From owner-freebsd-security  Thu Oct 19 20:04:58 1995
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id UAA12184
          for security-outgoing; Thu, 19 Oct 1995 20:04:58 -0700
Received: from elite.net (root@elite.net [205.199.220.1])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id UAA12176
          for <security@freebsd.org>; Thu, 19 Oct 1995 20:04:51 -0700
Received: (from nate@localhost) by elite.net (8.6.12/ELITE) id UAA15977 for security@freebsd.org; Thu, 19 Oct 1995 20:07:34 -0700
Date: Thu, 19 Oct 1995 20:07:34 -0700
From: Nate Lawson <nate@elite.net>
Message-Id: <199510200307.UAA15977@elite.net>
To: security@freebsd.org
Subject: statustatus of syslog patch?
Sender: owner-security@freebsd.org
Precedence: bulk

What is the status of the patch for the buffer overflow in syslog()?
I checked FreeBSD-current as of 10/19 and the sccs id still says:
"@(#)syslog.c    8.4 (Berkeley) 3/18/94"

Does anyone plan to integrate it into the source tree?  If not, can someone
please send me a copy of syslog.c that safely and intelligently uses
snprintf to limit buffer overflows?

Thanks,
Nate
E. Admin