From owner-freebsd-security  Thu Jun 27 05:04:18 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id FAA20962
          for security-outgoing; Thu, 27 Jun 1996 05:04:18 -0700 (PDT)
Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19])
          by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id FAA20922
          for <freebsd-security@FreeBSD.ORG>; Thu, 27 Jun 1996 05:04:01 -0700 (PDT)
Received: by gvr.win.tue.nl (8.6.12/1.53)
    id OAA25884; Thu, 27 Jun 1996 14:03:18 +0200
From: guido@gvr.win.tue.nl (Guido van Rooij)
Message-Id: <199606271203.OAA25884@gvr.win.tue.nl>
Subject: Re: CERT Advisory CA-96.12 - Vulnerability in suidperl (fwd)
To: hohmuth@inf.tu-dresden.de (Michael Hohmuth)
Date: Thu, 27 Jun 1996 14:03:17 +0200 (MET DST)
Cc: freebsd-security@FreeBSD.ORG, bugs@sax.sax.de
In-Reply-To: <199606271137.NAA10077@irs.inf.tu-dresden.de> from Michael Hohmuth at "Jun 27, 96 01:37:47 pm"
X-Mailer: ELM [version 2.4ME+ PL17 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> Can anyone shed some light on what was going on?
> 
> I understand from Guido's post that 2.1.0 is not vulnerable even if
> the Perl4 patch has not been allpied.  Is this correct?
> 
> If this is the case, I suggest backing out the patch from -stable and
> -current as well.
> 

2.1.0 IS vulnerable!!!!! 
2.1.0-current and stable are not vulnerable anymore. That is what I was 
trying to say. So
	All official releases that had working suidperl *are*
	vulnerable.

As soon as Paul is back from his trip I'm sure he will post an appropriate
advisory.


-Guido