From owner-freebsd-security@FreeBSD.ORG  Thu Jul  1 13:29:31 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 88E7F16A4CE
	for <freebsd-security@freebsd.org>;
	Thu,  1 Jul 2004 13:29:31 +0000 (GMT)
Received: from mail.ki.iif.hu (mignon.ki.iif.hu [193.6.222.240])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4E72F43D45
	for <freebsd-security@freebsd.org>;
	Thu,  1 Jul 2004 13:29:31 +0000 (GMT)	(envelope-from mohacsi@niif.hu)
Received: from localhost (localhost [127.0.0.1])
	by mail.ki.iif.hu (Postfix) with ESMTP id 3E634554A
	for <freebsd-security@freebsd.org>;
	Thu,  1 Jul 2004 15:28:44 +0200 (CEST)
Received: from mail.ki.iif.hu ([127.0.0.1])
 by localhost (mignon.ki.iif.hu [127.0.0.1]) (amavisd-new, port 10024)
 with LMTP id 91719-04-14 for <freebsd-security@freebsd.org>;
 Thu,  1 Jul 2004 15:28:41 +0200 (CEST)
Received: by mail.ki.iif.hu (Postfix, from userid 1003)
	id C51635547; Thu,  1 Jul 2004 15:28:41 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
	by mail.ki.iif.hu (Postfix) with ESMTP id AA7FE5542
	for <freebsd-security@freebsd.org>;
	Thu,  1 Jul 2004 15:28:41 +0200 (CEST)
Date: Thu, 1 Jul 2004 15:28:41 +0200 (CEST)
From: Mohacsi Janos <mohacsi@niif.hu>
X-X-Sender: mohacsi@mignon.ki.iif.hu
To: freebsd-security@freebsd.org
Message-ID: <20040701150125.S78298@mignon.ki.iif.hu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Virus-Scanned: by amavisd-new at mail.ki.iif.hu
Subject: Two possible vulnerabilities?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jul 2004 13:29:31 -0000

Dear all,
  	Browsing through the securityfocus vulnerability database I found 
two items, that might interesting for the FreeBSD community:
1. GNU GNATS Syslog() Format String Vulnerability
http://www.securityfocus.com/bid/10609

GNATS is vital part of the PR handling of FreeBSD. I think security 
officers should contact developers of GNU GNATS about this issue to resolve 
the potential problem.

2. gzip: Insecure creation of temporary files
http://www.securityfocus.com/bid/10603
In reality this affects only znew and gzexe only gzip version prior 
1.3.3-r4

I am not quite sure about the whether this vulnerability exist in the 
current gzip 1.2.4, that is used in FreeBSD. According to the gzip page: 
http://www.gzip.org - new official version will be posted soon....

Are there any plan to go forward gzip 1.3 ?

Best Regards,

Janos Mohacsi
Network Engineer, Research Associate
NIIF/HUNGARNET, HUNGARY
Key 00F9AF98: 8645 1312 D249 471B DBAE  21A2 9F52 0D1F 00F9 AF98