From owner-freebsd-security Mon Jul 8 2:22:17 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E252037B400; Mon, 8 Jul 2002 02:22:12 -0700 (PDT) Received: from mail.musha.org (daemon.musha.org [218.44.187.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id F1D0D43E4A; Mon, 8 Jul 2002 02:22:11 -0700 (PDT) (envelope-from knu@iDaemons.org) Received: from archon.local.idaemons.org (archon.local.idaemons.org [192.168.1.32]) by mail.musha.org (Postfix) with ESMTP id 8E40D4D801; Mon, 8 Jul 2002 18:22:09 +0900 (JST) Date: Mon, 08 Jul 2002 18:22:10 +0900 Message-ID: <86r8iepoal.wl@archon.local.idaemons.org> From: "Akinori MUSHA" To: security-officer@FreeBSD.org Cc: security@FreeBSD.org Subject: Re: cvs commit: src/lib/libc/net gethostbydns.c getnetbydns.c name6.c In-Reply-To: <86y9ctxipc.wl@daemon.musha.org> References: <200206262143.g5QLhiPS063301@freefall.freebsd.org> <86y9ctxipc.wl@daemon.musha.org> User-Agent: Wanderlust/2.9.13 (Unchained Melody) SEMI/1.14.4 (Hosorogi) LIMIT/1.14.7 (Fujiidera) APEL/10.3 Emacs/21.2 (i386--freebsd) MULE/5.0 (SAKAKI) Organization: Associated I. Daemons X-PGP-Public-Key: finger knu@FreeBSD.org X-PGP-Fingerprint: 081D 099C 1705 861D 4B70 B04A 920B EFC7 9FD9 E1EE MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi") Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At Wed, 03 Jul 2002 18:29:51 +0900, I wrote: > At Wed, 26 Jun 2002 14:43:44 -0700 (PDT), > Julian Elischer wrote: > > julian 2002/06/26 14:43:44 PDT > > > > Modified files: (Branch: RELENG_4_4) > > lib/libc/net gethostbydns.c getnetbydns.c name6.c > > Log: > > Add the security fix FreeBSD-SA-02:28.resolv to the 4.4 branch > > This branch is the one that some really big security consious organisations > > are running.. It needs to be maintained. > > > > (already done: newvers.sh) > > > > Obtained from: Other branches > > I belive the compat{3x,2?} stuff (and probably compat4x too) in those > branches also needs updating. In order to update the compat stuff, we > must MFC the fix also to RELENG_{3,2_?} and then find out someone in > our developers who can rebuild libc on the old systems. > > Security Officer/Team, would you give some consideration and organize > the work? Ping? I don't believe we should ship 4.6.1-RELEASE and 5.0-DP2 with the hole in compat libraries left untreated, but we should at least document it in Release notes, sysinstall and ports/misc/compat*. -- / /__ __ Akinori.org / MUSHA.org / ) ) ) ) / FreeBSD.org / Ruby-lang.org Akinori MUSHA aka / (_ / ( (__( @ iDaemons.org / and.or.jp "When I leave I don't know what I'm hoping to find When I leave I don't know what I'm leaving behind.." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message