From owner-freebsd-security Sat Jun 29 13:56:34 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF85037B401 for ; Sat, 29 Jun 2002 13:56:31 -0700 (PDT) Received: from mail-relay1.yahoo.com (mail-relay1.yahoo.com [216.145.48.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14C0443E0A for ; Sat, 29 Jun 2002 13:56:31 -0700 (PDT) (envelope-from DougB@FreeBSD.org) Received: from FreeBSD.org (12-234-90-219.client.attbi.com [12.234.90.219]) by mail-relay1.yahoo.com (Postfix) with ESMTP id 6032A8B5B1; Sat, 29 Jun 2002 13:56:30 -0700 (PDT) Message-ID: <3D1E1EFD.6B096D3E@FreeBSD.org> Date: Sat, 29 Jun 2002 13:56:29 -0700 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.79 [en] (X11; U; FreeBSD 4.6-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Makoto Matsushita Cc: security@FreeBSD.ORG Subject: Re: libc resolver fix: can we applied to 3-stable or before? References: <20020629130607U.matusita@jp.FreeBSD.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Makoto Matsushita wrote: > > Simple question: Is our 3-stable libc vulnerable? According to some information I have, the bug goes all the back to 1990, or so. Therefore I'd say yes, it's very likely to be vulnerable, but it should be pretty easy for you to use cvsweb and diff the files. Doug To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message