From owner-cvs-all Wed Sep 20 23:14:20 2000 Delivered-To: cvs-all@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id 0122037B422; Wed, 20 Sep 2000 23:14:13 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13bzcW-000ABQ-00; Thu, 21 Sep 2000 08:14:09 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.0/8.11.0) with ESMTP id e8L6APn03681; Thu, 21 Sep 2000 08:10:26 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200009210610.e8L6APn03681@grimreaper.grondar.za> To: Warner Losh Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.bin/telnet telnet.c References: <200009202307.QAA62881@freefall.freebsd.org> In-Reply-To: <200009202307.QAA62881@freefall.freebsd.org> ; from Warner Losh "Wed, 20 Sep 2000 16:07:04 MST." Date: Thu, 21 Sep 2000 08:10:25 +0200 From: Mark Murray Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Crypto version also, please! M > imp 2000/09/20 16:07:04 PDT > > Modified files: > usr.bin/telnet telnet.c > Log: > Fix buffer overflow when DISPLAY is longer than 43 characters. This > is not exploitable because telnet doesn't run with elevated privs. > > Didn't fix all the other potential buffer overflows. Would be a good > task for someone who has lots of time to carefully study each case > because cut and paste solutions are dangerous for this code base. > > Added $FreeBSD$ in the same way that command.c did it. > > Revision Changes Path > 1.9 +7 -4 src/usr.bin/telnet/telnet.c > > > -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message