that does not exist until that
point in time), and then newsyslog may also read the renamed file,
compress the data, write it to yet another new file, etc.
So setting +sappnd on a logfile should not prevent newsyslog from
processing it. However, the fact that the file is renamed and
a brand new one
I think the question is this a typo in the vuln-2022.xml, because the changelog
shows the CVE are fixed in 2.4.54
> On 10 Jun 2022, at 15:20, Wall, Stephen wrote:
>
>> vuln-2022.xml:
>>
>>
>>apache24
>>2.5.54 <--- 2.4.54 ???
>> ~~
>>
>> --
>> Masachika ISHIZUKA
>
that a certain
security measure is disabled in the daily security reports, hoping someone
reads it together with the executables that suddenly have been setuid for root.
Peter
> On 10 Jul 2019, at 18:37, Kevin via freebsd-security
> wrote:
>
> Hello list. I am reading this page a
under Project control - where a
vulnerability affects multiple vendors, there is almost always general
agreement on a common announcement date. If the Project leaks information
about unannounced vulnerabilities, it will stop receiving advance
information about vulnerabilities - this definitely
SA-19:07.mds.asc then?
G'luck,
Peter
--
Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} p...@storpool.com
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: PGP signature
Webb, next time when talking to any audience, remove your fucking hat.
That's basic human courtesy.
--
PG
On 28/04/2018 04:39, grarpamp wrote:
> https://www.youtube.com/watch?v=bT_k06Xg-BE
>
> Without exploit mitigations and with an insecure-by-default design,
> writing malware for FreeBSD is a f
fix in 10,4 kernel.
That code was re-written in r82122, retaining the use of arc4random() for
ISN initialisation. As a result, it's no longer possible to point at
specific code and say "that code fixes weak TCP ISNs".
--
Peter Jeremy
signature.asc
Description: PGP signature
22 so the
code no longer exists in that form. Please advise what problem you
believe still exists in FreeBSD 10.4.
--
Peter Jeremy
signature.asc
Description: PGP signature
rary virtual address. An attacker could import
code from another system so it's not possible to mitigate the vulnerability
by (eg) implementing bounds checking in a compiler.
--
Peter Jeremy
signature.asc
Description: PGP signature
On 12/12/17 5:38 PM, Yuri wrote:
On 12/12/17 16:37, Peter Wemm wrote:
I think you're missing the point. It is a sad reality that SSL/TLS
corporate
(and ISP) MITM exists and is enforced on a larger scale than we'd like. But
it is there, and when mandated/enforced you have to go t
27;d like. But
it is there, and when mandated/enforced you have to go through the MITM
appliance, or not connect at all. Private CA's generally break those
appliances - an unfortunate FreeBSD user in this situation is cut off. How is
this better?
--
Peter Wemm - pe...@wemm.org; pe...@free
n January 2014, so you have had 3½ years to resolve
the problem that your servers aren't compatible with 10.x.
>Not asking for new versions or new releases.. just patches applied for
>previous -STABLE trees
As has been stated, the FreeBSD project will patch the supported -STA
the OpenPGP signature format", is pretty well documented in RFC 4880.
Note that this remark has no bearing on any of your other arguments, or
on your work as a whole; I just wanted to clarify this particular point :)
G'luck,
Peter
--
Peter Pentchev r...@ringlet.net r...@freebsd.org p...@s
need for a SSHv1 client
creates a net/ssh1 port (ie not in the "security" category) that installs a
client (only) that supports SSHv1 only, and comes with a big red flashing
"DANGER: INSECURE, DO NOT USE UNLESS YOU KNOW WHAT YOU ARE DOING" warning.
--
Peter Jeremy
signature.asc
Description: PGP signature
ones were correct).
--
Peter Jeremy
signature.asc
Description: PGP signature
-p37
makes apache crash with signal 11. I only tried this in a web
server running https, so I don't know if apache running only
http also crashes.
