From owner-freebsd-security Mon May 22 11:17: 4 2000 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id F37F037C12E for ; Mon, 22 May 2000 11:16:56 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id MAA07269; Mon, 22 May 2000 12:16:39 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA96713; Mon, 22 May 2000 12:15:39 -0600 (MDT) Message-Id: <200005221815.MAA96713@harmony.village.org> To: cjclark@home.com Subject: Re: The procfs Hole in 2.2.8-STABLE? Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Mon, 22 May 2000 14:02:32 EDT." <20000522140231.A35505@cc942873-a.ewndsr1.nj.home.com> References: <20000522140231.A35505@cc942873-a.ewndsr1.nj.home.com> <20000521140847.G96573@cc942873-a.ewndsr1.nj.home.com> <200005220437.WAA92094@harmony.village.org> Date: Mon, 22 May 2000 12:15:39 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <20000522140231.A35505@cc942873-a.ewndsr1.nj.home.com> "Crist J. Clark" writes: : Should I be concerned about these "many vulnerabilities?" Where are : they documented? We stopped committing to make backports to 2.x when FreeBSD 3.2 was released, or about this time last year. Anything that happened after that may or may not hav emade it back to 2.2.8. Also, some of them weren't noteworthy at the time, so no advisory was issued (I had the advisory setting too high). Some exploits have surfaced against old versions of FreeBSD. There's no central collection of these documented anywhere. I wish I had a better answer for you than this. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message