From owner-freebsd-security Tue Mar 7 14:14:07 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id OAA28064 for security-outgoing; Tue, 7 Mar 1995 14:14:07 -0800 Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.20.4]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id OAA28050; Tue, 7 Mar 1995 14:13:57 -0800 Received: by brasil.moneng.mei.com (4.1/SMI-4.1) id AA12153; Tue, 7 Mar 95 16:12:15 CST From: Joe Greco Message-Id: <9503072212.AA12153@brasil.moneng.mei.com> Subject: Re: key exchange for rlogin/telnet services? To: mark@grondar.za (Mark Murray) Date: Tue, 7 Mar 1995 16:12:14 -0600 (CST) Cc: barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com In-Reply-To: <199503011443.QAA12358@grunt.grondar.za> from "Mark Murray" at Mar 1, 95 04:43:54 pm X-Mailer: ELM [version 2.4beta PL9] Content-Type: text Content-Length: 480 Sender: security-owner@FreeBSD.org Precedence: bulk > FWIW, there is a telnet client in src/secure/usr.bin that is not part of the > build. This seems to be 'work in progress' that stopped a while ago. > > What about using that? > > M This works, I had to hack at it for nearly a day, but it can be made to work. :-) ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 From owner-freebsd-security Tue Mar 7 14:24:00 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id OAA28268 for security-outgoing; Tue, 7 Mar 1995 14:24:00 -0800 Received: from ref.tfs.com (ref.tfs.com [140.145.254.251]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id OAA28262; Tue, 7 Mar 1995 14:23:55 -0800 Received: (from phk@localhost) by ref.tfs.com (8.6.8/8.6.6) id OAA26993; Tue, 7 Mar 1995 14:21:43 -0800 From: Poul-Henning Kamp Message-Id: <199503072221.OAA26993@ref.tfs.com> Subject: Re: key exchange for rlogin/telnet services? To: jgreco@brasil.moneng.mei.com (Joe Greco) Date: Tue, 7 Mar 1995 14:21:43 -0800 (PST) Cc: mark@grondar.za, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com In-Reply-To: <9503072212.AA12153@brasil.moneng.mei.com> from "Joe Greco" at Mar 7, 95 04:12:14 pm Content-Type: text Content-Length: 456 Sender: security-owner@FreeBSD.org Precedence: bulk > > FWIW, there is a telnet client in src/secure/usr.bin that is not part of the > > build. This seems to be 'work in progress' that stopped a while ago. > > > > What about using that? > > > > M > > This works, I had to hack at it for nearly a day, but it can be made to work. :-) > I didn't see the patch... ? -- Poul-Henning Kamp TRW Financial Systems, Inc. I am Pentium Of Borg. Division is Futile. You WILL be approximated. From owner-freebsd-security Tue Mar 7 14:46:25 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id OAA28620 for security-outgoing; Tue, 7 Mar 1995 14:46:25 -0800 Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.20.4]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id OAA28614; Tue, 7 Mar 1995 14:46:24 -0800 Received: by brasil.moneng.mei.com (4.1/SMI-4.1) id AA12270; Tue, 7 Mar 95 16:44:10 CST From: Joe Greco Message-Id: <9503072244.AA12270@brasil.moneng.mei.com> Subject: Re: key exchange for rlogin/telnet services? To: phk@ref.tfs.com (Poul-Henning Kamp) Date: Tue, 7 Mar 1995 16:44:09 -0600 (CST) Cc: mark@grondar.za, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com In-Reply-To: <199503072221.OAA26993@ref.tfs.com> from "Poul-Henning Kamp" at Mar 7, 95 02:21:43 pm X-Mailer: ELM [version 2.4beta PL9] Content-Type: text Content-Length: 2144 Sender: security-owner@FreeBSD.org Precedence: bulk > I didn't see the patch... ? Because there wasn't one. In order to get this to work, I had to bring up eBones with the DES code from Kerberos, which got me some DES functions not in the "export" version (des_new_random_key and friends I believe, details in /usr/src/secure/lib/libtelnet/enc_des.c). I also had to do a fair amount of piddling around to get the proper versions of things installed and usable, and certainly didn't have the time to waste on fixing the build process, which as far as I could make out was simply useless. Maybe pilot error. Too much crud spread out over too much of the tree. I was simply delighted that I got it to work at all, given the problems I had getting Kerberos / eBones up to begin with. And my goal was simply to get at (what I thought at the time was) something nobody else really seemed to care about. I got my crypted telnet, and several comments from Prof. George Davida about how it wasn't very secure if it depended on Kerberos. :-) But a fairly decent lock is better than no lock at all. I am certainly willing to provide copies of my source tree. It is not by any means "buildable" in a reasonable fashion, but it DOES seem to have all the basic components needed. It's several months old; I use it daily. Because of stupid governmental regulations, my offer is only open to folks whom I could legally hand a copy of DES to. Since I don't know the legal aspects any further than that, I am not interested in pursuing this any further than perhaps a cooperative cleanup effort of some sort. I don't have the time to try substituting a different type of encryption, making it work with the "exported" DES, et al. :-( Too many other fires under my butt right now. But I would be delighted to work on cleaning up the code, if someone else (particularly someone who has worked with the FreeBSD trees and is familiar with the 4.4 Makefile stuff/etc) is willing to help. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 From owner-freebsd-security Tue Mar 7 22:05:54 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id WAA14978 for security-outgoing; Tue, 7 Mar 1995 22:05:54 -0800 Received: from grunt.grondar.za (grunt.grondar.za [196.7.18.129]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id WAA14972; Tue, 7 Mar 1995 22:05:46 -0800 Received: from localhost (localhost [127.0.0.1]) by grunt.grondar.za (8.6.10/8.6.9) with SMTP id IAA13529; Wed, 8 Mar 1995 08:03:13 +0200 Message-Id: <199503080603.IAA13529@grunt.grondar.za> X-Authentication-Warning: grunt.grondar.za: Host localhost didn't use HELO protocol To: Joe Greco cc: phk@ref.tfs.com (Poul-Henning Kamp), mark@grondar.za, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? Date: Wed, 08 Mar 1995 08:03:13 +0200 From: Mark Murray Sender: security-owner@FreeBSD.org Precedence: bulk > > I didn't see the patch... ? > > Because there wasn't one. What are the chances of "sanitising" a diff so I can track you work here? I have some of the DES stuff available. > Because of stupid governmental regulations, my offer is only open to folks > whom I could legally hand a copy of DES to. Since I don't know the legal > aspects any further than that, I am not interested in pursuing this any > further than perhaps a cooperative cleanup effort of some sort. I don't have > the time to try substituting a different type of encryption, making it work > with the "exported" DES, et al. :-( Too many other fires under my butt > right now. But I would be delighted to work on cleaning up the code, if > someone else (particularly someone who has worked with the FreeBSD trees and > is familiar with the 4.4 Makefile stuff/etc) is willing to help. I would certainly be interested in any _LEGAL_ diffs you could give me. I do not mind re-creating work if that is what it takes. -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 From owner-freebsd-security Wed Mar 8 11:54:11 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id LAA06281 for security-outgoing; Wed, 8 Mar 1995 11:54:11 -0800 Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.20.4]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id LAA06271; Wed, 8 Mar 1995 11:54:10 -0800 Received: by brasil.moneng.mei.com (4.1/SMI-4.1) id AA13070; Wed, 8 Mar 95 13:51:45 CST From: Joe Greco Message-Id: <9503081951.AA13070@brasil.moneng.mei.com> Subject: Re: key exchange for rlogin/telnet services? To: mark@grondar.za (Mark Murray) Date: Wed, 8 Mar 1995 13:51:45 -0600 (CST) Cc: phk@ref.tfs.com, mark@grondar.za, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com In-Reply-To: <199503080603.IAA13529@grunt.grondar.za> from "Mark Murray" at Mar 8, 95 08:03:13 am X-Mailer: ELM [version 2.4beta PL9] Content-Type: text Content-Length: 2094 Sender: security-owner@FreeBSD.org Precedence: bulk > > Because there wasn't one. > > What are the chances of "sanitising" a diff so I can track you work here? > I have some of the DES stuff available. 46 Harvey Rd, Claremont, Cape Town 7700, South Africa ^^^^^^^^^^^^ Something closely approximating zero, because I do not have a clue as to what is legal and/or allowable, and I don't really have the time to go figure it out. If somebody has a short, clear, and concise definition available of what is legal, I might reconsider. If another US resident would like to deal with this, *by* *all* *means* I would be willing to hand this over to that party. I am simply not interested in potentially violating some rather ugly (but senseless) laws and get tossed in some deep Federal dungeon somewhere.. > > Because of stupid governmental regulations, my offer is only open to folks > > whom I could legally hand a copy of DES to. Since I don't know the legal > > aspects any further than that, I am not interested in pursuing this any > > further than perhaps a cooperative cleanup effort of some sort. I don't have > > the time to try substituting a different type of encryption, making it work > > with the "exported" DES, et al. :-( Too many other fires under my butt > > right now. But I would be delighted to work on cleaning up the code, if > > someone else (particularly someone who has worked with the FreeBSD trees and > > is familiar with the 4.4 Makefile stuff/etc) is willing to help. > > I would certainly be interested in any _LEGAL_ diffs you could give me. I > do not mind re-creating work if that is what it takes. I didn't do anything very rocket-science'y with the DES stuff - basically a lift and switch with the original Kerberos stuff, as my memory has it. There was a lot of playing around to get it to compile up the clients, however, and if someone could clean it up, it could be cool... ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 From owner-freebsd-security Wed Mar 8 12:57:17 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id MAA12619 for security-outgoing; Wed, 8 Mar 1995 12:57:17 -0800 Received: from grunt.grondar.za (grunt.grondar.za [196.7.18.129]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id MAA12581; Wed, 8 Mar 1995 12:57:05 -0800 Received: from localhost (localhost [127.0.0.1]) by grunt.grondar.za (8.6.10/8.6.9) with SMTP id WAA16579; Wed, 8 Mar 1995 22:54:12 +0200 Message-Id: <199503082054.WAA16579@grunt.grondar.za> X-Authentication-Warning: grunt.grondar.za: Host localhost didn't use HELO protocol To: Joe Greco cc: mark@grondar.za (Mark Murray), phk@ref.tfs.com, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? Date: Wed, 08 Mar 1995 22:54:12 +0200 From: Mark Murray Sender: security-owner@FreeBSD.org Precedence: bulk > > > Because there wasn't one. > > > > What are the chances of "sanitising" a diff so I can track you work here? > > I have some of the DES stuff available. > > 46 Harvey Rd, Claremont, Cape Town 7700, South Africa > ^^^^^^^^^^^^ > Something closely approximating zero, because I do not have a clue as to > what is legal and/or allowable, and I don't really have the time to go figure > it out. If somebody has a short, clear, and concise definition available of > what is legal, I might reconsider. If another US resident would like to > deal with this, *by* *all* *means* I would be willing to hand this over to > that party. I am simply not interested in potentially violating some rather > ugly (but senseless) laws and get tossed in some deep Federal dungeon > somewhere.. Hokay. I understand _totally_ your sentiments. This scenario has happenned before (and it is legal too, beleive it or not!) If you have an account in the US, could you make you code available there? I have an account on thud.cdrom.com, which is in Walnut Creek, SF (co- ordinates available on request :-). If you wish, I can work on the code, _in_the_US_, and only bring back that which is legal. If you feel uncomfortable with this, "Andrew Chernov" (sp?) has already done similar acts from the (ex-) Soviet Union with no dis- approval from the world at large (please could anyone shout REAL loud if this is bullshit (I think it is not)). (This (if memory serves me) was to do with the US PGP code). Thanks! Mark -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 From owner-freebsd-security Wed Mar 8 13:12:43 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id NAA14017 for security-outgoing; Wed, 8 Mar 1995 13:12:43 -0800 Received: from brasil.moneng.mei.com (brasil.moneng.mei.com [151.186.20.4]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id NAA14011; Wed, 8 Mar 1995 13:12:40 -0800 Received: by brasil.moneng.mei.com (4.1/SMI-4.1) id AA13357; Wed, 8 Mar 95 15:10:15 CST From: Joe Greco Message-Id: <9503082110.AA13357@brasil.moneng.mei.com> Subject: Re: key exchange for rlogin/telnet services? To: mark@grondar.za (Mark Murray) Date: Wed, 8 Mar 1995 15:10:14 -0600 (CST) Cc: mark@grondar.za, phk@ref.tfs.com, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com In-Reply-To: <199503082054.WAA16579@grunt.grondar.za> from "Mark Murray" at Mar 8, 95 10:54:12 pm X-Mailer: ELM [version 2.4beta PL9] Content-Type: text Content-Length: 2415 Sender: security-owner@FreeBSD.org Precedence: bulk > Hokay. I understand _totally_ your sentiments. Thanks. :-) I just don't particularly care to have the FBI/whoever pounding on my door at 3AM.... I get little enough sleep as it is. > This scenario has happenned before (and it is legal too, beleive it or not!) > If you have an account in the US, could you make you code available there? > I have an account on thud.cdrom.com, which is in Walnut Creek, SF (co- > ordinates available on request :-). If you wish, I can work on the code, > _in_the_US_, and only bring back that which is legal. If you feel > uncomfortable with this, "Andrew Chernov" (sp?) has > already done similar acts from the (ex-) Soviet Union with no dis- > approval from the world at