Luckily I use freebsd-update, so I could solve the problem
easily with freebsd-update rollback.
Peter
_
for
this as well as some other silly things that people always manage to do
(and, yes, "people" here does include myself, too).
G'luck,
Peter
--
Peter Pentchev r...@ringlet.net r...@freebsd.org p...@storpool.com
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: Digital signature
/kernelconfig.html> and reboot the
system.
I just svn'd current src tree. Please, is it enough to recompile the
kernel only to apply this change? Or have I to recompile the world as well?
Thanks and best regards,
--
Peter Rosa
___
freebsd-security@fre
't in the r284295 cherry-pick.
--
Peter Jeremy
pgp2yPIu85W4Q.pgp
Description: PGP signature
pd(8) has provision for specifying a leapsecond file which presumably
makes it leap-second aware. I haven't looked into the details.
There's also posix2time(3) to convert between a TAI-based time_t and a
POSIX-based time_t.
--
Peter Jeremy
pgpHbANjcdE5S.pgp
Description: PGP signature
On 2015-Jun-24 07:21:28 +1000, Peter Jeremy wrote:
>The closest is the LEAPSECONDS option: If LEAPSECONDS is defined at build
>time, /usr/src/contrib/tzdata/leapseconds is baked into the individual
>timezone files (to be) installed into /usr/share/zoneinfo.
It seems that the tzdata fil
On 2015-Jun-23 22:00:49 +0100, Pawel Biernacki
wrote:
>On 23 June 2015 at 21:56, Peter Jeremy wrote:
>
>> On 2015-Jun-23 20:03:35 +0100, Pawel Biernacki
>> wrote:
>> >As we (hopefully) all know on 30th of June we'll observe leap second.
>> > tzdata in
on with update to share/zoneinfo/leap-seconds.list file.
None of my FreeBSD systems have a share/zoneinfo/leap-seconds.list file.
Why should the Project issue an EN for a non-existent file?
--
Peter Jeremy
pgpJJchdxWJlN.pgp
Description: PGP signature
disclose the 40M credit card breach
from last week"), buzzword-compliance, CYA, it's not a bad idea from a
marketing point of view.
Peter.
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
pyc files at package install time. As far as I can see, this is what
Ubuntu and Debian (the two Linux distros I have ready access to) do.
>(Would slow down builds of dependent packages, but those are the
>breaks.)
It would be interesting to know how big an impact this is.
--
Peter Jeremy
pgpOFZRKGD3uH.pgp
Description: PGP signature
to show up for the base too.
Regards
Peter
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
t; shells/ksh93 - the original, from AT&T's David Korn
> shells/pdksh - a public domain reimplementation of the old ksh88
> shells/mksh - the MirBSD's Korn-shell (a fork of pdksh)
Well, the test with the following command:
env 'a|b=1' ksh -c 'set' | fgrep -e
going forward that RRL will be
integrated into the mainline BIND releases.
Re:
http://www.isc.org/blogs/isc-adds-ddos-defense-module-to-bind-software/
So the need for patches for RRL will be a moot point soon… ;)
Best Wishes - Peter
--
[ http://www.plosh.net/ ] - "Earth Halted: Please r
ned by a recognised CA. The hashes of the
>certificate keys are on the mirror website I pointed out in my email
The certificates are self-signed. Whilst the hashes are published on
the FreeBSD website, that site is only available via HTTP so there's
still a bootstrap issue - which I don't have a general solution for.
--
Peter Jeremy
pgpNni5WnFFmA.pgp
Description: PGP signature
orm and will
typically run at >>100MHz. In order to reproduce the state, you
need to feed the same input in with sub-microsecond timing.
And this all occurs well before user logins are allowed. If you have
an attacker that can tightly control what happens during early system
startup, you have more serious problems than the amount of entropy in
/dev/random.
