Date: Wed, 3 Apr 1996 08:36:22 +0200 (MET DST) From: J Wunsch <j@uriah.heep.sax.de> To: freebsd-bugs@FreeBSD.org (FreeBSD bugs list) Cc: e9203125@linf.unb.br (Alex Carlos Braga Ant\co) Subject: Re: BUGS and PATCHES list ! Message-ID: <199604030636.IAA14909@uriah.heep.sax.de> In-Reply-To: <3161AF0F.17C@linf.unb.br> from "Alex Carlos Braga Ant\co" at Apr 2, 96 07:49:51 pm
next in thread | previous in thread | raw e-mail | index | archive | help
As Alex Carlos Braga Ant\co wrote: > How and where may I find a list of BUGS and patches to these bugs > already found on FreeBSD ? Especialy related to security. Well, if there were a BUGS list, perhaps they would already have been fixed. :-) There's the GNATS database that tracks the submissions of problem reports, including the notions of applied fixes. I might be wrong, but i don't think there are any reported and still open security- related bugs in it. Non-detected bugs are quite another matter, of course. :) I think the most prominent security-related bug fixes have been the ``telnet bug'' (telnetd imported random environmental variables, including the LD_* that affect the behaviour of the run-time loader), and the infamous ``syslog bug'' (syslog(3) could trash its stack). The fixes for both are in the latest official release, FreeBSD-2.1R. We normally don't have the resources to provide you with two dozen cryptically numbered ``bug fix tapes'' however... -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604030636.IAA14909>