From owner-freebsd-security  Sat Jun 29 11:37:14 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 49ADF37B400
	for <security@FreeBSD.ORG>; Sat, 29 Jun 2002 11:37:10 -0700 (PDT)
Received: from lariat.org (lariat.org [63.229.157.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7862D43E09
	for <security@FreeBSD.ORG>; Sat, 29 Jun 2002 11:37:09 -0700 (PDT)
	(envelope-from brett@lariat.org)
Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2])
	by lariat.org (8.9.3/8.9.3) with ESMTP id MAA12655;
	Sat, 29 Jun 2002 12:36:46 -0600 (MDT)
X-message-flag: Warning! Use of Microsoft Outlook is dangerous and makes your system susceptible to Internet worms.
Message-Id: <4.3.2.7.2.20020629123529.02ce2af0@localhost>
X-Sender: brett@localhost
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Sat, 29 Jun 2002 12:36:39 -0600
To: Makoto Matsushita <matusita@jp.FreeBSD.org>, security@FreeBSD.ORG
From: Brett Glass <brett@lariat.org>
Subject: Re: libc resolver fix: can we applied to 3-stable or before?
In-Reply-To: <20020629130607U.matusita@jp.FreeBSD.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

We need to know this too. We have some embedded systems based on
2.2.7 and 2.2.8. The vendors are defunct, but we are hoping to
patch or shield the systems.

--Brett

At 10:06 PM 6/28/2002, Makoto Matsushita wrote:
  

>Simple question: Is our 3-stable libc vulnerable?  If so, can we apply
>the same patch to RELENG_3 also?  If 3-stable libc is vulnerable, our
>compat3x/libc.so.3.uu bundled with 4-stable (and 5-stable in the
>future) is also vulnerable, and it would be good to fix.
>
>Note that same stories are also applied to libc of 2.2-stable or before.
>
>-- -
>Makoto `MAR' Matsushita
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message