From owner-cvs-all@FreeBSD.ORG Thu Nov 29 18:00:38 2007 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: by hub.freebsd.org (Postfix, from userid 1033) id C6DA616A46C; Thu, 29 Nov 2007 18:00:38 +0000 (UTC) Date: Thu, 29 Nov 2007 18:00:38 +0000 From: Alexey Dokuchaev To: "Simon L. Nielsen" Message-ID: <20071129180038.GA598@FreeBSD.org> References: <200711291608.lATG8s7Q067912@repoman.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <200711291608.lATG8s7Q067912@repoman.freebsd.org> User-Agent: Mutt/1.4.2.1i Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/contrib/tar/src misc.c src/sys/dev/random yarrow.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Nov 2007 18:00:38 -0000 On Thu, Nov 29, 2007 at 04:08:54PM +0000, Simon L. Nielsen wrote: > simon 2007-11-29 16:08:54 UTC > > FreeBSD src repository > > Modified files: (Branch: RELENG_5) > contrib/tar/src misc.c > sys/dev/random yarrow.c > Log: > Correct a random value disclosure in random(4). [07:09] > > Correct a gtar directory traversal vulnerability. [07:10] > > Security: FreeBSD-SA-07:09.random > Security: FreeBSD-SA-07:10.gtar Is 4.x vulnerable? Is it going to be fixed? I can test patches. :-) ./danfe