Ok, I do understand now.
>
> Crist> It's not the same as the regular routing table and will not show
> Crist> up in 'netstat -rn.'
>
> It would be nice to have netstat -r show these routes with a new flag
> (like T for example), tunnelled end address as destination, tunneled
> origin address as gateway, and interface bound to tunnel origin address
> as netif.
>
> Does this look interesting or is this plain dumb ?
Tunnelling is not the same as routing. The tunnelling actually has no
effect on routing. A packet going through the tunnel is encapsulated
and sent to a different destination. This is not like routing where we
don't touch the source or destination addresses and merely manipulate
where the packet is directed on the next hop. Once encapsulation is
done, routing is done normally.
Another place for confusion, what do you display for,
spdadd 10.10.10.0/24[any] 10.99.99.0/24[25] tcp
-P out ipsec esp/tunnel/10.10.11.1-10.99.98.1/require
Where not all traffic, but only some, goes through the tunnel. (Yes,
an odd use of tunnelling, but perfectly valid.)
I think trying to add IPsec tunnels to 'netstat -r' is not a good
idea. 'netstat -r' should show the routing table and nothing more.
I think a command that displays the SPD and live SAD entries in more
intuitive ways, possibly in a 'netstat -r'-like fashion would be very
useful, but it shouldn't actually be in 'netstat -r.'
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 11: 3: 3 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id D16EF37B400
for <security@freebsd.org>; Mon, 5 Aug 2002 11:03:01 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id 7BFE743E77
for <security@freebsd.org>; Mon, 5 Aug 2002 11:03:01 -0700 (PDT)
(envelope-from owner-bugmaster@freebsd.org)
Received: from freefall.freebsd.org (peter@localhost [127.0.0.1])
by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75I31JU035907
for <security@freebsd.org>; Mon, 5 Aug 2002 11:03:01 -0700 (PDT)
(envelope-from owner-bugmaster@freebsd.org)
Received: (from peter@localhost)
by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75I30rk035904
for security@freebsd.org; Mon, 5 Aug 2002 11:03:00 -0700 (PDT)
Date: Mon, 5 Aug 2002 11:03:00 -0700 (PDT)
Message-Id: <200208051803.g75I30rk035904@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f
From: FreeBSD bugmaster <bugmaster@freebsd.org>
To: security@FreeBSD.org
Subject: Current problem reports assigned to you
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Current FreeBSD problem reports
No matches to your query
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 11:50:53 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id D74DD37B400
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 11:50:49 -0700 (PDT)
Received: from femme.sapphite.org (pcp02268182pcs.longhl01.md.comcast.net [68.50.99.190])
by mx1.FreeBSD.org (Postfix) with ESMTP id DAFDF43E3B
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 11:50:43 -0700 (PDT)
(envelope-from trish@bsdunix.net)
Received: from localhost (trish@localhost [127.0.0.1])
by femme.sapphite.org (8.12.5/8.12.5) with ESMTP id g75Ipg6h004720;
Mon, 5 Aug 2002 14:51:43 -0400 (EDT)
(envelope-from trish@bsdunix.net)
Date: Mon, 5 Aug 2002 14:51:42 -0400 (EDT)
From: Trish Lynch <trish@bsdunix.net>
X-X-Sender: <trish@femme.sapphite.org>
To: =?iso-8859-2?Q?Maciej_Wi=B6niewski?= <mailman@crypton.pl>
Cc: <freebsd-security@FreeBSD.ORG>
Subject: Re: [Q] FreeBSD IPSec Discussion.
In-Reply-To: <20020803072211.A13088@killer.crypton.pl>
Message-ID: <20020805144624.E482-100000@femme.sapphite.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: QUOTED-PRINTABLE
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Sat, 3 Aug 2002, [iso-8859-2] Maciej Wi=B6niewski wrote:
> Hello
>
> I have one question: why you use gif interface while esp doing all job fo=
r you without any additional gif interfaces ???
the short answer is "because it works"
the longer answer is that the person who set up prior tunnels on here did
it via gif interfaces, I find that its nice to be able to physically see
where my tunnels are between in the output of "ifconfig" as well.
It also helped a lot when troubleshooting and visualizing the output of
setkey -DP and the logs from racoon.
> I have some network of gateways tunneling IP packets via IPSec and it's p=
retty stable to. And I don't use any gifs or other extra toys: just clean I=
PSec configuration.
> Maybe it's something about which I should know ?
>
> Regards
> Nomad
>
like I said, whatever works, between the ravlin, the esp is on the public
and then the private net addresses are "in the clear" within the
encapsulation. I know what interfaces are working, and can see the routes
through 'netstat -rn' , the use of the gif interfaces enables me to
separate things a bit for my own visualization and troubleshooting
purposes.
Considering theres very little information on how to set these things up,
most people fiure them out by trial and error.
I'm sorry I haven't gotten around to documenting, but I went on a trip to
WV this weekend for some relaxation :)
-Trish
--
Trish Lynch=09=09=09=09=09trish@bsdunix.net
FreeBSD=09=09=09=09=09=09The Power to Serve
Ecartis Core Team=09=09=09=09trish@listmistress.org
http://www.freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 12: 2:21 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id CB01A37B400
for <security@FreeBSD.ORG>; Mon, 5 Aug 2002 12:02:18 -0700 (PDT)
Received: from boleskine.patpro.net (boleskine.patpro.net [62.4.20.155])
by mx1.FreeBSD.org (Postfix) with ESMTP id 755EC43E4A
for <security@FreeBSD.ORG>; Mon, 5 Aug 2002 12:02:17 -0700 (PDT)
(envelope-from patpro@patpro.net)
Received: from localhost (cassandre [192.168.0.1])
by boleskine.patpro.net (8.11.3/8.11.3) with ESMTP id g75J2Hu30997
for <security@FreeBSD.ORG>; Mon, 5 Aug 2002 21:02:18 +0200 (CEST)
(envelope-from patpro@patpro.net)
Date: Mon, 5 Aug 2002 21:02:15 +0200
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:33.openssl [REVISED]
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
From: patpro <patpro@patpro.net>
To: security@FreeBSD.ORG
Content-Transfer-Encoding: quoted-printable
In-Reply-To: <200208051645.g75GjdZ6021996@freefall.freebsd.org>
Message-Id: <DB001F6A-A8A5-11D6-AF4C-0030654D97EC@patpro.net>
X-Mailer: Apple Mail (2.482)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On lundi, ao=FBt 5, 2002, at 06:45 , FreeBSD Security Advisories wrote:
> Topic: openssl contains multiple vulnerabilities
[cut]
> The original correction for this problem (corresponding to the first
> revision of this advisory) contained a typo and introduced another
> bug.
any details available ?
does the typo introduced the new bug or are these 2 problemes unrelated =
?
is the new bug a vulnerability or not ?
patpro
--
even god made buildworld only once in a week...
why should I have to make it twice ?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 16:19:27 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 39A4737B400
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 16:19:26 -0700 (PDT)
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
by mx1.FreeBSD.org (Postfix) with ESMTP id C1D4C43E5E
for <freebsd-security@FreeBSD.ORG>; Mon, 5 Aug 2002 16:19:25 -0700 (PDT)
(envelope-from des@ofug.org)
Received: by flood.ping.uio.no (Postfix, from userid 2602)
id A7B72535D; Tue, 6 Aug 2002 01:19:23 +0200 (CEST)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
coincide with those of any organisation or company with
which I am or have been affiliated.
To: Oleg Derevenetz <oleg@vsi.ru>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: SA-02:35
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 06 Aug 2002 01:19:22 +0200
In-Reply-To: <1028312148.3d4acc54c5eef@webmail.vsi.ru>
Message-ID: <xzpado0hp1h.fsf@flood.ping.uio.no>
Lines: 11
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Oleg Derevenetz <oleg@vsi.ru> writes:
> I recently visited ftp.freebsd.org, and found directory SA-02:35 in
> CERT/patches without corresponding advisory in CERT/advisories.
SA-02:35 is due out today. We release patches early to make sure
they've propagated to all the mirrors by the time we release the
advisory.
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 16:49:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id D4E7737B405; Mon, 5 Aug 2002 16:49:09 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
by mx1.FreeBSD.org (Postfix) with ESMTP
id A018A43E6A; Mon, 5 Aug 2002 16:48:47 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1])
by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75NmbJU097285;
Mon, 5 Aug 2002 16:48:37 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: (from nectar@localhost)
by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Nmbg2097283;
Mon, 5 Aug 2002 16:48:37 -0700 (PDT)
Date: Mon, 5 Aug 2002 16:48:37 -0700 (PDT)
Message-Id: <200208052348.g75Nmbg2097283@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f
From: FreeBSD Security Advisories <security-advisories@freebsd.org>
To: FreeBSD Security Advisories <security-advisories@freebsd.org>
Subject: FreeBSD Security Advisory FreeBSD-SA-02:35.ffs
Reply-To: security-advisories@freebsd.org
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SA-02:35.ffs Security Advisory
The FreeBSD Project
Topic: local users may read and write arbitrary blocks on
an FFS filesystem
Category: core
Module: kernel
Announced: 2002-08-05
Credits: Matt Dillon <dillon@FreeBSD.org>,
Ian Dowse <iedowse@FreeBSD.org>,
Tor Egge <tegge@FreeBSD.org>
Affects: All releases of FreeBSD up to and including 4.6.1-RELEASE-p4
4.6-STABLE prior to the correction date
Corrected: 2002-06-23 22:34:52 UTC (RELENG_4)
2002-07-31 17:55:22 UTC (RELENG_4_6)
2002-07-31 17:55:11 UTC (RELENG_4_5)
2002-07-31 17:54:57 UTC (RELENG_4_4)
FreeBSD only: YES
I. Background
The Berkeley Fast File System (FFS) is the default filesystem used by
FreeBSD.
II. Problem Description
A bug in the calculation of the maximum permitted FFS file size
allows users to create files that are larger than FreeBSD's virtual
memory system can handle. The integer overflows that result when such
files are accessed may map filesystem metadata into the user file,
permitting access to arbitrary filesystem blocks.
The bug is encountered only on FFS filesystems with a block size of
16k or greater on the i386 architecture, or 32k or greater on the
alpha architecture. Also, the filesystem must have at least 6 blocks
of free space, and the user must have write access to at least one
file in the filesystem.
The default FreeBSD FFS filesystem block size was changed from 8k to
16k on all architectures just before 4.5-RELEASE.
III. Impact
Local attackers may cause a denial of service by simply corrupting the
filesystem. A local attacker may also be able to read and write
arbitrary files on local filesystems, allowing them to gain superuser
privileges.
FFS filesystems with a block size less than 16k (on the i386
architecture) or 32k (on the alpha architecture), such as those
created using the default FFS filesystem block size prior to
4.5-RELEASE, are not vulnerable.
The following command can be used to determine the block size
used on a given filesystem:
# dumpfs /some/filesystem | grep '^bsize'
IV. Workaround
On filesystems with 16k blocks, the bug cannot be exploited when a
process has a file size resource limit (RLIMIT_FSIZE) of 63 MB or
less. This can be most easily accomplished by modifying
/etc/login.conf so that the appropriate login classes (typically
`default') contain a field entry such as the following:
:filesize=63m:\
After editing /etc/login.conf, the corresponding capability database
must be rebuilt with the following command:
# cap_mkdb /etc/login.conf
Please see login.conf(5) for details. Note that this will not affect
currently running processes, nor new processes started by users who
are already logged in.
The corresponding limit appropriate for filesystems with 32k or larger
blocks is not known at this time, and might be smaller or larger than
63 MB.
It is the responsibility of applications such as `login' and `sshd' to
read and honor login.conf. Be aware that 3rd party applications that
provide login functionality may or may not honor login.conf.
V. Solution
1) Upgrade your vulnerable system to 4.6-STABLE; or to any of the
RELENG_4_6 (4.6.1-RELEASE-p5), RELENG_4_5 (4.5-RELEASE-p14), or
RELENG_4_4 (4.4-RELEASE-p21) security branches dated after the
respective correction dates.
2) To patch your present system:
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility. The following patch
has been tested to apply to all FreeBSD 4.x releases.
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:35/ffs.patch.asc
b) Recompile your kernel as described in
http://www.freebsd.org/handbook/kernelconfig.html and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Path Revision
Branch
- -------------------------------------------------------------------------
sys/ufs/ffs/ffs_vfsops.c
RELENG_4 1.117.2.10
RELENG_4_6 1.117.2.9.2.1
RELENG_4_5 1.117.2.7.2.1
RELENG_4_4 1.117.2.3.2.1
sys/conf/newvers.sh
RELENG_4_6 1.44.2.23.2.10
RELENG_4_5 1.44.2.20.2.15
RELENG_4_4 1.44.2.17.2.20
- -------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iQCVAwUBPU8ML1UuHi5z0oilAQGkWQP/fJvzkrl2ptG87Qn2pIa24kLyax5WCnca
uPhq9JxIhXIxAqdIZcrEbbTyeRo/ygtsLzxDKOP0G+A2VxilVL9Ld3a32OSM+nzM
uiSnVHTIxPtmkyZnwdmyTcrBki290p/W3LnZhxzfAt1vdIRD+ibOkBXNAaXFxDRz
T1UzIarVqgM=
=wq5s
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 16:52:49 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id EE33137B401; Mon, 5 Aug 2002 16:52:29 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
by mx1.FreeBSD.org (Postfix) with ESMTP
id 7598C43E6A; Mon, 5 Aug 2002 16:51:13 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1])
by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75Np6JU097812;
Mon, 5 Aug 2002 16:51:06 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: (from nectar@localhost)
by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Np6Jt097810;
Mon, 5 Aug 2002 16:51:06 -0700 (PDT)
Date: Mon, 5 Aug 2002 16:51:06 -0700 (PDT)
Message-Id: <200208052351.g75Np6Jt097810@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f
From: FreeBSD Security Advisories <security-advisories@freebsd.org>
To: FreeBSD Security Advisories <security-advisories@freebsd.org>
Subject: FreeBSD Security Advisory FreeBSD-SA-02:36.nfs
Reply-To: security-advisories@freebsd.org
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SA-02:36.nfs Security Advisory
The FreeBSD Project
Topic: Bug in NFS server code allows remote denial of service
Category: core
Module: nfs
Announced: 2002-08-05
Credits: Mike Junk <junk@isilon.com>
Affects: All releases prior to 4.6.1-RELEASE-p7
4.6-STABLE prior to the correction date
Corrected: 2002-07-19 17:19:53 UTC (RELENG_4)
2002-08-01 19:31:55 UTC (RELENG_4_6)
2002-08-01 19:31:54 UTC (RELENG_4_5)
2002-08-01 19:31:54 UTC (RELENG_4_4)
FreeBSD only: NO
I. Background
The Network File System (NFS) allows a host to export some or all of
its filesystems, or parts of them, so that other hosts can access them
over the network and mount them as if they were on local disks. NFS is
built on top of the Sun Remote Procedure Call (RPC) framework.
II. Problem Description
A part of the NFS server code charged with handling incoming RPC
messages had an error which, when the server received a message with a
zero-length payload, would cause it to reference the payload from the
previous message, creating a loop in the message chain. This would
later cause an infinite loop in a different part of the NFS server
code which tried to traverse the chain.
III. Impact
Certain Linux implementations of NFS produce zero-length RPC messages
in some cases. A FreeBSD system running an NFS server may lock up
when such clients connect.
An attacker in a position to send RPC messages to an affected FreeBSD
system can construct a sequence of malicious RPC messages that cause
the target system to lock up.
IV. Workaround
1) Disable the NFS server: set the nfs_server_enable variable to "NO"
in /etc/rc.conf, and reboot.
Alternatively, if there are no active NFS clients (as listed by the
showmount(8) utility), just killing the mountd and nfsd processes
should suffice.
2) Add firewall rules to block RPC traffic to the NFS server from
untrusted hosts.
V. Solution
The following patch has been verified to apply to FreeBSD 4.4, 4.5, and
4.6 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:36/nfs.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:36/nfs.patch.asc
b) Apply the patch.
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel and modules as described in
<URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Path Revision
Branch
- -------------------------------------------------------------------------
src/sys/nfs/nfs_socket.c
RELENG_4 1.60.2.5
RELENG_4_6 1.60.2.3.2.1
RELENG_4_5 1.60.2.1.6.1
RELENG_4_4 1.60.2.3.4.1
- -------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iQCVAwUBPU8NTVUuHi5z0oilAQHMZAP+L80QudeELKHfZYxG5PPf6cuWkreACavl
LP1oJDHLWuw32K4tM0Y+v505t+U2/wGnl2dSqwkfemzxlhzfsmrbubQx8EFgO6sb
nhEEtSfu4t81ylHTY+qEWFtRweB5A1tGJaYV67wybWZxulkYJ9qnRLKF4PToc0E3
T1Y/CN0DNYA=
=2YSa
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Mon Aug 5 16:53:13 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id B64EC37B407; Mon, 5 Aug 2002 16:52:39 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
by mx1.FreeBSD.org (Postfix) with ESMTP
id 75D6943EE1; Mon, 5 Aug 2002 16:52:13 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1])
by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g75Nq3JU097928;
Mon, 5 Aug 2002 16:52:03 -0700 (PDT)
(envelope-from security-advisories@freebsd.org)
Received: (from nectar@localhost)
by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g75Nq3Is097926;
Mon, 5 Aug 2002 16:52:03 -0700 (PDT)
Date: Mon, 5 Aug 2002 16:52:03 -0700 (PDT)
Message-Id: <200208052352.g75Nq3Is097926@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f
From: FreeBSD Security Advisories <security-advisories@freebsd.org>
To: FreeBSD Security Advisories <security-advisories@freebsd.org>
Subject: FreeBSD Security Advisory FreeBSD-SA-02:37.kqueue
Reply-To: security-advisories@freebsd.org
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SA-02:37.kqueue Security Advisory
The FreeBSD Project
Topic: local users can panic the system using the kqueue mechanism
Category: core
Module: kqueue
Announced: 2002-08-05
Credits: Mark Delany <markd@bushwire.net>
Affects: FreeBSD 4.3-RELEASE
FreeBSD 4.4-RELEASE
FreeBSD 4.5-RELEASE
FreeBSD 4.6-RELEASE
FreeBSD 4.6-STABLE prior to the correction date
Corrected: 2002-08-05 15:05:15 (RELENG_4)
2002-08-05 15:13:48 (RELENG_4_6)
2002-08-05 15:13:44 (RELENG_4_5)
2002-08-05 15:13:40 (RELENG_4_4)
FreeBSD only: YES
I. Background
The kqueue mechanism allows a process to register interest in
particular events on particular file descriptors, and receive
asynchronous notification when these events occur on the selected
descriptors.
II. Problem Description
If a pipe was created with the pipe(2) system call, and one end of the
pipe was closed, registering an EVFILT_WRITE filter on the other end
would cause a kernel panic.
A common scenario in which this could occur is when a process uses a
pipe to communicate with a child and uses kqueue to monitor the pipe,
and the child dies shortly after the fork(2) call, before the parent
has had time to register the filter.
III. Impact
A local attacker may cause the system to panic by executing their own
malicious application.
IV. Workaround
There is no known workaround.
V. Solution
The following patch has been verified to apply to FreeBSD 4.4, 4.5, and
4.6 systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:37/kqueue.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:37/kqueue.patch.asc
b) Apply the patch.
