Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Sep 2002 10:56:44 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        Karl Friesen <krf@splip.com>
Cc:        ports@freebsd.org
Subject:   Re: compat3x-i386-4.4.20011227
Message-ID:  <20020919175644.GA72585@xor.obsecurity.org>
In-Reply-To: <5.1.0.14.1.20020918223219.02f33148@cutlass.cyclonus.com>
References:  <5.1.0.14.1.20020918223219.02f33148@cutlass.cyclonus.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--a8Wt8u1KmwUX3Y2C
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Sep 18, 2002 at 10:36:43PM -0500, Karl Friesen wrote:
> This library has been marked as FORBIDDEN because of a resolver buffer=20
> overflow in libc. However, it is a required component for=20
> apache13-fp.  What is the chance  of getting the buffer overflow fixed an=
d=20
> a new version out?  I know that FreeBSD-STABLE has been frozen until the=
=20
> new release, but my client will be asking when they can expect their FP=
=20
> capable server..

The vulnerability was fixed in the 3.x sources, so someone needs to
just update the port.

Kris

--a8Wt8u1KmwUX3Y2C
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE9ig/bWry0BWjoQKURAuRtAJ4xbBI8wH7zZY1VuDFeV/8fNxag+ACg8kgG
m9nzbak76449VEr7BqtY8wo=
=+u/N
-----END PGP SIGNATURE-----

--a8Wt8u1KmwUX3Y2C--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020919175644.GA72585>