Date: Fri, 7 Sep 2001 13:44:27 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Rob Simmons <rsimmons@wlcg.com> Cc: freebsd-security@freebsd.org Subject: Re: netbsd vulnerabilities Message-ID: <20010907134427.A55600@xor.obsecurity.org> In-Reply-To: <20010907120248.V78071-100000@mail.wlcg.com>; from rsimmons@wlcg.com on Fri, Sep 07, 2001 at 12:09:39PM -0400 References: <20010907120248.V78071-100000@mail.wlcg.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Sep 07, 2001 at 12:09:39PM -0400, Rob Simmons wrote: > Is FreeBSD affected by either of the new vulnerabilities NetBSD just > released, 2001-015 and 2001-016? >=20 > 2001-015 =3D "Insufficient checking of lengths passed from userland to > kernel." I don't know about this one.. we may be. Someone will have to look into it. > 2001-016 =3D "unsafe chdir usage in fts(3)." We fixed that one several months ago..they even credit us in the advisory. Kris --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7mTGqWry0BWjoQKURAnSJAJ9xpFQ+zOXLqCX68n2HXacfmNZFUgCdEO6u ratoPAA4Fwc/LLX0o68S5oY= =c7XR -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010907134427.A55600>