From owner-cvs-all  Wed Dec  1 11:30:51 1999
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 000BD14BFE; Wed,  1 Dec 1999 11:30:49 -0800 (PST)
	(envelope-from kris@FreeBSD.org)
Received: (from kris@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id LAA92255;
	Wed, 1 Dec 1999 11:30:45 -0800 (PST)
	(envelope-from kris@FreeBSD.org)
Message-Id: <199912011930.LAA92255@freefall.freebsd.org>
From: Kris Kennaway <kris@FreeBSD.org>
Date: Wed, 1 Dec 1999 11:30:44 -0800 (PST)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: ports/net/gated Makefile
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk

kris        1999/12/01 11:30:44 PST

  Modified files:
    net/gated            Makefile 
  Log:
  Mark BROKEN due to buffer overflow yielding root to members of wheel. There's
  also an overflow with ospf_monitor which may result in being able to corrupt
  routing traffic (which I've reported to the developers)
  
  According to the docs, gdc shouldn't be installed root:wheel and setuid,
  but put into its own gdmaint group. This still doesn't prevent people in
  that group from gaining root, though.
  
  Submitted by:	Brock Tellier <btellier@usa.net> (gdc bug)
  
  Revision  Changes    Path
  1.22      +3 -1      ports/net/gated/Makefile



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message