large (please could anyone shout REAL loud if > this is bullshit (I think it is not)). (This (if memory serves me) was to do > with the US PGP code). > > Thanks! > > Mark Actually, given that I have so much to do, there is a point you reach where it no longer matters what you do because you will be hopelessly behind no matter how many things you get done. And I've been there for months. :-) So I guess it is no big suprise that I retrieved a virgin copy of the 2.0-R source tree a little while ago, so that I could write up a set of notes that one might use to reconstruct the magic binaries I've got. I'll let you know over the next few days what I discover. However, I still do not know if it is legitimate to provide such materials to a non-US citizen, particularly since when you are "on" thud or another box, copies of the code are still being transmitted out of the country, and as I really am unclear on all this, I won't have that potentially over my head. If Walnut Creek is clear on the legal issues, I would be more than happy to ask Walnut Creek to issue me an account on one of their development boxes and I will make my code available there, with suitable disclaimers and warnings. If they feel that it is permissible to allow you to access the files, fine! It is then either on your head or theirs, not mine. :-) But I will not give you the code myself. This country is mostly pretty good. But there are some funny laws. Back to hacking, ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 From owner-freebsd-security Wed Mar 8 13:36:15 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id NAA16267 for security-outgoing; Wed, 8 Mar 1995 13:36:15 -0800 Received: from grunt.grondar.za (grunt.grondar.za [196.7.18.129]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id NAA16237; Wed, 8 Mar 1995 13:36:00 -0800 Received: from localhost (localhost [127.0.0.1]) by grunt.grondar.za (8.6.10/8.6.9) with SMTP id XAA16856; Wed, 8 Mar 1995 23:33:23 +0200 Message-Id: <199503082133.XAA16856@grunt.grondar.za> X-Authentication-Warning: grunt.grondar.za: Host localhost didn't use HELO protocol To: Joe Greco cc: mark@grondar.za (Mark Murray), phk@ref.tfs.com, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? Date: Wed, 08 Mar 1995 23:33:23 +0200 From: Mark Murray Sender: security-owner@FreeBSD.org Precedence: bulk > > Hokay. I understand _totally_ your sentiments. > > Thanks. :-) I just don't particularly care to have the FBI/whoever > pounding on my door at 3AM.... I get little enough sleep as it is. Take a look at (or rather remember) CNN about 6 years ago and see what South Africa was like then. Believe me, I understand _stupid_ laws!! > Actually, given that I have so much to do, there is a point you reach where > it no longer matters what you do because you will be hopelessly behind no > matter how many things you get done. And I've been there for months. :-) > > So I guess it is no big suprise that I retrieved a virgin copy of the 2.0-R > source tree a little while ago, so that I could write up a set of notes that > one might use to reconstruct the magic binaries I've got. I'll let you know > over the next few days what I discover. I think that this is the best situation of all. You don't break your laws, I don't break your laws, FBI (F@#$ing Big Indian(!)) does not break down anyones' door. > Walnut Creek is clear on the legal issues, I would be more than happy to ask > Walnut Creek to issue me an account on one of their development boxes and > I will make my code available there, with suitable disclaimers and warnings. > If they feel that it is permissible to allow you to access the files, fine! > It is then either on your head or theirs, not mine. :-) But I will not > give you the code myself. I will consider this a bonus. The notes/logs/whatever you did are COOL! Thanks! > This country is mostly pretty good. But there are some funny laws. Just get rid of the guns. :-) :-) :-) (says a gun owner) Happy hacking!! -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 From owner-freebsd-security Wed Mar 8 15:59:08 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id PAA26827 for security-outgoing; Wed, 8 Mar 1995 15:59:08 -0800 Received: from netmail.austin.ibm.com (netmail.austin.ibm.com [129.35.208.98]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id PAA26821; Wed, 8 Mar 1995 15:59:03 -0800 Received: from ozymandias.austin.ibm.com (ozymandias.austin.ibm.com [9.3.29.12]) by netmail.austin.ibm.com (8.6.10/8.6.10) with SMTP id RAA25449; Wed, 8 Mar 1995 17:57:54 -0600 Received: by ozymandias.austin.ibm.com (AIX 3.2/UCB 5.64/4.03-client-2.6) for mark@grondar.za at austin.ibm.com; id AA10873; Wed, 8 Mar 1995 17:57:48 -0600 From: sjb@austin.ibm.com (Scott Brickner) Message-Id: <9503082357.AA10873@ozymandias.austin.ibm.com> X-Mailer: exmh version 1.5.3 12/28/94 To: Joe Greco Cc: mark@grondar.za (Mark Murray), phk@ref.tfs.com, barry@nacm.com, hackers@freefall.cdrom.com, security@freefall.cdrom.com Subject: Re: key exchange for rlogin/telnet services? In-Reply-To: (Your message of Wed, 08 Mar 95 15:10:14 CST.) <9503082110.AA13357@brasil.moneng.mei.com> Mime-Version: 1.0 Content-Type: application/pgp ; format=mime ; x-action=signclear Date: Wed, 08 Mar 95 17:57:47 -0600 Sender: security-owner@FreeBSD.