From owner-freebsd-security@FreeBSD.ORG Mon Feb 11 21:56:27 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E6E016A421 for ; Mon, 11 Feb 2008 21:56:27 +0000 (UTC) (envelope-from tonynolo2@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175]) by mx1.freebsd.org (Postfix) with ESMTP id 2075113C465 for ; Mon, 11 Feb 2008 21:56:26 +0000 (UTC) (envelope-from tonynolo2@gmail.com) Received: by ug-out-1314.google.com with SMTP id y2so619931uge.37 for ; Mon, 11 Feb 2008 13:56:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=bbuM/XlKkpXxY0ha/S0jAsnjWkEU1OPJALB8FtMmtTA=; b=d+CEpeI9QUFHj8yeWJI60pATH8vJPzLwhPoogWI+sDoW8tHAbhF6/XrNNn5XjCifBnlgqbI353AwS1vFY8vAbR+nRYcGkhfgB9CpgmunaT1TpiYLs+WkAGvipwRn1H/CxUzqkF5JbCSlta27l0dukQyJZ0BFTzaHTW8TFlLv8as= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=e2BkRq0Nf7TmutmaviqLEG99xGYyR3GZWHdLgrcKXx/VKAK4VYeBNV04yl/zgGnmIeyWN8IZ4fz+rY0mooXvYcZAKMX6qQ0DDB2hPdUWTGSzq4c1DVtUe+8Vw1bmZYrgP9c9fegE1ZXZcvF+DlR/LCNXA/5j+JQTLmeEHOS/oZ4= Received: by 10.78.122.16 with SMTP id u16mr1029496huc.21.1202766985264; Mon, 11 Feb 2008 13:56:25 -0800 (PST) Received: by 10.78.131.6 with HTTP; Mon, 11 Feb 2008 13:56:25 -0800 (PST) Message-ID: <205b7d90802111356o31b17de9kd75fd9b915b0aea7@mail.gmail.com> Date: Mon, 11 Feb 2008 13:56:25 -0800 From: "Tony Nolo" To: freebsd-security@freebsd.org In-Reply-To: <205b7d90802061730j9fe4d4n1dc19176c675b0a3@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <205b7d90802061354g7de45dcbo5c4522dd392c31f6@mail.gmail.com> <205b7d90802061730j9fe4d4n1dc19176c675b0a3@mail.gmail.com> Subject: Re: failed binary version 6.2-6.3 update using freebsd-update.sh X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2008 21:56:27 -0000 Hello All, Can someone please comment honestly as to where the best place to get a solution to this problem is, or whether it's reasonable to even expect one? So far, I've tried the irc channel, this mailing list, and the author himself. Andrew's been kind enough to swap a few ideas/questions around, but he's one person and likely busy ... beyond that, being called 'stupid' in private IRC messages is about all the feedback I've received on this matter. I'd gather that there's some 'official' process for a end-user to get help with the recommended method of upgrading to a just-released version of freebsd. Or, is there? Tony From owner-freebsd-security@FreeBSD.ORG Tue Feb 12 11:19:02 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2C64316A46D for ; Tue, 12 Feb 2008 11:19:02 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from frontmail.ipactive.de (frontmail.maindns.de [85.214.95.103]) by mx1.freebsd.org (Postfix) with ESMTP id A358F13C46B for ; Tue, 12 Feb 2008 11:19:00 +0000 (UTC) (envelope-from volker@vwsoft.com) Received: from mail.vtec.ipme.de (Q7d85.q.ppp-pool.de [89.53.125.133]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by frontmail.ipactive.de (Postfix) with ESMTP id C4BE712883F; Tue, 12 Feb 2008 11:54:49 +0100 (CET) Received: from cesar.sz.vwsoft.com (cesar.sz.vwsoft.com [192.168.16.3]) by mail.vtec.ipme.de (Postfix) with ESMTP id B88D23F443; Tue, 12 Feb 2008 11:52:58 +0100 (CET) Message-ID: <47B17AE4.6000805@vwsoft.com> Date: Tue, 12 Feb 2008 11:54:28 +0100 From: Volker User-Agent: Thunderbird 2.0.0.9 (X11/20080125) MIME-Version: 1.0 To: Tony Nolo References: <205b7d90802061354g7de45dcbo5c4522dd392c31f6@mail.gmail.com> <205b7d90802061730j9fe4d4n1dc19176c675b0a3@mail.gmail.com> <205b7d90802111356o31b17de9kd75fd9b915b0aea7@mail.gmail.com> In-Reply-To: <205b7d90802111356o31b17de9kd75fd9b915b0aea7@mail.gmail.com> X-Enigmail-Version: 0.95.