From owner-freebsd-security@freebsd.org Tue Apr 26 03:13:07 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D1F80B0DB1D for ; Tue, 26 Apr 2016 03:13:07 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 864661F93 for ; Tue, 26 Apr 2016 03:13:07 +0000 (UTC) (envelope-from kaduk@mit.edu) X-AuditID: 1209190f-ca3ff70000004b9e-3d-571edb8d1378 Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 6A.01.19358.D8BDE175; Mon, 25 Apr 2016 23:07:57 -0400 (EDT) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id u3Q37vLG006428; Mon, 25 Apr 2016 23:07:57 -0400 Received: from multics.mit.edu (system-low-sipb.mit.edu [18.187.2.37]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u3Q37s8T005284 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 25 Apr 2016 23:07:56 -0400 Received: (from kaduk@localhost) by multics.mit.edu (8.12.9.20060308) id u3Q37rvQ009678; Mon, 25 Apr 2016 23:07:53 -0400 (EDT) Date: Mon, 25 Apr 2016 23:07:53 -0400 (EDT) From: Benjamin Kaduk To: Tim Zingelman cc: Rustam , "freebsd-security@freebsd.org" Subject: Re: Signal 11 dumps in telnetd (freebsd 10.3 release) In-Reply-To: Message-ID: References: <6c6961526afe4f8b947fa11d585befd3@BY2PR09MB0754.namprd09.prod.outlook.com> User-Agent: Alpine 1.10 (GSO 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrJIsWRmVeSWpSXmKPExsUixG6nott7Wy7cYFazrUXPpidsFk3T2tgt 3v6ewurA7LHhzG0mjxmf5rN47Jx1lz2AOYrLJiU1J7MstUjfLoErY/K5+WwFm5gq3vRPZ2tg /MrYxcjJISFgInFz7T3mLkYuDiGBNiaJF6sOsEA4GxklGqa1QTmHmCT2bH7HCOE0MEosX/CL HaSfRUBbYsbzh2A2m4CKxMw3G9lAbBEBNYl3E9vA4swCGRJ3Z08Gs4UF7CSaP7WD1XAC2a9u gqzj5OAVcJR4eO4/G8SCDkaJg6fugBWJCuhIrN4/BapIUOLkzCcsEEO1JJZP38YygVFgFpLU LCSpBYxMqxhlU3KrdHMTM3OKU5N1i5MT8/JSi3RN9HIzS/RSU0o3MYJClVOSfwfjnAbvQ4wC HIxKPLwKy+TChVgTy4orcw8xSnIwKYny/pkMFOJLyk+pzEgszogvKs1JLT7EKMHBrCTCq34O KMebklhZlVqUD5OS5mBREudlZGBgEBJITyxJzU5NLUgtgsnKcHAoSfBK3AJqFCxKTU+tSMvM KUFIM3FwggznARq+9CbI8OKCxNzizHSI/ClGXY4FP26vZRJiycvPS5US590FUiQAUpRRmgc3 B5xidjOpvmIUB3pLmHciyDoeYHqCm/QKaAkT0JLLh2RBlpQkIqSkGhhtdP6V+iqzX9koNK+l ftWmPUHT8/O7GtuWz2ic+WPRlI+v9r2O2/pMtSp1bb57xxmPdY/9S58eOscqU1DRkcx5TTer 5PPtWo9fhxWu/JCM/MvnoBKlxsjyOGiWoZ3yFZ8LOxJy9jyZHi+y4WD3qbJ99m5rVvEl6JVf arTJnqx4ZmnVnYM6j/yUWIozEg21mIuKEwHhiZIpDAMAAA== X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Apr 2016 03:13:07 -0000 On Mon, 25 Apr 2016, Tim Zingelman wrote: > See if the attached patch helps. > > It applies cleanly to ports/security/krb5-appl, but may need adjustment for > the base system telnetd. [Obligatory note that krb5-appl is unmaintained upstream, due to insecure crypto, among other things.] -Ben