From owner-freebsd-security  Fri Mar 29  7:16:15 2002
Delivered-To: freebsd-security@freebsd.org
Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213])
	by hub.freebsd.org (Postfix) with ESMTP id D360137B419
	for <security@FreeBSD.ORG>; Fri, 29 Mar 2002 07:16:11 -0800 (PST)
Received: (from emechler@localhost)
	by radix.cryptio.net (8.11.6/8.11.6) id g2TFGBC21814;
	Fri, 29 Mar 2002 07:16:11 -0800 (PST)
	(envelope-from emechler)
Date: Fri, 29 Mar 2002 07:16:11 -0800
From: Erick Mechler <emechler@techometer.net>
To: Holt Grendal <holtor@yahoo.com>
Cc: security@FreeBSD.ORG
Subject: Re: Fwd: OpenSSH channel_lookup() off by one exploit
Message-ID: <20020329071611.P1414@techometer.net>
References: <20020329144016.41468.qmail@web11603.mail.yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020329144016.41468.qmail@web11603.mail.yahoo.com>; from Holt Grendal on Fri, Mar 29, 2002 at 06:40:16AM -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

:: Has this been fixed in freebsd?

Yup, nearly a month ago.  The advisory is here:

  ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02%3A13.openssh.asc

You can find this, and other advisories, on the FreeBSD Security page

  http://www.freebsd.org/security/#adv

--Erick

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message