From owner-freebsd-security Mon Mar 24 8: 0:38 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D9BF37B405 for ; Mon, 24 Mar 2003 08:00:32 -0800 (PST) Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id A5D3E43FFB for ; Mon, 24 Mar 2003 08:00:20 -0800 (PST) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 3C6FC69; Mon, 24 Mar 2003 10:00:20 -0600 (CST) Received: by madman.celabo.org (Postfix, from userid 1001) id 20FF878C43; Mon, 24 Mar 2003 10:00:20 -0600 (CST) Date: Mon, 24 Mar 2003 10:00:20 -0600 From: "Jacques A. Vidrine" To: D J Hawkey Jr Cc: twig les , freebsd-security@FreeBSD.ORG Subject: Re: another TCPDump update question Message-ID: <20030324160020.GA1911@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , D J Hawkey Jr , twig les , freebsd-security@FreeBSD.ORG References: <20030311231326.82217.qmail@web10107.mail.yahoo.com> <20030324151410.GE94153@madman.celabo.org> <20030324093021.A8296@sheol.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030324093021.A8296@sheol.localdomain> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.3i-ja.1 X-Spam-Status: No, hits=-31.3 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REFERENCES,REPLY_WITH_QUOTES,USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Mar 24, 2003 at 09:30:21AM -0600, D J Hawkey Jr wrote: > On Mar 24, at 09:14 AM, Jacques A. Vidrine wrote: > > You didn't miss anything. There won't be a security advisory for this > > issue. > > No? > > Without insulting anyone, may I ask why not? tcpdump is included in the > base/standard OS, afterall, and so is libpcap, which appears to be related. > > IIRC, there have been SAs for DOS vulnerabilities before. What or where > is the line for what is or is not eligible for a SA? Well, there are no hard-n-fast rules. It's a judgement call. We generally limit SAs to those issues that we deem `important', so as not to devalue them. (c.f. The Boy Who Cried Wolf) You're right: there have been SAs for remote DoSs before. In this case, both the cirumstances that could lead to this remote DoS, and especially the impact of the bug are so minimal as to not be worth updating your system. Cheers, -- Jacques A. Vidrine http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message