From owner-freebsd-security Mon Dec 18 8:21: 5 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 18 08:21:00 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id 51D9937B698 for ; Mon, 18 Dec 2000 08:20:58 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id IAA29673; Mon, 18 Dec 2000 08:22:09 -0800 Date: Mon, 18 Dec 2000 08:22:09 -0800 From: Kris Kennaway To: Vladimir Dubrovin Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:77.procfs Message-ID: <20001218082209.C29592@citusc.usc.edu> References: <20001218153619.071BE37B400@hub.freebsd.org> <156200781518.20001218191409@sandy.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="ctP54qlpMx3WjD+/" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <156200781518.20001218191409@sandy.ru>; from vlad@sandy.ru on Mon, Dec 18, 2000 at 07:14:09PM +0300 Sender: kris@citusc.usc.edu Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --ctP54qlpMx3WjD+/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 18, 2000 at 07:14:09PM +0300, Vladimir Dubrovin wrote: > Hello FreeBSD Security Advisories, >=20 > As far as I remember this issue was patched twice - in 1997 and in > January 2000. Do I miss something? There have been other vulnerabilities in procfs in the past. There may be others discovered in the future..it's what you might call "risky code". Kris --ctP54qlpMx3WjD+/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6PjmvWry0BWjoQKURAqgNAKDnZfCSM7tI2O4viXgQpeEo0HvDQQCg1Aoc Ytk9EmP3kSVC0t3XnvlfHss= =R2O4 -----END PGP SIGNATURE----- --ctP54qlpMx3WjD+/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message