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Path Revision
Branch
- -------------------------------------------------------------------------
sys/kern/sys_pipe.c
RELENG_4 1.60.2.13
RELENG_4_6 1.60.2.12.2.1
RELENG_4_5 1.60.2.11.2.1
RELENG_4_4 1.60.2.10.2.1
- -------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iQCVAwUBPU8OFlUuHi5z0oilAQFTugP/S+2u/BK8Oz53oFTcTY84ReNRJZMEJ8dX
PVHMWZ7xl4stYoeo8iX+moq+R2riZqEfzT+lx1lYZBkYkkmIwGxI+6qJgBqkPriL
acswOhfdzLSgwIoXNJsGdO9vlYwsNqiRsf5Yay+gKDqRUxCPA27X528uc1jhtAdd
UzagA6Lhrk8=
=uTZC
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 0:52: 4 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 457FF37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 00:52:00 -0700 (PDT)
Received: from obsecurity.dyndns.org (adsl-67-115-73-77.dsl.lsan03.pacbell.net [67.115.73.77])
by mx1.FreeBSD.org (Postfix) with ESMTP id EE10043E72
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 00:51:53 -0700 (PDT)
(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
id F108466DFC; Tue, 6 Aug 2002 00:51:51 -0700 (PDT)
Date: Tue, 6 Aug 2002 00:51:51 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: sigma@smx.pair.com
Cc: freebsd-security@freebsd.org
Subject: Re: zlib 1.1.4
Message-ID: <20020806075151.GA59261@xor.obsecurity.org>
References: <20020804122115.82777.qmail@smx.pair.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020804122115.82777.qmail@smx.pair.com>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Sun, Aug 04, 2002 at 08:21:15AM -0400, sigma@smx.pair.com wrote:
>
> Is there some reason zlib 1.1.3 seems to be part of 4.6-STABLE? cvsweb
> shows 1.1.4 imported "on the vendor branch". There was a major security
> advisory in March 2002 for 1.1.3. A diff suggests only minor changes
> between the 1.1.4 source (from gzip.org) and the source used by 4.6-STABLE,
> but it's still labeled 1.1.3, which is enough to raise questions.
The version in -stable contains all necessary bugfixes, as is apparent
from the FreeBSD security advisory on this topic.
Kris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 2: 3:14 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4077037B400
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 02:03:12 -0700 (PDT)
Received: from math.teaser.net (math.teaser.net [213.91.2.4])
by mx1.FreeBSD.org (Postfix) with ESMTP id 3F23443E77
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 02:03:11 -0700 (PDT)
(envelope-from e-masson@kisoft-services.com)
Received: from notbsdems.nantes.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243])
by math.teaser.net (Postfix) with ESMTP
id 6A1DD6C899; Tue, 6 Aug 2002 11:03:09 +0200 (CEST)
Received: by notbsdems.nantes.kisoft-services.com (Postfix, from userid 1001)
id 304B85AAED; Tue, 6 Aug 2002 10:51:31 +0200 (CEST)
To: cjclark@alum.mit.edu
Cc: Matthew Grooms <mgrooms@seton.org>, dlavigne6@cogeco.ca,
Mailing List FreeBSD Security <freebsd-security@FreeBSD.ORG>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to ipsec/racoon
troubles, help please ...]
References: <sd455602.090@aus-gwia.aus.dcnhs.org>
<20020730074813.GF89241@blossom.cjclark.org>
<86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com>
<86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com>
<20020802172729.GA6880@blossom.cjclark.org>
<86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
<20020805174156.GA62935@blossom.cjclark.org>
From: Eric Masson <e-masson@kisoft-services.com>
In-Reply-To: <20020805174156.GA62935@blossom.cjclark.org> ("Crist J.
Clark"'s message of "Mon, 5 Aug 2002 10:41:56 -0700")
X-Operating-System: FreeBSD 4.6-STABLE i386
Date: Tue, 06 Aug 2002 10:51:30 +0200
Message-ID: <86znw0z7xp.fsf@notbsdems.nantes.kisoft-services.com>
Lines: 27
User-Agent: Gnus/5.090008 (Oort Gnus v0.08) XEmacs/21.4 (Common Lisp,
i386--freebsd)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
>>>>> "Crist" == Crist J Clark <crist.clark@attbi.com> writes:
Crist> Tunnelling is not the same as routing. The tunnelling actually
Crist> has no effect on routing. A packet going through the tunnel is
Crist> encapsulated and sent to a different destination. This is not
Crist> like routing where we don't touch the source or destination
Crist> addresses and merely manipulate where the packet is directed on
Crist> the next hop. Once encapsulation is done, routing is done
Crist> normally.
Crist> I think a command that displays the SPD and live SAD entries in
Crist> more intuitive ways, possibly in a 'netstat -r'-like fashion
Crist> would be very useful, but it shouldn't actually be in 'netstat
Crist> -r.'
I was just thinking of a more friendly way to display tunnels, so
netstat came to my mind, but it seems that a specialized command should
be better.
Thanks
Eric Masson
--
coucou m'man! Fais-moi plaisir, réagis, que je puisse t'humilier en
public!
-+- Attila in <http://www.le-gnu.net> : Bonne fête maman -+-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 2:32:43 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id ACA8B37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 02:32:40 -0700 (PDT)
Received: from kagnew.autoloop.com (kagnew.autoloop.com [207.99.30.88])
by mx1.FreeBSD.org (Postfix) with ESMTP id 5536543E42
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 02:32:40 -0700 (PDT)
(envelope-from ash@kagnew.autoloop.com)
Received: by kagnew.autoloop.com (Postfix, from userid 1000)
id 02D0174479; Tue, 6 Aug 2002 09:32:37 +0000 (GMT)
Date: Tue, 6 Aug 2002 05:32:37 -0400
From: Anatole Shaw <shaw@autoloop.com>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: freebsd-security@freebsd.org
Subject: advisory coordination (Re: SA-02:35)
Message-ID: <20020806053237.A49851@kagnew.autoloop.com>
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <xzpado0hp1h.fsf@flood.ping.uio.no>; from des@ofug.org on Tue, Aug 06, 2002 at 01:19:22AM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 01:19:22AM +0200, Dag-Erling Smorgrav wrote:
> Oleg Derevenetz <oleg@vsi.ru> writes:
> > I recently visited ftp.freebsd.org, and found directory SA-02:35 in
> > CERT/patches without corresponding advisory in CERT/advisories.
> SA-02:35 is due out today. We release patches early to make sure
> they've propagated to all the mirrors by the time we release the
> advisory.
In May, I had an exchange with two FreeBSD Security Officers about the
release of advisory SA-02:25, which referenced patches that didn't yet
exist on the FTP site. I recommended that patches and advisories be made
available together. One SO told me that, in the future, patch propagation
would be assured prior to advisory release, but that attaching patches to
advisories was passe.
It seems that this piecemeal bit of change is now in force, with the
obvious results. On or before August 2nd, the same problem occured in
reverse -- a patch for SA-02:35 (the FFS filesize bug) was propagated
without a corresponding advisory, as noted by Oleg above.
As a result, there were just about 3 days during which the security patch
circulated with no explanation. Those were three days for blackhats to
examine the patch, and for exploits to emerge and circulate, before most
admins were aware of the bug or its impact.
On the same day, Ache@ forwarded an unrelated CVS commit on setlocale.c to
this list, adding nonchalantly, "That original BSD code bug can be
exploitable." The advisory for this one is still in the works, I guess.
I'm all for full-disclosure, but something is very wrong in these 2 cases.
Known security problems are being released in fragments without any
coordination. It seems that a basic Vulnerability Coordination function
is broken or missing, and surely we can fix this.
--
Anatole Shaw
Autoloop Security Consulting
http://www.autoloop.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 3: 8:43 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4480937B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 03:08:41 -0700 (PDT)
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
by mx1.FreeBSD.org (Postfix) with ESMTP id 5DA2043E75
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 03:08:40 -0700 (PDT)
(envelope-from des@ofug.org)
Received: by flood.ping.uio.no (Postfix, from userid 2602)
id 2939C535C; Tue, 6 Aug 2002 12:08:37 +0200 (CEST)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
coincide with those of any organisation or company with
which I am or have been affiliated.
To: Anatole Shaw <shaw@autoloop.com>
Cc: freebsd-security@freebsd.org
Subject: Re: advisory coordination (Re: SA-02:35)
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru>
<xzpado0hp1h.fsf@flood.ping.uio.no>
<20020806053237.A49851@kagnew.autoloop.com>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 06 Aug 2002 12:08:36 +0200
In-Reply-To: <20020806053237.A49851@kagnew.autoloop.com>
Message-ID: <xzpznw0fgez.fsf@flood.ping.uio.no>
Lines: 31
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Anatole Shaw <shaw@autoloop.com> writes:
> I'm all for full-disclosure, but something is very wrong in these 2 cases.
> Known security problems are being released in fragments without any
> coordination. It seems that a basic Vulnerability Coordination function
> is broken or missing, and surely we can fix this.
What do you propose? Are you willing to, say, pay me to work full-
time on FreeBSD security issues? The fact of the matter is that
there's too much to do and too few people to do it - but adding more
people to the team brings its own problems, such as the increasing
possibility that one member of the team will break the trust put in us
by CERT and vendors with whom we exchange information.
Also, when you get to the bottom line, this is an open source project,
and open source isn't good at secrecy. Black hats may be tipped off
by patches on the FTP server, but they're just as likely to be tipped
off by commit messages. A commit to a security branch is a dead
giveaway that a security problem exists, yet we need time for QA and
for commits to propagate to the CVSup mirrors, so advisories are not
likely to be released less than about 24 hours after the corresponding
commits.
In the particular case of 02:35, we probably waited a bit too long.
It was originally due out on Friday along with the revised 02:33, but
there were still some unanswered questions about impact and possible
workarounds, and 02:36 and 02:37 (which I wrote) weren't ready, so
Jacques decided to hold 02:35 back and release all three on Monday.
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 3:34: 4 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id AD42C37B400
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 03:34:01 -0700 (PDT)
Received: from pd3mo1so.prod.shaw.ca (h24-71-223-10.cg.shawcable.net [24.71.223.10])
by mx1.FreeBSD.org (Postfix) with ESMTP id 19EAF43E65
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 03:34:01 -0700 (PDT)
(envelope-from Colin_Percival@sfu.ca)
Received: from pd5mr2so.prod.shaw.ca
(pd5mr2so-qfe3.prod.shaw.ca [10.0.141.233]) by l-daemon
(iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F007D540OOP@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 04:34:00 -0600 (MDT)
Received: from pn2ml10so.prod.shaw.ca
(pn2ml10so-qfe0.prod.shaw.ca [10.0.121.80])
by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F008HL40O12@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 04:34:00 -0600 (MDT)
Received: from piii600.sfu.ca (h24-79-84-133.vc.shawcable.net [24.79.84.133])
by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F00K9H40O0O@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 04:34:00 -0600 (MDT)
Date: Tue, 06 Aug 2002 03:33:59 -0700
From: Colin Percival <Colin_Percival@sfu.ca>
Subject: Re: advisory coordination (Re: SA-02:35)
In-reply-to: <xzpznw0fgez.fsf@flood.ping.uio.no>
X-Sender: cperciva@popserver.sfu.ca
To: Dag-Erling Smorgrav <des@ofug.org>,
Anatole Shaw <shaw@autoloop.com>
Cc: freebsd-security@FreeBSD.ORG
Message-id: <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca>
MIME-version: 1.0
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
X-Info-RBL1: ox.ac.uk filters email against various lists.
X-Info-RBL2: If your replies bounce, try sending them to cperciva@sfu.ca
References: <20020806053237.A49851@kagnew.autoloop.com>
<1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no>
<20020806053237.A49851@kagnew.autoloop.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
At 12:08 06/08/2002 +0200, Dag-Erling Smorgrav wrote:
>Anatole Shaw <shaw@autoloop.com> writes:
> > I'm all for full-disclosure, but something is very wrong in these 2
> cases.
> > Known security problems are being released in fragments without any
> > coordination. It seems that a basic Vulnerability Coordination function
> > is broken or missing, and surely we can fix this.
>
>What do you propose?
It wouldn't be a panacea, but if the mirrors could be set to update
automatically when a security issue arises (instead of operating on their
normal schedule) then the issue of advisories coming out before relevant
files were mirrored would not be a danger. I can't see that this would
cause any problems, since any blackhats looking for unannounced patches
would be looking on the main ftp server anyway.
Apart from that... is there anything wrong with issuing a preliminary
notice and following up with full details later? I think everyone knows
you're volunteering -- and is very happy with everything you're doing --
and would not complain if you miss a few details in order to send out a
warning sooner.
Colin Percival
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 4:30:17 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 829EF37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 04:30:14 -0700 (PDT)
Received: from web20105.mail.yahoo.com (web20105.mail.yahoo.com [216.136.226.42])
by mx1.FreeBSD.org (Postfix) with SMTP id 5531743E65
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 04:30:14 -0700 (PDT)
(envelope-from freefabri@yahoo.it)
Message-ID: <20020806113013.1491.qmail@web20105.mail.yahoo.com>
Received: from [193.227.212.160] by web20105.mail.yahoo.com via HTTP; Tue, 06 Aug 2002 13:30:13 CEST
Date: Tue, 6 Aug 2002 13:30:13 +0200 (CEST)
From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= <freefabri@yahoo.it>
Subject: OpenSSh trojan on fbsd 4.5
To: freebsd-security@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hello all I've installed a server on Freebsd 4.5
Stable.
I know that latest versions of OpenSSH, such 3.2.2p1
3.4p1 and 3.4 are trojaned.
I think that Openssh on my system is something like
3.0.2, is that right?
Or, is the version of ssh in my box trojaned?
Thanx bye
______________________________________________________________________
Scarica il nuovo Yahoo! Messenger: con webcam, nuove faccine e tante altre novità.
http://it.yahoo.com/mail_it/foot/?http://it.messenger.yahoo.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 4:49:50 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E8A1C37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 04:49:45 -0700 (PDT)
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
by mx1.FreeBSD.org (Postfix) with ESMTP id CF26743E75
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 04:49:41 -0700 (PDT)
(envelope-from nectar@nectar.cc)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
by gw.nectar.cc (Postfix) with ESMTP
id 1DAFD95; Tue, 6 Aug 2002 06:49:41 -0500 (CDT)
Received: from madman.nectar.cc (localhost [IPv6:::1])
by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g76Bnevd094894;
Tue, 6 Aug 2002 06:49:40 -0500 (CDT)
(envelope-from nectar@madman.nectar.cc)
Received: (from nectar@localhost)
by madman.nectar.cc (8.12.3/8.12.3/Submit) id g76Bnegu094893;
Tue, 6 Aug 2002 06:49:40 -0500 (CDT)
Date: Tue, 6 Aug 2002 06:49:40 -0500
From: "Jacques A. Vidrine" <nectar@freebsd.org>
To: Anatole Shaw <shaw@autoloop.com>
Cc: Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@freebsd.org
Subject: Re: advisory coordination (Re: SA-02:35)
Message-ID: <20020806114939.GF94762@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
Anatole Shaw <shaw@autoloop.com>, Dag-Erling Smorgrav <des@ofug.org>,
freebsd-security@freebsd.org
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no> <20020806053237.A49851@kagnew.autoloop.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020806053237.A49851@kagnew.autoloop.com>
X-Url: http://www.nectar.cc/
User-Agent: Mutt/1.5.1i-ja.1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 05:32:37AM -0400, Anatole Shaw wrote:
> As a result, there were just about 3 days during which the security patch
> circulated with no explanation. Those were three days for blackhats to
> examine the patch, and for exploits to emerge and circulate, before most
> admins were aware of the bug or its impact.
The bug fix in question was actually in the -CURRENT and -STABLE
branches as many as 6 weeks ago. The commit to the security branches
on July 31 would have been the first indication that there would be
an advisory for the issue. Adding the patch to the FTP site didn't
disclose any further information.
> On the same day, Ache@ forwarded an unrelated CVS commit on setlocale.c to
> this list, adding nonchalantly, "That original BSD code bug can be
> exploitable." The advisory for this one is still in the works, I guess.
He made a mistake (two, actually):
= he meant to mail security-officer@freebsd.org, rather than
security@freebsd.org
= he was wrong ... there was no security issue
> I'm all for full-disclosure, but something is very wrong in these 2 cases.
> Known security problems are being released in fragments without any
> coordination. It seems that a basic Vulnerability Coordination function
> is broken or missing, and surely we can fix this.
I don't think is anything wrong, other than a bit of back-seat
driving. I make plenty of Actual Mistakes for you to pick on if you
like --- this was not one of them. :-)
Cheers,
--
Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 4:58:32 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id F04D237B400
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 04:58:29 -0700 (PDT)
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
by mx1.FreeBSD.org (Postfix) with ESMTP id 6271643E77
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 04:57:49 -0700 (PDT)
(envelope-from nectar@nectar.cc)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
by gw.nectar.cc (Postfix) with ESMTP
id C978195; Tue, 6 Aug 2002 06:57:38 -0500 (CDT)
Received: from madman.nectar.cc (localhost [IPv6:::1])
by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g76Bvcvd094952;
Tue, 6 Aug 2002 06:57:38 -0500 (CDT)
(envelope-from nectar@madman.nectar.cc)
Received: (from nectar@localhost)
by madman.nectar.cc (8.12.3/8.12.3/Submit) id g76BvciD094951;
Tue, 6 Aug 2002 06:57:38 -0500 (CDT)
Date: Tue, 6 Aug 2002 06:57:38 -0500
From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG>
To: Colin Percival <Colin_Percival@sfu.ca>
Cc: Dag-Erling Smorgrav <des@ofug.org>,
Anatole Shaw <shaw@autoloop.com>, freebsd-security@FreeBSD.ORG
Subject: Re: advisory coordination (Re: SA-02:35)
Message-ID: <20020806115738.GG94762@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
Colin Percival <Colin_Percival@sfu.ca>,
Dag-Erling Smorgrav <des@ofug.org>, Anatole Shaw <shaw@autoloop.com>,
freebsd-security@FreeBSD.ORG
References: <20020806053237.A49851@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no> <20020806053237.A49851@kagnew.autoloop.com> <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.0.2.1.1.20020806031941.01febf28@popserver.sfu.ca>
X-Url: http://www.nectar.cc/
User-Agent: Mutt/1.5.1i-ja.1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 03:33:59AM -0700, Colin Percival wrote:
> It wouldn't be a panacea, but if the mirrors could be set to update
> automatically when a security issue arises (instead of operating on their
> normal schedule) then the issue of advisories coming out before relevant
> files were mirrored would not be a danger. I can't see that this would
> cause any problems, since any blackhats looking for unannounced patches
> would be looking on the main ftp server anyway.
As I implied in my previous message, no patches will hit any FTP
server or other public source before being committed to the FreeBSD
security branches. Once they are in the security branches, the
patches themselves are public and available.
> Apart from that... is there anything wrong with issuing a preliminary
> notice and following up with full details later?
Not in and of itself. In this case, I released the advisory as soon
as I believed that we had enough information to do so.
Cheers,
--
Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 5: 2:45 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 1389537B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:02:41 -0700 (PDT)
Received: from anchor-post-34.mail.demon.net (anchor-post-34.mail.demon.net [194.217.242.92])
by mx1.FreeBSD.org (Postfix) with ESMTP id 78B8243E6E
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:02:40 -0700 (PDT)
(envelope-from kevin@caomhin.demon.co.uk)
Received: from caomhin.demon.co.uk ([62.49.21.186])
by anchor-post-34.mail.demon.net with esmtp (Exim 3.35 #1)
id 17c32t-000HsO-0Y; Tue, 06 Aug 2002 13:02:39 +0100
Message-ID: <nn1d64BYq7T9EwjA@caomhin.demon.co.uk>
Date: Tue, 6 Aug 2002 13:01:28 +0100
To: Fabrizio Ravazzini <freefabri@yahoo.it>
Cc: freebsd-security@freebsd.org
From: Kevin Golding <kevin@caomhin.demon.co.uk>
Subject: Re: OpenSSh trojan on fbsd 4.5
References: <20020806113013.1491.qmail@web20105.mail.yahoo.com>
In-Reply-To: <20020806113013.1491.qmail@web20105.mail.yahoo.com>
MIME-Version: 1.0
X-Mailer: Turnpike Integrated Version 5.01 U <qkXGb$aG1KGttk6lmVLrWXtmNK>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Someone, quite probably Fabrizio Ravazzini, once wrote:
>Hello all I've installed a server on Freebsd 4.5
>Stable.