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit MailScanner-NULL-Check: 1203418386.25812@n+It6gpwWfGKCEo6Y8jZLg X-VWSoft-MailScanner: Found to be clean X-MailScanner-From: volker@vwsoft.com X-ipactive-MailScanner-Information: Please contact the ISP for more information X-ipactive-MailScanner: Found to be clean X-ipactive-MailScanner-From: volker@vwsoft.com Cc: freebsd-security@freebsd.org Subject: Re: failed binary version 6.2-6.3 update using freebsd-update.sh X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2008 11:19:02 -0000 On 02/11/08 22:56, Tony Nolo wrote: > Hello All, > > Can someone please comment honestly as to where the best place to get > a solution to this problem is, or whether it's reasonable to even > expect one? > > So far, I've tried the irc channel, this mailing list, and the author himself. > > Andrew's been kind enough to swap a few ideas/questions around, but > he's one person and likely busy ... beyond that, being called > 'stupid' in private IRC messages is about all the feedback I've > received on this matter. > > I'd gather that there's some 'official' process for a end-user to get > help with the recommended method of upgrading to a just-released > version of freebsd. Or, is there? Tony, for getting user support, there's questions@ or stable@. You may also try one or the other web forum and IRC channel. security@ is not the right place for asking for support or chatting AFAIK. In your case, you're experiencing a bug and that's what GNATS is for. You should consider filing a bug report (PR). When filing a bug report, please include as much useful information as possible. I've never worked with freebsd-update but from checking your previous posts, it seems like function "upgrade_merge()" does not work well (${V} does not get input). Your output seems to be a bit garbled (out of order output) and so I suggest you trying to get your system running with a plain vanilla GENERIC kernel before trying to update. If even that doesn't work out, please file a PR, run 'sh -x freebsd-update.sh ...' as Andrew suggested and put the output file somewhere where someone can fetch it for debugging. If you're in hurry or don't want to spend more time on this, you can always update your system the classical way (see handbook for instructions). HTH Volker From owner-freebsd-security@FreeBSD.ORG Tue Feb 12 10:31:00 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6FCD016A41A for ; Tue, 12 Feb 2008 10:31:00 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id D318613C502 for ; Tue, 12 Feb 2008 10:30:59 +0000 (UTC) (envelope-from jhs@berklix.org) Received: from js.berklix.net (p549A731F.dip.t-dialin.net [84.154.115.31]) (authenticated bits=0) by tower.berklix.org (8.13.6/8.13.6) with ESMTP id m1CA21jB000644; Tue, 12 Feb 2008 10:02:02 GMT (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by js.berklix.net (8.13.8/8.13.8) with ESMTP id m1CA3s0f056451; Tue, 12 Feb 2008 11:03:54 +0100 (CET) (envelope-from jhs@berklix.org) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.13.8/8.13.8) with ESMTP id m1CA3h4q050174; Tue, 12 Feb 2008 11:03:48 +0100 (CET) (envelope-from jhs@fire.js.berklix.net) Message-Id: <200802121003.m1CA3h4q050174@fire.js.berklix.net> To: "Tony Nolo" In-reply-to: <205b7d90802111356o31b17de9kd75fd9b915b0aea7@mail.gmail.com> References: <205b7d90802061354g7de45dcbo5c4522dd392c31f6@mail.gmail.com> <205b7d90802061730j9fe4d4n1dc19176c675b0a3@mail.gmail.com> <205b7d90802111356o31b17de9kd75fd9b915b0aea7@mail.gmail.com> Comments: In-reply-to "Tony Nolo" message dated "Mon, 11 Feb 2008 13:56:25 -0800." Date: Tue, 12 Feb 2008 11:03:43 +0100 From: "Julian H. Stacey" X-Mailman-Approved-At: Tue, 12 Feb 2008 12:27:24 +0000 Cc: freebsd-security@freebsd.org Subject: Re: failed binary version 6.2-6.3 update using freebsd-update.sh X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Feb 2008 10:31:00 -0000 "Tony Nolo" wrote: > Hello All, > > Can someone please comment honestly as to where the best place to get > a solution to this problem is, or whether it's reasonable to even > expect one? > > So far, I've tried the irc channel, this mailing list, and the author himself. > > Andrew's been kind enough to swap a few ideas/questions around, but > he's one person and likely busy ... beyond that, being called > 'stupid' in private IRC messages is about all the feedback I've > received on this matter. > > I'd