Date: Mon, 18 Sep 2000 09:39:13 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Igor Roshchin <str@giganda.komkon.org> Cc: security-advisories@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: FreeBSD Ports Security Advisory: FreeBSD-SA-00:47.pine Message-ID: <Pine.BSF.4.21.0009180937400.5450-100000@freefall.freebsd.org> In-Reply-To: <200009181629.MAA16045@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 18 Sep 2000, Igor Roshchin wrote: > > Would somebody, please, clarify if the older > pine3 port is also vulnerable ? > I know that it is no longer supported in the ports collection, > but it is still being used. > Since pine3 port is not formally a pine4 port, although > its version is before 4.21, it is not clear if this bug > existed since the 3.xx period or it was introduced in 4.xx > version. I have no idea - but you definitely should not be using pine3, there were many security bugs with that version - details escape me, but I think they included remotely exploitable buffer overflows. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe <forsythe@alum.mit.edu> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009180937400.5450-100000>