Hello!
2010/5/27 FreeBSD Security Advisories :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> =
> FreeBSD-SA-10:05.opie Security Advisory
>
Hello!
So it would be possible to set an
environment
variable which in this case is not UNSETABLE or SETABLE (unsetenv and
putenv/setenv
respectively), in my eyes this is a bad behaviour of the enviroment handling
routines
introduced recently in FreeBSD.
Yes, this is a very dangerous situat
Hello!
The change that introduced the bug was made as follows:
| Revision 1.124: download - view: text, markup, annotated - select for diffs
| Thu May 17 18:00:27 2007 UTC (2 years, 6 months ago) by csjp
| Branches: MAIN
...
This was also ported MFC'd into 6.3 onwards:
...
So, yes, Free
Just in case there is some other way of exploiting the fact that rtld.c didn't
check whether unsetenv was successful (which I bet people are now looking for)
I'd apply the patch to 6.3 and 6.4 also, just to be sure.
Well, they can search as long as they wish - _but_ there's just nothing to
Hello!
On Wed, 11 Oct 2006, Jeremie Le Hen wrote:
Though I admit RELENG_4 is getting dusty, it is not rusty. I believe it
is still used in many places because of its stability and performance.
For instance, according to Julian Elischer's posts, it seems he is still
working on it.
Is it envis
Hello!
On Sat, 7 Oct 2006, Jose Alonso Cardenas Marquez wrote:
Modified files:
multimedia/win32-codecs Makefile distinfo pkg-plist
Log:
- Add the REALPLAYER and QUICKTIME(off) OPTIONS. If QUICKTIME OPTION is off,
this port could install without problem of vulnerabilities.
- Bump PORTR
Hello!
On Sat, 19 Aug 2006, Pieter de Boer wrote:
For months now, we're all seeing repeated bruteforce attempts on SSH. I've
configured my pf install to ratelimit TCP connections to port 22 and to
I wonder why OpenSSH still doesn't support simple and nice feature of
SSH.COM's sshd2_config:
Hello!
On Tue, 18 Apr 2006, Tod McQuillin wrote:
Add:
options IPFW2
...to your kernel config file and rebuild the kernel (and world also,
probably).
Yes, you need to rebuild the userland too, which means you also need
IPFW2=true in /etc/make.conf before you build world.
It's absolutely
Hello!
On Fri, 24 Mar 2006, Ruslan Ermilov wrote:
This doesn't change sendmail's identification string - it's still "8.13.1"
on RELENG_4_11, which makes detection of unpatched systems more difficult
to sysadmin. Wouldn't be wise to add, say, "-p1" to this string in
---^^^
I meant ju
Hello!
On Wed, 22 Mar 2006, FreeBSD Security Advisories wrote:
Path
- -
RELENG_4
src/contrib/sendmail/libsm/fflush.c 1.1.1.1.2.1
src/contrib/sendmail/libsm/local.h 1.1.1.1
Hello!
On Wed, 22 Mar 2006, FreeBSD Security Advisories wrote:
II. Problem Description
IPsec provides an anti-replay service which when enabled prevents an attacker
from successfully executing a replay attack. This is done through the
verification of sequence numbers. A programming error in
Hello!
On Wed, 7 Sep 2005, Simon L. Nielsen wrote:
-r--r--r-- 1 root wheel5685 Sep 7 10:11 auditfile.tbz
I don't see commits to vuln.xml during this time, so I suspect auditfile
generation error. Most known vulnerabilities are now unlisted. Please check
this issue.
Hmm, I just ran po
Hello!
Yesterday portaudit notified me about squid's vulnerability, but today it
didn't (despite I haven't upgraded squid). This has attracted my attention,
so I've compared yesterday's and today's auditfile.tbz:
-r--r--r-- 1 root wheel 29875 Sep 6 15:40 auditfile.tbz
vs.
-r--r--r-- 1
Hello!
Date: Mon, 28 Mar 2005 23:39:30 +0200
From: Daniel Gerzo <[EMAIL PROTECTED]>
Just curious... why is it necessary to rebuild the whole operating
system? Normally, the security advisories just have you rebuild the
program in question - wouldn't that have sufficed here?
I think, this
14 matches
Mail list logo
