From owner-freebsd-current Thu Aug 8 22:06:41 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA08201 for current-outgoing; Thu, 8 Aug 1996 22:06:41 -0700 (PDT) Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.eu.org [193.56.58.253]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA08159 for ; Thu, 8 Aug 1996 22:06:33 -0700 (PDT) Received: from brasil.brainstorm.eu.org (brasil.brainstorm.eu.org [193.56.58.33]) by mexico.brainstorm.eu.org (8.7.5/8.7.3) with ESMTP id HAA32288 for ; Fri, 9 Aug 1996 07:06:22 +0200 Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id HAA01893 for freebsd-current@freebsd.org; Fri, 9 Aug 1996 07:05:56 +0200 Received: (from roberto@localhost) by keltia.freenix.fr (8.8.Alpha.7/keltia-uucp-2.9) id GAA00939; Fri, 9 Aug 1996 06:54:43 +0200 (MET DST) Message-Id: <199608090454.GAA00939@keltia.freenix.fr> Date: Fri, 9 Aug 1996 06:54:43 +0200 From: roberto@keltia.freenix.fr (Ollivier Robert) To: freebsd-current@freebsd.org (FreeBSD-current users) Subject: Re: exploitable security risk In-Reply-To: <199608082205.QAA05623@rover.village.org>; from Warner Losh on Aug 8, 1996 16:05:29 -0600 References: <199608082205.QAA05623@rover.village.org> X-Mailer: Mutt 0.38 Mime-Version: 1.0 Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk According to Warner Losh: > You might want to look at the OpenBSD CVS tree. They have been fixing > a whole boatload of "oflow" cases in the BSD sources. I don't know if > all of them are exploitable security holes or not, but they are likely > bugs and should likely be looked at. It is a pity Theo doesn't want to talk about precisely what he fixed. ONe has to go digging in the CVS tree to find the fixes... -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #17: Fri Aug 2 20:40:17 MET DST 1996