Date: Sun, 15 May 2005 22:55:44 +0200 From: Jesper Wallin <jesper@hackunite.net> To: freebsd-security@freebsd.org Subject: About the vulnerabilities in tcpdump and gzip. Message-ID: <4287B750.6050301@hackunite.net>
next in thread | raw e-mail | index | archive | help
Dear list, About a week ago, right after 5.4-RELEASE was released, I received a mail from Gentoo Linux's security announcement list about a flaw in tcpdump and gzip. Since none of them are operating system related, I assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for the HTT security issue so I wonder, is the FreeBSD version of tcpdump and/or gzip are secured or simply forgotten/ignored? tcpdump references: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1279 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1280 gzip references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 Best regards, Jesper Wallin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4287B750.6050301>