From owner-freebsd-security Fri Sep 7 10:47:47 2001 Delivered-To: freebsd-security@freebsd.org Received: from alpha.focalnetworks.net (alpha.focalnetworks.net [209.135.104.32]) by hub.freebsd.org (Postfix) with SMTP id C96C237B406 for ; Fri, 7 Sep 2001 10:47:39 -0700 (PDT) Received: (qmail 92190 invoked by uid 1000); 7 Sep 2001 17:48:11 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 7 Sep 2001 17:48:11 -0000 Date: Fri, 7 Sep 2001 13:48:11 -0400 (EDT) From: project10 To: Rob Simmons Cc: Subject: Re: netbsd vulnerabilities In-Reply-To: <20010907120248.V78071-100000@mail.wlcg.com> Message-ID: <20010907134719.S92125-100000@alpha.focalnetworks.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Rob, I believe the fts(3) issue was resolved in an earlier issue -- I remeber applying the patch for it. It may, however, have been an unrelated issue. I guess we'll just have to wait and see. -Shawn On Fri, 7 Sep 2001, Rob Simmons wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > Is FreeBSD affected by either of the new vulnerabilities NetBSD just > released, 2001-015 and 2001-016? > > 2001-015 = "Insufficient checking of lengths passed from userland to > kernel." > > 2001-016 = "unsafe chdir usage in fts(3)." > > Robert Simmons > Systems Administrator > http://www.wlcg.com/ > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (FreeBSD) > Comment: For info see http://www.gnupg.org > > iD8DBQE7mPFHv8Bofna59hYRA7QZAJ9zOoQdhp6IRoQHeOo5EPa2cyzJaQCdGzYD > DFIFarA2CNGauwBeFB/yKvo= > =62OI > -----END PGP SIGNATURE----- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message