From owner-freebsd-security Wed Jun 25 16:53:22 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA20899 for security-outgoing; Wed, 25 Jun 1997 16:53:22 -0700 (PDT) Received: from zen.nash.org (nash.pr.mcs.net [204.95.47.72]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA20879; Wed, 25 Jun 1997 16:53:10 -0700 (PDT) Received: from zen.nash.org (localhost.zen.nash.org [127.0.0.1]) by zen.nash.org (8.8.5/8.8.5) with SMTP id SAA27384; Wed, 25 Jun 1997 18:51:11 -0500 (CDT) Message-ID: <33B1AEEE.794BDF32@mcs.com> Date: Wed, 25 Jun 1997 18:51:10 -0500 From: Alex Nash X-Mailer: Mozilla 3.01Gold (X11; I; FreeBSD 2.2-STABLE i386) MIME-Version: 1.0 To: Darren Reed CC: security@FreeBSD.ORG, hackers@FreeBSD.ORG, tqbf@enteract.com Subject: Re: [ADVISORY] 4.4BSD Securelevels (fwd) References: <199706250629.XAA04410@hub.freebsd.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Darren Reed wrote: > > In some mail from Thomas H. Ptacek, sie said: [...] > > > > AFFECTED SYSTEMS > > > > It is believed that all 4.4BSD operating systems are currently vulnerable > > to this problem. A lack of BSDI source code prevents us from verifying > > it's applicability to that operating system. > > > > Systems known to be currently vulnerable include: > > > > OpenBSD 2.0 and OpenBSD 2.1 (the OpenBSD project has resolved this > > problem in OpenBSD-current). > > > > All currently available versions of FreeBSD (the FreeBSD project has > > resolved this problem in FreeBSD-current). Just to clarify: the fix for this has been available in all three branches (-current, 2.2-stable, and 2.1-stable) since Saturday. Alex