From owner-freebsd-security@FreeBSD.ORG  Tue Sep  8 21:25:21 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 44BCF106566B
	for <freebsd-security@freebsd.org>;
	Tue,  8 Sep 2009 21:25:21 +0000 (UTC) (envelope-from ohauer@gmx.de)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mx1.freebsd.org (Postfix) with SMTP id 8E7BF8FC18
	for <freebsd-security@freebsd.org>;
	Tue,  8 Sep 2009 21:25:20 +0000 (UTC)
Received: (qmail invoked by alias); 08 Sep 2009 20:58:38 -0000
Received: from u18-124.dsl.vianetworks.de (EHLO u18-124.dsl.vianetworks.de)
	[194.231.39.124]
	by mail.gmx.net (mp039) with SMTP; 08 Sep 2009 22:58:38 +0200
X-Authenticated: #1956535
X-Provags-ID: V01U2FsdGVkX198Mitq9VF8VooAj1EiqwXcuAJGQ49E3sCk58Pc4y
	Uny+zaRNhl4r5Q
Received: by u18-124.dsl.vianetworks.de (Postfix, from userid 1100)
	id 4560226145; Tue,  8 Sep 2009 22:58:33 +0200 (CEST)
Date: Tue, 8 Sep 2009 22:58:32 +0200
From: olli hauer <ohauer@gmx.de>
To: astorms@ncircle.com, freebsd-security@freebsd.org
Message-ID: <20090908205832.GA8174@sorry.mine.nu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Errors-To: ohauer@gmx.de (olli hauer)
X-Header0: **** ohauer at sorry ****
X-Header1: **    sorry   **
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Y-GMX-Trusted: 0
X-FuHaFi: 0.67
Cc: 
Subject: RE: CVE-2008-4609
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: olli hauer <ohauer@gmx.de>
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2009 21:25:21 -0000

> Now that the details are out - MS and Cisco patched today.
> I went looking back into the FreeBSD security announcements and don't
> seem
> to be able to find any references for a patch.
> Did FreeBSD already patch or discuss this bug and I missed it?
> 
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4609
> 
> Thanks
> 
> -_S

According the more complete list at
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4609
the latest rel. (FreeBSD 6.4/7.2, OpenBSD 4.4+)  are not a affected.

It seems if you run the latest versions of Free/OpenBSD you are fine.

olli