From owner-freebsd-security Tue May 14 16:23:39 2002 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [63.229.157.2]) by hub.freebsd.org (Postfix) with ESMTP id 8B7F237B401 for ; Tue, 14 May 2002 16:23:35 -0700 (PDT) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id OAA14992; Mon, 13 May 2002 14:10:33 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook may make your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20020513140848.038cac50@nospam.lariat.org> X-Sender: brett@nospam.lariat.org X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 13 May 2002 14:10:29 -0600 To: "Carroll, D. (Danny)" , From: Brett Glass Subject: RE: DHCPD bug In-Reply-To: <6C506EA550443D44A061432F1E92EA4C012DBA@ing.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 01:18 AM 5/13/2002, Carroll, D. (Danny) wrote: >As a little aside, whilst reading the CERT advisory I noticed that >NetBSD is not vulernable because: "NetBSD fixed this during a format >string sweep performed on 11-Oct-2000. No released version of NetBSD is >vulnerable to this issue." I wonder if they notified ISC? It could be that their notice was missed or ignored, or that because they've forked their own version they didn't know whether the bugs were still present in ISC's original code. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message