Date: Mon, 08 Jul 2002 18:22:10 +0900 From: "Akinori MUSHA" <knu@iDaemons.org> To: security-officer@FreeBSD.org Cc: security@FreeBSD.org Subject: Re: cvs commit: src/lib/libc/net gethostbydns.c getnetbydns.c name6.c Message-ID: <86r8iepoal.wl@archon.local.idaemons.org> In-Reply-To: <86y9ctxipc.wl@daemon.musha.org> References: <200206262143.g5QLhiPS063301@freefall.freebsd.org> <86y9ctxipc.wl@daemon.musha.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At Wed, 03 Jul 2002 18:29:51 +0900,
I wrote:
> At Wed, 26 Jun 2002 14:43:44 -0700 (PDT),
> Julian Elischer wrote:
> > julian 2002/06/26 14:43:44 PDT
> >
> > Modified files: (Branch: RELENG_4_4)
> > lib/libc/net gethostbydns.c getnetbydns.c name6.c
> > Log:
> > Add the security fix FreeBSD-SA-02:28.resolv to the 4.4 branch
> > This branch is the one that some really big security consious organisations
> > are running.. It needs to be maintained.
> >
> > (already done: newvers.sh)
> >
> > Obtained from: Other branches
>
> I belive the compat{3x,2?} stuff (and probably compat4x too) in those
> branches also needs updating. In order to update the compat stuff, we
> must MFC the fix also to RELENG_{3,2_?} and then find out someone in
> our developers who can rebuild libc on the old systems.
>
> Security Officer/Team, would you give some consideration and organize
> the work?
Ping?
I don't believe we should ship 4.6.1-RELEASE and 5.0-DP2 with the hole
in compat libraries left untreated, but we should at least document it
in Release notes, sysinstall and ports/misc/compat*.
--
/
/__ __ Akinori.org / MUSHA.org
/ ) ) ) ) / FreeBSD.org / Ruby-lang.org
Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp
"When I leave I don't know what I'm hoping to find
When I leave I don't know what I'm leaving behind.."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r8iepoal.wl>