Date: Thu, 28 Sep 2000 10:35:42 -0400 From: Dan Moschuk <dan@FreeBSD.org> To: Kris Kennaway <kris@FreeBSD.org> Cc: audit@FreeBSD.org Subject: Re: tcpdump security vulnerabilities Message-ID: <20000928103542.A38089@spirit.jaded.net> In-Reply-To: <Pine.BSF.4.21.0009272116480.31282-100000@freefall.freebsd.org>; from kris@FreeBSD.org on Wed, Sep 27, 2000 at 09:24:10PM -0700 References: <Pine.BSF.4.21.0009272116480.31282-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
| Hi,
|
| I happened to be taking a look through the tcpdump 3.5 source tonight and
[ snip ]
| Please review this patch - if this is acceptable to the tcpdump guys, I'll
| commit it to FreeBSD and release an advisory shortly thereafter.
The patch seems fairly harmless, but remember that tcpdump is contrib
code and the patch should go the maintainers first. To increase the chance
of them accepting it, you may want to roll your own snprintf() routine for
the few remaining OSs that don't have it, or hint that they should do it
if they want their code to compile on older versions of Solaris. :)
Cheers!
-Dan
--
Man is a rational animal who always loses his temper when he is called
upon to act in accordance with the dictates of reason.
-- Oscar Wilde
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000928103542.A38089>