>I know that latest versions of OpenSSH, such 3.2.2p1
>3.4p1 and 3.4 are trojaned.
>I think that Openssh on my system is something like
>3.0.2, is that right?
2.9 iirc
ssh -V will tell you accurately.
>Or, is the version of ssh in my box trojaned?
>Thanx bye
Basically you were only at risk if you installed a later version
deliberately, and if you did that from ports you would have still needed
to explicitly tell the install to ignore certain security checks.
Basically a default install is unaffected.
Kevin
--
kevin@caomhin.demon.co.uk
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 5: 7:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id EF47D37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:07:34 -0700 (PDT)
Received: from web20110.mail.yahoo.com (web20110.mail.yahoo.com [216.136.226.47])
by mx1.FreeBSD.org (Postfix) with SMTP id 7C84D43E75
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:07:34 -0700 (PDT)
(envelope-from freefabri@yahoo.it)
Message-ID: <20020806120734.76242.qmail@web20110.mail.yahoo.com>
Received: from [193.227.212.160] by web20110.mail.yahoo.com via HTTP; Tue, 06 Aug 2002 14:07:34 CEST
Date: Tue, 6 Aug 2002 14:07:34 +0200 (CEST)
From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= <freefabri@yahoo.it>
Subject: Re: OpenSSh trojan on fbsd 4.5
To: Kevin Golding <kevin@caomhin.demon.co.uk>
Cc: freebsd-security@freebsd.org
In-Reply-To: <nn1d64BYq7T9EwjA@caomhin.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Ok thanks for the help
Bye
--- Kevin Golding <kevin@caomhin.demon.co.uk> ha
scritto: > Someone, quite probably Fabrizio Ravazzini,
once
> wrote:
> >Hello all I've installed a server on Freebsd 4.5
> >Stable.
> >I know that latest versions of OpenSSH, such
> 3.2.2p1
> >3.4p1 and 3.4 are trojaned.
> >I think that Openssh on my system is something
> like
> >3.0.2, is that right?
>
> 2.9 iirc
>
> ssh -V will tell you accurately.
>
> >Or, is the version of ssh in my box trojaned?
> >Thanx bye
>
> Basically you were only at risk if you installed a
> later version
> deliberately, and if you did that from ports you
> would have still needed
> to explicitly tell the install to ignore certain
> security checks.
>
> Basically a default install is unaffected.
>
> Kevin
> --
> kevin@caomhin.demon.co.uk
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of
> the message
______________________________________________________________________
Scarica il nuovo Yahoo! Messenger: con webcam, nuove faccine e tante altre novità.
http://it.yahoo.com/mail_it/foot/?http://it.messenger.yahoo.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 5:16:20 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 225A037B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:16:17 -0700 (PDT)
Received: from serv2.vsi.ru (serv2.vsi.ru [80.82.32.11])
by mx1.FreeBSD.org (Postfix) with ESMTP id D20D543E5E
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 05:16:15 -0700 (PDT)
(envelope-from oleg@vsi.ru)
Received: (from nobody@localhost)
by serv2.vsi.ru (8.9.3/8.9.3) id QAA30480
for freebsd-security@freebsd.org; Tue, 6 Aug 2002 16:13:26 +0400 (MSD)
(envelope-from oleg@vsi.ru)
To: freebsd-security@freebsd.org
Subject: Merged security patches for 4.3-RELEASE
Message-ID: <1028636005.3d4fbd6600b65@webmail.vsi.ru>
Date: Tue, 06 Aug 2002 16:13:26 +0400 (MSD)
From: Oleg Derevenetz <oleg@vsi.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit
User-Agent: IMP/PHP IMAP webmail program 2.2.8
X-Originating-IP: 80.82.32.19
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hi all,
I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded
for some reasons, but I want to keep them up-to-date (as far as possible) in
security aspect. I have a number of security patches (almost all non-ports,
released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and
4.3-RELEASE source code here:
ftp://ftp.vsi.ru/pub/FreeBSD/patches
Does the FreeBSD community concerned with these "merged" and tested patches ?
Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I
always can grant them to FreeBSD community.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 8: 9:53 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id C913837B400
for <FreeBSD-security@FreeBSD.org>; Tue, 6 Aug 2002 08:09:48 -0700 (PDT)
Received: from mx1.FreeBSD.org (host-66-133-58-214.verestar.net [66.133.58.214])
by mx1.FreeBSD.org (Postfix) with SMTP id A4D7243E88
for <FreeBSD-security@FreeBSD.org>; Tue, 6 Aug 2002 08:08:56 -0700 (PDT)
(envelope-from agogo@mail.com)
From: "MRS. AGOGO KOBE" <agogo@mail.com>
Date: Tue, 06 Aug 2002 16:08:49
To: FreeBSD-security@FreeBSD.org
Subject: NEXT OF KIN
MIME-Version: 1.0
Content-Type: text/plain;charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <20020806150856.A4D7243E88@mx1.FreeBSD.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
UNION BANK NIGERIA PLC
LAGOS NIGERIA
40/46 marina street Lagos
FROM THE DESK OF MRS. AGOGO KOBE
MANAGER,BILLS AND EXCHANGE.
TEL:234-80-33357110
ATTN ,
REQUEST FOR BUSINESS PARTNERSHIP
I AM THE MANAGER OF BILLS AND EXCHANGE AT THE FOREIGN REMITTANCE
DEPARTMENT OF THIS BANK. IAM WRITING YOU FOLLOWING THE IMPRESSIVE
INFORMATION ABOUT YOU THROUGH ONE OF MY FRIENDS WHO WORKED WITH
THE NIGERIAN CHAMBER OF COMERCE BEFORE HIS TRANSFER TO THE NIGERIAN TRADE
MISSION IN HONG KONG. HE ASSURED ME OF YOUR CAPABILITY AND RELIABILITY
TO CHAMPION A BUSINESS OF GREAT MAGNITUDE LIKE THIS ONE,ALTHOUGH
I DID NOT TELL HIM THE NATURE OF THIS BUSINESS BECAUSE OF THE CONFIDENTIALITY IT REQUIRES.
IN MY DEPARTMENT, WE DISCOVERED AN ABANDONED SUM OF USD25MILLION(TWENTY
FIVE MILLION UNITED STATES DOLLARS ONLY) IN A DOMICILIARY ACCOUNT
THAT BELONGS TO ONE OF OUR FOREIGN CUSTOMERS WHO DIED IN A GHASTLY PLANE
CRASH IN JANUARY 2000 ABOARD KENYA AIRWAYS ALONG WITH HIS ENTIRE FAMILY.
SINCE WE GOT THE INFORMATION ABOUT HIS DEATH, WE HAVE EXPECTED HIS
NEXT- OF- KIN TO COME OVER AND CLAIM THE MONEY BECAUSE WE CANNOT
RELEASE IT UNLESS SOMEBODY APPLIES FOR IT AS THE NEXT OF KIN OR RELATION TO THE
DECEASED AS INDICATED IN OUR BANKING GUIDELINES. UNFORTUNATELY WE
LEARNT THAT ALL HIS SUPPOSED NEXT OF KIN OR RELATIONS DIED ALONG
WITH HIM AT THE PLANE CRASH LEAVING NOBODY BEHIND FOR THE CLAIM.
IT IS UPON THIS DISCOVERY THEREFORE, THAT I AND ONE KEY OFFICIALS
IN MY DEPARTMENT NOW DECIDED TO MAKE BUSINESS WITH YOU AND RELEASE
THE MONEY TO YOU AS THE NEXT OF KIN OR RELATION OF THE DECEASED
FOR SAFE-KEEPING AND SUBSEQUENT DISBURSEMENT WITH YOU SINCE NOBODY
IS COMING FOR IT AND WE DO NOT WANT THIS MONEY TO BE RECYCLED INTO
THE BANK'S BOUNDED ACCOUNT AS AN UNCLAIMED FUND.
THE REQUEST FOR A FOREIGNER AS NEXT OF KIN IN THIS BUSINESS IS
OCCASIONED BY THE FACT THAT THE CUSTOMER WAS A FOREIGNER AND A NIGERIA
CANNOT STAND AS NEXT OF KIN TO A FOREIGNER. WE HAVE AGREED THAT
25% OF THIS MONEY WILL BE FOR YOU AS FOREIGN PARTNER, THEREAFTER
MY COLLEAGUE AND I WILL VISIT YOUR COUNTRY FOR THE DISBURSEMENT
ACCORDING TO THE AGREED PERCENTAGES.
PERSONALLY, I WOULD WANT YOU TO ADVISE ME ON THE BEST AREA OF INVESTMENT
BECAUSE I AM CONSIDERING TO INVEST THE GREATER PROPORTION OF MY SHARE IN YOUR COUNTRY.
THEREFORE TO ENABLE THE IMMEDIATE TRANSFER OF THE FUND VIA OUR CORRESPONDENT
FINANCE HOUSE IN ABORAD TO YOU AS ARRANGED, YOU SHOULD FIRST APPLY
TO THE BANK AS THE NEXT OF KIN OR BUSINESS PARTNER OF THE
DECEASED INDICATING YOUR ACCOUNT DETAILS WHEREIN THE MONEY WILL
BE REMITED. UPON RECEIPT OF YOUR REPLY MAIL, I SHALL SEND TO YOU
THE TEXT OF THE APPLICATION WHICH YOU WILL BE REQUIRED TO SUMIT TO THE BANK FOR
THE BANK'S PROCEDURAL AUTHENTICATION AND IMMEDIATE REMITTANCE OF
THE MONEY TO THE ACCOUNT YOU ARE GOING TO NOMINATE.
AS SOON AS YOU RECEIVE THIS MAIL, DO CONTACT ME AT ONCE THROUGH
MY FAX INDICATED 234-1-7590893, AT ONCE OR BETTER STILL YOU CALL ME
ON MY ABOVE TELEPHONE NUMBER FOR MORE CLARIFICATION.
AND I WOULD ALSO LIKE YOU TO INDICATE YOUR PRIVATE AND CONFIDENTIAL
TELEPHONE, FAX,CELLULAR AND E-MAIL FOR THE EFFECTIVE COMMUNICATION REQUIRED.
*BE INFORMED THAT ALL NECESSARY ARRANGEMENTS TOWARDS THE SUCCESSFUL
TRANSFER OF THE FUND VIA OUR CORRESPONDENT FINANCE HOUSE IN ABORAD
HAVE BEEN CONCLUDED AND IT IS 100% RISK FREE.
TRUSTING TO HEAR FROM YOU IMMEDIATELY.
YOURS FAITHFULLY,
MRS. AGOGO KOBE
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 9:56:49 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E10DB37B400
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 09:56:46 -0700 (PDT)
Received: from photon.look.ca (photon.look.ca [207.136.80.123])
by mx1.FreeBSD.org (Postfix) with ESMTP id 8746A43E75
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 09:56:46 -0700 (PDT)
(envelope-from melange@yip.org)
Received: from qc-mon-pel-ap3-12-48.look.ca ([209.148.72.95] helo=lust.inside.int)
by photon.look.ca with esmtp (Exim 4.05)
id 17c7dU-0004Ls-00; Tue, 06 Aug 2002 16:56:45 +0000
Received: from yip.org (localhost.inside.int [127.0.0.1])
by lust.inside.int (8.11.6/8.11.6) with ESMTP id g76Gv5N04139;
Tue, 6 Aug 2002 12:57:07 -0400 (EDT)
(envelope-from melange@yip.org)
Message-ID: <3D4FFFDD.5070704@yip.org>
Date: Tue, 06 Aug 2002 12:57:01 -0400
From: Bob K <melange@yip.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.1b) Gecko/20020718
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Oleg Derevenetz <oleg@vsi.ru>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Merged security patches for 4.3-RELEASE
References: <1028636005.3d4fbd6600b65@webmail.vsi.ru>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Oleg Derevenetz wrote:
>
> I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded
> for some reasons, but I want to keep them up-to-date (as far as possible) in
> security aspect. I have a number of security patches (almost all non-ports,
> released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and
> 4.3-RELEASE source code here:
>
> ftp://ftp.vsi.ru/pub/FreeBSD/patches
>
> Does the FreeBSD community concerned with these "merged" and tested patches ?
> Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I
> always can grant them to FreeBSD community.
Whether or not they get merged in with the older security branches,
perhaps you could combine your resources with these guys?
http://www.visi.com/~hawkeyd/freebsd-backports.html
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 11: 3:11 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id A98DD37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 11:03:08 -0700 (PDT)
Received: from kagnew.autoloop.com (kagnew.autoloop.com [207.99.30.88])
by mx1.FreeBSD.org (Postfix) with ESMTP id A0DF143E65
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 11:03:07 -0700 (PDT)
(envelope-from ash@kagnew.autoloop.com)
Received: by kagnew.autoloop.com (Postfix, from userid 1000)
id A1EAF74479; Tue, 6 Aug 2002 18:03:00 +0000 (GMT)
Date: Tue, 6 Aug 2002 14:03:00 -0400
From: Anatole Shaw <shaw@autoloop.com>
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: freebsd-security@freebsd.org
Subject: Re: advisory coordination (Re: SA-02:35)
Message-ID: <20020806140300.A24745@kagnew.autoloop.com>
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no> <20020806053237.A49851@kagnew.autoloop.com> <xzpznw0fgez.fsf@flood.ping.uio.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <xzpznw0fgez.fsf@flood.ping.uio.no>; from des@ofug.org on Tue, Aug 06, 2002 at 12:08:36PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 12:08:36PM +0200, Dag-Erling Smorgrav wrote:
> What do you propose?
I think that a policy of issuing "early warning" advisories, as Colin
Percival extrapolated from my original post, is one right solution. That
is, an incomplete advisory is better than no advisory at all, when bug
details (i.e. patch) are already circulating.
Some other OS vendors issue advisories that say little more than "hurry up
and download the patch," but at least those make admins aware that an
issue exists. I'd be happy to help make a (better, obviously) "early
warning system" happen for FreeBSD, if people agree that it's a good idea.
We're all on the same boat here.
Regards,
--
Anatole Shaw
Autoloop Security Consulting
http://www.autoloop.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 11:40:58 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 49D1B37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 11:40:56 -0700 (PDT)
Received: from serv2.vsi.ru (serv2.vsi.ru [80.82.32.11])
by mx1.FreeBSD.org (Postfix) with ESMTP id F203543E6A
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 11:40:54 -0700 (PDT)
(envelope-from oleg@vsi.ru)
Received: (from nobody@localhost)
by serv2.vsi.ru (8.9.3/8.9.3) id WAA10018
for freebsd-security@freebsd.org; Tue, 6 Aug 2002 22:38:01 +0400 (MSD)
(envelope-from oleg@vsi.ru)
To: freebsd-security@freebsd.org
Subject: Re: Merged security patches for 4.3-RELEASE
Message-ID: <1028659081.3d50178945f68@webmail.vsi.ru>
Date: Tue, 06 Aug 2002 22:38:01 +0400 (MSD)
From: Oleg Derevenetz <oleg@vsi.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 8bit
User-Agent: IMP/PHP IMAP webmail program 2.2.8
X-Originating-IP: 80.82.32.19
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
ãÉÔÉÒÕÀ Bob K <melange@yip.org>:
> > Does the FreeBSD community concerned with these "merged" and tested
> patches ?
> > Since I forced to merge these (and all new) security patches to 4.0
> and 4.3, I
> > always can grant them to FreeBSD community.
>
> Whether or not they get merged in with the older security branches,
> perhaps you could combine your resources with these guys?
>
> http://www.visi.com/~hawkeyd/freebsd-backports.html
All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd
antispam filter. Does anybody know how to contact with this person ? Can I see
him there, for example ? It seems that his antispam filter passion (see link on
his page) plays poor joke with him ;-)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 12:20:33 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 42A3C37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 12:20:31 -0700 (PDT)
Received: from clink.schulte.org (clink.schulte.org [209.134.156.193])
by mx1.FreeBSD.org (Postfix) with ESMTP id B3AEE43E6A
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 12:20:30 -0700 (PDT)
(envelope-from schulte+freebsd@nospam.schulte.org)
Received: from localhost (localhost [127.0.0.1])
by clink.schulte.org (Postfix) with ESMTP
id 9B903243CF; Tue, 6 Aug 2002 14:20:29 -0500 (CDT)
Received: from schulte-laptop.nospam.schulte.org (carpnod.schulte.org [209.134.156.200])
by clink.schulte.org (Postfix) with ESMTP
id 902FB243F7; Tue, 6 Aug 2002 14:20:26 -0500 (CDT)
Message-Id: <5.1.1.6.2.20020806141858.03e18680@localhost>
X-Sender: (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
Date: Tue, 06 Aug 2002 14:19:43 -0500
To: Oleg Derevenetz <oleg@vsi.ru>, freebsd-security@freebsd.org
From: Christopher Schulte <schulte+freebsd@nospam.schulte.org>
Subject: Re: Merged security patches for 4.3-RELEASE
In-Reply-To: <1028659081.3d50178945f68@webmail.vsi.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: by AMaViS 0.3.12pre6 on clink.schulte.org
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
At 10:38 PM 8/6/2002 +0400, Oleg Derevenetz wrote:
>All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd
>antispam filter. Does anybody know how to contact with this person ? Can I see
>him there, for example ? It seems that his antispam filter passion (see
>link on
>his page) plays poor joke with him ;-)
I have exchanged correspondence with this individual.
I have forwarded your message. Good luck.
--
Christopher Schulte
http://www.schulte.org/
Do not un-munge my @nospam.schulte.org
email address. This address is valid.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 12:28: 0 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 1453A37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 12:27:56 -0700 (PDT)
Received: from bran.mc.mpls.visi.com (bran.mc.mpls.visi.com [208.42.156.103])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9C61C43E4A
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 12:27:55 -0700 (PDT)
(envelope-from hawkeyd@visi.com)
Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193])
by bran.mc.mpls.visi.com (Postfix) with ESMTP
id BF81F4B20; Tue, 6 Aug 2002 14:27:54 -0500 (CDT)
Received: (from hawkeyd@localhost)
by sheol.localdomain (8.11.6/8.11.6) id g76JRrN23297;
Tue, 6 Aug 2002 14:27:53 -0500 (CDT)
(envelope-from hawkeyd)
Date: Tue, 6 Aug 2002 14:27:53 -0500 (CDT)
Message-Id: <200208061927.g76JRrN23297@sheol.localdomain>
Mime-Version: 1.0
X-Newsreader: knews 1.0b.1
Reply-To: hawkeyd@visi.com
Organization: if (!FIFO) if (!LIFO) break;
References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>
In-Reply-To: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>
From: hawkeyd@visi.com (D J Hawkey Jr)
Subject: Re: Merged security patches for 4.3-RELEASE
X-Original-Newsgroups: sol.lists.freebsd.security
To: oleg@vsi.ru, freebsd-security@freebsd.org
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
In article <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>,
oleg@vsi.ru writes:
> ãÉÔÉÒÕÀ Bob K <melange@yip.org>:
>
>> > Does the FreeBSD community concerned with these "merged" and tested
>> patches ?
>> > Since I forced to merge these (and all new) security patches to 4.0
>> and 4.3, I
>> > always can grant them to FreeBSD community.
>>
>> Whether or not they get merged in with the older security branches,
>> perhaps you could combine your resources with these guys?
>>
>> http://www.visi.com/~hawkeyd/freebsd-backports.html
>
> All right, I just wrote e-mail to hawkeyd@visi.com, and it was rejected by odd
> antispam filter. Does anybody know how to contact with this person ? Can I see
> him there, for example ? It seems that his antispam filter passion (see link on
> his page) plays poor joke with him ;-)
No, SpamFilters isn't playing any joke - SpamAssassin flagged your mail with
"CHARSET_FARAWAY", meaning it isn't something I'm able to read (supposedly),
so SpamFilters rejected it accordingly.
I've lifted that particular SpamAssassin status, if you wish to try again.
