Date: Thu, 27 May 2010 09:59:38 +0300 From: Dmitry Pryanishnikov <lynx.ripe@gmail.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-10:05.opie Message-ID: <AANLkTikHAZTCgc4R8AsTKFlcWXLXUF_aLGoySmP3kjyt@mail.gmail.com> In-Reply-To: <201005270325.o4R3P7Bj009279@freefall.freebsd.org> References: <201005270325.o4R3P7Bj009279@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! 2010/5/27 FreeBSD Security Advisories <security-advisories@freebsd.org>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ============================================================================= > FreeBSD-SA-10:05.opie Security Advisory > The FreeBSD Project ... > IV. Workaround > No workaround is available, but systems without OPIE capable services > running are not vulnerable. Wouldn't just commenting out all references to pam_opie* in /etc/pam.d/* create a viable workaround? > a) Download the relevant patch from the location below, and verify the > detached PGP signature using your PGP utility. > > # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch > # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch.asc Apparently correct URLs are # fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch # fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch.asc -- Sincerely, Dmitry nic-hdl: LYNX-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikHAZTCgc4R8AsTKFlcWXLXUF_aLGoySmP3kjyt>