--
Peter Jeremy
pgpY5da166SDY.pgp
Description: PGP signature
On 2012-Sep-06 02:09:34 +0100, RW wrote:
>On Thu, 6 Sep 2012 07:27:34 +1000
>Peter Jeremy wrote:
>> Is it worth splitting harvestfifo into multiple queues to prevent
>> this? At least a separate queue for RANDOM_WRITE and potentially
>> separate queues for each entropy so
within the kernel) being discarded. There
would still be a small amount of entropy from the get_cyclecount()
calls but this is minimal.
Is it worth splitting harvestfifo into multiple queues to prevent
this? At least a separate queue for RANDOM_WRITE and potentially
separate queues for eac
it does so in a predictable
way so it doesn't add any entropy.
On the downside, it doesn't appear to be possible to queue more than
4KB of input every 100msec - excess input is just discarded. This
implies that feeding boilerplate into /dev/random just increases the
probability that r
e to get a round
>'tuit.)
You might like to look at kern/134225 (which is misfiled, sorry).
--
Peter Jeremy
pgp9XYONOHZxL.pgp
Description: PGP signature
des provision for displaying information prior to login - see
the "Banner" option in sshd_config. Note that this is most definitely
the wrong place to include system version details.
--
Peter Jeremy
pgpFqMq1LTlO2.pgp
Description: PGP signature
y team. Thanks for your efforts during
2011 and I hope you have a quiet and uneventful holiday period and 2012.
--
Peter Jeremy
pgpvKbjvy3cxc.pgp
Description: PGP signature
th them.
> FWIW, it should use rtld_printf() instead of printf(),
>but this is moot point.
Accepted.
On 2011-Dec-19 21:02:49 +0100, Clément Lecigne wrote:
>Dont know but the ld_printerror != '\0' in the patch should be
>*ld_printerror != '\0', no?
Oops, my mistake. Yes
a mail bouncing agent (MBA? ;) which addresses
the bounce to the original sender (the one from the From header)
instead of *any* of the other possible addresses present in
mailman-generated messages that would do the right thing.
G'luck,
Peter
--
Peter Pentchev r...@ringlet.ne
root
cert and distribute that with FreeBSD. That certificate would at
least have the same trust level as FreeBSD.
--
Peter Jeremy
pgp6JsnJdHcJo.pgp
Description: PGP signature
memorise the lowest N and response.
--
Peter Jeremy
pgpzftFfptj93.pgp
Description: PGP signature
Alternatively, you could follow the reference links and determine
whether the particular vulnerabilities apply to your particular
situation. This obviously requires a greater level of skill and
reviewing if the situation changes.
--
Peter Jeremy
pgpAoAdrgOz4B.pgp
Description: PGP signature
s and is not recommended for new applications. This
is why FreeBSD has moved to using a combination of MD5 and SHA256.
Also, your website mentions DSA is unsafe. Could you please provide
a reference for this claim as I am unaware of any results suggesting
that DSA is less secure than RSA.
--
Peter Jeremy
pgpxfWXP1FEFO.pgp
Description: PGP signature
, overload )
#Allow IPs that have been 'overload'ed into the portknock_ssh table
pass in log quick proto tcp from {} to any port {ssh}
.
..
...
Then put a crontab on a per needed basis to expire all IPs in that table
that have not been referenced in 60 seconds:
* *** * /sbin
go.
I'll update the curl port ASAP now.
G'luck,
Peter
--
Peter Pentchev r...@ringlet.netr...@space.bgr...@freebsd.org
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
This sentence was in the past tense.
pgpFUf8MnmN7A.pgp
Description: PGP signature
G, NextG etc) to communicate with your systems.
Note that using very large sequence numbers should slow down an
attacker (though only linerarly) since they still need to iterate
MD5 by that many rounds.
--
Peter Jeremy
pgpO5m4qUmf47.pgp
Description: PGP signature
to
>change the md5-algorithm by default towards sha1 as recommended after
>the md5-collisions has been published?
