Date: Fri, 13 Sep 2002 16:54:07 +0300 From: Peter Pentchev <roam@ringlet.net> To: Jacques Vidrine <nectar@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/mail/qmailadmin Makefile Message-ID: <20020913135407.GC384@straylight.oblivion.bg> In-Reply-To: <200209111859.g8BIxuxs074949@freefall.freebsd.org> References: <200209111859.g8BIxuxs074949@freefall.freebsd.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Wed, Sep 11, 2002 at 11:59:56AM -0700, Jacques Vidrine wrote: > nectar 2002/09/11 11:59:56 PDT > > Modified files: > mail/qmailadmin Makefile > Log: > Setuid binary is exploitable. > http://security-archive.merton.ox.ac.uk/bugtraq-200208/0117.html Er.. I believe that the security flaw that this refers to was fixed prior to the release of qmailadmin-1.0.6, as stated in my message with the commit that updated the port to 1.0.6; actually, that was my primary reason for the port update :) I've removed the FORBIDDEN line now. G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If this sentence didn't exist, somebody would have invented it. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9ge3/7Ri2jRYZRVMRAjR7AKCt+JQYwetMGseaMETCSUmGu1o6BQCffGHw AKy/hSp9FXtFRfxMNneWq+U= =XhQV -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020913135407.GC384>