Date: Thu, 18 May 2000 03:27:12 -0400 (EDT) From: Trevor Johnson <trevor@jpj.net> To: Gregory Bond <gnb@itga.com.au> Cc: ports@FreeBSD.ORG, FreeBSD Security Officer <security-officer@FreeBSD.ORG> Subject: Re: Netscape47 ports outdated Message-ID: <Pine.BSI.4.21.0005180317290.11331-100000@blues.jpj.net> In-Reply-To: <200005162350.JAA21942@lightning.itga.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 17 May 2000, Gregory Bond wrote: > The Makefiles for the Netscape47 ports are still looking for 4.72, but the > version available from netscape.com is 4.73. Some of the ports have been updated, and updates have been submitted for others. There is a CERT advisory (CA-2000-05, "Netscape Navigator Improperly Validates SSL Sessions") at http://www.cert.org/advisories/CA-2000-05.html . It says "Systems running Netscape Navigator 4.72, 4.61, and 4.07 [are affected]. Other versions less than 4.72 are likely to be affected as well." The problem is also described at http://home.netscape.com/security/notes/index.html . According to both, version 4.73 is not vulnerable. I suggest that: - updates to the Netscape 4.7 ports receive priority - the FreeBSD security officer issue an alert -- Trevor Johnson http://jpj.net/~trevor/gpgkey.txt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.21.0005180317290.11331-100000>