From owner-freebsd-security@FreeBSD.ORG Wed Jun 2 04:18:55 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 09C9716A4CE for ; Wed, 2 Jun 2004 04:18:55 -0700 (PDT) Received: from punky.seifried.org (punky.seifried.org [216.194.67.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id B472443D1D for ; Wed, 2 Jun 2004 04:18:54 -0700 (PDT) (envelope-from listuser@seifried.org) Received: from pooptop (localhost.seifried.org [127.0.0.1]) by punky.seifried.org (Postfix) with SMTP id CC30B218031; Wed, 2 Jun 2004 05:18:45 -0600 (MDT) Message-ID: <002101c44893$5afdc770$1600110a@pooptop> From: "Kurt Seifried" To: "Konrad Heuer" , References: <20040602130700.P1201@gwdu60.gwdg.de> Date: Wed, 2 Jun 2004 05:18:39 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: Re: xdm security hole X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Kurt Seifried List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2004 11:18:55 -0000 > Hi everyone, > > every comment about this: > > http://xforce.iss.net/xforce/xfdb/16264 > > Didn't find any hint or patch on http://www.xfree86.org/security/. > > Best regards > > Konrad Heuer (kheuer2@gwdg.de) ____ ___ _______ There's a patch from the OpenBSD project: http://www.openbsd.org/errata.html And I know Red Hat has acknowledged the flaw in Fedora. I don't know if FreeBSD is affected (X 4.3.0 later? IPv6 backported?) Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/