From owner-freebsd-security  Fri Feb 27 12:45:37 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA26275
          for freebsd-security-outgoing; Fri, 27 Feb 1998 12:45:37 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from gvr.gvr.org (root@gvr.gvr.org [194.151.74.97])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA26241;
          Fri, 27 Feb 1998 12:45:10 -0800 (PST)
          (envelope-from guido@gvr.org)
Received: (from guido@localhost)
	by gvr.gvr.org (8.8.6/8.8.5) id VAA06582;
	Fri, 27 Feb 1998 21:36:55 +0100 (MET)
From: Guido van Rooij <guido@gvr.org>
Message-Id: <199802272036.VAA06582@gvr.gvr.org>
Subject: Re: OpenBSD Security Advisory: mmap() Problem
In-Reply-To: <199802272025.MAA16117@burka.rdy.com> from Dima Ruban at "Feb 27, 98 12:25:27 pm"
To: dima@best.net
Date: Fri, 27 Feb 1998 21:36:55 +0100 (MET)
Cc: dima@best.net, eivind@yes.no, jkh@time.cdrom.com,
        cschuber@uumail.gov.bc.ca, tqbf@secnet.com,
        freebsd-security@FreeBSD.ORG, security-officer@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk

Dima Ruban wrote:
> Guido van Rooij writes:
> > > > It's a major bug on their part.  I can't see much we can do about it,
> > > > beyond notifying them that the change will take place, and helping
> > > > them distribute announcements.
> > > 
> > > I already did that.
> > > 
> > 
> > And what was their reaction?
> 
> They said, that new release is gonna be in a few months. However, I've
> suggested them to release a binary patch that will patch server binaries.
> I even sent them a program that patches v4.1/v3.1 AX servers.
> I haven't heard from them ever since. This was about 2 hours ago.
> 
> I certainly hope that they actually will release a patch before the next
> release. At least it sounded like they will.

Perhaps it would be a good thing if we send a pointer to a possible
binary patch when sending out our advisory.

-Guido

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message