From owner-freebsd-security Thu Oct 30 05:29:11 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id FAA08195 for security-outgoing; Thu, 30 Oct 1997 05:29:11 -0800 (PST) (envelope-from owner-freebsd-security) Received: from gvr.gvr.org (root@gvr.gvr.org [194.151.74.97]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id FAA08185; Thu, 30 Oct 1997 05:29:01 -0800 (PST) (envelope-from guido@gvr.org) Received: (from guido@localhost) by gvr.gvr.org (8.8.6/8.8.5) id OAA08595; Thu, 30 Oct 1997 14:28:39 +0100 (MET) From: Guido van Rooij Message-Id: <199710301328.OAA08595@gvr.gvr.org> Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-97:05.open In-Reply-To: <199710292216.XAA03735@bitbox.follo.net> from Eivind Eklund at "Oct 29, 97 11:16:08 pm" To: perhaps@yes.no Date: Thu, 30 Oct 1997 14:28:39 +0100 (MET) Cc: security-officer@freebsd.org, freebsd-security@freebsd.org, first-teams@first.org X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Eivind Eklund wrote: > > ============================================================================= > > FreeBSD-SA-97:05 Security Advisory > > FreeBSD, Inc. > > > > Topic: security compromise via open() > > > > Category: core > > Module: kern > > Announced: 1997-10-29 > > Affects: FreeBSD 2.1.*, FreeBSD 2.2.*, > > FreeBSD-stable and FreeBSD-current > > Corrected: FreeBSD-current as of 1997/10/23 (partly even on 1997/04/14) > > FreeBSD-stable as of 1997/10/24 > > FreeBSD 2.1-stable as of 1997/10/29 > > FreeBSD only: yes > > This is not correct. It affected NetBSD and OpenBSD, too, and was > originally discovered by a NetBSD developer (and forwarded off the > NetBSD developers list to best-of-security by someone I'll have mercy > enough to leave nameless). > But the open problem in itsself does not impose a hole. -Guido