Date: Tue, 16 Sep 2003 20:36:18 +0100 From: Ceri Davies <setantae@submonkey.net> To: Kris Kennaway <kris@obsecurity.org> Cc: stable@freebsd.org Subject: Re: Release Engineering Status Report Message-ID: <20030916193618.GC53304@submonkey.net> In-Reply-To: <20030916192659.GA11518@rot13.obsecurity.org> References: <xzpr82graow.fsf@dwp.des.no> <JCEIKJMCANNPGKFKGLKLAEPGDPAA.mikej@trigger.net> <20030916171436.GA12867@ei.bzerk.org> <200309161416.17241.craig@meoqu.gank.org> <20030916192659.GA11518@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--xesSdrSSBC0PokLI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 16, 2003 at 12:26:59PM -0700, Kris Kennaway wrote: > On Tue, Sep 16, 2003 at 02:16:17PM -0500, Craig Boston wrote: > > On Tuesday 16 September 2003 12:14 pm, Ruben de Groot wrote: > > > Fortunately, there's allready a patch in the source tree: > > > > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.dif= f?r1=3D1 > > >.1.1.6&r2=3D1.1.1.7&f=3Dh > >=20 > > Yes, fortunately the patch is there. I noticed however that in the ver= sion=20 > > committed to the RELENG_4_8 branch, RCSID wasn't changed, so it's not= =20 > > possible to use ident to tell if your libssh needs to be patched or not= (both=20 > > old and new say 1.16)... Was that an oversight or should I be using so= me=20 > > other method to determine if I'm running a vulnerable version or not? >=20 > Err, the RCS ID is updated automatically upon CVS checkin..is that > really what you mean? I think so. In RELENG_4 at least, there is no $FreeBSD$ tag in that file. Ceri --=20 User: DO YOU ACCEPT JESUS CHRIST AS YOUR PERSONAL LORD AND SAVIOR? Iniaes: Sure, I can accept all forms of payment. -- www.chatterboxchallenge.com --xesSdrSSBC0PokLI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/Z2YyocfcwTS3JF8RAuDLAKCeTAq0Q10O/2EoUBUG0AfXAevoeACgs0dP 8CsLI1/SqyEgwxaNLqyDRa0= =fHq/ -----END PGP SIGNATURE----- --xesSdrSSBC0PokLI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030916193618.GC53304>