Date: Mon, 4 Jan 1999 18:41:11 -0800 (PST) From: asami@FreeBSD.ORG (Satoshi Asami) To: matt@megaweapon.zigg.com Cc: ports@FreeBSD.ORG Subject: Re: Quick check on x11-toolkits/Xaw3d vulnerability Message-ID: <199901050241.SAA12828@bubble.didi.com> In-Reply-To: <Pine.BSF.4.05.9901040935340.10073-100000@megaweapon.zigg.com> (message from Matt Behrens on Mon, 4 Jan 1999 09:37:24 -0500 (EST))
next in thread | previous in thread | raw e-mail | index | archive | help
* From: Matt Behrens <matt@megaweapon.zigg.com> * * Eariler this year, if everyone recalls, vulnerabilities were found * in the Xaw libraries that could give root shells with a simple run * of xterm. * * I have recently begun using Xaw3d (1.5, from the ports collection) * and there *seems* to be no mention either in the port, the patches, * or the source itself of any vulnerabilities or fixes. Yet all Xaw * advisories suggest that Xaw3d "may" be vulnerable. * * Was this conciously upgraded to incorporate any fixes? I'm not sure about the vulnerabilities (gosh, what a long word), but the Xaw3d in the ports collection is still at R6.1/1.3. I'll upgrade it to R6.3/1.5 when I get around to it (hopefully later tonight). Satoshi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901050241.SAA12828>