|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Adrian Portelli (adrianp
stindustries.net)
Date: Sun Apr 06 2008 - 17:01:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Simon L. Nielsen wrote:
> On 2008.04.06 12:47:11 -0700, stheg olloydson wrote:
>
>> According to the information at mitre.org, both 6.x and 7.0 are
>> vulnerable. I see in NetBSD's CVS log for
>> src/lib/libc/stdlib/strfmon.c, they have patched this on March
>> 27.
>
> Note that the change in NetBSD is possibly incomplete to fix the
> issue. I'm not sure what the final conclusion was on that.
>
The final conclusion was a subsequent commit on the 27th:
http://archive.netbsd.se/?ml=netbsd-source-changes&a=2008-03&m=6750722
http://archive.netbsd.se/?ml=netbsd-source-changes&a=2008-03&m=6846592
We're still in the process of getting the changes pulled up.
adrian.
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]