From: Matthew Dillon (dillonapollo.backplane.com)
Date: Tue Sep 16 2003 - 11:32:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

:
:On Tue, Sep 16, 2003 at 06:05:43PM +0200, Udo Schweigert wrote:
:> On Tue, Sep 16, 2003 at 08:43:47 -0500, Jacques A. Vidrine wrote:
:> > OK, an official OpenSSH advisory was released, see here:
:> > <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html >
:> >
:> > The fix is currently in FreeBSD -CURRENT and -STABLE. It will be
:> > applied to the security branches as well today. Attached are patches:
:> >
:> > buffer46.patch -- For FreeBSD 4.6-RELEASE and later
:> > buffer45.patch -- For FreeBSD 4.5-RELEASE and earlier
:> >
:>
:> And what about the port /usr/ports/security/openssh-portable? It should - at
:> least - be fixed for the 4.9-RELEASE.
:
:Ports fixed about 3 hours 27 minutes ago :-)
:
:Cheers,
:--
:Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
:nectarcelabo.org . jvidrineverio.net . nectarfreebsd.org . nectarkth.se
:_______________________________________________
:freebsd-securityfreebsd.org mailing list
:http://lists.freebsd.org/mailman/listinfo/freebsd-security
:To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"

    I've been staring at the patch for 30 minutes and I can't figure
    out what it is supposed to fix. Is there some other thread or
    signal or something that might access the buffer while it's length
    is in an indeterminant state? The code doesn't seem to be structured
    for that case.

                                        -Matt
                                        Matthew Dillon
                                        <dillonbackplane.com>
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]