Date: Wed, 23 Jan 2002 19:05:16 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: "David E. O'Brien" <obrien@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, security-officer@FreeBSD.org Subject: Re: cvs commit: ports/net/rsync Makefile ports/net/rsync/files patch-251-secfix Message-ID: <Pine.NEB.3.96L.1020123190443.49432B-100000@fledge.watson.org> In-Reply-To: <200201232332.g0NNWLr73861@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This might need a ports security advisory, especially since the ports freeze for RELENG_4_5 has already happened. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Wed, 23 Jan 2002, David E. O'Brien wrote: > obrien 2002/01/23 15:32:21 PST > > Modified files: > net/rsync Makefile > Added files: > net/rsync/files patch-251-secfix > Log: > Fix a signedness security vunerability discovered by Todd@openbsd.org where > rsync was not sufficiently careful about reading integers from the network. > This is fixed in the rsync CVS repo by a patch from Sebastian Krahmer > <krahmer@suse.de>. > > Submitted by: naddy > Approved by: steve > Obtained from: rsync CVS repo > > Revision Changes Path > 1.61 +1 -0 ports/net/rsync/Makefile > 1.1 +315 -0 ports/net/rsync/files/patch-251-secfix (new) > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020123190443.49432B-100000>