Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 13 May 2002 07:05:20 -0400
From:      Chris Faulhaber <jedgar@fxp.org>
To:        "Carroll, D. (Danny)" <Danny.Carroll@mail.ing.nl>
Cc:        security@freebsd.org
Subject:   Re: DHCPD bug
Message-ID:  <20020513110520.GA21996@darkstar.doublethink.cx>
In-Reply-To: <6C506EA550443D44A061432F1E92EA4C012DBA@ing.com>
References:  <6C506EA550443D44A061432F1E92EA4C012DBA@ing.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--LQksG6bCIzRHxTLp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, May 13, 2002 at 09:18:59AM +0200, Carroll, D. (Danny) wrote:
> As a little aside, whilst reading the CERT advisory I noticed that
> NetBSD is not vulernable because: "NetBSD fixed this during a format
> string sweep performed on 11-Oct-2000. No released version of NetBSD is
> vulnerable to this issue."
>=20
> Nice and prudent.  Is there any reason why this would be difficult to do
> in the FreeBSD source / Ports source??
>=20

Numerous developers have performed audits on much of the base
system along with bringing in fixes from NetBSD, OpenBSD, and
other parts of the open-source community.  As for the ports
tree, with over 6000 independently-written applications, finding
(or funding) developers to perform a full-scale audit may be
a bit difficult.

--=20
Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve   -   http://www.FreeBSD.org

--LQksG6bCIzRHxTLp
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: FreeBSD: The Power To Serve

iEYEARECAAYFAjzfnfAACgkQObaG4P6BelBaaQCgmKu1yrixhq9qGOuWSSBUSD7e
dzcAniGpJZD8/0uKFt6TuEi0kiSsil7U
=atRe
-----END PGP SIGNATURE-----

--LQksG6bCIzRHxTLp--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020513110520.GA21996>