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- Content-Type: text/plain; charset="us-ascii" > However, I still do not know if it is legitimate to provide such materials > to a non-US citizen, particularly since when you are "on" thud or another box, > copies of the code are still being transmitted out of the country, and as > I really am unclear on all this, I won't have that potentially over my head. If > Walnut Creek is clear on the legal issues, I would be more than happy to ask > Walnut Creek to issue me an account on one of their development boxes and > I will make my code available there, with suitable disclaimers and warnings. > If they feel that it is permissible to allow you to access the files, fine! > It is then either on your head or theirs, not mine. :-) But I will not > give you the code myself. I'm not a lawyer, so you can't blame me if I'm wrong, but I've been following the issues on the crypto export stuff fairly closely recently. As I understand the situation with Phil Zimmerman (the original author of PGP), the feds are after him even though he didn't do the exporting himself. He gave the code to another US person who did the posting. One story says this other party asked permission to poast the code, and another says they got the permission after the fact. But the customs people are still after Phil. Please be careful. The specific regulation has to do with the export of cryptographic material. If you described the changes necessary to the international version of the telnet code to someone outside the US, without including any of the crypto code in your messages I should think you'd be OK. You'd be divulging information in the pretty much the same manner in which Rivest et al. published their RSA information --- all perfectly legal. The folks on the other side can take the international secure code and use it in combination with your information. They'll have developed the secure telnet programs independently. I also recently heard that the top guy in the Canadian heirarchy with regard to import/export regulation enforcement said that he didn't consider it illegal to export cryptographic engines implementing internationally published algorithms. Since the ITAR (which is the US reg preventing crypto export) doesn't apply to export through Canada. I wouldn't trust this, though, as much of the information is second and third hand. - --------- Scott Brickner "The fox knows many things, but the badger knows one big thing." PGP key fingerprint = 34 56 09 D3 2C 58 15 4A 7B A5 E7 4C A0 73 6D 51 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL15EdywYUwVEZqgBAQHWdAQAoz8LRH7gLPAkvInUL2gl+x+nI69aQA/+ ZGlDh4kc9o4EO9Gm2JgIfOu3SXTT9ejy1Mr5NYD6MYDvaysfvb+vJWbMVCWaNp29 egt3i9aPVyDxV735hw49fBjYfgRTfKAu7lSsSxRlnIXsuAS5JfqxKBK+xTS9hnB7 m916aDez/pw= =dar7 -----END PGP SIGNATURE----- From owner-freebsd-security Thu Mar 9 10:54:08 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id KAA18645 for security-outgoing; Thu, 9 Mar 1995 10:54:08 -0800 Received: from ensta.ensta.fr (ensta.ensta.fr [147.250.1.1]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id KAA18557; Thu, 9 Mar 1995 10:51:09 -0800 Received: from itesec.hsc-sec.fr (itesec.hsc-sec.fr [192.70.106.33]) by ensta.ensta.fr (8.6.4/8.6.4) with SMTP id TAA18298; Thu, 9 Mar 1995 19:49:53 +0100 Received: from sidhe.hsc-sec.fr by itesec.hsc-sec.fr (5.65d8/IDA-1.5f) via HSCnet with SMTP id AA07139; Thu, 9 Mar 1995 19:51:08 +0100 Received: (from roberto@localhost) by sidhe.hsc-sec.fr (8.6.10/sidhe-1.2) id TAA01569; Thu, 9 Mar 1995 19:49:49 +0100 From: "Ollivier Robert" Message-Id: <9503091949.ZM1567@sidhe.hsc-sec.fr> Date: Thu, 9 Mar 1995 19:49:48 +0100 X-Operating-System: FreeBSD 2.1.0-Development X-Mailer: Z-Mail (3.2.0 06sep94) To: "FreeBSD's security list" Cc: "FreeBSD's hackers list" Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: security-owner@FreeBSD.org Precedence: bulk Sendmail 8.6.11 is out. The patch is in my directory on freefall (if you can't get to Berkeley). -- Ollivier ROBERT -=-=- Hervé Schauer Consultants -=-=- roberto@hsc.fr.net -=-=-=-=-=- Support The Free UNIX Systems ! FreeBSD Linux NetBSD -=-=-=-=-=-