Re: Downfall microcode update

t; > -- > Send from a mobile device, please forgive brevity and misspellings. > > Am 9. August 2023 09:33:06 schrieb Stefan Bethke : > >> https://downfall.page/#faq >> >> Apparently, Intel will be issuing a microcode update for this. What is the >>

Downfall microcode update

:-) https://www.freshports.org/sysutils/cpupdate/ The servers I'm concerned about are old enough to not receive BIOS updates ever again. Thanks, Stefan -- Stefan BethkeFon +49 151 14070811 signature.asc Description: Message signed with OpenPGP

CVE-2019-5599: SACK Slowness (FreeBSD 12 using the RACK TCP Stack)

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md Are stock kernels/configurations affected? If so, will a fix or workaround be incorporated? Thanks, Stefan -- Stefan BethkeFon +49 151 14070811

Re: PEAR packages potentially contain malicious code

Am 22.01.2019 um 17:03 schrieb Stefan Bethke : > > Am 22.01.2019 um 07:09 schrieb Jochen Neumeister : >> On 21.01.19 21:23, Remko Lodder wrote: >>> Hi Stefan, >>> >>>> On 21 Jan 2019, at 21:18, Stefan Bethke wrote: >>>> >>>

Re: PEAR packages potentially contain malicious code

Am 22.01.2019 um 07:09 schrieb Jochen Neumeister : > On 21.01.19 21:23, Remko Lodder wrote: >> Hi Stefan, >> >>> On 21 Jan 2019, at 21:18, Stefan Bethke wrote: >>> >>> I’ve just learned that the repository for the PHP PEAR set of extensions >

PEAR packages potentially contain malicious code

whether this code made it onto machines building from PEAR sources, or even into FreeBSD binary packages of PEAR extensions. Given the large user base for these packages, some advice to FreeBSD users might be well received. Thanks, Stefan -- Stefan BethkeFon +49 151 14070811

Re: Improving FreeBSD-SA-07:01.jail fix

I'm probably missing something, but why not replace: _jail_id=$(head -1 ${_tmp_jail}) tail +2 ${_tmp_jail} >${_rootdir}/var/log/console.log with: _jail_id=$(head -1 ${_tmp_jail}) tail +2 ${_tmp_jail} | jexec ${_jail_id} sh -c "cat >/var/log/ console.log"

Re: FreeBSD Security Advisory FreeBSD-SA-06:18.ppp

who are not as familiar with the multitude of PPP implementations in FreeBSD. Stefan -- Stefan Bethke <[EMAIL PROTECTED]> Fon +49 170 346 0140 ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-se

Re: cvs commit: src/sys/amd64/amd64 mp_machdep.c src/sys/i386/i386 mp_machdep.c

the background, but from your description it sounds like performance on Core Duo machines will be bad unless this change is made, or the potentially dangerous sysctl is active. If that is indeed the case, will this change make it into 6.1? Thanks, Stefan -- Stefan Bethke <[EMAIL P

Re: pam_radius fail open?

d. Mz experience with pam has been too confusing to add any real insight. I'd hope that des@ would be able to comment properly... Stefan -- Stefan Bethke <[EMAIL PROTECTED]> Fon +49 170 346 0140 ___ freebsd-security@freebsd.or