From owner-freebsd-questions@FreeBSD.ORG  Fri Sep 18 19:26:50 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B0C35106566C
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Sep 2009 19:26:50 +0000 (UTC)
	(envelope-from przemyslaw@frasunek.com)
Received: from lagoon.freebsd.lublin.pl (lagoon.freebsd.lublin.pl
	[193.138.118.3])
	by mx1.freebsd.org (Postfix) with ESMTP id 6C9E28FC12
	for <freebsd-questions@freebsd.org>;
	Fri, 18 Sep 2009 19:26:50 +0000 (UTC)
Received: from [193.138.118.99] (ip-193-138-118-99.nette.pl [193.138.118.99])
	by lagoon.freebsd.lublin.pl (Postfix) with ESMTPSA id 4598AC54C19;
	Fri, 18 Sep 2009 21:26:49 +0200 (CEST)
Message-ID: <4AB3DEE4.3060109@frasunek.com>
Date: Fri, 18 Sep 2009 21:26:28 +0200
From: Przemyslaw Frasunek <przemyslaw@frasunek.com>
Organization: frasunek.com
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Reko Turja <reko.turja@liukuma.net>
References: <4AAE95B2.5050409@sitpub.com><20090915031437.GA20647@brisbane.nepharia.org>	<4AB37BB2.3070606@mailinglist.ahhyes.net>
	<977EC17F30A642A5B2DFACE4D8A25A89@rivendell>
In-Reply-To: <977EC17F30A642A5B2DFACE4D8A25A89@rivendell>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: reporter on deadline seeks comment about reported security bug
 in FreeBSD
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2009 19:26:50 -0000

Reko Turja pisze:
> As someone who has manipulated moving picture for fun and profit, having
> a video of something is a proof of nothing. For all what it's worth the
> OS in video might be FreeBSD - or even loonix made to look like FreeBSD,
> made vulnerable on purpose of tarring the project.
> 
> Until the security team gives their official response and patches, I
> read the entire story with a grain of salt, especially as the originator
> was so keen on getting his discovery into news websites...

Actually, the 6.4 vulnerability was confirmed by Xin Li on freebsd-security@.
The patch along with advisory will be out very soon.

You might be also interested in reading statement on my webpage, regarding both
6.4 and 7.2 vulnerabilities.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com ** NICHDL: PMF9-RIPE *
* Jabber ID: venglin@czuby.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ5JIV *