From owner-freebsd-announce Sun Sep 5 16:49: 9 1999 Delivered-To: freebsd-announce@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id BE9EF14CA2 for ; Sun, 5 Sep 1999 16:49:00 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) Received: from localhost (jkh@localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id QAA95625 for ; Sun, 5 Sep 1999 16:48:21 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) To: announce@freebsd.org Subject: CompUSA now selling FreeBSD "Powerpak" at very low price. Date: Sun, 05 Sep 1999 16:48:21 -0700 Message-ID: <95621.936575301@localhost> From: "Jordan K. Hubbard" Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm not sure if this is confined to just the CompUSAs here in the San Francisco Bay Area, but I recently saw the Powerpak (latest edition of The Complete FreeBSD, the 6 CD FreeBSD toolkit and the 4 CD FreeBSD 3.2 CD) for what looks to be an introductory price of $49.95. I have no idea how they're managing to sell it that cheaply myself, but take advantage of this while it lasts! I seriously doubt that this is more than an introductory offer and I'd expect future editions of the Powerpak to go for more than this since their focus more recently seems to be to try and sell things with a higher margin than SUSE's $19.95 product, etc. (shelf space is an expensive commodity in the retail trade). Anyway, just FYI. If people see it in other non-Calfornia CompUSAs for the $49.95 price, I'd also appreciate knowing about it so I can find out just how widely this offer is being made! Thanks! - Jordan This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Mon Sep 6 17:24:12 1999 Delivered-To: freebsd-announce@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id 68CC4152CA for ; Mon, 6 Sep 1999 17:24:03 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) Received: from localhost (jkh@localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id RAA75722 for ; Mon, 6 Sep 1999 17:21:12 -0700 (PDT) (envelope-from jkh@zippy.cdrom.com) To: announce@freebsd.org Subject: 3.3-19990905-RC (release candidate) now on ftp.freebsd.org! Date: Mon, 06 Sep 1999 17:21:11 -0700 Message-ID: <75717.936663671@localhost> From: "Jordan K. Hubbard" Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org As the subject says, the 3.3 release candidate build is now up on ftp.freebsd.org for testing. This is NOT the full 3.3-RELEASE, of course, this is the release *candidate* and is subject to change at any time if and as people discover problems with it. If it changes then you'll know, of course, since the date will change, but this is really all I plan on releasing on ftp.freebsd.org until 3.3-RELEASE unless people really find something really egregious with the candidate. For daily snapshots of the 3.3-RC branch, there's still ftp://releng3.freebsd.org if people are interested in getting each and every fix to the branch on a day to day basis. I've also gone a bit further than usual with this release in that I'm making ISO images for the first 2 CDs available in: ftp://ftp.freebsd.org/pub/FreeBSD/3.3-19990905-RC/ISO-IMAGES Please test these as well (if you have the bandwidth and a burner) since we'll then get to see if there are any CDROM-specific installation problems in advance for a change. I would prefer not to repeat the 3.2 fixit CD fiasco! :-) CDs 3 and 4 contain only packages and aren't really worth the bandwidth to upload them so I'll just test those here. We have 10 full days of testing left, so let's try and make 3.3-RELEASE the best one yet! Any problem reports directly to me please, thanks! - Jordan This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message From owner-freebsd-announce Tue Sep 7 9:22:44 1999 Delivered-To: freebsd-announce@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 316FD15634; Tue, 7 Sep 1999 09:22:23 -0700 (PDT) (envelope-from security-officer@freebsd.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id KAA40749; Tue, 7 Sep 1999 10:20:53 -0600 (MDT) (envelope-from security-officer@freebsd.org) Received: (from root@localhost) by harmony.village.org (8.9.3/8.8.3) id KAA13314; Tue, 7 Sep 1999 10:20:19 -0600 (MDT) Date: Tue, 7 Sep 1999 10:20:19 -0600 (MDT) Message-Id: <199909071620.KAA13314@harmony.village.org> From: FreeBSD Security Officer To: security-officer@freebsd.org Subject: FreeBSD Security Advisory: FreeBSD-SA-99:03.ftpd Reply-To: security-officer@freebsd.org Sender: owner-freebsd-announce@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:03 Security Advisory FreeBSD, Inc. Topic: Two ftp daemons in ports vulnerable to attack. Category: ports Module: wu-ftpd and proftpd Announced: 1999-09-05 Affects: FreeBSD 3.2 (and earlier) FreeBSD-current before the correction date. Corrected: FreeBSD-3.3 RELEASE FreeBSD-current as of 1999/08/30 FreeBSD only: NO Patches: NONE I. Background wuftpd and proftpd have a flaw which can lead to a remote root compromise. They are both vulnerable since they are both based on a code base that is vulnerable. II. Problem Description Remote users can gain root via a buffer overflow. III. Impact Remote users can gain root. IV. Workaround Disable the ftp daemon until you can upgrade your system. V. Solution Upgrade your wu-ftpd or proftpd ports to the most recent versions (any version after August 30, 1999 is not impacted by this problem). If you are running non-port versions, you should verify that your version is not vulnerable or upgrade to using the ports version of these programs. ============================================================================= FreeBSD, Inc. Web Site: http://www.freebsd.org/ Confidential contacts: security-officer@freebsd.org Security notifications: security-notifications@freebsd.org Security public discussion: freebsd-security@freebsd.org PGP Key: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc Notice: Any patches in this document may not apply cleanly due to modifications caused by digital signature or mailer software. Please reference the URL listed at the top of this document for original copies of all patches if necessary. ============================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBN9MsfFUuHi5z0oilAQHKYQP/SGjOSQ8Ph8VqLtpStVOl6L0ocoYKv59R B6ow00bchILYV7qlsIGFhwMITZxZH0aGd0EAxwfFKwfvu36zSzAvu1rGrFCjT5Xd zefzAQUgj1/rWm3Jp1DxMd2BKCJrvTCOjKngIbbA2tH3AZ9xHiwefpqtIHVPikmy XR9gpyqCj/E= =dyHS -----END PGP SIGNATURE----- This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message