From owner-freebsd-security  Thu Aug 16 23:44:39 2001
Delivered-To: freebsd-security@freebsd.org
Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6C17D37B40A; Thu, 16 Aug 2001 23:44:30 -0700 (PDT)
	(envelope-from eugen@svzserv.kemerovo.su)
Received: from svzserv.kemerovo.su (kost [213.184.65.82])
	by www.svzserv.kemerovo.su (8.9.3/8.9.3) with ESMTP id OAA50391;
	Fri, 17 Aug 2001 14:44:27 +0800 (KRAST)
	(envelope-from eugen@svzserv.kemerovo.su)
Message-ID: <3B7CBD47.1EA32FED@svzserv.kemerovo.su>
Date: Fri, 17 Aug 2001 14:44:23 +0800
From: Eugene Grosbein <eugen@svzserv.kemerovo.su>
Organization: SVZServ
X-Mailer: Mozilla 4.76 [en] (Win95; U)
X-Accept-Language: ru,en
MIME-Version: 1.0
To: security@FreeBSD.ORG
Cc: imp@FreeBSD.ORG
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:40.fts [REVISED]
References: <200108170630.f7H6UuU68762@freefall.freebsd.org>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

FreeBSD Security Advisories wrote:

> =============================================================================
> FreeBSD-SA-01:40                                           Security Advisory
>                                                                 FreeBSD, Inc.> 
> Topic:          fts(3) routines contain race condition [REVISED]
> 
> Category:       core
> Module:         libc
> Announced:      2001-06-04
> Revised:        2001-08-16
> Credits:        Nick Cleaton <nick@cleaton.net>
>                 Todd Miller <millert@openbsd.org> helped to develop the
>                 patch.
> Affects:        FreeBSD 4.3-RELEASE, 4.3-STABLE prior to the correction
>                 date.
> Corrected:      2001-06-01
> FreeBSD only:   NO

Now this is the only Advisory that is actual for FreeBSD 3.5-STABLE 
(e.g. that does not provide fix). Even later FreeBSD-SA-01:42 does provide
a patch. However, http://www.FreeBSD.org/cgi/query-pr.cgi?pr=27922
suggests patch for RELENG_3. My system runs with it for more than 2 months.
Please consider this PR.

Eugene Grosbein

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message