Thanks for thinking of me and my FreeBSD Backports page though!
Dave
PS, I didn't know anyone here knew I had put up SpamFilters! Yes, spam has
become passion of mine.
--
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 13: 2:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id E53FF37B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 13:02:28 -0700 (PDT)
Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104])
by mx1.FreeBSD.org (Postfix) with ESMTP id 78DD943E70
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 13:02:28 -0700 (PDT)
(envelope-from hawkeyd@visi.com)
Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193])
by bodb.mc.mpls.visi.com (Postfix) with ESMTP
id 994A14A61; Tue, 6 Aug 2002 15:02:27 -0500 (CDT)
Received: (from hawkeyd@localhost)
by sheol.localdomain (8.11.6/8.11.6) id g76K2QA23480;
Tue, 6 Aug 2002 15:02:26 -0500 (CDT)
(envelope-from hawkeyd)
Date: Tue, 6 Aug 2002 15:02:26 -0500 (CDT)
Message-Id: <200208062002.g76K2QA23480@sheol.localdomain>
Mime-Version: 1.0
X-Newsreader: knews 1.0b.1
Reply-To: hawkeyd@visi.com
Organization: if (!FIFO) if (!LIFO) break;
References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net>
In-Reply-To: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net>
From: hawkeyd@visi.com (D J Hawkey Jr)
Subject: Re: Merged security patches for 4.3-RELEASE
X-Original-Newsgroups: sol.lists.freebsd.security
To: oleg@vsi.ru, freebsd-security@freebsd.org
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
In article <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net>,
oleg@vsi.ru writes:
> Hi all,
>
> I have a number of 4.0-RELEASE and 4.3-RELEASE systems, that cannot be upgraded
> for some reasons, but I want to keep them up-to-date (as far as possible) in
> security aspect. I have a number of security patches (almost all non-ports,
> released cince 4.0-RELEASE), merged (if necessary) with 4.0-RELEASE and
> 4.3-RELEASE source code here:
>
> ftp://ftp.vsi.ru/pub/FreeBSD/patches
>
> Does the FreeBSD community concerned with these "merged" and tested patches ?
> Since I forced to merge these (and all new) security patches to 4.0 and 4.3, I
> always can grant them to FreeBSD community.
I am interested in your patches, yes. Please leave them there for a week or
so, that I might pick them up. In the mean time, please visit
http://www.visi.com/~hawkeyd/freebsd-backports.html
to see if my terms for releasing your patches agrees with your philosophy.
Note that I am not associated with The FreeBSD Project in any official
capacity. I'm just filling a hole [as I perceive it] as best I can in my own
little way.
Dave
--
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 13:20:30 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id D12D637B400
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 13:20:26 -0700 (PDT)
Received: from d188h80.mcb.uconn.edu (d188h80.mcb.uconn.edu [137.99.188.80])
by mx1.FreeBSD.org (Postfix) with SMTP id EF89743E3B
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 13:20:25 -0700 (PDT)
(envelope-from sirmoo@cowbert.2y.net)
Received: (qmail 67562 invoked by uid 1001); 6 Aug 2002 20:20:25 -0000
Date: Tue, 6 Aug 2002 16:20:24 -0400
From: "Peter C. Lai" <sirmoo@cowbert.2y.net>
To: Anatole Shaw <shaw@autoloop.com>
Cc: Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@freebsd.org
Subject: Re: advisory coordination (Re: SA-02:35)
Message-ID: <20020806162024.A67456@cowbert.2y.net>
Reply-To: peter.lai@uconn.edu
References: <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no> <20020806053237.A49851@kagnew.autoloop.com> <xzpznw0fgez.fsf@flood.ping.uio.no> <20020806140300.A24745@kagnew.autoloop.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20020806140300.A24745@kagnew.autoloop.com>; from shaw@autoloop.com on Tue, Aug 06, 2002 at 02:03:00PM -0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 02:03:00PM -0400, Anatole Shaw wrote:
> On Tue, Aug 06, 2002 at 12:08:36PM +0200, Dag-Erling Smorgrav wrote:
> > What do you propose?
>
> I think that a policy of issuing "early warning" advisories, as Colin
> Percival extrapolated from my original post, is one right solution. That
> is, an incomplete advisory is better than no advisory at all, when bug
> details (i.e. patch) are already circulating.
It depends. We have already seen multiple cases where we have had
multiple revisions of the same advisory. I believe 3 of the more
recent advisories were revised due to revisions of the original release.
This makes support hard for the customers; I have had to build world
about 3 times in the last two weeks (tracking RELENG_4_6) whereas
prior to the openssh debacle I lasted a few months without building world.
This is probably worse for the large-installation administrators who
are currently tracking a moving target even with the help of build
farms and build testing. Still, the openssl revision along with the
stdio repatch seems to suggest that we may want to balance haste
with quality of the patches.
>
> Some other OS vendors issue advisories that say little more than "hurry up
> and download the patch," but at least those make admins aware that an
> issue exists. I'd be happy to help make a (better, obviously) "early
> warning system" happen for FreeBSD, if people agree that it's a good idea.
> We're all on the same boat here.
>
> Regards,
>
> --
> Anatole Shaw
> Autoloop Security Consulting
> http://www.autoloop.com
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology | Undergraduate Research Assistant
Yale University School of Medicine
Center for Medical Informatics | Research Assistant
http://cowbert.2y.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 14:17:41 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id B032A37B401
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 14:17:39 -0700 (PDT)
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
by mx1.FreeBSD.org (Postfix) with ESMTP id 468DA43E72
for <freebsd-security@freebsd.org>; Tue, 6 Aug 2002 14:17:37 -0700 (PDT)
(envelope-from des@ofug.org)
Received: by flood.ping.uio.no (Postfix, from userid 2602)
id B47A7535F; Tue, 6 Aug 2002 23:17:35 +0200 (CEST)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
coincide with those of any organisation or company with
which I am or have been affiliated.
To: hawkeyd@visi.com
Cc: oleg@vsi.ru, freebsd-security@freebsd.org
Subject: Re: Merged security patches for 4.3-RELEASE
References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net>
<200208062002.g76K2QA23480@sheol.localdomain>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 06 Aug 2002 23:17:35 +0200
In-Reply-To: <200208062002.g76K2QA23480@sheol.localdomain>
Message-ID: <xzpofcfelg0.fsf@flood.ping.uio.no>
Lines: 12
User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
hawkeyd@visi.com (D J Hawkey Jr) writes:
> Note that I am not associated with The FreeBSD Project in any official
> capacity. I'm just filling a hole [as I perceive it] as best I can in my own
> little way.
You are, of course, free to do so, and I am certain that your efforts
are much appreciated by those who for some reason or other are still
running old releases. Keep it up!
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Tue Aug 6 14:32:19 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 94F4637B400
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 14:32:17 -0700 (PDT)
Received: from pd4mo3so.prod.shaw.ca (h24-71-223-10.cg.shawcable.net [24.71.223.10])
by mx1.FreeBSD.org (Postfix) with ESMTP id 6AE0A43E72
for <freebsd-security@FreeBSD.ORG>; Tue, 6 Aug 2002 14:32:16 -0700 (PDT)
(envelope-from Colin_Percival@sfu.ca)
Received: from pd2mr4so.prod.shaw.ca (pd2mr4so-ser.prod.shaw.ca [10.0.141.107])
by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F00KA5YHSD1@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 15:32:16 -0600 (MDT)
Received: from pn2ml8so.prod.shaw.ca
(pn2ml8so-qfe0.prod.shaw.ca [10.0.121.152]) by l-daemon
(iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F009C0YHS6X@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 15:32:16 -0600 (MDT)
Received: from piii600.sfu.ca (h24-79-84-133.vc.shawcable.net [24.79.84.133])
by l-daemon (iPlanet Messaging Server 5.1 HotFix 0.8 (built May 12 2002))
with ESMTP id <0H0F00K2HYHR5L@l-daemon> for freebsd-security@FreeBSD.ORG; Tue,
06 Aug 2002 15:32:16 -0600 (MDT)
Date: Tue, 06 Aug 2002 14:32:12 -0700
From: Colin Percival <Colin_Percival@sfu.ca>
Subject: Re: advisory coordination (Re: SA-02:35)
In-reply-to: <20020806162024.A67456@cowbert.2y.net>
X-Sender: cperciva@popserver.sfu.ca
To: peter.lai@uconn.edu, Anatole Shaw <shaw@autoloop.com>
Cc: Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@FreeBSD.ORG
Message-id: <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca>
MIME-version: 1.0
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
X-Info-RBL1: ox.ac.uk filters email against various lists.
X-Info-RBL2: If your replies bounce, try sending them to cperciva@sfu.ca
References: <20020806140300.A24745@kagnew.autoloop.com>
<1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no>
<20020806053237.A49851@kagnew.autoloop.com>
<xzpznw0fgez.fsf@flood.ping.uio.no> <20020806140300.A24745@kagnew.autoloop.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
At 16:20 06/08/2002 -0400, Peter C. Lai wrote:
>On Tue, Aug 06, 2002 at 02:03:00PM -0400, Anatole Shaw wrote:
> > I think that a policy of issuing "early warning" advisories, as Colin
> > Percival extrapolated from my original post, is one right solution. That
> > is, an incomplete advisory is better than no advisory at all, when bug
> > details (i.e. patch) are already circulating.
>
>[...] Still, the openssl revision along with the
>stdio repatch seems to suggest that we may want to balance haste
>with quality of the patches.
I didn't mean at all that the quality of the patches should be
endangered in order to issue an advisory quickly; rather, I meant that once
everyone involved agreed that a patch was good, issuing an advisory saying
"there's a problem, here's the patch, we don't know what the possible
workarounds might be" would be preferable to waiting until you had analyzed
exactly when there is a security risk and what the workarounds might be.
Colin Percival
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Wed Aug 7 5:38:25 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id BC1A337B401
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 05:38:23 -0700 (PDT)
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
by mx1.FreeBSD.org (Postfix) with ESMTP id 08F1043E3B
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 05:38:23 -0700 (PDT)
(envelope-from nectar@nectar.cc)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
by gw.nectar.cc (Postfix) with ESMTP
id 7EF91D; Wed, 7 Aug 2002 07:38:22 -0500 (CDT)
Received: from madman.nectar.cc (localhost [IPv6:::1])
by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g77CcMvd004561;
Wed, 7 Aug 2002 07:38:22 -0500 (CDT)
(envelope-from nectar@madman.nectar.cc)
Received: (from nectar@localhost)
by madman.nectar.cc (8.12.3/8.12.3/Submit) id g77CcKNh004560;
Wed, 7 Aug 2002 07:38:20 -0500 (CDT)
Date: Wed, 7 Aug 2002 07:38:20 -0500
From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG>
To: Colin Percival <Colin_Percival@sfu.ca>
Cc: peter.lai@uconn.edu, Anatole Shaw <shaw@autoloop.com>,
Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@FreeBSD.ORG
Subject: Re: advisory coordination (Re: SA-02:35)
Message-ID: <20020807123820.GF4401@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
Colin Percival <Colin_Percival@sfu.ca>, peter.lai@uconn.edu,
Anatole Shaw <shaw@autoloop.com>, Dag-Erling Smorgrav <des@ofug.org>,
freebsd-security@FreeBSD.ORG
References: <20020806140300.A24745@kagnew.autoloop.com> <1028312148.3d4acc54c5eef@webmail.vsi.ru> <xzpado0hp1h.fsf@flood.ping.uio.no> <20020806053237.A49851@kagnew.autoloop.com> <xzpznw0fgez.fsf@flood.ping.uio.no> <20020806140300.A24745@kagnew.autoloop.com> <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.0.2.1.1.20020806142610.01fe55b8@popserver.sfu.ca>
X-Url: http://www.nectar.cc/
User-Agent: Mutt/1.5.1i-ja.1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 02:32:12PM -0700, Colin Percival wrote:
> rather, I meant that once
> everyone involved agreed that a patch was good, issuing an advisory saying
> "there's a problem, here's the patch, we don't know what the possible
> workarounds might be"
Track the current security branch (RELENG_4_6 at the moment) and that is
essentially what you will get.
Cheers,
--
Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Wed Aug 7 8:43: 7 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 5369137B400
for <FreeBSD-security@FreeBSD.org>; Wed, 7 Aug 2002 08:43:05 -0700 (PDT)
Received: from quarry.com (mail.quarry.com [205.189.158.4])
by mx1.FreeBSD.org (Postfix) with ESMTP id BDC8A43E6E
for <FreeBSD-security@FreeBSD.org>; Wed, 7 Aug 2002 08:43:04 -0700 (PDT)
(envelope-from ctaylor@quarry.com)
Received: from mr-t.quarry.com (10.1.7.145) by quarry.com with ESMTP
(Eudora Internet Mail Server 3.0.1) for <FreeBSD-security@FreeBSD.org>;
Wed, 7 Aug 2002 11:43:01 -0400
Content-Type: text/plain;
charset="us-ascii"
From: Craig Taylor <ctaylor@quarry.com>
To: FreeBSD-security@FreeBSD.org
Subject: subscribe
Date: Wed, 7 Aug 2002 11:42:41 -0400
X-Mailer: KMail [version 1.4]
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-Id: <200208071142.41138.ctaylor@quarry.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Wed Aug 7 9:10:59 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id BBD6E37B400
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 09:10:54 -0700 (PDT)
Received: from blackhelicopters.org (geburah.blackhelicopters.org [209.69.178.18])
by mx1.FreeBSD.org (Postfix) with ESMTP id 3AF4643E72
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 09:10:54 -0700 (PDT)
(envelope-from mwlucas@blackhelicopters.org)
Received: from blackhelicopters.org (mwlucas@localhost [127.0.0.1])
by blackhelicopters.org (8.12.4/8.12.4) with ESMTP id g77GAncC047691;
Wed, 7 Aug 2002 12:10:49 -0400 (EDT)
(envelope-from mwlucas@blackhelicopters.org)
Received: (from mwlucas@localhost)
by blackhelicopters.org (8.12.4/8.12.4/Submit) id g77GAmub047690;
Wed, 7 Aug 2002 12:10:48 -0400 (EDT)
Date: Wed, 7 Aug 2002 12:10:48 -0400
From: Michael Lucas <mwlucas@blackhelicopters.org>
To: D J Hawkey Jr <hawkeyd@visi.com>
Cc: oleg@vsi.ru, freebsd-security@FreeBSD.ORG
Subject: Re: Merged security patches for 4.3-RELEASE
Message-ID: <20020807121048.A47502@blackhelicopters.org>
References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> <200208062002.g76K2QA23480@sheol.localdomain>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200208062002.g76K2QA23480@sheol.localdomain>; from hawkeyd@visi.com on Tue, Aug 06, 2002 at 03:02:26PM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Tue, Aug 06, 2002 at 03:02:26PM -0500, D J Hawkey Jr wrote:
> Note that I am not associated with The FreeBSD Project in any official
> capacity. I'm just filling a hole [as I perceive it] as best I can in my own
> little way.
And *that*, folks, is how things happen in FreeBSD.
==ml
--
Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org
http://www.oreillynet.com/pub/q/Big_Scary_Daemons
Absolute BSD: http://www.nostarch.com/abs_bsd.htm
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Wed Aug 7 18:14:50 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id B2DB937B400
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 18:14:47 -0700 (PDT)
Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200])
by mx1.FreeBSD.org (Postfix) with ESMTP id 01E6143E75
for <freebsd-security@FreeBSD.ORG>; Wed, 7 Aug 2002 18:14:46 -0700 (PDT)
(envelope-from campbell@babayaga.neotext.ca)
Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1])
by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g781F7c79024;
Wed, 7 Aug 2002 19:15:07 -0600 (MDT)
(envelope-from campbell@babayaga.neotext.ca)
From: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca>
To: Michael Lucas <mwlucas@blackhelicopters.org>,
D J Hawkey Jr <hawkeyd@visi.com>
Cc: oleg@vsi.ru, freebsd-security@FreeBSD.ORG
Subject: Re: Merged security patches for 4.3-RELEASE
Date: Wed, 7 Aug 2002 19:15:06 -0600
Message-Id: <20020808011506.M36793@babayaga.neotext.ca>
In-Reply-To: <20020807121048.A47502@blackhelicopters.org>
References: <1028636005.3d4fbd6600b65_webmail.vsi.ru@ns.sol.net> <200208062002.g76K2QA23480@sheol.localdomain> <20020807121048.A47502@blackhelicopters.org>
X-Mailer: Open WebMail 1.70 20020712
X-OriginatingIP: 127.0.0.1 (campbell)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
He's a twit who threatens to x-communication people if they
laugh
about his pathetic spam block -- by putting them in his spam
list.
Ostrich syndrome, for sure.
On the other hand, I haven't yet decided whether to upgrade my
4.3 systems or byte the bullet and upgrade them... So I may
wind up depending on the good-work of Ostriches, spam-blocked
or not ;-)
Duncan Patton a Campbell is Duibh ;-)
---------- Original Message -----------
From: Michael Lucas <mwlucas@blackhelicopters.org>
To: D J Hawkey Jr <hawkeyd@visi.com>
Sent: Wed, 7 Aug 2002 12:10:48 -0400
Subject: Re: Merged security patches for 4.3-RELEASE
> On Tue, Aug 06, 2002 at 03:02:26PM -0500, D J Hawkey
> Jr wrote:
> > Note that I am not associated with The FreeBSD Project in
any official
> > capacity. I'm just filling a hole [as I perceive it] as best
I can in my own
> > little way.
>
> And *that*, folks, is how things happen in FreeBSD.
>
> ==ml
>
> --
> Michael Lucas mwlucas@FreeBSD.org,
mwlucas@BlackHelicopters.org
> http://www.oreillynet.com/pub/q/Big_Scary_Daemons
>
> Absolute BSD: http://www.nostarch.com/abs_bsd.htm
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the
> message
------- End of Original Message -------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 9:47: 8 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id B426F37B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 09:47:05 -0700 (PDT)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id A36C643E42
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 09:47:04 -0700 (PDT)
(envelope-from rjh@mohawk.net)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78Gl3w09942
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 12:47:03 -0400 (EDT)
Date: Thu, 8 Aug 2002 12:47:03 -0400 (EDT)
From: Ralph Huntington <rjh@mohawk.net>
To: <freebsd-security@FreeBSD.ORG>
Subject: security upgrade question
Message-ID: <20020808123953.X75214-100000@mohegan.mohawk.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hi all, forgive me is this is an obvious question. We have numerous fbsd
boxes with versions from 4.2 on up. I know I need to cvsup RELENG_4_4 for
4.4-RELEASE, RELENG_4_5 for 4.5, and RELENG_4_6 for 4.6.
What's not clear to me is: Are the security patches included in RELENG_4
to use for earlier 4.x boxes? In other words, are the libc problem and the
openssl problem and the bind problem and whatever else problem has been
advised about recently taken care of in RELENG_4 ??
Thanks much for your advice. - Ralph
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 9:53:14 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 608B537B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 09:53:12 -0700 (PDT)
Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213])
by mx1.FreeBSD.org (Postfix) with ESMTP id 0B45343E3B
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 09:53:12 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: from radix.cryptio.net (localhost [127.0.0.1])
by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78Gr2k6008752
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
Thu, 8 Aug 2002 09:53:02 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: (from emechler@localhost)
by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78Gr2a8008751;
Thu, 8 Aug 2002 09:53:02 -0700 (PDT)
Date: Thu, 8 Aug 2002 09:53:02 -0700
From: Erick Mechler <emechler@techometer.net>
To: Ralph Huntington <rjh@mohawk.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: security upgrade question
Message-ID: <20020808165302.GM343@techometer.net>
References: <20020808123953.X75214-100000@mohegan.mohawk.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020808123953.X75214-100000@mohegan.mohawk.net>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
:: What's not clear to me is: Are the security patches included in RELENG_4
:: to use for earlier 4.x boxes? In other words, are the libc problem and the
:: openssl problem and the bind problem and whatever else problem has been
:: advised about recently taken care of in RELENG_4 ??
RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches
into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by
definition, a part of the main -STABLE branch, RELENG_4. See
http://www.freebsd.org/doc/handbook/cvs-tags.html
for more information about the various CVS tags in use.
Cheers - Erick
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 10: 1:28 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4BA0D37B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:01:25 -0700 (PDT)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9D08B43E77
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:01:24 -0700 (PDT)
(envelope-from rjh@mohawk.net)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78H1Lw13337;
Thu, 8 Aug 2002 13:01:21 -0400 (EDT)
Date: Thu, 8 Aug 2002 13:01:21 -0400 (EDT)
From: Ralph Huntington <rjh@mohawk.net>
To: Erick Mechler <emechler@techometer.net>
Cc: <freebsd-security@FreeBSD.ORG>
Subject: Re: security upgrade question
In-Reply-To: <20020808165302.GM343@techometer.net>
Message-ID: <20020808130033.A75214-100000@mohegan.mohawk.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Thank you. That helps a lot.
I wonder if those problems are patched in RELENG_3 as well.
On Thu, 8 Aug 2002, Erick Mechler wrote:
> :: What's not clear to me is: Are the security patches included in RELENG_4
> :: to use for earlier 4.x boxes? In other words, are the libc problem and the
> :: openssl problem and the bind problem and whatever else problem has been
> :: advised about recently taken care of in RELENG_4 ??
>
> RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches
> into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by
> definition, a part of the main -STABLE branch, RELENG_4. See
>
> http://www.freebsd.org/doc/handbook/cvs-tags.html
>
> for more information about the various CVS tags in use.
>
> Cheers - Erick
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 10: 6:29 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 5A2FC37B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:06:28 -0700 (PDT)
Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213])
by mx1.FreeBSD.org (Postfix) with ESMTP id E2C3243E6E
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:06:27 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: from radix.cryptio.net (localhost [127.0.0.1])
by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78H6Rk6009038
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
Thu, 8 Aug 2002 10:06:27 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: (from emechler@localhost)
by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78H6Rxg009037;
Thu, 8 Aug 2002 10:06:27 -0700 (PDT)
Date: Thu, 8 Aug 2002 10:06:27 -0700
From: Erick Mechler <emechler@techometer.net>
To: Ralph Huntington <rjh@mohawk.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: security upgrade question
Message-ID: <20020808170627.GO343@techometer.net>
References: <20020808165302.GM343@techometer.net> <20020808130033.A75214-100000@mohegan.mohawk.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020808130033.A75214-100000@mohegan.mohawk.net>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
:: Thank you. That helps a lot.
You're welcome.
:: I wonder if those problems are patched in RELENG_3 as well.
I'm not sure, but I've seen this page referred to on this list in regard to
backports.
http://www.visi.com/~hawkeyd/freebsd-backports.html
Cheers - Erick
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 10:10:57 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id D794C37B40A
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:10:51 -0700 (PDT)
Received: from hendrix.bsd.st (ADSL235-21.advancedsl.com.ar [200.51.235.21])
by mx1.FreeBSD.org (Postfix) with SMTP id AC34743E5E
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:10:49 -0700 (PDT)
(envelope-from root@datafull.com)
Received: (qmail 1557 invoked from network); 8 Aug 2002 17:10:34 -0000
Received: from unknown (HELO datafull.com) (10.0.0.1)
by 0 with SMTP; 8 Aug 2002 17:10:34 -0000
Message-ID: <3D52A649.8020101@datafull.com>
Date: Thu, 08 Aug 2002 14:11:37 -0300
From: "JP Villa (::DATAFULL.COM::)" <root@datafull.com>
Organization: Cuatro Cabezas SA
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901
X-Accept-Language: en-us
MIME-Version: 1.0
To: Ralph Huntington <rjh@mohawk.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: security upgrade question
References: <20020808130033.A75214-100000@mohegan.mohawk.net>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
When you cvsup a new src tree, always look for a /usr/src/UPDATING file,
which has the info you need now. It's a good practice to look at this
before make world, to be sure that src-all is ok.
Best regards
Juan Pablo Villa
Datafull.com Sysadmin
Cuatro Cabezas SA
Buenos Aires, Argentina
Ralph Huntington wrote:
> Thank you. That helps a lot.
>
> I wonder if those problems are patched in RELENG_3 as well.
>
>
> On Thu, 8 Aug 2002, Erick Mechler wrote:
>
>
>>:: What's not clear to me is: Are the security patches included in RELENG_4
>>:: to use for earlier 4.x boxes? In other words, are the libc problem and the
>>:: openssl problem and the bind problem and whatever else problem has been
>>:: advised about recently taken care of in RELENG_4 ??
>>
>>RELENG_4 is the main branch for the FreeBSD 4.x series (-STABLE). Patches
>>into the RELENG_4_4, RELENG_4_5, RELENG_4_6 branch, etc, are, by
>>definition, a part of the main -STABLE branch, RELENG_4. See
>>
>> http://www.freebsd.org/doc/handbook/cvs-tags.html
>>
>>for more information about the various CVS tags in use.
>>
>>Cheers - Erick
>>
>>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 10:24: 3 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 995A237B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:23:59 -0700 (PDT)
Received: from d188h80.mcb.uconn.edu (d188h80.mcb.uconn.edu [137.99.188.80])
by mx1.FreeBSD.org (Postfix) with SMTP id EA44843E4A
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 10:23:58 -0700 (PDT)
(envelope-from sirmoo@cowbert.2y.net)
Received: (qmail 18692 invoked by uid 1001); 8 Aug 2002 17:23:58 -0000
Date: Thu, 8 Aug 2002 13:23:58 -0400
From: "Peter C. Lai" <sirmoo@cowbert.2y.net>
To: Ralph Huntington <rjh@mohawk.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: security upgrade question
Message-ID: <20020808172357.GA16252@cowbert.2y.net>
Reply-To: peter.lai@uconn.edu
References: <20020808123953.X75214-100000@mohegan.mohawk.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020808123953.X75214-100000@mohegan.mohawk.net>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Thu, Aug 08, 2002 at 12:47:03PM -0400, Ralph Huntington wrote:
> Hi all, forgive me is this is an obvious question. We have numerous fbsd
> boxes with versions from 4.2 on up. I know I need to cvsup RELENG_4_4 for
> 4.4-RELEASE, RELENG_4_5 for 4.5, and RELENG_4_6 for 4.6.
>
> What's not clear to me is: Are the security patches included in RELENG_4
> to use for earlier 4.x boxes? In other words, are the libc problem and the
> openssl problem and the bind problem and whatever else problem has been
> advised about recently taken care of in RELENG_4 ??
No. RELENG_4 is -STABLE, which is always newer than RELENG_4_6.
On the newness scale (measured by the number of commits per time,
and corresponding stability) you see:
5-CURRENT (RELENG_5?) <-- most new; active development version
STABLE (RELENG_4), <-- fbsd 4.x stable leading on to the next point release
SECURITY RELEASE (RELENG_4_X), <-- only security patches
version 3 (RELENG_3), <-- no new code introduced at all
decrepitly old (RELENG_2?) <-- fbsd 2.x Hopefully no one uses this anymore
Changes are made to -CURRENT and after tested for stability are
MFC'd to -STABLE. To minimize new code introduction to maintain further
stability, security branch was created; these only contain the security
patches, unlike releng_4 that contain new code trickled down from 5.
There are backports available for older releases.
Recently we were plugging DJ Hawkey's work:
http://www.visi.com/~hawkeyd/freebsd-backports.html
>
> Thanks much for your advice. - Ralph
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology | Undergraduate Research Assistant
Yale University School of Medicine
Center for Medical Informatics | Research Assistant
http://cowbert.2y.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 11:11:27 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 11EFB37B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:11:25 -0700 (PDT)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id 5CA9B43E5E
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:11:24 -0700 (PDT)
(envelope-from rjh@mohawk.net)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78IBNw30953;
Thu, 8 Aug 2002 14:11:23 -0400 (EDT)
Date: Thu, 8 Aug 2002 14:11:23 -0400 (EDT)
From: Ralph Huntington <rjh@mohawk.net>
To: <peter.lai@uconn.edu>
Cc: <freebsd-security@FreeBSD.ORG>
Subject: Re: security upgrade question
In-Reply-To: <20020808172357.GA16252@cowbert.2y.net>
Message-ID: <20020808140643.O75214-100000@mohegan.mohawk.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Thank you, Peter...
> > ... have the libc problem and the openssl problem and
> > the bind problem and whatever else problem been
> > taken care of in RELENG_4 ??
>
> No. RELENG_4 is -STABLE, which is always newer than RELENG_4_6.
So, if RELENG_4 is always newer than RELENG_4_6 and RELENG_4_6 has been
patched for the problems mentioned above, wouldn't RELENG_4 either be
patched or have newer versions of the programs? In other words, if
RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't
it have the security problems taken care of already?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 11:32:49 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 767F937B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:32:47 -0700 (PDT)
Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213])
by mx1.FreeBSD.org (Postfix) with ESMTP id DC0DA43E5E
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:32:46 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: from radix.cryptio.net (localhost [127.0.0.1])
by radix.cryptio.net (8.12.5/8.12.5) with ESMTP id g78IWkk6011125
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO);
Thu, 8 Aug 2002 11:32:46 -0700 (PDT)
(envelope-from emechler@radix.cryptio.net)
Received: (from emechler@localhost)
by radix.cryptio.net (8.12.5/8.12.5/Submit) id g78IWkKW011124;
Thu, 8 Aug 2002 11:32:46 -0700 (PDT)
Date: Thu, 8 Aug 2002 11:32:46 -0700
From: Erick Mechler <emechler@techometer.net>
To: Ralph Huntington <rjh@mohawk.net>
Cc: peter.lai@uconn.edu, freebsd-security@FreeBSD.ORG
Subject: Re: security upgrade question
Message-ID: <20020808183246.GS343@techometer.net>
References: <20020808172357.GA16252@cowbert.2y.net> <20020808140643.O75214-100000@mohegan.mohawk.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020808140643.O75214-100000@mohegan.mohawk.net>
User-Agent: Mutt/1.4i
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
:: patched or have newer versions of the programs? In other words, if
:: RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't
:: it have the security problems taken care of already?
Yes it will.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 11:37:38 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 75FC537B405
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:37:35 -0700 (PDT)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mx1.FreeBSD.org (Postfix) with ESMTP id 1947F43E7B
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 11:37:34 -0700 (PDT)
(envelope-from rjh@mohawk.net)
Received: from mohegan.mohawk.net (mohegan.mohawk.net [63.66.68.21])
by mohegan.mohawk.net (8.11.4/8.11.3) with ESMTP id g78IbVw37413;
Thu, 8 Aug 2002 14:37:31 -0400 (EDT)
Date: Thu, 8 Aug 2002 14:37:31 -0400 (EDT)
From: Ralph Huntington <rjh@mohawk.net>
To: Erick Mechler <emechler@techometer.net>
Cc: <peter.lai@uconn.edu>, <freebsd-security@FreeBSD.ORG>
Subject: Re: security upgrade question
In-Reply-To: <20020808183246.GS343@techometer.net>
Message-ID: <20020808143659.P75214-100000@mohegan.mohawk.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
> :: patched or have newer versions of the programs? In other words, if
> :: RELENG_4 is the STABLE version leading to the next point RELEASE, wouldn't
> :: it have the security problems taken care of already?
>
> Yes it will.
Okay, I think I understand about it now. Thanks to all who responded.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Thu Aug 8 18:27:13 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 3CB8537B400
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 18:27:07 -0700 (PDT)
Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9D20243E6E
for <freebsd-security@FreeBSD.ORG>; Thu, 8 Aug 2002 18:27:05 -0700 (PDT)
(envelope-from campbell@babayaga.neotext.ca)
Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1])
by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g791RkA38220;
Thu, 8 Aug 2002 19:27:46 -0600 (MDT)
(envelope-from campbell@babayaga.neotext.ca)
From: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca>
To: hawkeyd@visi.com,
Duncan Patton a Campbell is Dhu <campbell@neotext.ca>
Cc: freebsd-security@FreeBSD.ORG
Subject: Was: Merged security patches, now SPAM
Date: Thu, 8 Aug 2002 19:27:46 -0600
Message-Id: <20020809012746.M17312@babayaga.neotext.ca>
In-Reply-To: <20020806192150.A23951@sheol.localdomain>
References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> <200208061927.g76JRrN23297@sheol.localdomain> <20020806234806.M95953@babayaga.neotext.ca> <20020806192150.A23951@sheol.localdomain>
X-Mailer: Open WebMail 1.70 20020712
X-OriginatingIP: 127.0.0.1 (campbell)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hmm. I've been thinking that the problem of spam is one of
human identity
and not a machine issue -- an identifiable human signator of an
email is
a fairly good bet that you want to read it. So probably a more
general
approach to reducing robo-mail would be to have standardised
hooks
to PGP in all emailers, useable by the massess.
When email was first introduced, this should have been a
standard feature,
but for various reasons wasn't. Authorship provides human
authority to otherwise meaningless clusters of bits. This
application of security technology
is actually of more significance than is secrecy.
The reason this is not a signed message is that I'm always
trying out
web/email clients and long ago found that they don't make pgp
integration easy in all of them. Interestingly, I am currently
using
a thing called Openwebmail, which is descended from something
called Neomail. The first pc<unix> mail client I built was
called
neomail, and from its inception, contained full pgp integration.
Which, I might add, made a lot of folks unhappy at the time.
To wax philosophic, I'd have to say that SPAM is Murphy's
revenge for an unfinished implementation.
Duncan Patton a Campbell is Duibh ;-)
---------- Original Message -----------
From: D J Hawkey Jr <hawkeyd@visi.com>
To: Duncan Patton a Campbell is Dhu <campbell@neotext.ca>
Sent: Tue, 6 Aug 2002 19:21:50 -0500
Subject: Re: Merged security patches for 4.3-RELEASE
> On Aug 06, at 05:48 PM, Duncan Patton a Campbell is
> Dhu wrote:
> >
> > Spamset Faraway??? Keeps out all that nasty spam from the
> > Viking probe,
> > I guess.
> >
> > Duncan Patton a Campbell is Duibh ;-)
>
> Am I supposed to understand any of this? Does it have
> anything to do with FreeBSD security issues?
>
> Or shall I see to it I shan't see you again?
>
> > ---------- Original Message -----------
> > From: hawkeyd@visi.com (D J Hawkey Jr)
> > To: oleg@vsi.ru, freebsd-security@FreeBSD.ORG
> > Sent: Tue, 6 Aug 2002 14:27:53 -0500 (CDT)
> > Subject: Re: Merged security patches for 4.3-RELEASE
> >
> > > In article
> > > <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>,
> > > oleg@vsi.ru writes:
> > > > ãÉÔÉÒÕÀ Bob K <melange@yip.org>:
> > > >
> > > >> > Does the FreeBSD community concerned with these
"merged"
> > and tested
> > > >> patches ?
> > > >> > Since I forced to merge these (and all new) security
> > patches to 4.0
> > > >> and 4.3, I
> > > >> > always can grant them to FreeBSD community.
> > > >>
> > > >> Whether or not they get merged in with the older
security
> > branches,
> > > >> perhaps you could combine your resources with these
guys?
> > > >>
> > > >> http://www.visi.com/~hawkeyd/freebsd-backports.html
> > > >
> > > > All right, I just wrote e-mail to hawkeyd@visi.com, and
it
> > was rejected by odd
> > > > antispam filter. Does anybody know how to contact with
this
> > person ? Can I see
> > > > him there, for example ? It seems that his antispam
filter
> > passion (see link on
> > > > his page) plays poor joke with him ;-)
> > >
> > > No, SpamFilters isn't playing any joke - SpamAssassin
> > > flagged your mail with "CHARSET_FARAWAY", meaning it
> > > isn't something I'm able to read (supposedly), so
> > > SpamFilters rejected it accordingly.
> > >
> > > I've lifted that particular SpamAssassin status, if
> > > you wish to try again.
> > >
> > > Thanks for thinking of me and my FreeBSD Backports
> > > page though! Dave
> > >
> > > PS, I didn't know anyone here knew I had put up
> > > SpamFilters! Yes, spam has become passion of mine.
> > >
> > ------- End of Original Message -------
------- End of Original Message -------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 0:17:55 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 27D8637B400
for <security@freebsd.org>; Fri, 9 Aug 2002 00:17:49 -0700 (PDT)
Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200])
by mx1.FreeBSD.org (Postfix) with ESMTP id E45B043E70
for <security@freebsd.org>; Fri, 9 Aug 2002 00:17:47 -0700 (PDT)
(envelope-from campbell@babayaga.neotext.ca)
Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1])
by localhost.neotext.ca (8.11.6/8.11.0) with ESMTP id g797IOA39022;
Fri, 9 Aug 2002 01:18:25 -0600 (MDT)
(envelope-from campbell@babayaga.neotext.ca)
From: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca>
To: dsyphers@uchicago.edu
Cc: security@freebsd.org
Subject: Re: Was: Merged security patches, now SPAM
Date: Fri, 9 Aug 2002 01:18:24 -0600
Message-Id: <20020809071824.M49009@babayaga.neotext.ca>
In-Reply-To: <200208082210.40484.dsyphers@uchicago.edu>
References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net> <20020806192150.A23951@sheol.localdomain> <20020809012746.M17312@babayaga.neotext.ca> <200208082210.40484.dsyphers@uchicago.edu>
X-Mailer: Open WebMail 1.70 20020712
X-OriginatingIP: 127.0.0.1 (campbell)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hmm.
Either you didn't read what I wrote, or we don't agree. The
current spam flood
is a direct result of "security" organizations with an inability
to recognize a
necessary and appropriate use of encryption technology. Many
of these
groups (but not all of them) reside in your country.
Security in a systems sense includes concepts of accuracy,
availability and
salience of information. Spam is an example where a lot of
technologically
illiterate trained house-cats in the "Security" business failed
to comprehend
this and crippled an entire technology with a flawed
implementation.
The question I put (in roundabout fashion) was "Why isn't PGP an
integral
part of email clients". In this sense it is germaine to
"security@freebsd.org".
Thanks,
Duncan Patton a Campbell is Duibh ;-)
---------- Original Message -----------
From: David Syphers <dsyphers@uchicago.edu>
To: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca>
Sent: Thu, 8 Aug 2002 22:10:40 -0500
Subject: Re: Was: Merged security patches, now SPAM
> Merged security patches was a topic appropriate for
> freebsd-security. The general philosophy of SPAM is
> not. Thanks.
>
> -David
>
> On Thursday 08 August 2002 08:27 pm, Duncan Patton a
> Campbell is Dhu wrote:
> > Hmm. I've been thinking that the problem of spam is one of
> > human identity
> > and not a machine issue -- an identifiable human signator
of an
> > email is
> > a fairly good bet that you want to read it. So probably a
more
> > general
> > approach to reducing robo-mail would be to have standardised
> > hooks
> > to PGP in all emailers, useable by the massess.
> >
> > When email was first introduced, this should have been a
> > standard feature,
> > but for various reasons wasn't. Authorship provides human
> > authority to otherwise meaningless clusters of bits. This
> > application of security technology
> > is actually of more significance than is secrecy.
> >
> > The reason this is not a signed message is that I'm always
> > trying out
> > web/email clients and long ago found that they don't make
pgp
> > integration easy in all of them. Interestingly, I am
currently
> > using
> > a thing called Openwebmail, which is descended from
something
> > called Neomail. The first pc<unix> mail client I built was
> > called
> > neomail, and from its inception, contained full pgp
integration.
> > Which, I might add, made a lot of folks unhappy at the
time.
> >
> > To wax philosophic, I'd have to say that SPAM is Murphy's
> > revenge for an unfinished implementation.
