From owner-freebsd-security Wed Oct 29 14:16:49 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id OAA19939 for security-outgoing; Wed, 29 Oct 1997 14:16:49 -0800 (PST) (envelope-from owner-freebsd-security) Received: from ns1.yes.no (ns1.yes.no [195.119.24.10]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id OAA19897; Wed, 29 Oct 1997 14:16:23 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by ns1.yes.no (8.8.7/8.8.7) with ESMTP id WAA08309; Wed, 29 Oct 1997 22:16:11 GMT Received: (from eivind@localhost) by bitbox.follo.net (8.8.6/8.8.6) id XAA03735; Wed, 29 Oct 1997 23:16:08 +0100 (MET) Date: Wed, 29 Oct 1997 23:16:08 +0100 (MET) Message-Id: <199710292216.XAA03735@bitbox.follo.net> From: Eivind Eklund To: security-officer@FreeBSD.ORG CC: freebsd-security@FreeBSD.ORG, first-teams@first.org In-reply-to: FreeBSD Security Officer's message of Wed, 29 Oct 1997 20:01:00 +0100 (MET) Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-97:05.open References: <199710291902.UAA05565@gvr.gvr.org> Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > ============================================================================= > FreeBSD-SA-97:05 Security Advisory > FreeBSD, Inc. > > Topic: security compromise via open() > > Category: core > Module: kern > Announced: 1997-10-29 > Affects: FreeBSD 2.1.*, FreeBSD 2.2.*, > FreeBSD-stable and FreeBSD-current > Corrected: FreeBSD-current as of 1997/10/23 (partly even on 1997/04/14) > FreeBSD-stable as of 1997/10/24 > FreeBSD 2.1-stable as of 1997/10/29 > FreeBSD only: yes This is not correct. It affected NetBSD and OpenBSD, too, and was originally discovered by a NetBSD developer (and forwarded off the NetBSD developers list to best-of-security by someone I'll have mercy enough to leave nameless). Eivind.