gather that there's some 'official' process for a end-user to get > help with the recommended method of upgrading to a just-released > version of freebsd. Or, is there? > > Tony Hi freebsd-security@freebsd.org is for security issues thus wrong list to ask on, see http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL questions@freebsd.org User questions and technical support http://lists.freebsd.org/mailman/listinfo/freebsd-questions if after trying that no progress, then look at list hackers@ > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > -- Julian Stacey. BSD Unix Linux Net Consultant, Munich. http://berklix.com From owner-freebsd-security@FreeBSD.ORG Wed Feb 13 14:10:59 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1159916A469; Wed, 13 Feb 2008 14:10:59 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from falcon.cybervisiontech.com (falcon.cybervisiontech.com [217.20.163.9]) by mx1.freebsd.org (Postfix) with ESMTP id C176E13C508; Wed, 13 Feb 2008 14:10:58 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from localhost (localhost [127.0.0.1]) by falcon.cybervisiontech.com (Postfix) with ESMTP id 9244843E46E; Wed, 13 Feb 2008 15:43:00 +0200 (EET) X-Virus-Scanned: Debian amavisd-new at falcon.cybervisiontech.com Received: from falcon.cybervisiontech.com ([127.0.0.1]) by localhost (falcon.cybervisiontech.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CrkFAdVDK9hE; Wed, 13 Feb 2008 15:43:00 +0200 (EET) Received: from [10.2.1.87] (gateway.cybervisiontech.com.ua [88.81.251.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by falcon.cybervisiontech.com (Postfix) with ESMTP id 3710143DBE9; Wed, 13 Feb 2008 15:43:00 +0200 (EET) Message-ID: <47B2F3E0.1080806@icyb.net.ua> Date: Wed, 13 Feb 2008 15:42:56 +0200 From: Andriy Gapon User-Agent: Thunderbird 2.0.0.9 (X11/20080123) MIME-Version: 1.0 To: freebsd-security@freebsd.org, Martin Wilke Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Wed, 13 Feb 2008 14:48:00 +0000 Cc: Subject: portaudit: xfce vulnerabilities X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2008 14:10:59 -0000 It seems that there is a mistake on this page: http://www.freebsd.org/ports/portaudit/024edd06-c933-11dc-810c-0016179b2dd5.html All reference URLs say that the vulnerability existed before version 4.4.2 and it is fixed in version 4.4.2. But affected version are described as: xfce4-panel >4.4.1_1 libxfce4gui >4.4.1_1 Shouldn't there be "equal or less" instead of "greater"? -- Andriy Gapon From owner-freebsd-security@FreeBSD.ORG Wed Feb 13 15:49:20 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7279016A418 for ; Wed, 13 Feb 2008 15:49:20 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 2E3D413C4F2 for ; Wed, 13 Feb 2008 15:49:20 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Message-ID:MIME-Version:Content-Type:Content-Disposition:Sender:X-Spam-Status:Subject; b=cZfvEQ6pNJRyeMtYX+pjMXSszBEK8gVpi/JmuQMPfNVT0Yh8nYX2bn9v/uirhP5Gvy5DRw+3hxZ4POiel3PPMuPgdp+Evx5nXqn8kSD3979xLwDFsm+yI42xcN0SDKRJ0XQTbUdQKS++6PrVNAAMr+vmoTbduNARmLbrS1paDmk=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1JPJh9-0008TL-Df for freebsd-security@freebsd.org; Wed, 13 Feb 2008 18:38:47 +0300 Date: Wed, 13 Feb 2008 18:38:46 +0300 From: Eygene Ryabinkin To: freebsd-security@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="Fnm8lRGFTVS/3GuM" Content-Disposition: inline Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-1.8 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_50 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: VuXML entry for CVE-2008-0318 (libclamav) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Feb 2008 15:49:20 -0000 --Fnm8lRGFTVS/3GuM Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Good day. Attached is the draft of the VuXML entry for the new ClamAV vulnerability. >From what I had seen and from the comments of the iDefence and ClamAV changelog, it seems that the vulnerable Petite PE module is really disabled in daily.cfg. The file has entries 'PE:0xbfff:13:23' and 'PE:0xdeff:24:25', while libclamav/dconf.h has the following: ----- #define PE_CONF_PETITE 0x100 ----- So, Petite compressor is disabled for f-levels 24 (0.92_sf) and 25 (0.92). 