From owner-freebsd-www@FreeBSD.ORG Mon Jun 27 11:02:04 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 964D116A41C for ; Mon, 27 Jun 2005 11:02:04 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8187343D53 for ; Mon, 27 Jun 2005 11:02:04 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j5RB24LW043243 for ; Mon, 27 Jun 2005 11:02:04 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j5RB23B9043237 for freebsd-www@freebsd.org; Mon, 27 Jun 2005 11:02:03 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 27 Jun 2005 11:02:03 GMT Message-Id: <200506271102.j5RB23B9043237@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: freebsd-www@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2005 11:02:04 -0000 Current FreeBSD problem reports Critical problems Serious problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/04/18] www/51135 www Problems with the mailing-lists search in o [2004/03/06] www/63854 www PR-web page loses text 2 problems total. Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2002/03/07] www/35647 www www; combine query-by-number and multi-fi s [2002/05/24] www/38500 www gnats web form is overenthusiastic about o [2002/10/17] www/44181 www www "Release Information" organization o [2004/01/24] www/61824 www Misleading documentation on FreeBSD insta o [2004/06/04] www/67554 www man-cgi visual glitch on 3-word titles o [2004/11/05] www/73549 www Mail list archive navigation difficulty o [2004/11/05] www/73551 www List archive 'quoted-printable' corruptio o [2005/01/05] www/75830 www ports.cgi used ports/INDEX from CVS o [2005/06/18] www/82379 www /cgi/query-pr.cgi has no submit button 9 problems total. From owner-freebsd-www@FreeBSD.ORG Mon Jun 27 17:50:21 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74ACB16A41C for ; Mon, 27 Jun 2005 17:50:21 +0000 (GMT) (envelope-from johnjawed@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A4C243D1D for ; Mon, 27 Jun 2005 17:50:21 +0000 (GMT) (envelope-from johnjawed@gmail.com) Received: by wproxy.gmail.com with SMTP id i4so401364wra for ; Mon, 27 Jun 2005 10:50:20 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=dxb+GROQA0eQ0H5uT54bV8WQHX4/3m0w4JHvTv5S5SNbDUdH0xaxj/wGkUMN6MVCvhzKVPF5PoeseluD5Z0m3tf6R5PbjxCR0CEb0Jt5rfboDiRmplJ9WSw0rfYaT3k9HlTH0EO3qUxJ2d9eACj6ZubwQKsVYcXHAidU8FwJgMU= Received: by 10.54.28.31 with SMTP id b31mr1186174wrb; Mon, 27 Jun 2005 10:50:19 -0700 (PDT) Received: by 10.54.132.10 with HTTP; Mon, 27 Jun 2005 10:50:18 -0700 (PDT) Message-ID: Date: Mon, 27 Jun 2005 10:50:18 -0700 From: John Jawed To: freebsd-www@freebsd.org In-Reply-To: Mime-Version: 1.0 References: <200506271102.j5RB23B9043237@freefall.freebsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Current problem reports assigned to you X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John Jawed List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2005 17:50:21 -0000 I'd like to take care of 63854 if somebody is not already doing it, this=20 should be fairly simple. Regards, john PS If this got cross posted, sorry. On 6/27/05, John Jawed wrote: >=20 > I'd like to take care of 63854 if somebody is not already doing it, this= =20 > should be fairly simple. >=20 > Regards, > john >=20 > On 6/27/05, FreeBSD bugmaster wrote: > >=20 > > Current FreeBSD problem reports > > Critical problems > > Serious problems > >=20 > > S Submitted Tracker Resp. Description > >=20 > > -----------------------------------------------------------------------= -------- > > o [2003/04/18] www/51135 www Problems with the mailing-lists search in > > o [2004/03/06] www/63854 www PR-web page loses text > >=20 > > 2 problems total. > >=20 > > Non-critical problems > >=20 > > S Submitted Tracker Resp. Description > > -----------------------------------------------------------------------= --------=20 > >=20 > > o [2002/03/07] www/35647 www www; combine query-by-number and multi-fi > > s [2002/05/24] www/38500 www gnats web form is overenthusiastic about > > o [2002/10/17] www/44181 www www "Release Information" organization > > o [2004/01/24] www/61824 www Misleading documentation on FreeBSD insta > > o [2004/06/04] www/67554 www man-cgi visual glitch on 3-word titles > > o [2004/11/05] www/73549 www Mail list archive navigation difficulty > > o [2004/11/05] www/73551 www List archive 'quoted-printable' corruptio > > o [2005/01/05] www/75830 www ports.cgi used ports/INDEX from CVS > > o [2005/06/18] www/82379 www /cgi/query-pr.cgi has no submit button > >=20 > > 9 problems total. > >=20 > > _______________________________________________ > > freebsd-www@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-www=20 > > To unsubscribe, send any mail to "freebsd-www-unsubscribe@freebsd.org" > >=20 >=20 > From owner-freebsd-www@FreeBSD.ORG Tue Jun 28 22:11:32 2005 Return-Path: X-Original-To: freebsd-www@hub.freebsd.org Delivered-To: freebsd-www@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2D3B16A41C; Tue, 28 Jun 2005 22:11:32 +0000 (GMT) (envelope-from jcamou@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8D2E43D48; Tue, 28 Jun 2005 22:11:32 +0000 (GMT) (envelope-from jcamou@FreeBSD.org) Received: from freefall.freebsd.org (jcamou@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j5SMBWKC075990; Tue, 28 Jun 2005 22:11:32 GMT (envelope-from jcamou@freefall.freebsd.org) Received: (from jcamou@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j5SMBWwI075986; Tue, 28 Jun 2005 22:11:32 GMT (envelope-from jcamou) Date: Tue, 28 Jun 2005 22:11:32 GMT From: "Jesus R. Camou" Message-Id: <200506282211.j5SMBWwI075986@freefall.freebsd.org> To: jcamou@FreeBSD.org, freebsd-www@FreeBSD.org, jcamou@FreeBSD.org Cc: Subject: Re: www/82379: /cgi/query-pr.cgi has no submit button X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 22:11:32 -0000 Synopsis: /cgi/query-pr.cgi has no submit button Responsible-Changed-From-To: freebsd-www->jcamou Responsible-Changed-By: jcamou Responsible-Changed-When: Tue Jun 28 22:10:55 GMT 2005 Responsible-Changed-Why: I'll take a look at this. http://www.freebsd.org/cgi/query-pr.cgi?pr=82379 From owner-freebsd-www@FreeBSD.ORG Wed Jun 29 03:30:29 2005 Return-Path: X-Original-To: freebsd-www@hub.freebsd.org Delivered-To: freebsd-www@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BC7416A41C for ; Wed, 29 Jun 2005 03:30:29 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF21643D5C for ; Wed, 29 Jun 2005 03:30:28 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j5T3USMQ019202 for ; Wed, 29 Jun 2005 03:30:28 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j5T3USNQ019196; Wed, 29 Jun 2005 03:30:28 GMT (envelope-from gnats) Resent-Date: Wed, 29 Jun 2005 03:30:28 GMT Resent-Message-Id: <200506290330.j5T3USNQ019196@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-www@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Kevin Kinsey Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E494916A41C; Wed, 29 Jun 2005 03:26:33 +0000 (GMT) (envelope-from kadmin@elisha.daleco.biz) Received: from elisha.daleco.biz (fbc-carthage.org [66.76.92.