From owner-freebsd-security  Mon Jan 24  1:33:24 2000
Delivered-To: freebsd-security@freebsd.org
Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2])
	by hub.freebsd.org (Postfix) with ESMTP id 304351526B
	for <freebsd-security@FreeBSD.ORG>; Mon, 24 Jan 2000 01:33:20 -0800 (PST)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.3/8.9.1) id BAA85655;
	Mon, 24 Jan 2000 01:33:17 -0800 (PST)
	(envelope-from dillon)
Date: Mon, 24 Jan 2000 01:33:17 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <200001240933.BAA85655@apollo.backplane.com>
To: Warner Losh <imp@village.org>
Cc: Tim Yardley <yardley@uiuc.edu>, freebsd-security@FreeBSD.ORG
Subject: Re: Fwd: *BSD procfs vulnerability 
References: <4.2.0.58.20000123181240.0144ef10@students.uiuc.edu>   <200001240213.TAA47930@harmony.village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


:In message <4.2.0.58.20000123181240.0144ef10@students.uiuc.edu> Tim Yardley writes:
:: i would hope this is getting looked into...
:
:Maybe you mised the following:
:
:: >     Patches are available on
:: >http://www.openbsd.org/errata.html#procfs
:: >ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00:02/procfs.patch
:
:
:Now that this has hit bugtraq, I'll do the advisory republishing.
:
:Warner

    Hmmm.  This looks rather serious, and it does not look like anyone has
    committed the patch into RELENG_2_2 (which a lot of sites still use).  
    It would be kinda nice if someone did that.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message