From owner-freebsd-security Mon Feb 3 13:48:40 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id NAA22770 for security-outgoing; Mon, 3 Feb 1997 13:48:40 -0800 (PST) Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA22761 for ; Mon, 3 Feb 1997 13:48:34 -0800 (PST) Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id IAA01719; Tue, 4 Feb 1997 08:51:03 +1100 (EST) Date: Tue, 4 Feb 1997 08:51:02 +1100 (EST) From: "Daniel O'Callaghan" To: Joe Greco cc: security@freebsd.org Subject: Re: Question: 2.1.7? In-Reply-To: <199702031422.IAA17586@solaria.sol.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Mon, 3 Feb 1997, Joe Greco wrote: > With the recent exploits for things such as talkd, sendmail, and the > wonderful freakin' locale processing problem I see on bugtraq, would > it be wise to consider a 2.1 point release that addressed these issues? > > If not, maybe a "patchkit" that could be installed (source or binary, > whatever) could be done. But I think a "2.1.7" type release would be > most ideal... > > I would be happy to work on some of this, as I have already done the > work for some of the problems. I have already suggested a 'security update package repository' to Jordan and Paul Traina. They like the idea. Still musing over the exact implementation though. But as soon as I get libc patches, I'll build packages for 2.1.0, 2.1.5 and 2.1.6 and make them available from somewhere, along with sendmail885. regards, Danny