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id E625743D48; Wed, 29 Jun 2005 03:26:31 +0000 (GMT) (envelope-from kadmin@elisha.daleco.biz) Received: from elisha.daleco.biz (localhost [127.0.0.1]) by elisha.daleco.biz (8.12.11/8.12.11) with ESMTP id j5T3QUm5071785; Tue, 28 Jun 2005 22:26:30 -0500 (CDT) (envelope-from kadmin@elisha.daleco.biz) Received: (from kadmin@localhost) by elisha.daleco.biz (8.12.11/8.12.11/Submit) id j5T3QUFT071784; Tue, 28 Jun 2005 22:26:30 -0500 (CDT) (envelope-from kadmin) Message-Id: <200506290326.j5T3QUFT071784@elisha.daleco.biz> Date: Tue, 28 Jun 2005 22:26:30 -0500 (CDT) From: Kevin Kinsey To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: advocacy@FreeBSD.org Subject: www/82761: (PATCH) www/marketing/os-comparison.sgml, updates CERT advisories X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Kevin Kinsey List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 03:30:29 -0000 >Number: 82761 >Category: www >Synopsis: (PATCH) www/marketing/os-comparison.sgml, updates CERT advisories >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-www >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Jun 29 03:30:28 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Kevin Kinsey >Release: FreeBSD 5.3-STABLE i386 >Organization: DaleCo, S.P. >Environment: System: FreeBSD elisha.daleco.biz 4.11-RELEASE-p2 FreeBSD 4.11-RELEASE-p2 #4: Wed Apr 6 15:26:00 CDT 2005 root@elisha.daleco.biz:/usr/obj/usr/src/sys/GENERIC i386 >Description: This patch updates the "OS Comparison" article with the dates, case numbers, and names of (US) CERT advisories from January 2004 to June 2005. >How-To-Repeat: >Fix: This article is currently being discussed on advocacy@; I decided to "put up" instead of being asked to "shut up" (Hi, Julian! Keep up the good work! ;-) My www tree is a few weeks old, but the website appears to still have the same information as my "os-comparison.sgml". I updated the referenced URI due to the fact that "cert.org" is no longer being actively updated with advisories; these seem to have moved to: http://www.us-cert.gov/cas/techalerts/ --- I can't speculate on what "International" users might wish to have listed there; this seems (to me) appropriate for most of North America. Note that I haven't made any commentary about the list, *nor have I enumerated the number of advisories that affect any particular OS*. Particularly in regard to Microsoft's offerings, the list might very well speak for itself. Feel free to modify it as you wish, though. Instead of two "headers", there's only one; this is because of the nature of the content only, and not for any other reason. We appreciate Murray writing this in the first place, and "hope this helps". --- os-comparison.sgml Mon May 9 11:06:12 2005 +++ os-comparison2.sgml Tue Jun 28 21:39:06 2005 @@ -470,37 +470,49 @@ information and training to help improve security at Internet sites.

-

CERT Advisories in 2000 that affected Linux:

+

CERT Advisories for 2004-early 2005, all operating systems:

    -
  • CA-2000-22 - Input Validation Problems in LPRng
    • -
  • CA-2000-21 - Denial-of-Service Vulnerability in TCP/IP - Stacks
    • -
  • CA-2000-20 - Multiple Denial-of-Service Problems in ISC BIND
    • -
  • CA-2000-17 - Input Validation Problem in rpc.statd
    • -
  • CA-2000-13 - Two Input Validation Problems in FTPD
    • -
  • CA-2000-06 - Multiple Buffer Overflows in Kerberos Authenticated - Services
    • -
  • CA-2000-03 - Continuing Compromises of DNS servers
    • -
- -

CERT Advisories in 2000 that affected Windows:

-
    -
  • CA-2000-16 - Microsoft 'IE Script'/Access/OBJECT Tag - Vulnerability
