Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-19:07.mds

On Wed, May 15, 2019 at 8:33 AM mike tancsa wrote: > > On 5/15/2019 8:18 AM, Wall, Stephen wrote: > >> New CPU microcode may be available in a BIOS update from your system > >> vendor, > >> or by installing the devcpu-data package or sysutils/devcpu-data port. > >> Ensure that the BIOS update or

Re: Current vulnerabilities of lua and luajit appear in China's database

5.3.6 release cycle started a little while ago, but there's no indication of anything to worry about here as far as security issues go. In short, these reports appear to be bogus, or at least nothing for us to worry about. Thanks, Kyle Evans _

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

sion he responded and looped in the port maintainer to the additional context, which is how it should be handled. If so@ smacked everyone that intentionally or unintentionally (as the case is here, clearly) did something that secteam's attention was raised to, then we would end up with a security off

Re: Security leak: Public disclosure of user data without their consent by installing software via pkg

hat ports is delegated ports-secteam@ purview, so this was misguided anyways as secteam should be more of a last resort for ports-specific issues. Thanks, Kyle Evans On Fri, Apr 9, 2021 at 4:22 AM Stefan Blachmann wrote: > > The deeper-lying problem is the almost complete lack of policy wha

Re: RNGs in Operating Systems

5.17-5.18/ > FWIW, Conrad (cem@) wrote up some compare/contrast notes on the topic here: https://cemeyer.github.io/2022-03-19-FreeBSD-random Thanks, Kyle Evans

Re: CVE-2024-3094: malicious code in xz 5.6.0 and xz 5.6.1

e, O. Hartmann See so@'s answer from a couple days ago: https://lists.freebsd.org/archives/freebsd-security/2024-March/000248.html TL;DR no Thanks, Kyle Evans

Re: Privileges using security tokens through PC/SC-daemon

rds, Jan Behrens Right, that'd be a problem. Something like this might work, but I haven't even build tested it: https://people.freebsd.org/~kevans/pcsc-auth.diff It could be cleaned up a little bit if it works. Thanks, Kyle Evans

Re: Privileges using security tokens through PC/SC-daemon

On 9/4/24 19:17, Jan Behrens wrote: On Wed, 4 Sep 2024 18:14:56 -0500 Kyle Evans wrote: On 9/4/24 17:58, Jan Behrens wrote: I think I may have found the problem. If I'm right, it is an issue of pcsc-lite in combination with FreeBSD. Looking into pcsc-lite's file "src/auth.c&

Re: Privileges using security tokens through PC/SC-daemon

On 9/4/24 21:58, Kyle Evans wrote: On 9/4/24 19:17, Jan Behrens wrote: On Wed, 4 Sep 2024 18:14:56 -0500 Kyle Evans wrote: On 9/4/24 17:58, Jan Behrens wrote: I think I may have found the problem. If I'm right, it is an issue of pcsc-lite in combination with FreeBSD. Looking into