> >
> > Duncan Patton a Campbell is Duibh ;-)
> >
> > ---------- Original Message -----------
> > From: D J Hawkey Jr <hawkeyd@visi.com>
> > To: Duncan Patton a Campbell is Dhu <campbell@neotext.ca>
> > Sent: Tue, 6 Aug 2002 19:21:50 -0500
> > Subject: Re: Merged security patches for 4.3-RELEASE
> >
> > > On Aug 06, at 05:48 PM, Duncan Patton a Campbell is
> > > Dhu wrote:
> > > >
> > > > Spamset Faraway??? Keeps out all that nasty spam from
the
> > > > Viking probe,
> > > > I guess.
> > > >
> > > > Duncan Patton a Campbell is Duibh ;-)
> > >
> > > Am I supposed to understand any of this? Does it have
> > > anything to do with FreeBSD security issues?
> > >
> > > Or shall I see to it I shan't see you again?
> > >
> > > > ---------- Original Message -----------
> > > > From: hawkeyd@visi.com (D J Hawkey Jr)
> > > > To: oleg@vsi.ru, freebsd-security@FreeBSD.ORG
> > > > Sent: Tue, 6 Aug 2002 14:27:53 -0500 (CDT)
> > > > Subject: Re: Merged security patches for 4.3-RELEASE
> > > >
> > > > > In article
> > > > > <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>,
> > > > > oleg@vsi.ru writes:
> > > > > > ãÉÔÉÒÕÀ Bob K <melange@yip.org>:
> > > > > >
> > > > > >> > Does the FreeBSD community concerned with these
> > "merged"
> > > > and tested
> > > > > >> patches ?
> > > > > >> > Since I forced to merge these (and all new)
security
> > > > patches to 4.0
> > > > > >> and 4.3, I
> > > > > >> > always can grant them to FreeBSD community.
> > > > > >>
> > > > > >> Whether or not they get merged in with the older
> > security
> > > > branches,
> > > > > >> perhaps you could combine your resources with these
> > guys?
> > > > > >>
> > > > > >> http://www.visi.com/~hawkeyd/freebsd-backports.html
> > > > > >
> > > > > > All right, I just wrote e-mail to hawkeyd@visi.com,
and
> > it
> > > > was rejected by odd
> > > > > > antispam filter. Does anybody know how to contact
with
> > this
> > > > person ? Can I see
> > > > > > him there, for example ? It seems that his antispam
> > filter
> > > > passion (see link on
> > > > > > his page) plays poor joke with him ;-)
> > > > >
> > > > > No, SpamFilters isn't playing any joke - SpamAssassin
> > > > > flagged your mail with "CHARSET_FARAWAY", meaning it
> > > > > isn't something I'm able to read (supposedly), so
> > > > > SpamFilters rejected it accordingly.
> > > > >
> > > > > I've lifted that particular SpamAssassin status, if
> > > > > you wish to try again.
> > > > >
> > > > > Thanks for thinking of me and my FreeBSD Backports
> > > > > page though! Dave
> > > > >
> > > > > PS, I didn't know anyone here knew I had put up
> > > > > SpamFilters! Yes, spam has become passion of mine.
> > > > >
> > > > ------- End of Original Message -------
> > ------- End of Original Message -------
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the
message
> >
> >
------- End of Original Message -------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 1:23:23 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id 1E37437B400; Fri, 9 Aug 2002 01:23:17 -0700 (PDT)
Received: from blues.jpj.net (blues.jpj.net [208.210.80.156])
by mx1.FreeBSD.org (Postfix) with ESMTP
id 6868743E6E; Fri, 9 Aug 2002 01:23:16 -0700 (PDT)
(envelope-from trevor@jpj.net)
Received: from blues.jpj.net (localhost.jpj.net [127.0.0.1])
by blues.jpj.net (8.12.3/8.12.3) with ESMTP id g798Mmot094811;
Fri, 9 Aug 2002 04:22:48 -0400 (EDT)
(envelope-from trevor@jpj.net)
Received: from localhost (trevor@localhost)
by blues.jpj.net (8.12.3/8.12.3/Submit) with ESMTP id g798MlWM094808;
Fri, 9 Aug 2002 04:22:48 -0400 (EDT)
X-Authentication-Warning: blues.jpj.net: trevor owned process doing -bs
Date: Fri, 9 Aug 2002 04:22:47 -0400 (EDT)
From: Trevor Johnson <trevor@jpj.net>
To: "Peter C. Lai" <sirmoo@cowbert.2y.net>
Cc: Dag-Erling Smorgrav <des@ofug.org>,
Mike Tancsa <mike@sentex.net>, Ruslan Ermilov <ru@FreeBSD.ORG>,
<security@FreeBSD.ORG>
Subject: Re: Default ssh protocol in -STABLE [was: HEADS UP: FreeBSD-STABLE
now has OpenSSH 3.4p1]
In-Reply-To: <20020801124049.B18439@cowbert.2y.net>
Message-ID: <20020801125134.R19455-100000@blues.jpj.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Peter C. Lai wrote:
> On Thu, Aug 01, 2002 at 08:38:11AM -0400, Trevor Johnson wrote:
> > On 1 Aug 2002, Dag-Erling Smorgrav wrote:
> >
> > > Trevor Johnson <trevor@jpj.net> writes:
> > > > This is the section of http://www.openbsd.org/security.html#default which
> > > > I had hoped you would read:
> > > > [...]
> > >
> > > This is the section of Webster's 7th edition dictionary which I had
> > > hoped you would read:
> > >
> > > 1. no \(')n{o-}\ av [ME, fr. OE n{a-}, fr. ne not +
> > > {a-} always; akin to ON & OHG ne not, L ne-, Gk
> > > n{e-}- -- more at AYE] chiefly Scot
> > > 1a: NOT
> >
> > Why not? Do you have a reason?
>
> Production level reasons.
> 1. We already stated that it would be difficult for management of large installations to do this.
Some large organizations have standardized on protocol version 2.
Changing the default to protocol version 1 creates difficulties for them.
NERSC recently (winter 2001-2002) upgraded all its machines to the most
secure protocol 2 versions of SSH.
[...]
NERSC strongly recommends that you use protocol 2 if possible.
--http://hpcf.nersc.gov/help/access/unixssh/
[...] anyone still running version 1 of the SSH protocol should be
restricting access to their servers as far as possible and looking
to upgrade to servers and clients that support version 2.
-- http://www.ja.net/CERT/JANET-CERT/activity/reports/200112.html
> 2. Stable is supposed to be stable. We've still got lots of people on 4.2,4.3,4.4, and 4.5 out there
> who are living quite nicely with their setups.
> We've got people who's installation is destined to sit in a corner to gather
> dust and do some processing every day, week, or month while the maintainers
> have either left or moved on and no one really notices it is there but would
> seriously "miss" it should it be disturbed in some way. (Note that lack
> of maintenance doesn't imply that the system wasn't set up or designed for this
> eventuality). This means that getting rid of protocol 1 completely
> really wouldn't "increase" the number of secure systems from a statistical
> standpoint.
I'm not asking that protocol version 1 be removed, only that it not be set
as the default in the configuration files.
The existence of unmaintained computers does not justify making new
installations vulnerable.
> 3. We aren't OpenBSD.
> Our target audience is somewhat different. We wish to deliver an
> enterprise level operating solution for free.
> That is all we claim to do. We aren't trying to set any records (regarding
> security or otherwise).
>
> Making other people's lives harder for the sake of some hypothetical gains
> isn't good customer service or marketing. Migrate to OpenBSD if you want
> that sort of thing (and post your wishes on their mailing lists instead of here).
> </rant>
The list charter when I joined said:
FREEBSD-SECURITY Security issues
FreeBSD computer security issues (DES, Kerberos, known security holes and
fixes, etc).
This is a known security hole:
SSH Communications Security considers the SSH1 protocol deprecated and
does not recommend the use of it.
As of 1 May 2001, SSH Secure Shell 1.x will no longer be available from
this site. Please modify your product plans accordingly. The SSH2 protocol
is in the process of becoming an IETF standard and is not subject to the
security vulnerabilities found in SSH1. Therefore, we will continue to
focus on the newer SSH2 protocol as we offer, update, upgrade and maintain
SSH Secure Shell 2.x (and higher) of the software.
-- http://www.ssh.com/products/ssh/deprecation.cfm
X-Force recommends upgrading to new SSH Version 2 support if possible. If
SSH Version 1 is not used, disable fallback and remove old sshd Version 1
binaries. Please refer to your vendor to obtain patch and upgrade
information.
-- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?id=advise100
If you are running sshd, disable the use of the SSH1 protocol in OpenSSH.
SSH1 contains inherent protocol deficiencies and is not recommended for
use in high-security environments.
-- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc
--
Trevor Johnson
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 4:50:19 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4A4AB37B400
for <security@FreeBSD.ORG>; Fri, 9 Aug 2002 04:50:17 -0700 (PDT)
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
by mx1.FreeBSD.org (Postfix) with ESMTP id 86AB143E4A
for <security@FreeBSD.ORG>; Fri, 9 Aug 2002 04:50:16 -0700 (PDT)
(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1])
by khavrinen.lcs.mit.edu (8.12.3/8.12.5) with ESMTP id g79Bo586004885
(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK);
Fri, 9 Aug 2002 07:50:05 -0400 (EDT)
(envelope-from wollman@khavrinen.lcs.mit.edu)
Received: (from wollman@localhost)
by khavrinen.lcs.mit.edu (8.12.3/8.12.5/Submit) id g79Bo48Z004882;
Fri, 9 Aug 2002 07:50:04 -0400 (EDT)
(envelope-from wollman)
Date: Fri, 9 Aug 2002 07:50:04 -0400 (EDT)
From: Garrett Wollman <wollman@lcs.mit.edu>
Message-Id: <200208091150.g79Bo48Z004882@khavrinen.lcs.mit.edu>
To: "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca>
Cc: security@FreeBSD.ORG
Subject: Re: Was: Merged security patches, now SPAM
In-Reply-To: <20020809071824.M49009@babayaga.neotext.ca>
References: <1028659081.3d50178945f68_webmail.vsi.ru@ns.sol.net>
<20020806192150.A23951@sheol.localdomain>
<20020809012746.M17312@babayaga.neotext.ca>
<200208082210.40484.dsyphers@uchicago.edu>
<20020809071824.M49009@babayaga.neotext.ca>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
<<On Fri, 9 Aug 2002 01:18:24 -0600, "Duncan Patton a Campbell is Dhu" <campbell@neotext.ca> said:
> The question I put (in roundabout fashion) was "Why isn't PGP an
> integral
> part of email clients". In this sense it is germaine to
> "security@freebsd.org".
No, it is not. Now please drop it. If you care about this so much,
then go annoy the lists for the relevant MUAs.
-GAWollman
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 8:51:29 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 2092C37B400
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 08:51:26 -0700 (PDT)
Received: from smtp-send.myrealbox.com (smtp-send.myrealbox.com [192.108.102.143])
by mx1.FreeBSD.org (Postfix) with ESMTP id 9ADD243E6E
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 08:51:24 -0700 (PDT)
(envelope-from keyboard_sialan@myrealbox.com)
Received: from revenge keyboard_sialan@smtp-send.myrealbox.com [202.158.47.167]
by smtp-send.myrealbox.com with NetMail SMTP Agent $Revision: 3.11 $ on Novell NetWare;
Fri, 09 Aug 2002 09:51:24 -0600
Message-ID: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
From: "-=r4hm4n=-" <keyboard_sialan@myrealbox.com>
To: <freebsd-security@FreeBSD.ORG>
Subject: mail anti virus
Date: Fri, 9 Aug 2002 22:50:48 +0700
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0015_01C23FF7.3444EEC0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_0015_01C23FF7.3444EEC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
any body can tell me what is best mail antivirus for freebsd ?
------=_NextPart_000_0015_01C23FF7.3444EEC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3315.2870" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>any body can tell me what is best mail =
antivirus=20
for freebsd ?</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV></BODY></HTML>
------=_NextPart_000_0015_01C23FF7.3444EEC0--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 9: 1:40 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id C1AC637B400
for <freebsd-security@freebsd.org>; Fri, 9 Aug 2002 09:01:34 -0700 (PDT)
Received: from gate.bulinfo.net (gate.bulinfo.net [212.72.195.1])
by mx1.FreeBSD.org (Postfix) with SMTP id 176C443E7B
for <freebsd-security@freebsd.org>; Fri, 9 Aug 2002 09:01:33 -0700 (PDT)
(envelope-from kleo@bulinfo.net)
Received: (qmail 4812 invoked from network); 9 Aug 2002 15:54:47 -0000
Received: from vertigo.bulinfo.net (HELO djaba) (212.72.195.3)
by gate.bulinfo.net with SMTP; 9 Aug 2002 15:54:47 -0000
Message-ID: <002701c23fbd$180d7860$0a02a8c0@bulinfo.net>
From: "Kliment Ognianov" <kleo@bulinfo.net>
To: <freebsd-security@freebsd.org>
References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
Subject: Re: mail anti virus
Date: Fri, 9 Aug 2002 18:54:50 +0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0024_01C23FD6.3D2855C0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
This is a multi-part message in MIME format.
------=_NextPart_000_0024_01C23FD6.3D2855C0
Content-Type: text/plain;
charset="windows-1251"
Content-Transfer-Encoding: quoted-printable
Probably the best is the KAVKeeper from Kaspersky Lab.
The Power to Serve!=20
.....................................
: Kliment Ognianov :
: Network Administrator & Developer :
: BulInfo Networks Department :
:...................................:
: http://www.bulinfo.net/ :
:...................................:
: +(359)-2-9699165 :
: ICQ #16864572, #64866894 :
:...................................:
----- Original Message -----=20
From: -=3Dr4hm4n=3D-=20
To: freebsd-security@FreeBSD.ORG=20
Sent: Friday, August 09, 2002 6:50 PM
Subject: mail anti virus
any body can tell me what is best mail antivirus for freebsd ?
------=_NextPart_000_0024_01C23FD6.3D2855C0
Content-Type: text/html;
charset="windows-1251"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dwindows-1251">
<META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2>Probably the best is the KAVKeeper from Kaspersky=20
Lab.</FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<DIV><A href=3D"http://www.freebsd.org"><FONT size=3D2>The Power to=20
Serve!</FONT></A><FONT size=3D2> </FONT><PRE><FONT =
size=3D2>.....................................
: Kliment Ognianov :
: Network Administrator & Developer :
: BulInfo Networks Department :
:...................................:
: http://www.bulinfo.net/ :
:...................................:
: +(359)-2-9699165 :
: ICQ #16864572, #64866894 :
:...................................:
</FONT></PRE></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dkeyboard_sialan@myrealbox.com=20
href=3D"mailto:keyboard_sialan@myrealbox.com">-=3Dr4hm4n=3D-</A> =
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Dfreebsd-security@FreeBSD.ORG=20
=
href=3D"mailto:freebsd-security@FreeBSD.ORG">freebsd-security@FreeBSD.ORG=
</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Friday, August 09, 2002 =
6:50=20
PM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> mail anti virus</DIV>
<DIV><BR></DIV>
<DIV><FONT face=3DArial size=3D2>any body can tell me what is best =
mail antivirus=20
for freebsd ?</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0024_01C23FD6.3D2855C0--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 10: 9:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 765D737B406
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:09:35 -0700 (PDT)
Received: from mail.dada.it (mail2.dada.it [195.110.100.2])
by mx1.FreeBSD.org (Postfix) with SMTP id 11C5D43EB7
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:09:29 -0700 (PDT)
(envelope-from ale@unixmania.net)
Received: (qmail 4909 invoked from network); 9 Aug 2002 17:09:21 -0000
Received: from unknown (HELO libero.sunshine.ale) (195.110.114.252)
by mail.dada.it with SMTP; 9 Aug 2002 17:09:21 -0000
Received: by libero.sunshine.ale (Postfix, from userid 1001)
id 287C05FA7; Fri, 9 Aug 2002 19:09:22 +0200 (CEST)
Date: Fri, 9 Aug 2002 19:09:22 +0200
From: Alessandro de Manzano <adm@unixmania.net>
To: -=r4hm4n=- <keyboard_sialan@myrealbox.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: mail anti virus
Message-ID: <20020809190922.A75419@libero.sunshine.ale>
Reply-To: Alessandro de Manzano <adm@unixmania.net>
References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>; from keyboard_sialan@myrealbox.com on Fri, Aug 09, 2002 at 10:50:48PM +0700
X-Operating-System: FreeBSD 4.6-STABLE
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote:
> any body can tell me what is best mail antivirus for freebsd ?
Of course it depends.
However we are very happy with RAV for FreeBSD.
www.ravantivirus.com
works great!
--
bye!
Ale
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 10:15:45 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4505A37B400
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:15:43 -0700 (PDT)
Received: from www.opentrade.cl (50-126-141.leased.cust.tie.cl [200.50.126.141])
by mx1.FreeBSD.org (Postfix) with ESMTP id 42A0843E4A
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:15:41 -0700 (PDT)
(envelope-from jseverino@fritz.cl)
Received: from pc ([192.168.1.10])
by www.opentrade.cl (8.12.2/8.12.2) with SMTP id g79HIXQU026114
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:18:33 -0700 (PDT)
Message-ID: <000e01c23fc8$c64c6660$0a01a8c0@opentrade.cl>
Reply-To: "Jorge Severino Diaz" <jorge@opentrade.cl>
From: "Jorge Severino Diaz" <jseverino@fritz.cl>
To: <freebsd-security@FreeBSD.ORG>
References: <20020808143659.P75214-100000@mohegan.mohawk.net>
Subject: unsubscribe
Date: Fri, 9 Aug 2002 13:18:26 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
unsubscribe
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 10:46: 3 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 5E91637B400
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:46:01 -0700 (PDT)
Received: from I-Sphere.COM (shell.i-sphere.com [209.249.146.70])
by mx1.FreeBSD.org (Postfix) with ESMTP id EE2C543E3B
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 10:46:00 -0700 (PDT)
(envelope-from fasty@shell.i-sphere.com)
Received: from shell.i-sphere.com (fasty@shell [209.249.146.70])
by I-Sphere.COM (8.12.3/8.12.3) with ESMTP id g79HkaMj058027;
Fri, 9 Aug 2002 10:46:36 -0700 (PDT)
(envelope-from fasty@shell.i-sphere.com)
Received: (from fasty@localhost)
by shell.i-sphere.com (8.12.3/8.12.3/Submit) id g79HkaKq058026;
Fri, 9 Aug 2002 10:46:36 -0700 (PDT)
Date: Fri, 9 Aug 2002 10:46:36 -0700
From: faSty <fasty@i-sphere.com>
To: -=r4hm4n=- <keyboard_sialan@myrealbox.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: mail anti virus
Message-ID: <20020809174636.GB57936@i-sphere.com>
Mail-Followup-To: faSty <fasty@i-sphere.com>,
-=r4hm4n=- <keyboard_sialan@myrealbox.com>,
freebsd-security@FreeBSD.ORG
References: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
User-Agent: Mutt/1.4i
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
amavisd-new with milter. You will need have Sendmail support feature of milter.
-fasty
On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote:
> any body can tell me what is best mail antivirus for freebsd ?
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 11:18:22 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 8417A37B400
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 11:18:19 -0700 (PDT)
Received: from walter.dfmm.org (walter.dfmm.org [209.151.233.240])
by mx1.FreeBSD.org (Postfix) with ESMTP id 21B6843E65
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 11:18:19 -0700 (PDT)
(envelope-from jason@shalott.net)
Received: (qmail 53354 invoked by uid 1000); 9 Aug 2002 18:18:13 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
by localhost with SMTP; 9 Aug 2002 18:18:13 -0000
Date: Fri, 9 Aug 2002 11:18:13 -0700 (PDT)
From: Jason Stone <jason@shalott.net>
X-X-Sender: <jason@walter>
To: -=r4hm4n=- <keyboard_sialan@myrealbox.com>
Cc: <freebsd-security@FreeBSD.ORG>
Subject: Re: mail anti virus
In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
Message-ID: <20020809111727.N15576-100000@walter>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> any body can tell me what is best mail antivirus for freebsd ?
