Date: Mon, 02 Nov 1998 15:37:33 -0700 From: Warner Losh <imp@village.org> To: bow <bow@bow.net> Cc: FreeBSD-security@FreeBSD.ORG Subject: Re: [rootshell] Security Bulletin #25 (fwd) Message-ID: <199811022237.PAA16222@harmony.village.org> In-Reply-To: Your message of "Sun, 01 Nov 1998 14:54:57 PST." <199811012254.OAA29528@bow.net> References: <199811012254.OAA29528@bow.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Just so everyone knows, this advisory was only a draft advisory and was cancelled over the weekend. I saw the original advisory and checked stuff in based on it, since generally changes like this are good and can't hurt anything. After I checked in the fixes to ssh, I discovered that it had been determined that there was no way of exploiting this buffer call because all the places that called it had bounds checking. Given that the changes I made don't hurt anything, I'm going to leave them in for now. Warner -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBNj40Kdxynu/2qPVhAQFHRQP9FE//4+CBcUQcZAyKZCMsPNPXu2aiihlx NnoD3vkxtCtkopxaTIVeadtcqMdKpVuhLSK2ChrCnZNtpHu4lE/ZImiUQj5WXyyr klHlR+rY8tNHQFf9xtlVNcqULYx/wkJCLJSCknlzUA+/xblhUlR2n64ctvodRI40 ESNEjlOFBwA= =aOA4 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811022237.PAA16222>