23 is 0.92rc2 and Petite is enabled for it and lower versions down to 13 (0.90). F-versions were extracted from libclamav/others.c, macro variable CL_FLEVEL. So I had marked only clamav >= 0.92 and < 0.92.1 as vulnerable. -- Eygene --Fnm8lRGFTVS/3GuM-- From owner-freebsd-security@FreeBSD.ORG Thu Feb 14 06:49:17 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A1B616A420; Thu, 14 Feb 2008 06:49:17 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from galain.elvandar.org (galain.elvandar.org [217.148.169.56]) by mx1.freebsd.org (Postfix) with ESMTP id B594713C44B; Thu, 14 Feb 2008 06:49:16 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from localhost.we-dare.net ([127.0.0.1] helo=galain.elvandar.org) by galain.elvandar.org with esmtpa (Exim 4.67) (envelope-from ) id 1JPXuF-000POe-94; Thu, 14 Feb 2008 07:49:15 +0100 Received: from 194.74.82.3 (SquirrelMail authenticated user remko) by galain.elvandar.org with HTTP; Thu, 14 Feb 2008 07:49:15 +0100 (CET) Message-ID: <44255.194.74.82.3.1202971755.squirrel@galain.elvandar.org> In-Reply-To: <47B2F3E0.1080806@icyb.net.ua> References: <47B2F3E0.1080806@icyb.net.ua> Date: Thu, 14 Feb 2008 07:49:15 +0100 (CET) From: "Remko Lodder" To: "Andriy Gapon" User-Agent: SquirrelMail/1.4.13 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-security@freebsd.org, Martin Wilke Subject: Re: portaudit: xfce vulnerabilities X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: remko@elvandar.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2008 06:49:17 -0000 On Wed, February 13, 2008 2:42 pm, Andriy Gapon wrote: > > It seems that there is a mistake on this page: > http://www.freebsd.org/ports/portaudit/024edd06-c933-11dc-810c-0016179b2dd5.html > > All reference URLs say that the vulnerability existed before version > 4.4.2 and it is fixed in version 4.4.2. > But affected version are described as: > xfce4-panel >4.4.1_1 > libxfce4gui >4.4.1_1 > > Shouldn't there be "equal or less" instead of "greater"? > > -- > Andriy Gapon > _______________________________________________ Hey Andriy, Thanks for the report, from what I know miwi was going to look at this to match 4.4.2 so that nothing else is affected.. Cheers remko -- /"\ Best regards, | remko@FreeBSD.org \ / Remko Lodder | remko@EFnet X http://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News From owner-freebsd-security@FreeBSD.ORG Thu Feb 14 12:10:42 2008 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 76C9216A421; Thu, 14 Feb 2008 12:10:42 +0000 (UTC) (envelope-from security-advisories@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 6183C13C45B; Thu, 14 Feb 2008 12:10:42 +0000 (UTC) (envelope-from security-advisories@FreeBSD.org) Received: from freefall.freebsd.org (simon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m1ECAgcL071154; Thu, 14 Feb 2008 12:10:42 GMT (envelope-from security-advisories@freebsd.org) Received: (from simon@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m1ECAg4R071152; Thu, 14 Feb 2008 12:10:42 GMT (envelope-from security-advisories@freebsd.org) Date: Thu, 14 Feb 2008 12:10:42 GMT Message-Id: <200802141210.m1ECAg4R071152@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: simon set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-08:03.sendfile X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@FreeBSD.