I use sophos with qmail and qmail-scanner. I'm pretty pleased with it.
-Jason
-----------------------------------------------------------------------
I worry about my child and the Internet all the time, even though she's
too young to have logged on yet. Here's what I worry about. I worry
that 10 or 15 years from now, she will come to me and say "Daddy, where
were you when they took freedom of the press away from the Internet?"
-- Mike Godwin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE9VAdlswXMWWtptckRAg9WAJ47a8feKAJI7cQ0ShxaCE7R0BRGnACdG2lb
48PkxjpqgrGjpArj/Trj7us=
=iGfF
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 17:21:14 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 85FCD37B400
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 17:21:08 -0700 (PDT)
Received: from ns3.ideathcare.com (mail.allneo.com [216.185.96.68])
by mx1.FreeBSD.org (Postfix) with SMTP id A536C43E42
for <freebsd-security@FreeBSD.ORG>; Fri, 9 Aug 2002 17:21:07 -0700 (PDT)
(envelope-from jps@funeralexchange.com)
Received: (qmail 44035 invoked by uid 85); 9 Aug 2002 17:25:45 -0000
Received: from jps@funeralexchange.com by ns3.ideathcare.com with qmail-scanner-1.03 (uvscan: v4.1.40/v4121. . Clean. Processed in 0.167457 secs); 09 Aug 2002 17:25:45 -0000
Received: from unknown (HELO pimpin) (216.138.114.143)
by mail.allneo.com with SMTP; 9 Aug 2002 17:25:45 -0000
Reply-To: <jps@funeralexchange.com>
From: "Jeremy Suo-Anttila" <jps@funeralexchange.com>
To: "Alessandro de Manzano" <adm@unixmania.net>,
"-=r4hm4n=-" <keyboard_sialan@myrealbox.com>
Cc: <freebsd-security@FreeBSD.ORG>
Subject: RE: mail anti virus
Date: Fri, 9 Aug 2002 12:20:31 -0500
Message-ID: <OAEOLDPOMIMMJMKEBFHCCEMCCPAA.jps@funeralexchange.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Importance: Normal
In-Reply-To: <20020809190922.A75419@libero.sunshine.ale>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Real men use qmail & qmail-scanner ;)
-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Alessandro de
Manzano
Sent: Friday, August 09, 2002 12:09 PM
To: -=r4hm4n=-
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: mail anti virus
On Fri, Aug 09, 2002 at 10:50:48PM +0700, -=r4hm4n=- wrote:
> any body can tell me what is best mail antivirus for freebsd ?
Of course it depends.
However we are very happy with RAV for FreeBSD.
www.ravantivirus.com
works great!
--
bye!
Ale
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Fri Aug 9 17:58:36 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 0A44137B401
for <freebsd-security@freebsd.org>; Fri, 9 Aug 2002 17:58:30 -0700 (PDT)
Received: from newmail.halenet.com.au (newmail.halenet.com.au [203.55.33.235])
by mx1.FreeBSD.org (Postfix) with ESMTP id 57C5943E72
for <freebsd-security@freebsd.org>; Fri, 9 Aug 2002 17:58:27 -0700 (PDT)
(envelope-from timbo@halenet.com.au)
Received: (from root@localhost)
by newmail.halenet.com.au (8.11.6/8.11.6) id g7A102F54877
for freebsd-security@freebsd.org; Sat, 10 Aug 2002 11:00:02 +1000 (EST)
(envelope-from timbo@halenet.com.au)
Received: from laptop (modem-131-st.halenet.com.au [203.55.33.131])
by newmail.halenet.com.au (8.11.6/8.11.6) with SMTP id g7A0xvp54785
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 10:59:58 +1000 (EST)
(envelope-from timbo@halenet.com.au)
Message-ID: <049901c24008$5217c240$6500a8c0@halenet.com.au>
From: "Tim McCullagh" <timbo@halenet.com.au>
To: <freebsd-security@freebsd.org>
References: <20020809111727.N15576-100000@walter>
Subject: Re: mail anti virus
Date: Sat, 10 Aug 2002 10:53:16 +1000
MIME-Version: 1.0
X-scanner: scanned by Inflex 1.0.10 - (http://pldaniels.com/inflex/)
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4807.1700
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
I have used / and use
Amavis and inflex with either mcafee or sophos. all worked well. Sophos
have / had a better licence agreement so I am using their antivirus now with
Amavis and inflex. Inflex allows you to scan for text as well and block
some spam
Regards
Tim
From: "Jason Stone" <jason@shalott.net>
To: "-=r4hm4n=-" <keyboard_sialan@myrealbox.com>
Cc: <freebsd-security@FreeBSD.ORG>
Sent: Saturday, August 10, 2002 4:18 AM
Subject: Re: mail anti virus
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> > any body can tell me what is best mail antivirus for freebsd ?
>
> I use sophos with qmail and qmail-scanner. I'm pretty pleased with it.
>
>
> -Jason
>
> -----------------------------------------------------------------------
> I worry about my child and the Internet all the time, even though she's
> too young to have logged on yet. Here's what I worry about. I worry
> that 10 or 15 years from now, she will come to me and say "Daddy, where
> were you when they took freedom of the press away from the Internet?"
> -- Mike Godwin
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (FreeBSD)
> Comment: See https://private.idealab.com/public/jason/jason.gpg
>
> iD8DBQE9VAdlswXMWWtptckRAg9WAJ47a8feKAJI7cQ0ShxaCE7R0BRGnACdG2lb
> 48PkxjpqgrGjpArj/Trj7us=
> =iGfF
> -----END PGP SIGNATURE-----
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 0:32:36 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id 5496437B400; Sat, 10 Aug 2002 00:32:31 -0700 (PDT)
Received: from www.esn.net (www.gld.com [207.14.235.4])
by mx1.FreeBSD.org (Postfix) with ESMTP
id 5594443E6A; Sat, 10 Aug 2002 00:32:30 -0700 (PDT)
(envelope-from www@www.esn.net)
Received: by www.esn.net (8.11.6/8.10.1) id g7A7iMO26575;
Sat, 10 Aug 2002 03:44:22 -0400 (EDT)
Date: Sat, 10 Aug 2002 03:44:22 -0400 (EDT)
Message-Id: <200208100744.g7A7iMO26575@www.esn.net>
To: <freebsd-newbies@freebsd.org>,
www.mountolivetribune.com@FreeBSD.ORG,
<freebsd-questions@freebsd.org>,
www.mountolivetribune.com@FreeBSD.ORG,
<freebsd-security@freebsd.org>,
www.mountolivetribune.com@FreeBSD.ORG, <freebsd@tesys.com>,
www.mountolivetribune.com@FreeBSD.ORG, <freebug@msn.com>,
www.mountolivetribune.com@FreeBSD.ORG
From: sharmainep@ihug.com (sharmainep@ihug.com)
Subject: Webcams!...
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Below is the result of your feedback form. It was submitted by
sharmainep@ihug.com (sharmainep@ihug.com) on Saturday, August 10, 2002 at 03:44:22
---------------------------------------------------------------------------
916s0c:
Hi, just got done putting up the cams, so come and take a look http://rd.yahoo.com/dir/?http://members.lycos.co.uk/hyaif893/livecams.html
<A HREF="http://rd.yahoo.com/dir/?http://members.lycos.co.uk/hyaif893/livecams.html">Click here</A>!
5lllo1lodj
---------------------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 4:39:12 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 312FE37B400
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 04:39:10 -0700 (PDT)
Received: from diablo.nbi.com.ua (diablo.nbi.com.ua [80.78.36.3])
by mx1.FreeBSD.org (Postfix) with ESMTP id 3EA3943E6A
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 04:39:08 -0700 (PDT)
(envelope-from ingoth@nbi.com.ua)
Received: from mail.nbi.com.ua (mail.nbi.com.ua [80.78.37.239])
by diablo.nbi.com.ua (8.12.5/8.12.5) with ESMTP id g7ABd0BI062296;
Sat, 10 Aug 2002 14:39:01 +0300 (EEST)
(envelope-from ingoth@nbi.com.ua)
Date: Sat, 10 Aug 2002 14:39:00 +0300 (EEST)
From: Aleksandr Kuzminsky <ingoth@nbi.com.ua>
To: -=r4hm4n=- <keyboard_sialan@myrealbox.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: mail anti virus
In-Reply-To: <001a01c23fbc$8c2dab80$cd01a8c0@revenge>
Message-ID: <20020810143115.D51600-100000@diablo.nbi.com.ua>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
On Fri, 9 Aug 2002, -=r4hm4n=- wrote:
> Date: Fri, 9 Aug 2002 22:50:48 +0700
> From: -=r4hm4n=- <keyboard_sialan@myrealbox.com>
> To: freebsd-security@FreeBSD.ORG
> Subject: mail anti virus
>
> any body can tell me what is best mail antivirus for freebsd ?
As for me, DrWEB(http://www.sald.com/) is the best one.
It wokrs with Sendmail, Exim, QMail Postfix, Communigate Pro, Samba and
ZMailer.
Under free licence it just check mail for viruses and quarantines
infected. Full-licenced version can cure mail. It support customised
reports. Good update-script is included in distribution.
---
Aleksandr Kuzminsky, AK476-RIPE
System Administrator, AK16-UANIC
ISP NBI.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 5:49: 7 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP
id EFD6637B400; Sat, 10 Aug 2002 05:48:21 -0700 (PDT)
Received: from hotmail.com (dsl-212-135-221-183.dsl.easynet.co.uk [212.135.221.183])
by mx1.FreeBSD.org (Postfix) with SMTP
id E63CC43E72; Sat, 10 Aug 2002 05:48:13 -0700 (PDT)
(envelope-from konar_adrienne@hotmail.com)
Received: from unknown (HELO rly-yk05.pesdets.com) (4.71.194.105)
by rly-xw05.oxyeli.com with smtp; 10 Aug 0102 05:43:31 +0400
Received: from [30.153.34.83] by rly-yk04.aolmd.com with QMQP; 10 Aug 0102 09:39:42 -0400
Received: from 49.12.206.153 ([49.12.206.153]) by asy100.as122.sol-superunderline.com with asmtp; 10 Aug 0102 05:35:53 +0800
Received: from unknown (HELO sydint1.microthink.com.au) (192.84.95.243)
by rly-xw05.oxyeli.com with NNFMP; 10 Aug 0102 13:32:04 +0900
Received: from [73.69.104.251] by sydint1.microthink.com.au with asmtp; Sat, 10 Aug 0102 22:28:15 -1000
Reply-To: <konar_adrienne@hotmail.com>
Message-ID: <001a37b61b1a$4536e3c7$3ce38ec4@snawaf>
From: <konar_adrienne@hotmail.com>
To: <freebsd-current@freebsd.org>, <freebsd-doc@freebsd.org>,
<freebsd-fs@freebsd.org>, <freebsd-hackers@freebsd.org>,
<freebsd-newbies@freebsd.org>, <freebsd-questions@freebsd.org>,
<freebsd-security@freebsd.org>
Subject: Are you ready to Invest now
Date: Sat, 10 Aug 0102 11:21:40 +0100
MiME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_00D0_85E10D4E.D7384B52"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: eGroups Message Poster
Importance: Normal
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
------=_NextPart_000_00D0_85E10D4E.D7384B52
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: base64
VkVTVEVER0UgQUxFUlQ6IFZvbHVtZSAxNSwgSXNzdWUgNw0KICAgICAgICAg
ICAgIA0KICAgICAgICAgICAgWFJBWU1FRElBIFRBUFMgSU5UTyBCSUxMSU9O
UywgV0hJTEUgSEVMUElORyBBTEwgQlVTSU5FU1NFUyBHUk9XIA0KICAgICAg
ICAgICAgVEhST1VHSCBGSU5BTkNJTkcgQURWRVJUSVNJTkcgUFVSQ0hBU0VT
ISEhDQogICAgICAgICAgICAgDQogICAgICAgICAgICAqKioqKklNTUVESUFU
RSBTVFJPTkcgQlVZIEFMRVJUIFhSQVlNRURJQSAoT1RDQkI6IFhSTUQpDQog
ICAgICAgICAgICAgDQogICAgICAgICAgICBYUkFZTUVESUEgKE9UQ0JCOiBY
Uk1EKQ0KICAgICAgICAgICAgODAsMDAwLDAwMCBlc3QuIHNoYXJlcyBvdXRz
dGFuZGluZw0KICAgICAgICAgICAgMTUsMDAwLDAwMCBlc3QuIGZsb2F0DQog
ICAgICAgICAgICA2MCUgZXN0LiBjb250cm9sbGVkIGJ5IGluc2lkZXJzIA0K
ICAgICAgICAgICAgIA0KICAgICAgICAgICAgKioqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKioqKioqKg0KICAgICAgICAgICAgQXMgb3VyIFJFU0VB
UkNIIFRFQU0gaXMgYWx3YXlzIGxvb2tpbmcgZm9yIHRoZSBuZXh0IHJpc2lu
ZyBTVEFSLCANCiAgICAgICAgICAgIGRlc3BpdGUgbWFya2V0IGNvbmRpdGlv
bnMgY29tcGFuaWVzIE5PVyBJREVOVElGSUVEIGFyZSB0aG9zZSB0aGF0IA0K
ICAgICAgICAgICAgSEVMUCBCVUlMRCBUSEUgRUNPTk9NWSBhbmQgSEVMUCBB
TEwgQlVTSU5FU1NFUyBHUk9XLiBUSEVZIERFU0VSVkUgDQogICAgICAgICAg
ICBPVVIgU1BFQ0lBTCBBVFRFTlRJT04gYW5kIGhhdmUgUFJPVkVOIFRIRVkg
QVJFIE9OIFRIRSBSSUdIVCBUUkFDSyEhISANCiAgICAgICAgICAgIFZFU1RF
REdFIGlzIE9OTFkgaW50ZW5kZWQgZm9yIHRoZSBTRVJJT1VTIElOVkVTVE9S
LiANCiAgICAgICAgICAgICoqKioqKioqKioqKioqKioqKioqKioqKioqKioq
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq
KioqKioqKioNCiAgICAgICAgICAgICANCiAgICAgICAgICAgIEdST1dUSCBJ
UyBUSEUgS0VZLCBvdXIgc291cmNlcyBnYXZlIHVzIFhSQVlNRURJQSAoT1RD
QkI6IFhSTUQpIGFzIA0KICAgICAgICAgICAgb3VyIGxhc3QgTUFKT1IgV0lO
TkVSIG1vdmluZyBpdCBVUCBuaWNlbHkgYXMgaXQgU1RBUlRTIFRPIE1BS0Ug
SVRTIA0KICAgICAgICAgICAgTU9WRSEhISBJbiB0aGlzIExPVyBwcmljZSBy
YW5nZSB3ZSBoYXZlIEJPVUdIVCBMQVJHRSBhbmQgV0UnTEwgDQogICAgICAg
ICAgICBDT05USU5VRSB0byBCVVkgTEFSR0UsIGFzIHRoZSByZXN0IG9mIFdB
TExTVFJFRVQgY2F0Y2hlcyBPTiwgaXQgd2lsbCANCiAgICAgICAgICAgIFBP
UCBVUCBvdmVyIHRoZSBzaG9ydCB0ZXJtIHRvIG91ciBUQVJHRVQgb2YgIiQx
LjAwIHBlciBzaGFyZSIuIFdlIA0KICAgICAgICAgICAgYmVsaWV2ZSBpdCB3
aWxsIFRIRU4gY29udGludWUgdG8gTU9WRSBhcyB0aGV5IFBST0dSRVNTIGJ5
IEhFTFBJTkcgDQogICAgICAgICAgICBBTEwgQ09NUEFOSUVTIEdST1cgUkVW
RU5VRVMgdGhyb3VnaCB0aGVpciBSRVZPTFVUSU9OQVJZIExJVkUgDQogICAg
ICAgICAgICBORUdPVElBVElORyBURUNITk9MT0dZIGZvciB0aGUgQURWRVJU
SVNJTkcgSU5EVVNUUlkgY291cGxlZCB3aXRoIA0KICAgICAgICAgICAgdGhl
aXIgcmVjZW50IGFiaWxpdHkgdG8gRklOQU5DRSBBRFZFUlRJU0lORyBQVVJD
SEFTRVMsIHRoaXMgY29tcGFueSANCiAgICAgICAgICAgIGhhcyBhIHZlcnkg
UE9XRVJGVUwgYnVzaW5lc3MgcGxhbiBhbmQgUFJPVklORyBJVCEhIQ0KICAg
ICAgICAgICAgIA0KICAgICAgICAgICAgT24gSlVMWSAyNSwgMjAwMiAtIFRI
RVkgQU5OT1VOQ0VEIEEgJDUwMCwwMDAuMDAgQURWRVJUSVNJTkcgDQogICAg
ICAgICAgICBGSU5BTkNJTkcgREVBTCB3aXRoIE1PUkUgaW4gdGhlIHdvcmtz
LCBOT1cgVEhBVCdTIFdIQVQgV0UgQ0FMTCBUSEUgDQogICAgICAgICAgICBG
QVNUIFRSQUNLLCBrZWVwIGl0IFVQIEdVWVMhISEgSW4gb3VyIG9waW5pb24g
dGhleSBhcmUgVFJVTFkgSEVMUElORyANCiAgICAgICAgICAgIE9VUiBFQ09O
T01ZISEhIFRIRSBSRUNFTlQgUlVNT1JTIEhFQVRJTkcgVVAgV0FMTCBTVFJF
RVQgaGFzIA0KICAgICAgICAgICAgWFJBWU1FRElBIGxhYmVsZWQgYXMgIlRI
RSBORVhUIE1BSk9SIFBMQVlFUiIgaW4gdGhlICJNRURJQSBJTkRVU1RSWSIg
DQogICAgICAgICAgICB3aXRoIHRoZSBNT1NUIFNPUEhJU1RJQ0FURUQgU09G
