From owner-freebsd-security Thu Jul 6 12:44:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from orion.ac.hmc.edu (Orion.AC.HMC.Edu [134.173.32.20]) by hub.freebsd.org (Postfix) with ESMTP id A229937B61A for ; Thu, 6 Jul 2000 12:44:10 -0700 (PDT) (envelope-from brdavis@orion.ac.hmc.edu) Received: (from brdavis@localhost) by orion.ac.hmc.edu (8.8.8/8.8.8) id MAA02365; Thu, 6 Jul 2000 12:44:01 -0700 (PDT) Date: Thu, 6 Jul 2000 12:44:01 -0700 From: Brooks Davis To: Brett Glass Cc: Matt Heckaman , security@FreeBSD.ORG Subject: Re: ftpd and setproctitle() Message-ID: <20000706124401.A1224@orion.ac.hmc.edu> References: <4.3.2.7.2.20000706113724.04789470@localhost> <4.3.2.7.2.20000706132133.04a94ad0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre4i In-Reply-To: <4.3.2.7.2.20000706132133.04a94ad0@localhost>; from brett@lariat.org on Thu, Jul 06, 2000 at 01:28:33PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Jul 06, 2000 at 01:28:33PM -0600, Brett Glass wrote: > Thank you! I've checked 3.1, and it's OK too. Theo just wrote > to say that he thinks the bug originated in BSD 4.4-Lite. (And, > I guess, has been around since that time due to the wonderful > error-encouraging nature of the C language -- Sigh.) > > I'm hoping that the bug was nailed prior to 2.2.8, which a number > of sites with an "if it ain't broke, don't fix it" policy are still > running. > > Anyone have a 2.2.8 CD handy? Mine's long gone. Who needs a CD? CVS is your friend. The bug is fixed in 2.2.0. It was fixed somewhere between 2.2.0 and 2.1.0. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message