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2008 12:10:42 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:03.sendfile Security Advisory The FreeBSD Project Topic: sendfile(2) write-only file permission bypass Category: core Module: sys_kern Announced: 2008-02-14 Credits: Kostik Belousov Affects: All supported versions of FreeBSD Corrected: 2008-02-14 11:45:00 UTC (RELENG_7, 7.0-PRERELEASE) 2008-02-14 11:45:41 UTC (RELENG_7_0, 7.0-RELEASE) 2008-02-14 11:46:08 UTC (RELENG_6, 6.3-STABLE) 2008-02-14 11:46:41 UTC (RELENG_6_3, 6.3-RELEASE-p1) 2008-02-14 11:47:06 UTC (RELENG_6_2, 6.2-RELEASE-p11) 2008-02-14 11:47:39 UTC (RELENG_6_1, 6.1-RELEASE-p23) 2008-02-14 11:49:39 UTC (RELENG_5, 5.5-STABLE) 2008-02-14 11:50:28 UTC (RELENG_5_5, 5.5-RELEASE-p19) CVE Name: CVE-2008-0777 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The sendfile(2) system call allows a server application (such as a HTTP or FTP server) to transmit the contents of a file over a network connection without first copying it to application memory. High performance servers such as the Apache HTTP Server and ftpd use sendfile. II. Problem Description When a process opens a file (and other file system objects, such as directories), it specifies access flags indicating its intent to read, write, or perform other operations. These flags are checked against file system permissions, and then stored in the resulting file descriptor to validate future operations against. The sendfile(2) system call does not check the file descriptor access flags before sending data from a file. III. Impact If a file is write-only, a user process can open the file and use sendfile to send the content of the file over a socket, even though the user does not have read access to the file, resulting in possible disclosure of sensitive information. IV. Workaround No workaround is available, but systems are only vulnerable if write-only files exist, which are not widely used. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 5-STABLE, 6-STABLE, or 7.0-PRERELEASE, or to the RELENG_7_0, RELENG_6_3, RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 5.5, 6.1, 6.2, 6.3, and 7.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 6.2, 6.3, and 7.0] # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile.patch # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile.patch.asc [FreeBSD 6.1] # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile61.patch # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile61.patch.asc [FreeBSD 5.5] # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile55.patch # fetch http://security.FreeBSD.org/patches/SA-08:03/sendfile55.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_5 src/sys/kern/kern_descrip.c 1.243.2.11 RELENG_5_5 src/UPDATING 1.342.2.35.2.20 src/sys/conf/newvers.sh 1.62.2.21.2.21 src/sys/kern/kern_descrip.c 1.243.2.9.2.1 RELENG_6 src/sys/kern/kern_descrip.c 1.279.2.16 src/sys/kern/uipc_syscalls.c 1.221.2.5 RELENG_6_3 src/UPDATING 1.416.2.37.2.5 src/sys/conf/newvers.sh 1.69.2.15.2.4 src/sys/kern/kern_descrip.c 1.279.2.15.2.1 src/sys/kern/uipc_syscalls.c 1.221.2.4.4.1 RELENG_6_2 src/UPDATING 1.416.2.29.2.15 src/sys/conf/newvers.sh 1.69.2.13.2.14 src/sys/kern/kern_descrip.c 1.279.2.9.2.1 src/sys/kern/uipc_syscalls.c 1.221.2.4.2.1 RELENG_6_1 src/UPDATING 1.416.2.22.2.26 src/sys/conf/newvers.sh 1.69.2.11.2.25 src/sys/kern/kern_descrip.c 1.279.2.6.2.1 src/sys/kern/uipc_syscalls.c 1.221.2.1.2.1 RELENG_7 src/sys/kern/kern_descrip.c 1.313.2.1 src/sys/kern/uipc_syscalls.c 1.259.2.2 RELENG_7_0 src/UPDATING 1.507.2.3.2.3 src/sys/kern/kern_descrip.c 1.313.4.1 src/sys/kern/uipc_syscalls.c 1.259.4.2 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0777 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:03.sendfile.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (FreeBSD) iD8DBQFHtC0DFdaIBMps37IRAqp8AJ91+flnCIUSvKoFQyXfD1YTnPnuqgCcDiPJ SR4X1dNFENsHMq9ROrQhr1c= =TX1R -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Feb 14 12:11:31 2008 Return-Path: Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2687816A52A; Thu, 14 Feb 2008 12:11:31 +0000 (UTC) (envelope-from security-advisories@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 11CD413C474; Thu, 14 Feb 2008 12:11:31 +0000 (UTC) (envelope-from security-advisories@FreeBSD.org) Received: from freefall.freebsd.org (simon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m1ECBUsS071244; Thu, 14 Feb 2008 12:11:30 GMT (envelope-from security-advisories@freebsd.org) Received: (from simon@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m1ECBUhl071242; Thu, 14 Feb 2008 12:11:30 GMT (envelope-from security-advisories@freebsd.org) Date: Thu, 14 Feb 2008 12:11:30 GMT Message-Id: <200802141211.m1ECBUhl071242@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: simon set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-08:04.ipsec X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@FreeBSD.