Date: Fri, 20 Sep 2002 02:01:35 +0800 From: Ying-Chieh Liao <ijliao@FreeBSD.ORG> To: Kris Kennaway <kris@obsecurity.org> Cc: Karl Friesen <krf@splip.com>, ports@FreeBSD.ORG, trevor@FreeBSD.ORG Subject: Re: compat3x-i386-4.4.20011227 Message-ID: <20020919180135.GB24699@terry.dragon2.net> In-Reply-To: <20020919175644.GA72585@xor.obsecurity.org> References: <5.1.0.14.1.20020918223219.02f33148@cutlass.cyclonus.com> <20020919175644.GA72585@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Y7xTucakfITjPcLV Content-Type: text/plain; charset=big5 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Sep 19, 2002 at 10:56:44 -0700, Kris Kennaway wrote: > On Wed, Sep 18, 2002 at 10:36:43PM -0500, Karl Friesen wrote: > > This library has been marked as FORBIDDEN because of a resolver buffer= =20 > > overflow in libc. However, it is a required component for=20 > > apache13-fp. What is the chance of getting the buffer overflow fixed = and=20 > > a new version out? I know that FreeBSD-STABLE has been frozen until th= e=20 > > new release, but my client will be asking when they can expect their FP= =20 > > capable server.. > The vulnerability was fixed in the 3.x sources, so someone needs to > just update the port. according to pr/36801 and pr/36802, I think that trevor was willing to do i= t :) --=20 self-producing in python : l=3D'l=3D%s;print l%%`l`';print l%`l` -- Frank Stajano --Y7xTucakfITjPcLV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9ihD/rMYBZRHAI4IRAg+4AKD8kbf0zSMIpwfQYcNpXAsBn1hK6gCdFIKS j1J1KKo7kI0oDHePE+brpdo= =7G7W -----END PGP SIGNATURE----- --Y7xTucakfITjPcLV-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020919180135.GB24699>