From owner-freebsd-security Mon May 13 2: 3:41 2002 Delivered-To: freebsd-security@freebsd.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by hub.freebsd.org (Postfix) with ESMTP id CC9F037B406 for ; Mon, 13 May 2002 02:03:36 -0700 (PDT) Received: from ruby.ccmr.cornell.edu (IDENT:0@ruby.ccmr.cornell.edu [128.84.231.115]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id FAA20333; Mon, 13 May 2002 05:06:49 -0400 Received: from localhost (mitch@localhost) by ruby.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id FAA13071; Mon, 13 May 2002 05:03:35 -0400 X-Authentication-Warning: ruby.ccmr.cornell.edu: mitch owned process doing -bs Date: Mon, 13 May 2002 05:03:35 -0400 (EDT) From: Mitch Collinsworth To: "Carroll, D. (Danny)" Cc: security@FreeBSD.ORG Subject: RE: DHCPD bug In-Reply-To: <6C506EA550443D44A061432F1E92EA4C012DBA@ing.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 13 May 2002, Carroll, D. (Danny) wrote: > As a little aside, whilst reading the CERT advisory I noticed that > NetBSD is not vulernable because: "NetBSD fixed this during a format > string sweep performed on 11-Oct-2000. No released version of NetBSD is > vulnerable to this issue." > > Nice and prudent. Sheesh. Nice would have been sending their patch to Ted when they discovered it back in 2000. -Mitch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message