From owner-freebsd-stable Thu Apr 25 1:36:36 2002 Delivered-To: freebsd-stable@freebsd.org Received: from smtp2.enst.fr (matrix2.enst.fr [137.194.2.14]) by hub.freebsd.org (Postfix) with ESMTP id 3C5CB37B400; Thu, 25 Apr 2002 01:36:31 -0700 (PDT) Received: from andromede.enst.fr (andromede.enst.fr [137.194.64.202]) by smtp2.enst.fr (Postfix) with ESMTP id 710811F071; Thu, 25 Apr 2002 10:36:29 +0200 (MEST) Received: (from ware@localhost) by andromede.enst.fr (8.8.8+Sun/8.8.8) id KAA14271; Thu, 25 Apr 2002 10:36:28 +0200 (MET DST) Date: Thu, 25 Apr 2002 10:36:28 +0200 From: Cedric Ware To: "Vladimir G. Drobyshevsky" Cc: freebsd-stable@freebsd.org, freebsd-current@freebsd.org Subject: Re: FreeBSD security hole? Message-ID: <20020425103627.A14146@enst.fr> References: <129604079.20020425142210@telecom.ural.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <129604079.20020425142210@telecom.ural.ru>; from vlad@telecom.ural.ru on Thu, Apr 25, 2002 at 02:22:10PM +0600 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, > stdio kernel bug in All releases of FreeBSD up to and including 4.5-RELEASE > decided to make a trivial exploit to easily get root :) Indeed, see security advisory FreeBSD-SA-02:23.stdio at: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc Please upgrade to 4.5-p4 or 4-STABLE (April 21 or after). Regards, Cedric Ware. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message