From owner-freebsd-security Mon Jan 25 02:03:28 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA20671 for freebsd-security-outgoing; Mon, 25 Jan 1999 02:03:28 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from bsd-daemon.net (bsd-daemon.net [209.90.150.171]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA20660 for ; Mon, 25 Jan 1999 02:03:24 -0800 (PST) (envelope-from pjp@bsd-daemon.net) Received: from localhost (pjp@localhost) by bsd-daemon.net (8.9.1/8.9.1) with SMTP id FAA05407 for ; Mon, 25 Jan 1999 05:01:55 -0500 (EST) Date: Mon, 25 Jan 1999 05:01:54 -0500 (EST) From: Peter Philipp To: freebsd-security@FreeBSD.ORG Subject: FreeBSD Ports and ftp.win.tue.nl Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There is confirmed hearsay the ftp.win.tue.nl ftp site was compromised with backdoors on different packages. Also it seems that the /pub/security archive was removed as stated in the README found at that site. There is 3 ports I found at first glance that use this site which is not a real security hazard if MD5 checksums mismatch but it is possible that someone uses the NO_CHECKSUM and if those packages were compromised (one of which was as stated in a CERT and BUGTRAQ advisory) that this could lead to unforeseen problems. The ports containing the ftp.win.tue.nl site as a master or secondary site are (no later than 2.2.8-REL ports distribution): /usr/ports/print/mp-letter /usr/ports/security/crack /usr/ports/security/tcp_wrapper I think it's fair to warn anyone that caution should be taken with at least the first port mentioned if it hasn't already been removed. I did not check this port either. Wietse Venema's README at ftp.win.tue.nl below: Wietse's archive has moved -----BEGIN PGP SIGNED MESSAGE----- Wietse Venema has moved the primary FTP archive for the TCP Wrapper and other programs to a different location. The primary archive is now located at ftp://ftp.porcupine.org/pub/security/index.html Wietse Venema expresses his gratitude to his former employer, Eindhoven University, for making possible the development and distribution of the TCP Wrapper and other software, and appreciates the support from system administrators of the department of mathematics and computing science. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBNqlT2dyA8qbVMny5AQGUUAP9HpiIMYCibLwG3gAQ1zCPnbVyg6vgY12/ X0crBZLsNbKjIIGwmPxOYgQfTfssUxlQX5dCKmnkh9u8/iFGo8qbTTUbDFxSvnyC JNKzsX/fYz82v5jLvhBsEJQfgVT+yy9pL5QeA9e3gjZJaHAtg/zpReuXJko4Gjey uEyzZ7gz1/g= =8fYw : -----END PGP SIGNATURE----- Peter Philipp (PP2441) Daemonic Networks "In theory, theory is the same as practice, but not in practice" - ??? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message