From owner-freebsd-security Tue Jul 21 12:29:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA22050 for freebsd-security-outgoing; Tue, 21 Jul 1998 12:29:01 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA22038 for ; Tue, 21 Jul 1998 12:28:57 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.8) id NAA15499; Tue, 21 Jul 1998 13:28:26 -0600 (MDT) Message-Id: <199807211928.NAA15499@lariat.lariat.org> X-Sender: brett@mail.lariat.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Tue, 21 Jul 1998 13:28:23 -0600 To: Jeremy Shaffner From: Brett Glass Subject: Re: Why is there no info on the QPOPPER hack? Cc: security@FreeBSD.ORG In-Reply-To: References: <199807202352.RAA27271@lariat.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:18 AM 7/21/98 -0500, Jeremy Shaffner wrote: >How does "have been potentially" work? It means they're wide open and ready to be hacked. NOW. >Pardon my ignorance, since I haven't used CVS, but isn't that what the >"ports" are? A skeleton with the necessary patches and a Makefile that >fetches the distfile if you don't already have it? Like I said before, >Jordan had an updated -stable port the same day. New holes are still being found in Qualcomm's THIRD update. >And if you get that new >port by downloading it manually, or by letting CVSup do it >"Automagically" does it really matter? It's the same either way. Not if you don't get word before you're hit. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message