From owner-freebsd-security Fri Jan 28 1:24: 3 2000 Delivered-To: freebsd-security@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id A630A15A76; Fri, 28 Jan 2000 01:24:00 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 8AFDD1CD41C; Fri, 28 Jan 2000 01:24:00 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Fri, 28 Jan 2000 01:24:00 -0800 (PST) From: Kris Kennaway To: Alfred Perlstein Cc: Masafumi NAKANE , serg@dor.zaural.ru, freebsd-security@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG Subject: Re: delegate buffer overflow (ports) In-Reply-To: <20000128013751.A7157@fw.wintelcom.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 28 Jan 2000, Alfred Perlstein wrote: > example: > INSECURE= http://docs.freebsd.org/cgi/getmsg.cgi?fetch=407538+0+current/freebsd-bugs > > What do you think of this? I was going to look at some formalized way of notifying the user about known security bugs, ports we have audited for certain classes of problem, etc. This won't be until after 4.0-REL, though, since I have the more important task of getting the openssl-dependent ports to build properly on 4.0 :-) Kris ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message