Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 3 Aug 2007 19:00:15 +0200
From:      "Simon L. Nielsen" <simon@FreeBSD.org>
To:        Alexey Dokuchaev <danfe@FreeBSD.org>
Cc:        cvs-src@FreeBSD.org, Doug Barton <dougb@FreeBSD.org>, cvs-all@FreeBSD.org, src-committers@FreeBSD.org
Subject:   Re: cvs commit: src UPDATING src/contrib/bind9/bin/named client.c src/contrib/bind9/lib/dns dispatch.c src/contrib/bind9/lib/dns/include/dns dispatch.h src/contrib/tcpdump print-bgp.c src/etc/rc.d jail src/sys/conf newvers.sh
Message-ID:  <20070803170015.GF968@zaphod.nitro.dk>
In-Reply-To: <20070803152706.GA33159@FreeBSD.org>
References:  <200708012048.l71KmKjg080201@repoman.freebsd.org> <20070802084423.GA93647@FreeBSD.org> <46B1ACE0.8050308@FreeBSD.org> <20070803152706.GA33159@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 2007.08.03 15:27:06 +0000, Alexey Dokuchaev wrote:
> On Thu, Aug 02, 2007 at 03:07:28AM -0700, Doug Barton wrote:
> > Alexey Dokuchaev wrote:
> >
> > > What about RELENG_4, is it going to be fixed, or these bugs are not
> > > applicable to it?  
> > 
> > No and no. Support has been dropped for 4.x, so it's not relevant,
> > even if it had BIND 9 in the base, which it doesn't.
> 
> OK, but what about tcpdump(1)?
> 
> Even so, does it read that 4.X is not vulnerable?

Since FreeBSD 4.X isn't supported by the security team we generally
don't mention it (or even check) if it's vulnerable in advisories
anymore.  That said, for the cases like bind9 etc. where we know that
wasn't in FreeBSD < 5.3 we do mention that (but no guarantees that we
will keep doing that).  There is enough work just handling the
supported versions.

For this particular case I don't know if tcpdump in FreeBSD 4 is
vulnerable - it could be that it isn't since tcpdump has changed a
lot, but I don't care enough to check.

-- 
Simon L. Nielsen
FreeBSD Security Team



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070803170015.GF968>