From owner-freebsd-security Wed Dec 15 22:15:42 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id CA98D15545 for ; Wed, 15 Dec 1999 22:15:37 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id XAA80181; Wed, 15 Dec 1999 23:15:35 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id XAA69151; Wed, 15 Dec 1999 23:15:35 -0700 (MST) Message-Id: <199912160615.XAA69151@harmony.village.org> To: Chris England Subject: Re: From BugTraq - FreeBSD 3.3 xsoldier root exploit (fwd) Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Wed, 15 Dec 1999 20:36:53 PST." References: Date: Wed, 15 Dec 1999 23:15:35 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message Chris England writes: : I personally have not tested this. I'm not too big on games, but I would : recommend anyone who has this game installed suid-root to test the snippet : code against it and post the results to this list. The bugtraq guys forwarded the report to SO before they sent it to bugtraq. We had it fixed within a couple of hours (and it would have been faster if we weren't in ports freeze). The xsoldier package is bumped from 3.4R, but the patch for the port will be on the cd, and has been in the repo for a coule of hours now :-) Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message