From owner-freebsd-security  Wed Oct  4 10:31:53 2000
Delivered-To: freebsd-security@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP id 4549737B502
	for <security@FreeBSD.ORG>; Wed,  4 Oct 2000 10:31:49 -0700 (PDT)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.0/8.11.0) with ESMTP id e94HVlM16365;
	Wed, 4 Oct 2000 11:31:48 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA37754; Wed, 4 Oct 2000 11:31:47 -0600 (MDT)
Message-Id: <200010041731.LAA37754@harmony.village.org>
To: Mike Silbersack <silby@silby.com>
Subject: Re: OpenBSD Security Advisory (fwd) 
Cc: security@FreeBSD.ORG
In-reply-to: Your message of "Wed, 04 Oct 2000 12:16:02 CDT."
		<Pine.BSF.4.21.0010041215240.89315-100000@achilles.silby.com> 
References: <Pine.BSF.4.21.0010041215240.89315-100000@achilles.silby.com>  
Date: Wed, 04 Oct 2000 11:31:47 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <Pine.BSF.4.21.0010041215240.89315-100000@achilles.silby.com> Mike Silbersack writes:
: Are we patched?

Yes.  It doesn't look like we were ever vulnerable for fstat.  From
the little poking around I did with annotate, I think we've been safe
from the outset, at least since 1997 with charnier's warn*/err*
cleanups.  Unless this is something subtle that I'm missing.

We really need someone to go through the format fixes and back port
them to 3.x and 2.x.  Volunteers?

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message