Date: Fri, 6 Oct 2000 16:19:44 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: security@freebsd.org Cc: stable@freebsd.org Subject: 2.2.x FreeBSD-SA-00:52 patch adjusted Message-ID: <20001006161944.C272@fw.wintelcom.net>
next in thread | raw e-mail | index | archive | help
Because of serious breakage in the arc4random code in FreeBSD-current (3 months and counting) my initial patch to 2.2.x was flawed because the arc4random code would never re-seed itself properly. This problem could possibly lead to more easy to predict sequences. I've just added another patch that should allievate the problem, just for reference make sure src/sys/libkern/arc4random.c is has this ID tag: $FreeBSD: /c/ncvs/src/sys/libkern/arc4random.c,v 1.6.4.2 2000/10/06 22:49:54 alfred Exp $ That would be arc4random.c MFC'd from -stable (FreeBSD 4) where it should be working properly. Thanks to Kris Kennaway (kris@freebsd.org) for pointing out this error and suggesting the fix. My apologies to those who already cvsup'd and rebooted thier 2.2.x boxes. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001006161944.C272>