    • -
  • CA-2000-14 - Microsoft Outlook and Outlook Express Cache Bypass - Vulnerability
    • -
  • CA-2000-12 - HHCtrl ActiveX Control Allows Local Files to be - Executed
    • -
  • CA-2000-10 - Inconsistent Warning Messages in Internet - Explorer
    • -
  • CA-2000-07 - Microsoft Office 2000 UA ActiveX Control - Incorrectly Marked "Safe for Scripting"
    • -
  • CA-2000-04 - Love Letter Worm
    • +
  • 2005-06-14 TA05-165A Microsoft Windows and Internet Explorer Vulnerabilities
    • +
  • 2005-05-16 TA05-136A Apple Mac OS X is affected by multiple vulnerabilities
    • +
  • 2005-04-27 TA05-117A Oracle Products Contain Multiple Vulnerabilities
    • +
  • 2005-04-12 TA05-102A Multiple Vulnerabilities in Microsoft Windows Components
    • +
  • 2005-02-08 TA05-039A Multiple Vulnerabilities in Microsoft Windows Components
    • +
  • 2005-01-26 TA05-026A Multiple Denial of Service Vulnerablities in Cisco IOS
    • +
  • 2005-01-12 TA05-012B Microsoft Windows HTML Help ActiveX Control Cross-Domain Vulnerability
    • +
  • 2005-01-12 TA05-012A Multiple Vulnerabilities in Microsoft Windows Icon and Cursor Processing
    • +
  • 2004-12-21 TA04-356A Exploitation of phpBB highlight parameter vulnerability
    • +
  • 2004-12-01 TA04-336A Update Available for Microsoft Internet Explorer HTML Elements Vulnerability
    • +
  • 2004-11-11 TA04-316A Cisco IOS Input Queue Vulnerability
    • +
  • 2004-11-10 TA04-315A Buffer Overflow in Microsoft Internet Explorer
    • +
  • 2004-10-19 TA04-293A Multiple Vulnerabilities in Microsoft Internet Explorer
    • +
  • 2004-09-17 TA04-261A Multiple Vulnerabilities in Mozilla Products
    • +
  • 2004-09-16 TA04-260A Microsoft Windows JPEG component buffer overflow
    • +
  • 2004-09-03 TA04-247A Vulnerabilities in MIT Kerberos 5
    • +
  • 2004-09-01 TA04-245A Multiple Vulnerabilities in Oracle Products
    • +
  • 2004-08-04 TA04-217A Multiple Vulnerabilities in libpng
    • +
  • 2004-07-30 TA04-212A Critical Vulnerabilities in Microsoft Windows
    • +
  • 2004-07-14 TA04-196A Multiple Vulnerabilities in Microsoft Windows Components and Outlook Express
    • +
  • 2004-07-02 TA04-184A Internet Explorer Update to Disable ADODB.Stream ActiveX Control
    • +
  • 2004-06-22 TA04-174A Multiple Vulnerabilities in ISC DHCP 3
    • +
  • 2004-06-11 TA04-163A Cross-Domain Redirect Vulnerability in Internet Explorer
    • +
  • 2004-06-08 TA04-160A SQL Injection Vulnerabilities in Oracle E-Business Suite
    • +
  • 2004-05-26 TA04-147A CVS Heap Overflow Vulnerability
    • +
  • 2004-04-20 TA04-111B Cisco IOS SNMP Message Handling Vulnerability
    • +
  • 2004-04-20 TA04-111A Vulnerabilities in TCP
    • +
  • 2004-04-13 TA04-104A Multiple Vulnerabilities in Microsoft Products
    • +
  • 2004-04-08 TA04-099A Cross-Domain Vulnerability in Outlook Express MHTML Protocol Handler
    • +
  • 2004-03-18 TA04-078A Multiple Vulnerabilities in OpenSSL
    • +
  • 2004-03-10 TA04-070A Microsoft Outlook mailto URL Handling Vulnerability
    • +
  • 2004-02-10 TA04-041A Multiple Vulnerabilities in Microsoft ASN.1 Library
    • +
  • 2004-02-05 TA04-036A HTTP Parsing Vulnerabilities in Check Point Firewall-1
    • +
  • 2004-02-02 TA04-033A Multiple Vulnerabilities in Microsoft Internet Explorer
    • +
  • 2004-01-28 TA04-028A W32/MyDoom.B Virus
    • +

For more information about CERT and potential security exploits for your operating system, please see http://www.cert.org.

+href="http://www.us-cert.gov/cas/techalerts/">http://www.us-cert.gov/cas/techalerts/.

