From owner-freebsd-security  Mon Apr  8 21: 3:47 2002
Delivered-To: freebsd-security@freebsd.org
Received: from web11802.mail.yahoo.com (web11802.mail.yahoo.com [216.136.172.156])
	by hub.freebsd.org (Postfix) with SMTP id F2EA637B419
	for <freebsd-security@FreeBSD.ORG>; Mon,  8 Apr 2002 21:03:44 -0700 (PDT)
Message-ID: <20020409040344.36061.qmail@web11802.mail.yahoo.com>
Received: from [66.222.32.155] by web11802.mail.yahoo.com via HTTP; Mon, 08 Apr 2002 21:03:44 PDT
Date: Mon, 8 Apr 2002 21:03:44 -0700 (PDT)
From: X Philius <xphilius@yahoo.com>
Reply-To: xphilius@yahoo.com
Subject: zlib double-free security notification
To: freebsd-security@FreeBSD.ORG
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Security Folks,
Are there any exploits out there that take advantage of this hole? I am
running 4.4 Release, and have been watching the security notifications
list for patches that I *really* need to run. So, if I want to keep
things as simple as possible, would you recomend patching to fix this
issue? If it is just a matter of possible DOS issues, versus actual
known exploits, I'll probably skip it.

Jason

__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message