Date: Wed, 5 Feb 1997 17:01:24 +0100 (MET) From: Guido van Rooij <guido@gvr.win.tue.nl> To: jgreco@solaria.sol.net (Joe Greco) Cc: Guido.vanRooij@nl.cis.philips.com, joerg_wunsch@uriah.heep.sax.de, core@freebsd.org, security@freebsd.org, jkh@freebsd.org Subject: Re: 2.1.6+++: crt0.c CRITICAL CHANGE Message-ID: <199702051601.RAA16464@gvr.win.tue.nl> In-Reply-To: <199702051447.IAA11557@solaria.sol.net> from Joe Greco at "Feb 5, 97 08:47:11 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> > PERFECT!!! We have a solution :-) (this was the most worrisome security > hole, the smaller ones like talkd could be "patched" much more easily). > > But could you be a little more vague, please? Where do I get it from? :-) > > I don't see it on Freefall... a DejaNews search doesn't turn anything up... > Ah. I see it on the security list archive. > > Jordan: once we have it tested, can we get this posted somewhere and make > big blinking neon signs that PEOPLE NEED TO RUN THIS? I'm gonna compile > it up and try it shortly. > > With this, it would be MUCH simpler to release a "security binary kit" > upgrade to 2.1.X series systems. There's still one thing to add to lfix: it should call chflags(2) when it is required. -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702051601.RAA16464>