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2008 12:11:31 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:04.ipsec Security Advisory The FreeBSD Project Topic: IPsec null pointer dereference panic Category: core Module: ipsec Announced: 2008-02-14 Credits: Takashi Sogabe, Tatuya Jinmei Affects: FreeBSD 5.5 Corrected: 2008-02-14 11:49:39 UTC (RELENG_5, 5.5-STABLE) 2008-02-14 11:50:28 UTC (RELENG_5_5, 5.5-RELEASE-p19) CVE Name: CVE-2008-0177 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The IPsec suite of protocols provide network level security for IPv4 and IPv6 packets. FreeBSD includes software originally developed by the KAME project which implements the various protocols that make up IPsec. II. Problem Description There is an improper reference to a data structure in the processing of IPsec packets, which can result in a NULL pointer being dereferenced. III. Impact A single specifically crafted IPv6 packet could cause the kernel to panic, when the kernel had been configured to process IPsec and IPv6 traffic. This requires IPSEC to be compiled into the kernel, it does not necessarily have to be configured at that point. IV. Workaround No workaround is available, but kernels which does not include IPsec support are not vulnerable. The GENERIC and SMP kernel configurations distributed with FreeBSD releases do not include IPsec support. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_5 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 5.5 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-08:04/ipsec.patch # fetch http://security.FreeBSD.org/patches/SA-08:04/ipsec.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_5 src/sys/netinet6/ipcomp_input.c 1.7.4.2 RELENG_5_5 src/UPDATING 1.342.2.35.2.20 src/sys/conf/newvers.sh 1.62.2.21.2.21 src/sys/netinet6/ipcomp_input.c 1.7.4.1.4.1 - ------------------------------------------------------------------------- VII. References http://www.kb.cert.org/vuls/id/110947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0177 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:04.ipsec.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (FreeBSD) iD8DBQFHtC0HFdaIBMps37IRAt5gAKCGnYEX3r7n0Dsypmfv2m1J9pgICwCfd6uH Gy2w6OYNovnfrb7EN0jWCjM= =jHy3 -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Feb 14 09:04:51 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 81AC916A417; Thu, 14 Feb 2008 09:04:51 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from falcon.cybervisiontech.com (falcon.cybervisiontech.com [217.20.163.9]) by mx1.freebsd.org (Postfix) with ESMTP id 249FD13C468; Thu, 14 Feb 2008 09:04:51 +0000 (UTC) (envelope-from avg@icyb.net.ua) Received: from localhost (localhost [127.0.0.1]) by falcon.cybervisiontech.com (Postfix) with ESMTP id 1839143F401; Thu, 14 Feb 2008 11:04:49 +0200 (EET) X-Virus-Scanned: Debian amavisd-new at falcon.cybervisiontech.com Received: from falcon.cybervisiontech.com ([127.0.0.1]) by localhost (falcon.cybervisiontech.com [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id ykY150GrdnG7; Thu, 14 Feb 2008 11:04:49 +0200 (EET) Received: from [10.74.70.239] (unknown [193.138.145.53]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by falcon.cybervisiontech.com (Postfix) with ESMTP id A35C743CF29; Thu, 14 Feb 2008 11:04:32 +0200 (EET) Message-ID: <47B403FF.3060508@icyb.net.ua> Date: Thu, 14 Feb 2008 11:03:59 +0200 From: Andriy Gapon User-Agent: Thunderbird 2.0.0.9 (X11/20071208) MIME-Version: 1.0 To: remko@elvandar.org References: <47B2F3E0.1080806@icyb.net.ua> <44255.194.74.82.3.1202971755.squirrel@galain.elvandar.org> In-Reply-To: <44255.194.74.82.3.1202971755.squirrel@galain.elvandar.