Date: Thu, 28 Sep 2000 09:48:54 +0200 (SAST) From: Reinier Bezuidenhout <rbezuide@oskar.nanoteq.co.za> To: Alfred Perlstein <bright@wintelcom.net> Cc: green@FreeBSD.ORG, freebsd-security@FreeBSD.ORG, sigma@pair.com, Kris Kennaway <kris@FreeBSD.ORG>, Mike Silbersack <silby@silby.com> Subject: Re: Status of FreeBSD-SA-00:41.elf? Message-ID: <XFMail.000928094854.rbezuide@oskar.nanoteq.co.za> In-Reply-To: <20000927144339.F9141@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi ... Unfortunately I cannot setup a jailed machine for people out there .. but if anyone can provide such malformed elf binaries, I'll test it on some machines here ... run it for a few days and report back ... I'll get the patches etc from the advisories ... check to see if they fit into 3.5-stable apply them and test them. So ... bottom line ... anyone got such malformed binaries ?? Reinier On 27-Sep-00 Alfred Perlstein wrote: > * Mike Silbersack <silby@silby.com> [000927 14:38] wrote: >> >> On Wed, 27 Sep 2000, Kris Kennaway wrote: >> >> > The issue is that most FreeBSD developers do not have a 3.5 machine >> > available for testing - BSDi were supposed to be setting up one for us to >> > use but it has not yet come through. This makes it very hard to test >> > security fixes to the 3.5 branch so we don't break it by just committing >> > blindly (in fact, I think we should officially drop security support for >> > the 3.x branch because in practise it's not being supported for security >> > fixes). I believe the problem is still not fixed in 3.5-STABLE at this >> > time. >> >> One of the features of FreeBSD which I've found appealing in comparison to >> the linuxes I've seen is the relative ease of upgrade and assurance that >> your base system is secure after a simple buildworld/installworld. I >> think that losing this feature for any version more than three months old >> would be a serious blow to the confidence of FreeBSD users >> everywhere. >> > [snip] > > Before everyone goes off the deep end: > > http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/net/res_send.c > > Revision 1.25.2.2 / (download) - annotate - [select for diffs] , Sat Sep 23 > 22:48:45 2000 UTC (3 days, 22 hours ago) by alfred > > People are working on 3.x, just because a single developer doesn't > have the reasources at the moment to address a problem doesn't mean > we aren't addressing the issues. > > -- > -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] > "I have the heart of a child; I keep it in a jar on my desk." > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message ################################################################### # # # R.N. Bezuidenhout NetSeq Firewall # # rbezuide@oskar.nanoteq.co.za http://www.nanoteq.co.za # # # ################################################################### ---------------------------------- Date: 28-Sep-00 Time: 09:43:40 This message was sent by XFMail ---------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.000928094854.rbezuide>