From owner-freebsd-security@FreeBSD.ORG Thu Dec 3 11:17:30 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 89B08106568F for ; Thu, 3 Dec 2009 11:17:30 +0000 (UTC) (envelope-from ml@netfence.it) Received: from cp-out8.libero.it (cp-out8.libero.it [212.52.84.108]) by mx1.freebsd.org (Postfix) with ESMTP id 1E1568FC20 for ; Thu, 3 Dec 2009 11:17:29 +0000 (UTC) Received: from soth.ventu (151.51.164.240) by cp-out8.libero.it (8.5.107) id 4B14C099008329A8 for freebsd-security@freebsd.org; Thu, 3 Dec 2009 12:05:53 +0100 Received: from alamar.ventu (alamar.ventu [10.1.2.18]) by soth.ventu (8.14.3/8.14.2) with ESMTP id nB3B5qtb070486 for ; Thu, 3 Dec 2009 12:05:52 +0100 (CET) (envelope-from ml@netfence.it) Message-ID: <4B179B90.10307@netfence.it> Date: Thu, 03 Dec 2009 12:05:52 +0100 From: Andrea Venturoli User-Agent: Thunderbird 2.0.0.23 (X11/20090828) MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <200912030930.nB39UhW9038238@freefall.freebsd.org> In-Reply-To: <200912030930.nB39UhW9038238@freefall.freebsd.org> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:16.rtld X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Dec 2009 11:17:30 -0000 FreeBSD Security Advisories ha scritto: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ============================================================================= > FreeBSD-SA-09:16.rtld Security Advisory > The FreeBSD Project > > Topic: Improper environment sanitization in rtld(1) > > Category: core > Module: rtld > Announced: 2009-12-03 > Affects: FreeBSD 7.0 and later. > Corrected: 2009-12-01 02:59:22 UTC (RELENG_8, 8.0-STABLE) > 2009-12-03 09:18:40 UTC (RELENG_8_0, 8.0-RELEASE-p1) > 2009-12-01 03:00:16 UTC (RELENG_7, 7.2-STABLE) > 2009-12-03 09:18:40 UTC (RELENG_7_2, 7.2-RELEASE-p5) > 2009-12-03 09:18:40 UTC (RELENG_7_1, 7.1-RELEASE-p9) Sorry, this might seem a stupid question, but... In several places I read that FreeBSD 6.x is NOT affected; however, I heard some people discussing how to apply the patch to such systems. So, I'd like to know for sure: is 6.x affected? Is another patch on the way for it? bye & Thanks av.