From owner-freebsd-security  Tue Dec 14 14:28:14 1999
Delivered-To: freebsd-security@freebsd.org
Received: from ns.Myable.COM (ns.myable.com [208.48.119.194])
	by hub.freebsd.org (Postfix) with ESMTP
	id 72A4D15098; Tue, 14 Dec 1999 14:28:11 -0800 (PST)
	(envelope-from beej@myable.com)
Received: from KGB (dmz-gateway.myable.com [208.48.119.193])
	by ns.Myable.COM (8.9.3/8.9.3) with ESMTP id OAA65263;
	Tue, 14 Dec 1999 14:27:59 -0800 (PST)
	(envelope-from beej@myable.com)
Message-Id: <4.2.2.19991214112940.01c3d5b8@mail.myable.com>
X-Sender: beej@mail.myable.com
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 
Date: Tue, 14 Dec 1999 11:39:23 -0800
To: freebsd-security@freebsd.org
From: Marc Bejarano <beej@myable.com>
Subject: CERT released RSAREF bulletin
Cc: ache@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

CERT released their bulletin on the RSAREF2 buffer overflow vulnerability.

see http://www.cert.org/advisories/CA-99-15-RSAREF2.html

there seem to be a few different patches for the rsaref library floating 
around.  this advisory has links to what appear to be the latest iterations.

i guess the rsaref port needs updating?

marc



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message