VFdBUkUgSU4gVEhFIElORFVTVFJZISEhDQogICAgICAgICAgICAgDQogICAg
ICAgICAgICBXZSd2ZSBoZWFyZCAiQlVZLU9VVCIgd2UndmUgaGVhcmQgIlRB
S0UtT1ZFUiIsIGFuZCBhZnRlciBvdXIgDQogICAgICAgICAgICBkaWxpZ2Vu
Y2UgdGhpcyBjb21wYW55IGhhcyBOTyBpbnRlbnRpb25zIG9mIGJlaW5nIEJP
VUdIVC1PVVQsIGluIA0KICAgICAgICAgICAgRkFDVCB0aGVpciBsYXN0IE5F
V1MgUkVMRUFTRSBzdGF0ZXMgdGhleSBhcmUgTk9XIEZJTkFOQ0lORyANCiAg
ICAgICAgICAgIEFEVkVSVElTSU5HIFBVUkNIQVNFUyBvZiBhbGwgc2l6ZXMh
ISEgVEhFWSBISVQgVEhFIEFEVkVSVElTSU5HIA0KICAgICAgICAgICAgSU5E
VVNUUlkgaW4gdGhlIFJJR0hUIFNQT1QhISEgDQogICAgICAgICAgICAgDQog
ICAgICAgICAgICBPTkNFIEFHQUlOLCB0aGlzIElOVkVTVE1FTlQgaXMgYSBu
by1icmFpbmVyIHdoZW4geW91IGxvb2sgYXQgdGhlIA0KICAgICAgICAgICAg
cG9zaXRpb24gdGhlIGNvbXBhbnkgaXMgaW4uIElOIFRISVMgTE9XIFBSSUNF
IFJBTkdFIHdlIGNhbiBidXkgYSANCiAgICAgICAgICAgIHRvbiwgbXVsdGlw
bGllZCBncm93dGggY3VydmUsIGZ1bmRhbWVudGFsIHRpbWluZywgdGhlIGNv
bXBhbnkncyANCiAgICAgICAgICAgIHJlY2VudCBhbm5vdW5jZW1lbnRzIHNl
ZW0gdG8gYmUgbW92aW5nIHRvd2FyZHMgQSBNQUpPUiBTV0lORywgYmlnIA0K
ICAgICAgICAgICAgcmV2ZW51ZSB0aHJvdWdoIGl0cyBORVcgQURWRVJUSVNJ
TkcgRklOQU5DRSBERVBBUlRNRU5ULCBNRURJQSANCiAgICAgICAgICAgIFBB
UlRORVJTLCBzdXN0YWluZWQgZ3Jvd3RoIGZyb20gQVJFQSBQQVJUTkVSUywg
cG90ZW50aWFsbHkgYnJpbmdpbmcgDQogICAgICAgICAgICBpbiBNSUxMSU9O
UyBvZiBkb2xsYXJzIGluIHRyYW5zYWN0aW9ucyBwZXIgZGF5LCBhbmQgd2Ug
bG92ZSBpdCwgd2UgDQogICAgICAgICAgICB3aWxsIGNvbnRpbnVlIHRvIEJV
WSBGQVNUIEFORCBIVUdFISBJdCBpcyBhbWF6aW5nIGhvdyBzaW1wbGUgaXQg
aXMsIA0KICAgICAgICAgICAgYmVpbmcgSU4sIGF0IHRoZSByaWdodCBQUklD
RSwgYXQgdGhlIHJpZ2h0IFRJTUUgYW5kIHdhdGNoaW5nIGl0IA0KICAgICAg
ICAgICAgTVVMVElQTFkhISEgVGhlIGltbWVuc2Ugc2l6ZSBvZiB0aGUgYWR2
ZXJ0aXNpbmcgaW5kdXN0cnkgaXMgbm8gDQogICAgICAgICAgICBzZWNyZXQs
IGFzIGEgd2hvbGUsIHRyYWRpdGlvbmFsIGFuZCBvbmxpbmUgYWR2ZXJ0aXNp
bmcgaXMgcHVsbGluZyBpbiANCiAgICAgICAgICAgIHdlbGwgb3ZlciAkNTAw
IGJpbGxpb24gYW5udWFsbHkgaW4gTm9ydGggQW1lcmljYSBhbG9uZS4gWFJB
WU1FRElBIA0KICAgICAgICAgICAgaGFzIHBvc2l0aW9uZWQgaXRzIHNlbGYg
YXMgYSBjb25kdWl0IHRvIGNoYW5uZWwgdGhhdCByZXZlbnVlIHRocm91Z2gg
DQogICAgICAgICAgICB0aGVpciBnZW5lcmFsIGJ1c2luZXNzIGNvbW11bml0
eSBieSBsYXVuY2hpbmcgYSAiTElWRSBNRURJQSBUUkFESU5HIA0KICAgICAg
ICAgICAgQ0VOVEVSIiBhbmQgaGFzIGRlZmluaXRlbHkgYXR0cmFjdGVkIHRo
ZSBBVFRFTlRJT04gb2YgdGhlIEJJRyBCT1lTIA0KICAgICAgICAgICAgd2l0
aCBOTyBJTlRFTlRJT05TIG9mIFNFTExJTkcgT1VUISEhIA0KICAgICAgICAg
ICAgIA0KICAgICAgICAgICAgU2VlaW5nIHRoaXMgY29tcGFueSBtb3ZlIGlu
dG8gdGhlIGluZHVzdHJ5IGF0IHN1Y2ggYSBoaWdoIGVudHJ5IA0KICAgICAg
ICAgICAgcG9pbnQgUFJPVkVTIE9VUiBSRVNFQVJDSCBURUFNIGhhcyBnb3Qg
UFVMTCBvciBqdXN0IHBsYWluIGhhcmQgd29yaywgDQogICAgICAgICAgICBl
aXRoZXIgd2F5IGF0IHBlbm5pZXMgYSBzaGFyZSwgWFJBWU1FRElBIGlzIGFu
IGludmVzdG1lbnQgZHJlYW0gY29tZSANCiAgICAgICAgICAgIHRydWUuIE9u
Y2UgdGhleSBzdXN0YWluIHRoZWlyIFJFVkVOVUUgb3IgTUVSR0Ugb3IgR0VU
IEJPVUdIVCBPVVQsIHdlIA0KICAgICAgICAgICAgYXJlIGxvb2tpbmcgZm9y
IGEgdGFyZ2V0IHByaWNlIG9mICQ1LjAwLSAkMTAuMDAgZG9sbGFycyBwZXIv
c2hhcmUgDQogICAgICAgICAgICBwcmV0dHkgcXVpY2ssIHRoYXQncyB3aHkg
d2UgYnV5IHRoZXNlIHR5cGVzIG9mIEhJR0ggR1JPV1RIIGNvbXBhbWllcy4g
DQoJDQogICAgICAgICAgICAgDQogICAgICAgICAgICBUaGV5IGhhdmUgc29t
ZSBhbWF6aW5nIHRlY2hub2xvZ3k7IHdlIHVuZGVyc3RhbmQgdGhlIGNsb3Nl
c3QgDQogICAgICAgICAgICB0ZWNobm9sb2d5IGNvbXBldGl0b3JzIGFyZSB1
c2luZyBkYXRlZCBhdWN0aW9uIHRlY2hub2xvZ3kgc2ltaWxhciB0byANCiAg
ICAgICAgICAgIEVCQVkgb3IgWUFIT08gYW5kIHN0aWxsIHB1bGxpbmcgaW4g
bWlsbGlvbnMgb2YgZG9sbGFycyBhIGRheSBpbiANCiAgICAgICAgICAgIHJl
dmVudWUgYXVjdGlvbmluZyBhZHZlcnRpc2luZyBzcGFjZS4gWFJBWU1FRElB
J3MgdGVjaG5vbG9neSBJUyBUSEUgDQogICAgICAgICAgICBNQUpPUiBUQVJH
RVQgYW5kIGl0IGNhbiB0YWtlIHRoaXMgcmV2ZW51ZSB0byB0aGUgbmV4dCBs
ZXZlbC4gUGF0ZW50IA0KICAgICAgICAgICAgUGVuZGluZyBMaXZlIE1lZGlh
IFRyYWRpbmcgdGhyb3VnaCB0aGUgSW50ZXJuZXQganVzdCBsaWtlIHRoZSBT
VE9DSyANCiAgICAgICAgICAgIE1BUktFVCwgd2UndmUgZ290IHRvIGp1c3Qg
bG92ZSBpdCEhIQ0KICAgICAgICAgICAgIA0KICAgICAgICAgICAgVGhlaXIg
TWVkaWEgU3VwZXJQb3J0YWwgYW5kIExpdmUgTWVkaWEgTWFya2V0cGxhY2Ug
d2FzIGRldmVsb3BlZCB0byANCiAgICAgICAgICAgIGNyZWF0ZSBhIHJlYWwt
dGltZSB0cmFkaW5nIGVudmlyb25tZW50IGZvciBtZWRpYSBhbmQgYWR2ZXJ0
aXNpbmcgDQogICAgICAgICAgICBpbmR1c3RyeSwgdGhleSBjb3ZlciBhbGwg
dGhlIG1lZGlhIHNlY3RvcnMgbGlrZSBUViwgUmFkaW8sIFByaW50LCANCiAg
ICAgICAgICAgIE9ubGluZSwgT3V0LW9mLUhvbWUgYW5kIFNwZWNpYWx0eSBB
ZHZlcnRpc2luZy4gSXQgZ2l2ZXMgYnV5ZXJzIGFuZCANCiAgICAgICAgICAg
IHNlbGxlcnMgdGhlIG9wcG9ydHVuaXR5IHRvIG5lZ290aWF0ZSB3aXRoIDEs
IDEwLCAxMDAgcGVvcGxlIGFsbCBhdCANCiAgICAgICAgICAgIHRoZSBzYW1l
IHRpbWUgYW5kIG5vIG9uZSBzZWVzIHdoYXQgdGhlIG90aGVycyBhcmUgZG9p
bmcsIGFsbCBpbiByZWFsIA0KICAgICAgICAgICAgdGltZS4gVGhpcyBpcyBh
IHJlYWwgbW9uZXkgbWFrZXIsIFhSQVlNRURJQSBtYWtlcyBpdHMgbW9uZXkg
YnkgDQogICAgICAgICAgICBjaGFyZ2luZyBicm9rZXIgZmVlcyBvbiBjbG9z
ZWQgZGVhbHMganVzdCBsaWtlIHRoZSBTVE9DSyBCUk9LRVJTIGFuZCANCiAg
ICAgICAgICAgIERJU0NPVU5UIElOVEVSTkVUIFRSQURJTkcgSE9VU0VTLCB3
ZSB0aGluayB0aGV5IGtuZXcgd2hhdCB0aGV5IHdoZXJlIA0KICAgICAgICAg
ICAgZG9pbmcgYnkgY2hvb3NpbmcgdGhlIHJpZ2h0IGluZHVzdHJ5IGF0IHRo
ZSByaWdodCB0aW1lLiAkMTAwIG1pbGxpb24gDQogICAgICAgICAgICBkb2xs
YXIgcmV2ZW51ZSBwYXJ0bmVycywgYWQgYWdlbmNpZXMsIG1lZGlhIGJ1eWlu
ZyBmaXJtcywgYmx1ZSBjaGlwIA0KICAgICAgICAgICAgY29tcGFuaWVzIHVz
aW5nIHRoZSB0ZWNobm9sb2d5LCB0aGUgZ3Jvd3RoIHBvdGVudGlhbCBpcyBy
ZXNvdW5kaW5nLiANCiAgICAgICAgICAgIFdlIGhhdmVuJ3QgaGFkIGJhY2st
dG8tYmFjayBtYWpvciB3aW5uZXJzIGluIGEgd2hpbGUgdGhpcyBpcyBnb29k
OyANCiAgICAgICAgICAgIFNlZWluZyB0aGlzIGNvbXBhbnkgZ3JvdyB0byBi
bHVlIGNoaXAgc3RhdHVzIGlzIG91ciBsb25nLXRlcm0gZ29hbCwgDQogICAg
ICAgICAgICBzaG9ydCB0ZXJtIHRoZSBjb21wYW55IGhhcyBzb21lIHNlcmlv
dXMgd2hlZWxzLCB0aGlzIGlzIG91ciB0b3AgcGljayANCiAgICAgICAgICAg
IGZvciBwcmljZSBhbmQgcGVyY2VudGFnZSBnYWlucywgbWFrZSBzdXJlIHlv
dSdyZSBvbiBib2FyZCBub3cgYW5kIA0KICAgICAgICAgICAgd2UnbGwgc2Vl
IHlvdSBhdCB0aGUgYmlnIHBhcnR5IQ0KICAgICAgICAgICAgIA0KICAgICAg
ICAgICAgIA0KICAgICAgICAgICAgKioqVGhpcyByZXBvcnQgaXMgYmFzZWQg
b24gb3VyIHJlc2VhcmNoIGFuZCBvdXIgc291cmNlcyBpZGVudGlmeWluZyAN
CiAgICAgICAgICAgIGltbWVkaWF0ZSBncm91bmQgZmxvb3IgaW52ZXN0bWVu
dCBvcHBvcnR1bml0aWVzIGZvciB0aGUgZ2VuZXJhbCANCiAgICAgICAgICAg
IHB1YmxpYy4gTWFraW5nIGEgdGltZWx5IGludmVzdG1lbnQgY2FsbCBhbmQg
bWF4aW1pemluZyB5b3VyIHJldHVybiANCiAgICAgICAgICAgIGlzIG91ciBn
b2FsLiBWRVNURURHRSBoYXMgKk5PVCogYmVlbiBjb21wZW5zYXRlZCB0byBw
cm9kdWNlIHRoaXMgb3IgDQogICAgICAgICAgICBhbnkgb2Ygb3VyIG9waW5p
b25zLiBUaGlzIHJlcG9ydCBpcyBmcmVlIHRvIHRoZSBwdWJsaWMgYW5kIHN0
cmljdGx5IA0KICAgICAgICAgICAgY29tcHJpc2VkIG9mIG91ciBvcGluaW9u
cyBhbmQgeW91IHNob3VsZCBhbHdheXMgZG8geW91ciBvd24gDQogICAgICAg
ICAgICBkaWxpZ2VuY2UgYW5kIG1ha2Ugc3VyZSB5b3UgdGFrZSBjb250cm9s
IG9mIHlvdXIgb3duIGludmVzdG1lbnQgDQogICAgICAgICAgICBkZWNpc2lv
bnMgd2hpbGUgY29uc3VsdGluZyB5b3VyIGJyb2tlciBvciBpbnZlc3RtZW50
IGNvdW5zZWwuDQogICAgICAgICAgICAgDQogICAgICAgICAgICA=
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 12:28: 5 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 4B33F37B400
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 12:28:03 -0700 (PDT)
Received: from hotmail.com (f11.pav0.hotmail.com [64.4.33.82])
by mx1.FreeBSD.org (Postfix) with ESMTP id 112D943E5E
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 12:28:03 -0700 (PDT)
(envelope-from cdgaming@msn.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
Sat, 10 Aug 2002 12:28:02 -0700
Received: from 24.207.183.177 by pv0fd.pav0.hotmail.msn.com with HTTP;
Sat, 10 Aug 2002 19:28:02 GMT
X-Originating-IP: [24.207.183.177]
From: "Chest Rockwell" <cdgaming@msn.com>
To: freebsd-security@FreeBSD.ORG
Subject: screen question/problem.
Date: Sat, 10 Aug 2002 14:28:02 -0500
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F1100goZolmRBaYFkuu0000010b@hotmail.com>
X-OriginalArrivalTime: 10 Aug 2002 19:28:02.0981 (UTC) FILETIME=[0B657D50:01C240A4]
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
i created a user but when i login as that user and try to use screen, i get
this error.
You are not the owner of /tmp/uscreens/S-gdiggers.
can anyone tell me how to fix this?
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 13: 7:33 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id BC5FA37B400
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 13:07:30 -0700 (PDT)
Received: from mail47.fg.online.no (mail47-s.fg.online.no [148.122.161.47])
by mx1.FreeBSD.org (Postfix) with ESMTP id D93CD43E5E
for <freebsd-security@FreeBSD.ORG>; Sat, 10 Aug 2002 13:07:28 -0700 (PDT)
(envelope-from pulz@pulz.no)
Received: from elixor (ti500720a080-0075.bb.online.no [80.213.72.75])
by mail47.fg.online.no (8.9.3/8.9.3) with SMTP id WAA19052;
Sat, 10 Aug 2002 22:07:26 +0200 (MET DST)
Message-ID: <001901c240a9$85917bb0$fa00a8c0@elixor>
From: =?iso-8859-1?Q?Geir_R=E5ness?= <pulz@pulz.no>
To: "Chest Rockwell" <cdgaming@msn.com>
Cc: <freebsd-security@FreeBSD.ORG>
References: <F1100goZolmRBaYFkuu0000010b@hotmail.com>
Subject: Re: screen question/problem.
Date: Sat, 10 Aug 2002 22:07:15 +0200
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
rm -fr /tmp/uscreens/S-gdiggers (as root)
and start the screen, now it shuld work (from the user)
=20
----- Original Message -----=20
From: "Chest Rockwell" <cdgaming@msn.com>
To: <freebsd-security@FreeBSD.ORG>
Sent: Saturday, August 10, 2002 9:28 PM
Subject: screen question/problem.
>=20
> i created a user but when i login as that user and try to use screen, =
i get=20
> this error.
>=20
>=20
> You are not the owner of /tmp/uscreens/S-gdiggers.
>=20
>=20
> can anyone tell me how to fix this?
>=20
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
>=20
>=20
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>=20
>=20
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 22:20:41 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 1A9D737B400
for <freebsd-security@freebsd.org>; Sat, 10 Aug 2002 22:20:39 -0700 (PDT)
Received: from mail.yazzy.org (mail.wrs.no [80.232.16.66])
by mx1.FreeBSD.org (Postfix) with ESMTP id 40D3343E6E
for <freebsd-security@freebsd.org>; Sat, 10 Aug 2002 22:20:38 -0700 (PDT)
(envelope-from yazzy@yazzy.org)
Received: by mail.yazzy.org (Postfix, from userid 81)
id 6E8056C8D316; Sat, 10 Aug 2002 21:37:28 +0200 (CEST)
Received: from 80.232.16.66
(SquirrelMail authenticated user yazzy.yazzy.org)
by www.yazzy.org with HTTP;
Sat, 10 Aug 2002 21:37:28 +0200 (CEST)
Message-ID: <42247.80.232.16.66.1029008248.squirrel@www.yazzy.org>
Date: Sat, 10 Aug 2002 21:37:28 +0200 (CEST)
Subject: Re: screen question/problem.
From: "Marcin Jessa" <yazzy@yazzy.org>
To: <cdgaming@msn.com>, <freebsd-security@freebsd.org>
In-Reply-To: <F1100goZolmRBaYFkuu0000010b@hotmail.com>
References: <F1100goZolmRBaYFkuu0000010b@hotmail.com>
X-Priority: 3
Importance: Normal
X-MSMail-Priority: Normal
Reply-To: yazzy@yazzy.org
X-Mailer: SquirrelMail (version 1.2.6)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
How is your screen mounted, what do you have in your fstab?
Chest Rockwell said:
>
> i created a user but when i login as that user and try to use screen, i
> get this error.
>
>
> You are not the owner of /tmp/uscreens/S-gdiggers.
>
>
> can anyone tell me how to fix this?
>
> _________________________________________________________________
> Send and receive Hotmail on your mobile device: http://mobile.msn.com
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
From owner-freebsd-security Sat Aug 10 22:26:44 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 38CA837B400
for <freebsd-security@freebsd.org>; Sat, 10 Aug 2002 22:26:41 -0700 (PDT)
Received: from mail.yazzy.org (mail.wrs.no [80.232.16.66])
by mx1.FreeBSD.org (Postfix) with ESMTP id BC47543E4A
for <freebsd-security@freebsd.org>; Sat, 10 Aug 2002 22:26:40 -0700 (PDT)
(envelope-from yazzy@yazzy.org)
Received: by mail.yazzy.org (Postfix, from userid 81)
id ED1846301BD3; Sun, 11 Aug 2002 07:26:33 +0200 (CEST)
Received: from 80.232.16.66
(SquirrelMail authenticated user yazzy.yazzy.org)
by www.yazzy.org with HTTP;
Sun, 11 Aug 2002 07:26:33 +0200 (CEST)
Message-ID: <48016.80.232.16.66.1029043593.squirrel@www.yazzy.org>
Date: Sun, 11 Aug 2002 07:26:33 +0200 (CEST)
Subject: Re: screen question/problem.
From: "Marcin Jessa" <yazzy@yazzy.org>
To: <freebsd-security@freebsd.org>
Importance: Normal
X-MSMail-Priority: Normal
X-Priority: 3
In-Reply-To: <42247.80.232.16.66.1029008248.squirrel@www.yazzy.org>
References: <F1100goZolmRBaYFkuu0000010b@hotmail.com>
<42247.80.232.16.66.1029008248.squirrel@www.yazzy.org>
Reply-To: yazzy@yazzy.org
X-Mailer: SquirrelMail (version 1.2.6)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org
Hi.
Ugh, a tired man should stay away from helping other people.
What I ment is how is your tmp mounted.
It may have some special flags in the fstab file preventing you from
accessing anything in it.
Marcin Jessa said:
> How is your screen mounted, what do you have in your fstab?
>
> Chest Rockwell said:
>>
>> i created a user but when i login as that user and try to use screen,
>> i get this error.
>>
>>
>> You are not the owner of /tmp/uscreens/S-gdiggers.
>>
>>
>> can anyone tell me how to fix this?
>>
>> _________________________________________________________________ Send
>> and receive Hotmail on your mobile device: http://mobile.msn.com
>>
>>
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe freebsd-security" in the body of the message
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message