Note that both MD5 and SHA1 are broken in the cryprographic sense. As
various people have noted, the known breaks do not impact on MD5
password hashes.
--
Peter Jeremy
Please
make an upgrade from 6 -> 7)
Provide us your make.conf as well.
Cheers.
PS: move this topic to freebsd-questions@ !
It isn't security related.
--
Oliver PETER, email: [EMAIL PROTECTED], ICQ# 113969174
"I like to con people. And I like to insult people.
If you combine co
rite-strings -Wswitch -Wshadow -Wcast-align -Wunused-parameter
> -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls
> -Wno-pointer-sign -c crt1.c
> gcc:No such file or directory
> *** Error code 1
>
> Stop in /usr/src/lib/csu/i386-elf.
> *** Error code 1
>
>
o generate random challenges using opiechallenge
No. The seed has to match the seed that was used to generate the
hash with opiepasswd.
--
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed beh
Right, lets not act swiftly. That would be too much to ask. Is there any
reason why FreeBSD is one of the last vendors to release patches for the
vulnerability?
Actually IIRC all the press releases from the *alliance* stated 30 days
and as this is a fundamental flaw that has known for the past
On Feb 18, 2008, at 12:56 PM, Technical Department wrote:
I have tried on 6.3p1 Release and 6.2p10 Release - ran out of inodes
- system fine.
Tried on 6.2-S and 6.3-S and I didn't get a system panic.
Peter
Mike Tancsa wrote:
At 11:24 PM 2/17/2008, Jim Bryant wrote:
One line su
efore I could induce a crash. :)
Maybe I'm doing something wrong?
I believe the panic doesn't occur until boot. Did you reboot the box
after writing the files to /tmp?
Peter
-- WXS
___
freebsd-security@freebsd.org ma
efore I could induce a crash. :)
Maybe I'm doing something wrong?
I believe the panic doesn't occur until boot. Did you reboot the box
after writing the files to /tmp?
Peter
-- WXS
___
freebsd-security@freebsd.org ma
is
one of the most often used well-known ports for IRC communication,
this is most probably a false positive.
G'luck,
Peter
--
Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED]
PGP key:http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F
Umm maybe its just but I fail to see why this is a security advisory
(initially caught this on the OBSD list). You are following the RFC ..
if you don't like "evil" packets, then drop them at the firewall or
router layer ... don't see the need for an OS fix.
___
t to copy the
remaining files. In particular, you should merge your local changes
to /etc/ssh/ssh{,d}_config because just copying those files across
is quite likely to give the newer ssh a degree of indigestion.
--
Peter Jeremy
pgpStG3V5YukL.pgp
Description: PGP signature
upported" version of the software.
The FreeBSD SO has advised that 5.x will receive security updates
until 31 May 2008. This gives you 15 months to either migrate to
6.x (or 7.x) or arrange alternative security support.
--
Peter Jeremy
pgpkJeH4Igp4V.pgp
Description: PGP signature
ug's suggestion that
not MFCing bind 9.3.4 to RELENG_5 is an incentive to upgrade to 6.x).
--
Peter Jeremy
pgp59Aryg16r5.pgp
Description: PGP signature
;t the case for kmem:
>
> # ls -l /dev/kmem
> crw-r- 1 root kmem0, 25 Dec 6 08:50 /dev/kmem
>
> In my opinion that makes this a bug and a security issue.
Ehh... but from what I gather, the point of this security advisory is
that users in the "operator"
urces. Thats just how life is for legacy systems,
we are all mature enough here in the tech world to know this. No
reason you can't sell your CIO's on this when I am guessing they are
shelling out millions on other vendors.
-Peter
___
f
Just to verify as not mentioned in the security advisory, if you are
using both the BIND and OPENSSL ports with the REPLACE_BASE directive,
these don't apply correct?
