Date: Wed, 22 Jan 2003 14:32:15 -0800 From: Erick Mechler <emechler@techometer.net> To: =?iso-8859-1?Q?Andr=E9s?= Vargas <elerrordlmilenio@hotmail.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ISC DHCPD NSUPDATE Buffer Overflow Vulnerabilities Message-ID: <20030122223215.GN3893@techometer.net> In-Reply-To: <OE23CvqQ7SzE2NSAW4e0000403f@hotmail.com> References: <200301212035.h0LKZvvD077479@dc.cis.okstate.edu> <OE23CvqQ7SzE2NSAW4e0000403f@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:: The following advisory indicates FreeBSD 4.1-4.5 are affected. :: :: http://securityresponse.symantec.com/avcenter/security/Content/6627.html :: :: I have not seen any comments in this security list. Am I missing something? DHCP isn't part of the base system, so FreeBSD is only vulnerable if you've installed the port. A fix was committed to the ports tree 6 days ago by Kris, updating the DHCP port to 3.0.1.r11. If you're using the DHCP port, use your method of choice to upgrade. http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/isc-dhcp3/ Security advisories for 3rd party packages (i.e., ports) are issued in bundles, and have the "FreeBSD-SN" prefix (SN == Security Notice). See http://www.freebsd.org/security/#adv for more information. Cheers - Erick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030122223215.GN3893>