search for: frontfree

...ure of a security or errata branch, we can expect that no API/ABI changes will occour and it should be safe to do make installworld/installkernel in any order, and bumping patchlevel does not mean that a reboot must be done. Please correct me if I was wrong, thanks. Cheers, -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/fre...

...hack to work around this issue might be to modify the individual bind procedures to treat prison case with loopback address, but I'm not sure if a true solution can solve the issue with minimum code change and code complexity. Your ideas are highly appreciated! Cheers, -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/fre...

...e systemwide crontab (a.k.a. /etc/crontab) to be readable by the superuser only. The attached patch will bring this to FreeBSD by moving crontab out from BIN1 group and install it along with master.passwd. This change should not affect the current cron(1) behavior. Cheers, -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. -------------- next part -------------- Index: Makefile =================================================================== RCS file: /home/fcvs/src/etc/Makefile,v retrieving revision 1.327 diff -u -r1.327 Make...

...only critical ones are marked FORBIDDEN) is true, then what's our criteria of what should be marked FORBIDDEN or not? Say, how serious a bug should be before a port is marked FORBIDDEN? Someone who knows about these things please clarify this. Thanks in advance! Cheers, -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/fre...

Hi, Just want to ask about the status of this:- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002 >From list archives I gather the fix is still under refinement (but committed (and removed?) in HEAD and RELENG_5_2). One paranoid little shop is running a public web server on RELENG_4_9, and contemplating this patch:-

...l itojun has clairfied the commit in a mail sent to tech-userlevel list of NetBSD: http://mail-index.netbsd.org/tech-userlevel/2003/12/10/0003.html Will this affect FreeBSD's version 1.11.5 cvs, too? If so, is it possible to import the 1.11.10 before 5.2-RELEASE is released? Thanks! Xin LI Frontfree Technology Network

Hello! Port security/portaudit reports the following problem: Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.htm l> Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf I have 2 related questions: 1)

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

Hi folks, I think we need to update compat5x binary to fix FreeBSD-SA-05:21.openssl, but will the binaries built by ``make universe'' be identical with actual build on Alpha, Sparc64, etc? (Yes, I'm volunteering to do the work iff they are identical ;-) Cheers, -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/fre...

Aloha! (I've Googled around a bit, but failed to find much previous posts about this though I'm sure it has been discussed...) Have anybody (in core etc) considered adding a sudo implementation to thr FreeBSD base system. At least for me, sudo is an important part of implementing good security policy in FreeBSD. Yes, it is available as a port, but in a similar fashion of for example,

...rt of), causing every "make buildworld" with some symbol defined to cover upgrades of them, but also permitting portaudit to check vulnerabilities on these packages. Of course this scheme would be complex to implement, so just my 0.02 RMB :-) Cheers, - -- Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. * Unknown Key * 0x1159888A -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.1 (Build 2185) iQEVAwUBQt/Xx6KXvLS903/FAQrQ0Qf/UP7nPTtgba6bgHn1VJPDjCkMRet0VgL8 CQV+W7JyXrI2Zz5VB7zL0SqJDMGJ+ipTyPkAKTzQk+/0...

Hello everyone, With the computers equipped with TPM chip popularizing, many OS begin to support it. And Linux and Vista are some of then. I want to know whether the FreeBSD Project has a plan to support it and some related technology. Can anyone answer me? Ye Zhang (A Developer of Trusted Computing Application) Thursday, August 24, 2006

Greetings, Peter and the Security Officers team, There is a minor security vulnerability in cvs prior 1.11.10, as described in CAN-2003-0977: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0977 On December 10th, 2003, itojun has imported cvs 1.11.10 into NetBSD, as the follows: http://mail-index.netbsd.org/source-changes/2003/12/10/0025.html