From owner-freebsd-ports-bugs@FreeBSD.ORG  Mon Jul  9 22:34:05 2007
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
X-Original-To: freebsd-ports-bugs@freebsd.org
Delivered-To: freebsd-ports-bugs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 4AAB016A473
	for <freebsd-ports-bugs@freebsd.org>;
	Mon,  9 Jul 2007 22:34:05 +0000 (UTC)
	(envelope-from ighighi@gmail.com)
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.225])
	by mx1.freebsd.org (Postfix) with ESMTP id 0AA3513C4C6
	for <freebsd-ports-bugs@freebsd.org>;
	Mon,  9 Jul 2007 22:34:04 +0000 (UTC)
	(envelope-from ighighi@gmail.com)
Received: by wr-out-0506.google.com with SMTP id i23so537114wra
	for <freebsd-ports-bugs@freebsd.org>;
	Mon, 09 Jul 2007 15:34:04 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=i4ghxs2opO1KA7URnhnPnKkqctM6P6BEqVt7b/r3MdVd+Rp6Up73hesgzOm1s57wL5WSNqTOVgOHjk9SWmoSiRAn8GbJLzaDM+c1+cTU6xw1/2tpIMNej7PZyVJWPa0Q3BtXTvgHXzV9q/TWK3jY6U478wwRogUeX6/jE96TOJg=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
	b=gtTJnQNQMGUldyrEfDHN84PejI4gfHVN0+Z0d/pMtR3Npnv2zRnHjbwmLTQvIvVUMtZcZLkuqiW807G5D8RXLK5ARwDwRD7awxyy6PyWJccodH7orpXfoKDLScT7C6sOqluz1lVkUHhxaTbLBEYW5ErIEaxsE5mZRpCOR3M7vKI=
Received: by 10.78.130.6 with SMTP id c6mr1863988hud.1184018703853;
	Mon, 09 Jul 2007 15:05:03 -0700 (PDT)
Received: by 10.78.51.18 with HTTP; Mon, 9 Jul 2007 15:05:03 -0700 (PDT)
Message-ID: <de5dfb5a0707091505p551446e1h142f81da2f195384@mail.gmail.com>
Date: Mon, 9 Jul 2007 18:05:03 -0400
From: "Ighighi Ighighi" <ighighi@gmail.com>
To: freebsd-ports-bugs@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Subject: VERY SERIOUS security bug in sysutils/eject
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2007 22:34:05 -0000

I can't believe that 7 weeks have passed and still this bug hasn't
been patched...
It's like having a rogue setuid umount(8) installed on your system.
Patching it is as easy as deleting the setuid bit...

http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/112754