Date: Tue, 9 Apr 2002 09:58:32 +0300 From: Peter Pentchev <roam@ringlet.net> To: X Philius <xphilius@yahoo.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: zlib double-free security notification Message-ID: <20020409095832.A3374@straylight.oblivion.bg> In-Reply-To: <20020409040344.36061.qmail@web11802.mail.yahoo.com>; from xphilius@yahoo.com on Mon, Apr 08, 2002 at 09:03:44PM -0700 References: <20020409040344.36061.qmail@web11802.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--x+6KMIRAuhnl3hBn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 08, 2002 at 09:03:44PM -0700, X Philius wrote: > Security Folks, > Are there any exploits out there that take advantage of this hole? I am > running 4.4 Release, and have been watching the security notifications > list for patches that I *really* need to run. So, if I want to keep > things as simple as possible, would you recomend patching to fix this > issue? If it is just a matter of possible DOS issues, versus actual > known exploits, I'll probably skip it. "Simple DoS issues" might result in killing a server you do not want killed, thus (theoretically) denying access to important services and maybe the machine itself. In truth, right now I cannot remember if there were any such announced vulnerabilities that could result in killing off a whole service, but.. better safe than sorry, I'd say.. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am not the subject of this sentence. --x+6KMIRAuhnl3hBn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjyykRcACgkQ7Ri2jRYZRVO1SACeIL0LdaDxyC41y/GdFvLkaVyf E8cAoILStA7KkpGe4Tu8b/laRXeQ8x4w =IhYQ -----END PGP SIGNATURE----- --x+6KMIRAuhnl3hBn-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020409095832.A3374>