Date: Tue, 01 Oct 2002 16:13:49 -0400 From: Larry Sica <lomifeh@earthlink.net> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Brett Glass <brett@lariat.org>, Matt Piechota <piechota@argolis.org>, Aaron Namba <aaron@namba1.com>, security@FreeBSD.ORG Subject: Re: Is FreeBSD's tar susceptible to this? Message-ID: <4C74EABB-D57A-11D6-AD20-000393A335A2@earthlink.net> In-Reply-To: <200210011934.g91JY6OW045102@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday, October 1, 2002, at 03:34 PM, Matthew Dillon wrote: > > :This is not because of the BSDL or GPL though. It is because of the > :project's makeup. Politics aside, a license has nothing to do with > the > :quality of the work, or lack thereof. And many *BSD and BSDL products > :have had security problems. Now sure, the zlib problem was avoided. > :But FreeBSD has had it's own recent spate of problems. I am not sure > :this discussion is even appropriate in this forum. If we are > :vulnerable it needs to be fixed, period. Let's not use a security > :problem for political maneuvering. > : > :--Larry > > The zlib problem was not avoided, e.g. 1.5.8.1 of deflate.c (unless > you are talking about another one, there were a couple of issues > if I recall), but zlib is an excellent example of the sucess of the > open-source community grapevine. I would have to go back and check for the exact one, but I should have been clearer, FreeBSD was affected but not as bad as some other OSes. Mostly because FreeBSD Did The Right Thing<tm>. I'll be clearer what I mean in the future.. --Larry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C74EABB-D57A-11D6-AD20-000393A335A2>