From owner-freebsd-security  Wed Jul 11 11:45: 6 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-132.dsl.lsan03.pacbell.net [63.207.60.132])
	by hub.freebsd.org (Postfix) with ESMTP
	id 504B337B403; Wed, 11 Jul 2001 11:45:01 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id E44BE66D72; Wed, 11 Jul 2001 11:44:59 -0700 (PDT)
Date: Wed, 11 Jul 2001 11:44:59 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: "Jacques A. Vidrine" <n@nectar.com>
Cc: Dima Dorfman <dima@unixfreak.org>,
	Jason DiCioccio <jdicioccio@epylon.com>,
	"'security@freebsd.org'" <security@freebsd.org>, kris@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:
Message-ID: <20010711114459.B86556@xor.obsecurity.org>
References: <657B20E93E93D4118F9700D0B73CE3EA02FFEFA1@goofy.epylon.lan> <20010711015958.0921D3E28@bazooka.unixfreak.org> <20010711104608.A600@shade.nectar.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="oLBj+sq0vYjzfsbl"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010711104608.A600@shade.nectar.com>; from n@nectar.com on Wed, Jul 11, 2001 at 10:46:09AM -0500
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--oLBj+sq0vYjzfsbl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 11, 2001 at 10:46:09AM -0500, Jacques A. Vidrine wrote:
> On Tue, Jul 10, 2001 at 06:59:57PM -0700, Dima Dorfman wrote:
> > Jason DiCioccio <jdicioccio@epylon.com> writes:
> > > So then I'm guessing this has been 3.5-STABLE is not vulnerable?=20
> > > Just want to be sure :-)
> >=20
> > What makes you say that?  The necessary fix isn't present in RELENG_3,
> > and I doubt that there's something else which hides the issue. =20
>=20
> I haven't  double-checked, but it looks  like this bug was  enabled by
> revision  1.54  of  src/sys/kern/kern_fork.c (allowing  shared  signal
> handlers  with  rfork).   That   would  include  3.1-RELEASE  and  all
> following releases.

As was announced several months ago, we are no longer requiring
security fixes for locally exploitable vulnerabilities under RELENG_3,
only network-exploitable vulnerabilities.

Kris

--oLBj+sq0vYjzfsbl
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7TJ6qWry0BWjoQKURArNPAJ0eVcrH9mSmti9VVAmyiKQgR07i3ACdE5V7
94BoXEDeqboeCyoZ6kg34do=
=UIAq
-----END PGP SIGNATURE-----

--oLBj+sq0vYjzfsbl--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message