From owner-freebsd-security Sun May 21 21:59:29 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id EBEF137B58A for ; Sun, 21 May 2000 21:59:24 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id WAA06194; Sun, 21 May 2000 22:59:00 -0600 (MDT) Message-Id: <4.3.1.2.20000521225733.048a0c40@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Sun, 21 May 2000 22:58:57 -0600 To: Warner Losh , cjclark@home.com From: Brett Glass Subject: Re: The procfs Hole in 2.2.8-STABLE? Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <200005220437.WAA92094@harmony.village.org> References: <20000521140847.G96573@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hopefully, some of the things that are being fixed in 4.0 will be backported to 3.5. We want 3.5 to be the "golden" release that we use for production until 4.2 is ready and stable. --Brett At 10:37 PM 5/21/2000, Warner Losh wrote: >In message <20000521140847.G96573@cc942873-a.ewndsr1.nj.home.com> "Crist J. Clark" writes: >: Am I to take it that 2.2.8-STABLE would be vulnerable? The following > >Yes. There are many vulnerabilities that were fixed in 3.x that >haven't been back ported to 2.x. > >Warner > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message