Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 17 Aug 2003 13:01:14 +0200
From:      Alexander Leidinger <Alexander@Leidinger.net>
To:        audit@freebsd.org
Cc:        chris@aims.com.au
Subject:   SecFix for databases/firebird, please review
Message-ID:  <20030817130114.2bfb3cf1.Alexander@Leidinger.net>

next in thread | raw e-mail | index | archive | help
Hi,

at http://www.leidinger.net/FreeBSD/firebird-1.0.2-secfix.tar.bz2 I've
some patches for the databases/firebird port (see
http://packetstormsecurity.nl/0305-exploits/dsr-adv001.txt for the local
stack overflow possibility).

As I want to commit it to the port before Kris decides to remove it
because it is marked FORBIDDEN since a long time, it would be nice if as
much people as possible review the patches.

Chris, it would be nice if you at least can convince the developers to
review the patches too. And please test the patches, I've just verified
that firebird compiles on 5-current (it needs one additional patch (in
#ifdef'ed out code) to compile with gcc 3.3).

Bye,
Alexander.

-- 
              To boldly go where I surely don't belong.

http://www.Leidinger.net                       Alexander @ Leidinger.net
  GPG fingerprint = C518 BC70 E67F 143F BE91  3365 79E2 9C60 B006 3FE7



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030817130114.2bfb3cf1.Alexander>