From owner-freebsd-hackers Fri Feb 7 05:58:01 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA27757 for hackers-outgoing; Fri, 7 Feb 1997 05:58:01 -0800 (PST) Received: from nic.follonett.no (nic.follonett.no [194.198.43.10]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA27751 for ; Fri, 7 Feb 1997 05:57:53 -0800 (PST) Received: (from uucp@localhost) by nic.follonett.no (8.8.5/8.8.3) with UUCP id OAA28673; Fri, 7 Feb 1997 14:56:05 +0100 (MET) Received: from oo7 (oo7.dimaga.com [192.0.0.65]) by dimaga.com (8.7.5/8.7.2) with SMTP id OAA07944; Fri, 7 Feb 1997 14:50:17 +0100 (MET) Message-Id: <3.0.32.19970207145017.00a819c0@dimaga.com> X-Sender: eivind@dimaga.com X-Mailer: Windows Eudora Pro Version 3.0 (32) Date: Fri, 07 Feb 1997 14:50:18 +0100 To: dennis From: Eivind Eklund Subject: Re: 2.1.6? Cc: hackers@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk At 03:20 PM 2/6/97 -0500, you wrote: > >Whats with 2.1.6R? What happened to the packages section on >the ftp server? Security problem which had a lot of people feeling extra threathened because of the number of binaries it hit - but a security hole is a security hole until it is patched, and how many different things an intruder can write at the command line to get root doesn't really matter, as long as a single patch can fix it. An extraordinary release 2.1.7 is being rolled within a few days to remove this hole (and numerous others). A patch was released recently - check out http://www.freebsd.org/newsflash.html for more info. I believe a binary patchkit is also in the works, dropping the need for full recompile. Eivind Eklund perhaps@yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org