For more information about some of the enhanced security features of FreeBSD, please see Release-Note: >Audit-Trail: >Unformatted: From owner-freebsd-www@FreeBSD.ORG Wed Jun 29 06:54:33 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D3F0B16A41C for ; Wed, 29 Jun 2005 06:54:33 +0000 (GMT) (envelope-from supraexpress@globaleyes.net) Received: from mercury.ll.net (mercury.ll.net [209.131.224.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id A535943D1D for ; Wed, 29 Jun 2005 06:54:28 +0000 (GMT) (envelope-from supraexpress@globaleyes.net) Received: from globaleyes.net (unverified [209.131.253.34]) by mercury.ll.net (Vircom SMTPRS 3.2.315.0) with ESMTP id for ; Wed, 29 Jun 2005 01:54:25 -0500 Date: Wed, 29 Jun 2005 01:54:21 -0500 (CDT) From: supraexpress@globaleyes.net To: freebsd-www@FreeBSD.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Message-Id: <20050629065428.A535943D1D@mx1.FreeBSD.org> Cc: Subject: Fwd: [Dartware #38478] InterMapper for BSD 5.x X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 06:54:33 -0000 Please include Dartware's InterMapper product in the http://www.freebsd.org/commercial/software_bycat.html web page. Thank you. ------ Forwarded message ------ From: "Ruth Kurniawati via RT" Subject: [Dartware #38478] InterMapper for BSD 5.x Date: Mon, 23 May 2005 10:38:38 -0400 To: supraexpress@globaleyes.net Reply-To: Dartware.Support@dartware.com Hi Jim: Thank you for updating us on FreeBSD 5 status and giving us the detailed information about Java on FreeBSD 5. The next version of InterMapper (version 4.3) is also distributed in FreeBSD 5 package format. If you would like to try this, the final beta version of InterMapper 4.3 can be downloaded from: http://www.intermapper.com/binaries/test.html Please let us know if you have other comments / suggestions. Thanks, Ruth Kurniawati Dartware, LLC From owner-freebsd-www@FreeBSD.ORG Wed Jun 29 22:40:03 2005 Return-Path: X-Original-To: freebsd-www@hub.freebsd.org Delivered-To: freebsd-www@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9770016A41C for ; Wed, 29 Jun 2005 22:40:03 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F11043D4C for ; Wed, 29 Jun 2005 22:40:03 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j5TMe0Oi016013 for ; Wed, 29 Jun 2005 22:40:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j5TMe0mq016012; Wed, 29 Jun 2005 22:40:00 GMT (envelope-from gnats) Resent-Date: Wed, 29 Jun 2005 22:40:00 GMT Resent-Message-Id: <200506292240.j5TMe0mq016012@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-www@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Daniel Gerzo Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FE1A16A479 for ; Wed, 29 Jun 2005 22:39:44 +0000 (GMT) (envelope-from danger@rulez.sk) Received: from mail.rulez.sk (DaEmoN.RuLeZ.sK [84.16.32.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8BA343D1F for ; Wed, 29 Jun 2005 22:39:43 +0000 (GMT) (envelope-from danger@rulez.sk) Received: from localhost (localhost [127.0.0.1]) by mail.rulez.sk (Postfix) with ESMTP id 7EE8A1CCAE; Thu, 30 Jun 2005 00:39:41 +0200 (CEST) Received: by mail.rulez.sk (Postfix, from userid 1001) id 9E1051CC91; Thu, 30 Jun 2005 00:39:35 +0200 (CEST) Message-Id: <20050629223935.9E1051CC91@mail.rulez.sk> Date: Thu, 30 Jun 2005 00:39:35 +0200 (CEST) From: Daniel Gerzo To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: danger@rulez.sk Subject: www/82798: 4.11 and 5.4 errata pages need updating regarding to security advisores X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Gerzo List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 22:40:03 -0000 >Number: 82798 >Category: www >Synopsis: 4.11 and 5.4 errata pages need updating regarding to security advisores >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-www >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Wed Jun 29 22:40:00 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Daniel Gerzo >Release: FreeBSD 5.4 >Organization: rulez.sk >Environment: System: FreeBSD daemon.rulez.sk 5.4 FreeBSD 5.4 #2: Fri May 27 23:16:31 CEST 2005 danger@daemon.rulez.sk:/usr/obj/usr/src/sys/daemon i386 >Description: the errata pages for FreeBSD 5.4 and 4.11 releases are outdated regarding to new security advisores. this patch fixes the problem. Also, the 5.4 pages contained the bind9 SA, but 5.4 release isn't affected with it. >How-To-Repeat: check: http://www.freebsd.org/releases/4.11R/errata.html http://www.freebsd.org/releases/5.4R/errata.html >Fix: here are diffs: --- article.5.4.sgml.diff begins here --- --- article.5.4.sgml.orig Fri Jun 24 10:52:41 2005 +++ article.5.4.sgml Thu Jun 30 00:16:50 2005 @@ -113,6 +113,55 @@ + SA-05:02.sendfile + 4 April 2005 + sendfile kernel memory disclosure + + + + SA-05:03.amd64 + 6 April 2005 + unprivileged hardware access on amd64 + + + + SA-05:04.ifconf + 15 April 2005 + Kernel memory disclosure in ifconf() + + + + SA-05:05.cvs + 22 April 2005 + Multiple vulnerabilities in CVS + + + + SA-05:06.iir + 6 May 2005 + Incorrect permissions on /dev/iir + + + + SA-05:07.ldt + 6 May 2005 + Local kernel memory disclosure in i386_get_ldt + + + + SA-05:08.kmem + 6 May 2005 + Local kernel memory disclosure + + + SA-05:09.htt 22 May 2005 @@ -134,10 +183,24 @@ - SA-05:12.bind9 - 9 Jun 2005 - BIND 9 DNSSEC remote denial of service vulnerability + SA-05:13.ipfw + 29 Jun 2005 + ipfw packet matching errors with address tables + + + + SA-05:14.bzip2 + 29 Jun 2005 + bzip2 denial of service and permission race vulnerabilities + + + + SA-05:15.tcp + 29 Jun 2005 + TCP connection stall denial of service --- article.5.4.sgml.diff ends here --- --- article.4.11.sgml.diff begins here --- --- article.4.11.sgml.orig Fri Jan 21 03:52:23 2005 +++ article.4.11.sgml Thu Jun 30 00:21:42 2005 @@ -115,14 +115,103 @@ Security Advisories -No active security advisories. -]]> - -No active security advisories. -]]> + The following security advisories pertain to &os; &release.branch;. + For more information, consult the individual advisories available from + . + + + + + + + + Advisory + Date + Topic + + + + + + SA-05:01.telnet + 28 March 2005 + telnet client buffer overflows + + + + SA-05:02.sendfile + 4 April 2005 + sendfile kernel memory disclosure + + + + SA-05:04.ifconf + 15 April 2005 + Kernel memory disclosure in ifconf() + + + + SA-05:05.cvs + 22 April 2005 + Multiple vulnerabilities in CVS + + + + SA-05:06.iir + 6 May 2005 + Incorrect permissions on /dev/iir + + + + SA-05:07.ldt + 6 May 2005 + Local kernel memory disclosure in i386_get_ldt + + + + SA-05:08.kmem + 6 May 2005 + Local kernel memory disclosure + + + + SA-05:09.htt + 13 May 2005 + information disclosure when using HTT + + + + SA-05:11.gzip + 9 June 2005 + gzip directory traversal and permission race vulnerabilities + + + + SA-05:14.bzip2 + 29 June 2005 + bzip2 denial of service and permission race vulnerabilities + + + + SA-05:15.tcp + 29 June 2005 + TCP connection stall denial of service + + + + --- article.4.11.sgml.