-Peter
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/ma
user has new mail but you aren't running biff. To stop it, add
the following lines to your sendmail.mc file, rebuild sendmail.cf and
restart sendmail:
dnl Disable biff notification
define(`LOCAL_MAILER_ARGS', `mail.local -Bl')
--
Peter Jeremy
pgpzGx8OtFw34.pgp
Description: PGP signature
atisfy a pagein request.
FreeBSD tries to reduce the effective overhead of page zeroing by
zeroing them in the idle loop and keeping a cache of pre-zeroed pages
for handing out to processes.
--
Peter Jeremy
pgpQP35QW4vB2.pgp
Description: PGP signature
On Tue, 2006-May-23 08:53:00 -0700, Roger Marquis wrote:
>Peter Jeremy wrote:
>>One of the major problems with unattended/automatic updating is
>>that it is hard to filter them.
Actually, I didn't.
--
Peter Jeremy
___
freebsd-
ate process needs to balance
the benefits of reducing the number of unpatched boxes against the
risks of the update system being subverted.
--
Peter Jeremy
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
on that?
I've gone through the CAcert assurance process and it seems to work,
though a lot depends on your access to other assurers. Note that the
CAcert certificates are now part of ports/security/ca-roots though the
issue of bootstrapping remains (how do you know that your roots file
is gen
Its a regression.
See: http://www.freebsd.org/cgi/query-pr.cgi?pr=95180
I am the tor-devel maintainer and not only do I get private emails
about this at least once a week, I am expereincing it myself and also
hear about it on both the OFTC and Freenode tor channels usually every
couple days. Eno
--- Thorsten Steentjes <[EMAIL PROTECTED]> wrote:
> Could you please explain what you mean with loophole in that context?
Arg..going to make be track down obscure government regs are you ...
been a couple years since I did IA work :)
Unsure exactly which higher level US Department of Defense Inst
images checkum. Sure we
know the image wasn't tampered with but the attacker still has your
keys.
Cheers,
-Peter
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> I am considering installing several `servers' in a facility that
> needs to conform with the products listed at: DSD Approved Products
You might want to contact your local government security wonk and ask
him if there is a open source loop hole. The US Department of Defense
has a similar requi
On Sun, 2006-Jan-29 12:10:34 +0100, Christian Baer wrote:
>On Sun, 29 Jan 2006 13:29:43 +1100 Peter Jeremy wrote:
>I am reading up on the basics of this subject. However, the theory
>doesn't really cover too much of the practical sides like the real
>differences between approaches
omputer without setting off the
alarm. You might find it easier to protect the master keys with a
(volatile) passphrase and rely on adequate protection of the
passphrase. (You might also consider looking up "secret sharing"
"threshold system").
>After considering this, am I b
Hi all,
> For the reference:
> make cleandir; make cleandir
how could we list ALL possible options, defined in /usr/src, please?
Those listed above are both new options I never heard about before.
BTW, what are ALL possible options in /usr/ports too, please?
Pete
since the
>attacker controls too much, or you can say the probability is high
>enough that you got a copy of the original repository.
This is non-trivial because the repository is not static and CVS
doesn't store transaction logs that would allow you to reproduce the
r
On Wed, 2005-Nov-30 14:38:11 -0500, Kris Kennaway wrote:
>On Thu, Dec 01, 2005 at 04:58:36AM +1100, Peter Jeremy wrote:
>
>> Note that the only ports-related file that can't be moved out of the
>> ports tree is 'INDEX'.
>
>Set INDEXFILE.
INDEXFILE always app
org security:
If you don't trust the FreeBSD Project you wouldn't run FreeBSD.
> Without ssh access there's no way to insert a key into the CVS
>repository.
Assuming no security holes in the infrastructure... How can I tell
that my private copy of the FreeBSD Pro
roam
>around in /etc.
And, hence, require root privileges.
>BTW, those scripts fail (of course), if /tmp is mounted with the noexec
>option.
I think the solution to this is to set PKG_TMPDIR somewhere else.
