Date: Tue, 11 Mar 2003 11:34:40 -0600 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: "Jacques A. Vidrine" <nectar@FreeBSD.ORG>, Guy Poizat <guy@device.dyndns.org> Cc: freebsd-security@FreeBSD.ORG, obrien@FreeBSD.ORG Subject: Re: Prov. patch for the file hole ISS disclosed Message-ID: <5.2.0.9.2.20030311113159.0386fea0@localhost> In-Reply-To: <20030306154138.GA33430@madman.celabo.org> References: <200303061415.h26EFlhD004317@device.dyndns.org> <200303061415.h26EFlhD004317@device.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:41 AM 3/6/2003 -0600, Jacques A. Vidrine wrote: >Thanks! However, this has already been fixed in -CURRENT (by import >of FILE 3.41). I do not know whether or not David plans to MFC in >time for 4.8-RELEASE. I think this should be merged into the security branches, due to possible remote exploit by third party programs that use file, such as (at the very least) amavis. >Cheers, >-- >Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ >NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos >jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.2.20030311113159.0386fea0>