Date: Mon, 24 Sep 2001 15:09:39 -0600 From: Nate Williams <nate@yogotech.com> To: Kris Kennaway <kris@obsecurity.org> Cc: Nate Williams <nate@yogotech.com>, security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail Message-ID: <15279.41235.75925.318173@nomad.yogotech.com> In-Reply-To: <20010924140632.A62096@xor.obsecurity.org> References: <200109242049.f8OKnVr62118@freefall.freebsd.org> <15279.40183.345811.603978@nomad.yogotech.com> <20010924140632.A62096@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > ============================================================================= > > > FreeBSD-SA-01:60 Security Advisory > > > FreeBSD, Inc. > > > > > > Topic: Multiple vulnerabilities in procmail signal handling > > > V. Solution > > > > > > The port procmail-3.20 and later versions include fixes for these > > > vulnerabilities. > > > > I'm guessing this is supposed to be procmail-3.21 and later? > > No, it's meant to be 3.20 and later. Ahh, I read the vulnerability wrong. It says procmail versions prior to procmail 3.20 performed unsafe actions while in the signal handlers. I didn't parse 'prior to procmail 3.20' very well. I'm sorry, my bad, .... Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15279.41235.75925.318173>