Date: Sun, 17 Aug 2003 13:01:14 +0200 From: Alexander Leidinger <Alexander@Leidinger.net> To: audit@freebsd.org Cc: chris@aims.com.au Subject: SecFix for databases/firebird, please review Message-ID: <20030817130114.2bfb3cf1.Alexander@Leidinger.net>
next in thread | raw e-mail | index | archive | help
Hi, at http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 I've some patches for the databases/firebird port (see http://packetstormsecurity.nl/0305-exploits/dsr-adv001.txt for the local stack overflow possibility). As I want to commit it to the port before Kris decides to remove it because it is marked FORBIDDEN since a long time, it would be nice if as much people as possible review the patches. Chris, it would be nice if you at least can convince the developers to review the patches too. And please test the patches, I've just verified that firebird compiles on 5-current (it needs one additional patch (in #ifdef'ed out code) to compile with gcc 3.3). Bye, Alexander. -- To boldly go where I surely don't belong. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030817130114.2bfb3cf1.Alexander>