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted: From owner-freebsd-www@FreeBSD.ORG Wed Jun 29 22:58:44 2005 Return-Path: X-Original-To: freebsd-www@hub.freebsd.org Delivered-To: freebsd-www@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 657DF16A41C; Wed, 29 Jun 2005 22:58:44 +0000 (GMT) (envelope-from simon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D9D243D48; Wed, 29 Jun 2005 22:58:44 +0000 (GMT) (envelope-from simon@FreeBSD.org) Received: from freefall.freebsd.org (simon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j5TMwi73016615; Wed, 29 Jun 2005 22:58:44 GMT (envelope-from simon@freefall.freebsd.org) Received: (from simon@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j5TMwiF2016611; Wed, 29 Jun 2005 22:58:44 GMT (envelope-from simon) Date: Wed, 29 Jun 2005 22:58:44 GMT From: "Simon L. Nielsen" Message-Id: <200506292258.j5TMwiF2016611@freefall.freebsd.org> To: simon@FreeBSD.org, freebsd-www@FreeBSD.org, hrs@FreeBSD.org Cc: Subject: Re: www/82798: 4.11 and 5.4 errata pages need updating regarding to security advisores X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 22:58:44 -0000 Synopsis: 4.11 and 5.4 errata pages need updating regarding to security advisores Responsible-Changed-From-To: freebsd-www->hrs Responsible-Changed-By: simon Responsible-Changed-When: Wed Jun 29 22:58:33 GMT 2005 Responsible-Changed-Why: Over to main release notes maintainer (since I don't have time to deal with this today, but I can tomorrow if hrs is busy - just let me know). http://www.freebsd.org/cgi/query-pr.cgi?pr=82798 From owner-freebsd-www@FreeBSD.ORG Thu Jun 30 07:47:26 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 637A416A41C for ; Thu, 30 Jun 2005 07:47:26 +0000 (GMT) (envelope-from rainer@ultra-secure.de) Received: from bsd.ultra-secure.de (bsd.ultra-secure.de [62.146.20.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id D9EC443D5E for ; Thu, 30 Jun 2005 07:47:23 +0000 (GMT) (envelope-from rainer@ultra-secure.de) Received: (qmail 87012 invoked by uid 1005); 30 Jun 2005 07:47:21 -0000 Received: from rainer@ultra-secure.de by bsd.ultra-secure.de by uid 89 with qmail-scanner-1.22 (clamdscan: 0.85. spamassassin: 2.64. Clear:RC:1(213.196.191.65):. Processed in 0.028397 secs); 30 Jun 2005 07:47:21 -0000 Received: from unknown (HELO ?192.168.100.179?) (rainer@ultra-secure.de@213.196.191.65) by bsd.ultra-secure.de with (DHE-RSA-AES256-SHA encrypted) SMTP; 30 Jun 2005 07:47:21 -0000 Message-ID: <42C3A386.7070407@ultra-secure.de> Date: Thu, 30 Jun 2005 09:47:18 +0200 From: Rainer Duffner User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-www@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: http://www.freebsd.org/projects/bigdisk/ X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2005 07:47:26 -0000 Hi, is this website still maintained? http://www.freebsd.org/projects/bigdisk/ Rainer From owner-freebsd-www@FreeBSD.ORG Fri Jul 1 01:34:20 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7B8C16A420 for ; Fri, 1 Jul 2005 01:34:20 +0000 (GMT) (envelope-from royalist@udel.edu) Received: from adsl-10-137-234.mia.bellsouth.net (adsl-10-137-234.mia.bellsouth.net [65.10.137.234]) by mx1.FreeBSD.org (Postfix) with SMTP id 1D4D143D55 for ; Fri, 1 Jul 2005 01:34:19 +0000 (GMT) (envelope-from royalist@udel.edu) Received: from [56.85.67.191] (port=4438 helo=[brains]) by adsl-10-137-234.mia.bellsouth.net with esmtp id 5935798272accelerates85939 for freebsd-www@freebsd.org; Thu, 30 Jun 2005 18:34:22 -0700 Mime-Version: 1.0 (Apple Message framework v728) Content-Transfer-Encoding: 7bit Message-Id: <1834896130.570924902@adsl-10-137-234.mia.bellsouth.net> Content-Type: text/plain; charset=US-ASCII; format=flowed To: freebsd-www@freebsd.org From: Paula Date: Thu, 30 Jun 2005 18:34:21 -0700 X-Mailer: Apple Mail (2.728) Subject: Software paradise. X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jul 2005 01:34:20 -0000 Learn to build simple and clean websites that can bring in the dough... http://lbgy.8xunb781niqxn9q.mitigatorji.com There is nothing so ridiculous but some philosopher has said it. We are the music makers, and we are the dreamers of dreams. From owner-freebsd-www@FreeBSD.ORG Fri Jul 1 07:59:50 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE79C16A41C