From owner-freebsd-security Mon Jan 24 1:33:24 2000 Delivered-To: freebsd-security@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by hub.freebsd.org (Postfix) with ESMTP id 304351526B for ; Mon, 24 Jan 2000 01:33:20 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id BAA85655; Mon, 24 Jan 2000 01:33:17 -0800 (PST) (envelope-from dillon) Date: Mon, 24 Jan 2000 01:33:17 -0800 (PST) From: Matthew Dillon Message-Id: <200001240933.BAA85655@apollo.backplane.com> To: Warner Losh Cc: Tim Yardley , freebsd-security@FreeBSD.ORG Subject: Re: Fwd: *BSD procfs vulnerability References: <4.2.0.58.20000123181240.0144ef10@students.uiuc.edu> <200001240213.TAA47930@harmony.village.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :In message <4.2.0.58.20000123181240.0144ef10@students.uiuc.edu> Tim Yardley writes: :: i would hope this is getting looked into... : :Maybe you mised the following: : :: > Patches are available on :: >http://www.openbsd.org/errata.html#procfs :: >ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00:02/procfs.patch : : :Now that this has hit bugtraq, I'll do the advisory republishing. : :Warner Hmmm. This looks rather serious, and it does not look like anyone has committed the patch into RELENG_2_2 (which a lot of sites still use). It would be kinda nice if someone did that. -Matt Matthew Dillon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message