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Thu, 14 Feb 2008 12:31:54 +0000 Cc: freebsd-security@freebsd.org, Martin Wilke Subject: Re: portaudit: xfce vulnerabilities X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2008 09:04:51 -0000 on 14/02/2008 08:49 Remko Lodder said the following: > On Wed, February 13, 2008 2:42 pm, Andriy Gapon wrote: >> It seems that there is a mistake on this page: >> http://www.freebsd.org/ports/portaudit/024edd06-c933-11dc-810c-0016179b2dd5.html >> >> All reference URLs say that the vulnerability existed before version >> 4.4.2 and it is fixed in version 4.4.2. >> But affected version are described as: >> xfce4-panel >4.4.1_1 >> libxfce4gui >4.4.1_1 >> >> Shouldn't there be "equal or less" instead of "greater"? >> >> -- >> Andriy Gapon >> _______________________________________________ > > Hey Andriy, > > Thanks for the report, from what I know miwi was going to look at this to > match 4.4.2 so that nothing else is affected.. Remko, thanks, this makes more sense. Though, could this process be sped up a tiny bit? I am sure this is confusing users trying to upgrade from the vulnerable version. -- Andriy Gapon From owner-freebsd-security@FreeBSD.ORG Thu Feb 14 15:10:41 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2792016A56F for ; Thu, 14 Feb 2008 15:10:41 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 296DB13C4D5 for ; Thu, 14 Feb 2008 15:10:40 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=G8wSzpIfudAxvUTX6LSE7WsfpSGFiSXHLUm1I43HsSU3y2di1zdcrDx9KBlRYZXwHmujgjS9SColauel7tSyFsueJorpBW7BbpXRJG8yP1mCZrbF5s63wrUgM9qOyPXNqTA3NKS045hhG67in+oa+jxkUx7ORUFbH8BOtg8Nv5o=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1JPfjS-000H2b-BQ for freebsd-security@freebsd.org; Thu, 14 Feb 2008 18:10:38 +0300 Date: Thu, 14 Feb 2008 18:10:37 +0300 From: Eygene Ryabinkin To: freebsd-security@freebsd.org Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-2.3 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_05 Subject: Re: VuXML entry for CVE-2008-0318 (libclamav) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2008 15:10:41 -0000 Good day. Wed, Feb 13, 2008 at 06:38:46PM +0300, Eygene Ryabinkin wrote: > Attached is the draft of the VuXML entry for the new ClamAV > vulnerability. As pointed to me by Remko Lodder, the attachment was stripped. Resending it inline. Remko, thanks again for pointing me to this pity fact! ----- clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability clamav 0.920.92.1

iDefense Security Advisory 02.12.08:

Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process.

The vulnerability exists within the code responsible for parsing and scanning PE files. While iterating through all sections contained in the PE file, several attacker controlled values are extracted from the file. On each iteration, arithmetic operations are performed without taking into consideration 32-bit integer wrap.

Since insufficient integer overflow checks are present, an attacker can cause a heap overflow by causing a specially crafted Petite packed PE binary to be scanned. This results in an exploitable memory corruption condition.

Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the process using libclamav. In the case of the clamd program, this will result in code execution with the privileges of the clamav user. Unsuccessful exploitation results in the clamd process crashing.

Workaround

Disabling the scanning of PE files will prevent exploitation.

If using clamscan, this can be done by running clamscan with the '--no-pe' option.

If using clamdscan, set the 'ScanPE' option in the clamd.conf file to 'no'.

Vendor response

The ClamAV team has addressed this vulnerability within version 0.92.1. Additionally, the ClamAV team reports, "the vulnerable module was remotely disabled via virus-db update on Jan 11th 2008."

