From owner-freebsd-security  Mon Aug 14 10: 6:19 2000
Delivered-To: freebsd-security@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP id 5309B37BB17
	for <freebsd-security@FreeBSD.ORG>; Mon, 14 Aug 2000 10:06:13 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id TAA86190;
	Mon, 14 Aug 2000 19:06:42 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200008141706.TAA86190@grimreaper.grondar.za>
To: Torbjorn Kristoffersen <sgt@netcom.no>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: suidperl exploit 
References: <Pine.BSF.4.21.0008102014330.1705-100000@hal.netforce.no> 
In-Reply-To: <Pine.BSF.4.21.0008102014330.1705-100000@hal.netforce.no> ; from Torbjorn Kristoffersen <sgt@netcom.no>  "Thu, 10 Aug 2000 20:19:44 +0200."
Date: Mon, 14 Aug 2000 19:06:41 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> I don't think there'll be a patch to this problem. Everyone should
> instead download the recent version.

Actually, we _did_ fix this, and we went a bit further too.

The actual problem was not dangerous to FreeBSD, but it raised the
"Danger!" flag over suidperl, and we dealt with that.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message