Date: Tue, 12 Nov 2019 15:39:04 -0800 From: Cy Schubert <Cy.Schubert@cschubert.com> To: mike tancsa <mike@sentex.net> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: libarchive issue ? Message-ID: <201911122339.xACNd4mP091059@slippy.cwsent.com> In-Reply-To: <7a8b39d8-fd86-4d89-8893-4cf3bf34d447@sentex.net> References: <7a8b39d8-fd86-4d89-8893-4cf3bf34d447@sentex.net>
index | next in thread | previous in thread | raw e-mail
In message <7a8b39d8-fd86-4d89-8893-4cf3bf34d447@sentex.net>, mike tancsa write s: > Hi, > > I was thinking with the 2 intel CPU SAs, there would be an SA fo > libarchive issue ? > > https://nvd.nist.gov/vuln/detail/CVE-2019-18408 > > Or is FreeBSD not vulnerable to this particular issue ? I think as fix was > > __FBSDID("$FreeBSD: > stable/12/contrib/libarchive/libarchive/archive_read_support_filter_lz4.c > 353375 2019-10-09 22:18:01Z mm $"); > > but just wanted to make sure Parsing the commit log messages, we're beyond 3.4.0. Looks like we're ok. -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201911122339.xACNd4mP091059>