 CVE-2008-0318 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658 http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog 2008-01-07 ----- -- Eygene From owner-freebsd-security@FreeBSD.ORG Fri Feb 15 10:24:30 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BA27916A418 for ; Fri, 15 Feb 2008 10:24:30 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from galain.elvandar.org (galain.elvandar.org [217.148.169.56]) by mx1.freebsd.org (Postfix) with ESMTP id 6765913C474 for ; Fri, 15 Feb 2008 10:24:30 +0000 (UTC) (envelope-from remko@elvandar.org) Received: from localhost.we-dare.net ([127.0.0.1] helo=galain.elvandar.org) by galain.elvandar.org with esmtpa (Exim 4.67) (envelope-from ) id 1JPxk2-000GZc-9A; Fri, 15 Feb 2008 11:24:26 +0100 Received: from 194.74.82.3 (SquirrelMail authenticated user remko) by galain.elvandar.org with HTTP; Fri, 15 Feb 2008 11:24:26 +0100 (CET) Message-ID: <38820.194.74.82.3.1203071066.squirrel@galain.elvandar.org> In-Reply-To: References: Date: Fri, 15 Feb 2008 11:24:26 +0100 (CET) From: "Remko Lodder" To: "Eygene Ryabinkin" User-Agent: SquirrelMail/1.4.13 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-security@freebsd.org Subject: Re: VuXML entry for CVE-2008-0318 (libclamav) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: remko@elvandar.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2008 10:24:30 -0000 On Thu, February 14, 2008 4:10 pm, Eygene Ryabinkin wrote: > Good day. > > Wed, Feb 13, 2008 at 06:38:46PM +0300, Eygene Ryabinkin wrote: >> Attached is the draft of the VuXML entry for the new ClamAV >> vulnerability. > > As pointed to me by Remko Lodder, the attachment was stripped. > Resending it inline. > > Remko, thanks again for pointing me to this pity fact! > Hey, I had processed it to VuXML just minutes ago, thanks for your submission! (no worries about the stripped attachement!) it's greatly appreciated! Cheers remko -- /"\ Best regards, | remko@FreeBSD.org \ / Remko Lodder | remko@EFnet X http://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News From owner-freebsd-security@FreeBSD.ORG Fri Feb 15 12:49:35 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 118B916A417 for ; Fri, 15 Feb 2008 12:49:35 +0000 (UTC) (envelope-from BORJAMAR@SARENET.ES) Received: from proxypop1.sarenet.es (proxypop1.sarenet.es [194.30.0.99]) by mx1.freebsd.org (Postfix) with ESMTP id B2AC613C4F7 for ; Fri, 15 Feb 2008 12:49:34 +0000 (UTC) (envelope-from BORJAMAR@SARENET.ES) Received: from [127.0.0.1] (matahari.sarenet.es [192.148.167.18]) by proxypop1.sarenet.es (Postfix) with ESMTP id DEEE65D82 for ; Fri, 15 Feb 2008 13:31:06 +0100 (CET) Message-Id: From: Borja Marcos To: freebsd-security@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v919.2) Date: Fri, 15 Feb 2008 13:31:05 +0100 X-Mailer: Apple Mail (2.919.2) Subject: MAC subsystem problem (FreeBSD 7) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2008 12:49:35 -0000 Hello, I'm trying to set up a DNS server under FreeBSD using the mac_biba policy. I use to run bind in low-integrity mode, so that neither it or any of its descendants can modify configuration files, etc. With previous FreeBSD versions there was a handy sysctl setting, "security.mac.enforce_socket" that allowed to bypass the MAC restrictions for a socket. I think it's not a bad idea. After all machines can communicate with untrusted nodes over a network. In my opinion, enforcing the mac_biba restrictions so that a network communication with a local process behaves _differently_ than a network communication with a different node is a bad idea. Any reason why this setting has been eliminated? I think that the best solution is to keep it and let the administrator decide. Best regards, Borja. From owner-freebsd-security@FreeBSD.ORG Fri Feb 15 15:40:32 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 544EB16A41B for ; Fri, 15 Feb 2008 15:40:32 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id E5B5C13C47E for ; Fri, 15 Feb 2008 15:40:31 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=W1X5ODT7hTlBYP+eAuaPulBUHcWjTKZc+ar3sC2Lpm43z0PMDbXwx6p0qjIhZjZLukdrByCleQRpj8B7ozQiEuvMRmZGYMbRzh9gZyE4Rc1MPnd/JEyTub7+iJLJjXjFbM5CgMa8wWHG0gExT/Ow0uzs15k6oz0/AKlL6Xp9gtk=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1JQ2fu-000Plk-Iv; Fri, 15 Feb 2008 18:40:30 +0300 Date: Fri, 15 Feb 2008 18:40:29 +0300 From: Eygene Ryabinkin To: Remko Lodder Message-ID: <0AD+uiJ7YZ5k4tOxqnSdXxEYFmM@zhKo0eUPDljT6+NmopU63eJEIb4> References: <38820.194.74.82.3.1203071066.squirrel@galain.elvandar.org> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <38820.194.74.82.3.1203071066.squirrel@galain.elvandar.org> Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-1.8 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_50 Cc: freebsd-security@freebsd.org Subject: Re: VuXML entry for CVE-2008-0318 (libclamav) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2008 15:40:32 -0000 Remko, good day. Fri, Feb 15, 2008 at 11:24:26AM +0100, Remko Lodder wrote: > I had processed it to VuXML just minutes ago, thanks for your submission! > (no worries about the stripped attachement!) it's greatly appreciated! Thank you very much! -- Eygene