--
Peter Jeremy
___
freebsd-secur
On Wed, Nov 30, 2005 at 09:55:24AM +0100, ?d?m Szilveszter wrote:
> really bizarre things like "openssh from ports overwriting the one in the
> base" which would be really a good idea btw.)
Except, sometimes, we really DO want to OVERRIDE_BASE :)
--
Peter C. Lai
Dept. of Neurobi
is
closer to the X.509 model. The base system already includes tools for
handling X.509 signatures (openssl) and there is already a collection
of X.509 keys embedded in the ports system (security/ca-roots).
--
Peter Jeremy
___
freebsd-security@freebsd.org m
ment from the mailing list
archive
(http://lists.freebsd.org/pipermail/freebsd-announce/2005-November/001023.html).
Whilst the signature was still intact, the content has been changed
so the signature no longer verifies. (The changes are presumably
mechanical changes as part of its conversion from
.portknocking.org/view/implementations/implementations for an
extensive listing.
--
Peter C. Lai
Dept. of Neurobiology | SenseLab
Yale University School of Medicine
http://cowbert.2y.net/
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd
te obtaining a X.509 certificate for the FreeBSD Project
- Signing ISO images with a Project key and/or certificate in addition
to providing MD5 checksums.
- Investigate providing authenticated protocols for updating FreeBSD.
--
Peter Jeremy
pgpjIjOjnnn1g.pgp
Description: PGP signature
bsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Peter C. Lai
Dept. of Neurobiology
Yale University School of Medicine
http://cowbert.2y.net/
__
on it as your only security. But, IMHO, it is
worth doing in addition to other security measures.
--
Peter Jeremy
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
tions of them.
I strongly recommend that you disable reusable passwords on any system
exposed to the Internet - RSA/DSA or OPIE are much harder to brute force.
You can also use AllowUsers to further limit exposure.
--
Peter Jeremy
___
freebsd-security@fr
ilure in between 6 weeks.
Peter Rosa
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
1).
We can probably leverage off the work that NetBSD has done in this
area. This would significantly simplify the work involved in supporting
the various architectures.
--
Peter Jeremy
___
freebsd-security@freebsd.org mailing list
http://lists.
through the documentation and can't find any reference to a
runtime OpenSSL configuration file that would let me do this.
--
Peter Jeremy
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To un
On Wed, 2005-Oct-12 00:12:35 -0700, Arne Wörner wrote:
>Btw: Why should the string "OpenSSL" be contained in each and
>every executable, that might use OpenSSL?
OpenSSL has a version string of the form "OpenSSL 0.9.7e 25 Oct 2004"
embedde
lready. Thanks anyway.
--
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/
___
freebsd-security@freebsd.org mailing list
http://lists.freeb
On Fri, Apr 29, 2005 at 03:10:47PM +0530, Siddhartha Jain wrote:
> Hi,
>
> I am using IPFW on FreeBSD 4.11
>
> I am facing two problems:
> - SSH sessions timeout after a while
Use stateful connections. (i.e. use a setup rule and a subsequent established
rule).
--
Peter C.
; long-term-supported. I'm sure one of the two will, as one of the two will
>> reflcet ultimately the walk-of-life of 5-STABLE, won't it?
>
>Why don't we just skip 6 and name it "FreeBSD X" or "FreeBSD 10" ?
Why not just merge XFree86 (or X.
TED]
>
> ___
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Peter C. Lai
University of C
ile~ Fri Mar 11 14:09:20 2005
+++ MakefileSun Mar 13 09:56:42 2005
@@ -1,5 +1,5 @@
-.PATH: /usr/src/sys/crypto/
-CFLAGS+= -I/usr/src/sys/crypto
+.PATH: ${.CURDIR}/../../crypto
+CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../../crypto
KMOD= mac_chkexec
SRCS= vnode_if.h \
server#
-
94 matches
Mail list logo