for ; Fri, 1 Jul 2005 07:59:50 +0000 (GMT) (envelope-from joel@automatvapen.se) Received: from av9-2-sn2.hy.skanova.net (av9-2-sn2.hy.skanova.net [81.228.8.180]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8AEC643D48 for ; Fri, 1 Jul 2005 07:59:50 +0000 (GMT) (envelope-from joel@automatvapen.se) Received: by av9-2-sn2.hy.skanova.net (Postfix, from userid 502) id 8348B37F2F; Fri, 1 Jul 2005 09:59:49 +0200 (CEST) Received: from smtp4-2-sn2.hy.skanova.net (smtp4-2-sn2.hy.skanova.net [81.228.8.93]) by av9-2-sn2.hy.skanova.net (Postfix) with ESMTP id C51BF37F25; Fri, 1 Jul 2005 09:59:48 +0200 (CEST) Received: from t12o955p13.telia.com (t12o955p13.telia.com [213.66.34.133]) by smtp4-2-sn2.hy.skanova.net (Postfix) with ESMTP id EC4C037E44; Fri, 1 Jul 2005 09:59:47 +0200 (CEST) From: Joel Dahl To: Rainer Duffner In-Reply-To: <42C3A386.7070407@ultra-secure.de> References: <42C3A386.7070407@ultra-secure.de> Content-Type: text/plain Date: Fri, 01 Jul 2005 10:00:09 +0200 Message-Id: <1120204809.537.54.camel@dude.automatvapen.se> Mime-Version: 1.0 X-Mailer: Evolution 2.2.2 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: freebsd-www@freebsd.org Subject: Re: http://www.freebsd.org/projects/bigdisk/ X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jul 2005 07:59:50 -0000 On Thu, 2005-06-30 at 09:47 +0200, Rainer Duffner wrote: > Hi, > > is this website still maintained? > > http://www.freebsd.org/projects/bigdisk/ Yes, it is still "maintained", but parts of the project seems to be on hold since they need some really big storage hardware, which they don't currently have. -- Joel From owner-freebsd-www@FreeBSD.ORG Sat Jul 2 12:46:42 2005 Return-Path: X-Original-To: freebsd-www@freebsd.org Delivered-To: freebsd-www@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D23E16A41C for ; Sat, 2 Jul 2005 12:46:42 +0000 (GMT) (envelope-from setantae@submonkey.net) Received: from shrike.submonkey.net (cpc4-cdif2-3-1-cust199.cdif.cable.ntl.com [82.31.76.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 056B343D1D for ; Sat, 2 Jul 2005 12:46:41 +0000 (GMT) (envelope-from setantae@submonkey.net) Received: from setantae by shrike.submonkey.net with local (Exim 4.51 (FreeBSD)) id 1DohOK-000N9Z-No; Sat, 02 Jul 2005 13:46:40 +0100 Date: Sat, 2 Jul 2005 13:46:40 +0100 From: Ceri Davies To: John Jawed Message-ID: <20050702124640.GF11504@submonkey.net> Mail-Followup-To: Ceri Davies , John Jawed , freebsd-www@freebsd.org References: <200506271102.j5RB23B9043237@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="/Uq4LBwYP4y1W6pO" Content-Disposition: inline In-Reply-To: X-PGP: finger ceri@FreeBSD.org User-Agent: Mutt/1.5.9i Sender: Ceri Davies Cc: freebsd-www@freebsd.org Subject: Re: Current problem reports assigned to you X-BeenThere: freebsd-www@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Project Webmasters List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Jul 2005 12:46:42 -0000 --/Uq4LBwYP4y1W6pO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jun 27, 2005 at 10:50:18AM -0700, John Jawed wrote: > I'd like to take care of 63854 if somebody is not already doing it, this= =20 > should be fairly simple. >=20 > Regards, > john > > On 6/27/05, FreeBSD bugmaster wrote: > > > o [2004/03/06] www/63854 www PR-web page loses text Hi John, Apologies for the delay in replying; I have been moving house. Patches to fix any of the PRs would be very much appreciated, thank you. Ceri --=20 Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. -- Einstein (attrib.) --/Uq4LBwYP4y1W6pO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFCxoywocfcwTS3JF8RAvTqAJ9aootzwb1US0RAnE8ohnpRLOlfBgCglwop ZVB4wIn0bkWtODOjUqQJP58= =mfT+ -----END PGP SIGNATURE----- --/Uq4LBwYP4y1W6pO--