Date: Thu, 19 Feb 2004 17:46:23 +0100 From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: Oliver Eikemeier <eik@FreeBSD.org> Cc: ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <xzpllmzuie8.fsf@dwp.des.no> In-Reply-To: <200402190211.i1J2B17h086522@repoman.freebsd.org> (Oliver Eikemeier's message of "Wed, 18 Feb 2004 18:11:01 -0800 (PST)") References: <200402190211.i1J2B17h086522@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Oliver Eikemeier <eik@FreeBSD.org> writes: > Log: > XFree86-Server-4.3.0_14 is the fixed version Thanks. I should point out though I have personally verified that the exploit in the advisory does not work against 4.3.0_13 nor 4.3.99.15_1. The only practical difference I noticed between the first and second version of the patch was better error reporting. Still, there might be other ways to exploit the bugs that were fixed in the final patch. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpllmzuie8.fsf>