From owner-freebsd-chat@FreeBSD.ORG Tue Apr 1 04:04:12 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0901137B401 for ; Tue, 1 Apr 2003 04:04:12 -0800 (PST) Received: from smtp.eos.ocn.ne.jp (eos.ocn.ne.jp [211.6.83.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4BEB543F75 for ; Tue, 1 Apr 2003 04:04:11 -0800 (PST) (envelope-from security-advisories@FreeBSD.ORG) Received: from mail.allbsd.org (p64146-adsao12honb4-acca.tokyo.ocn.ne.jp [220.96.146.146]) by smtp.eos.ocn.ne.jp (Postfix) with ESMTP id 3FDE94FA9 for ; Tue, 1 Apr 2003 21:04:09 +0900 (JST) Received: from localhost (alph.allbsd.org [192.168.0.10]) h31BnKDC070372 for ; Tue, 1 Apr 2003 20:49:21 +0900 (JST) (envelope-from security-advisories@FreeBSD.ORG) Date: Tue, 01 Apr 2003 20:41:34 +0900 (JST) Message-Id: <20030401.204134.48514670.hrs@eos.ocn.ne.jp> From: FreeBSD Security Advisories To: freebsd-chat@FreeBSD.org Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: FreeBSD Security Advisory FreeBSD-SA-03:99.freebsd-sa X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: hrs@FreeBSD.org List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2003 12:04:12 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:99.freebsd-sa Security Advisory The FreeBSD Project Topic: potential Y2K problem in FreeBSD Security Advisory Category: security Module: security_notification Announced: 2003-04-01 Credits: Anonymous Paranoia Affects: All releases of FreeBSD Corrected: not yet FreeBSD only: YES I. Background FreeBSD Security Advisory is a security notification from FreeBSD Security Officer when a critical vulnerability of FreeBSD is identified. II. Problem Description Each FreeBSD Security Advisory is given a number like FreeBSD-SA-03:01. `03' indicates the advisory is published in 2003, and `01' indicates the advisory is the 1st one in the year. Because the former consists of a number with two digits, a integer overflow may occur when (or after?, it depends) you will die of old age. FreeBSD Security Advisory has been published since 1996. III. Impact Y2K nightmare will strike back in 2100, and before that, the security officer will certainly be troubled in 2096. IV. Workaround There is no workaround. V. Solution Execute the following commands: a) for advisories issued before 2000: % cat /path/to/FreeBSD-SA-XX:XX.txt.asc\ | sed -e 's/FreeBSD-SA-\([0-9]*\):\([0-9]*\)/FreeBSD-SA-19\1:\2/g' b) for advisories issued between 2000 and 2099: % cat /path/to/FreeBSD-SA-XX:XX.txt.asc\ | sed -e 's/FreeBSD-SA-\([0-9]*\):\([0-9]*\)/FreeBSD-SA-20\1:\2/g' c) for advisories issued after 2100: % cat /path/to/FreeBSD-SA-XX:XX.txt.asc\ | sed -e 's/FreeBSD-SA-\([0-9]*\):\([0-9]*\)/FreeBSD-SA-21\1:\2/g' NOTE: Once you know when an advisory was issued, you may notice that the problem is insignificant. Yes, you are right. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+iXmUTyzT2CeTzy0RAubPAKC7sk17vqBCIxsWw30KczXiJ0wyuQCg2kEi Opx6aV/qNQWLoeAPDIuF+IA= =ETbS -----END PGP SIGNATURE-----