From owner-freebsd-security Wed Nov 29 2:35:54 2000 Delivered-To: freebsd-security@freebsd.org Received: from mailgw2.netvision.net.il (mailgw2.netvision.net.il [194.90.1.9]) by hub.freebsd.org (Postfix) with ESMTP id 0B81737B400 for ; Wed, 29 Nov 2000 02:35:51 -0800 (PST) Received: from alchemy.oven.org (ras9-p162.hfa.netvision.net.il [62.0.104.162]) by mailgw2.netvision.net.il (8.9.3/8.9.3) with ESMTP id MAA10800 for ; Wed, 29 Nov 2000 12:36:18 +0200 (IST) Received: (from mapc@localhost) by alchemy.oven.org (8.11.1/8.11.1) id eATAZml74619; Wed, 29 Nov 2000 12:35:48 +0200 (IST) (envelope-from mapc) Date: Wed, 29 Nov 2000 12:35:48 +0200 From: Roman Shterenzon To: freebsd-security@freebsd.org Cc: "bash1 port maintainer "@alchemy.oven.org Subject: bash vulnerability Message-ID: <20001129123448.A74595@alchemy.oven.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, The bash seems vulnerable to the symlink attack as well: http://www.securityfocus.com/bid/2006 Who is the maintainer of the bash2 now? ache@freebsd.org seems unreachable.. --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message