Displaying 20 results from an estimated 5000 matches similar to: "New FreeBSD Security Officer"
2004 Feb 04
3
FreeBSD Security Advisory FreeBSD-SA-04:01.mksnap_ffs
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-04:01.mksnap_ffs Security Advisory
The FreeBSD Project
Topic: mksnap_ffs clears file system options
Category: core
Module: mksnap_ffs
Announced:
2006 Jul 05
1
HEADS UP: Krb5-1.5
There is an issue with the new Kerberos 1.5. It does not currently support
building static libraries. I'm willing to leave the port at 1.4.3 until MIT
fixes the static library build. OTOH, if folks want 1.5, without static
library support, the 1.5 port is ready to commit. I may update the port to
build 1.5 if static libraries are not wanted and build 1.4.3 if they are
wanted. Static
2004 Mar 03
2
tripwire port broken?
Dear list!
I've tried to compile
tripwire-2.3.1-2 port on
my 5.2 release. Two diffe-
rent tarballs have failed
with message, that port
was broken, all in one
sentence. No any details.
Well! Makefile has so-
mething like:
.if ${OSVERSION} >= 500000
BROKEN= "Fails to build inder 5.X"
.endif
One more:
USE_GMAKE= yes
Has someone compiled
it successfully? Is it
for a good
2005 Jan 10
1
update for 4.11 Security Officer-supported branches
Hello...
In regards to http://www.freebsd.org/security/ , from what I understand
the FreeBSD 4.x branch is generally winding down in favor of the 5.x/6.x
branches. It would be nice to know ahead of time if 4.11 will also be
an extended release, or if that would fall to 4.12. For those of
running 4.8 (expiring about the same time as 4.11 is released) we would
be in a better position to know
2004 Apr 07
5
Changing `security@freebsd.org' alias
Hello Folks,
The official email address for this list is
`freebsd-security@freebsd.org'. Due to convention, there is an email
alias for this list: security@freebsd.org, just as there is for
hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on.
The security@freebsd.org alias has been the source of occassional
problems. Several times in the past, postings have been made to
2003 Sep 16
9
OpenSSH heads-up
OK, an official OpenSSH advisory was released, see here:
<URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html >
The fix is currently in FreeBSD -CURRENT and -STABLE. It will be
applied to the security branches as well today. Attached are patches:
buffer46.patch -- For FreeBSD 4.6-RELEASE and later
buffer45.patch -- For FreeBSD 4.5-RELEASE and
2004 Nov 10
2
Is there any way to know if userland is patched?
Dear folks,
I'm recently investigating large scale deployment and upgrading FreeBSD
RELEASE. It's our tradition to bump "RELEASE-pN" after a security patch
is applied, however, it seems that there is less method to determine
whether the userland is patched, which is somewhat important for large
site managements.
So is "uname -sr" the only way to differencate the
2003 Sep 23
3
OpenSSH: multiple vulnerabilities in the new PAM code
This affects only 3.7p1 and 3.7.1p1. The advice to leave
PAM disabled is far from heartening, nor is the semi-lame
blaming the PAM spec for implementation bugs.
I happen to like OPIE for remote access.
Subject: Portable OpenSSH Security Advisory: sshpam.adv
This document can be found at: http://www.openssh.com/txt/sshpam.adv
1. Versions affected:
Portable OpenSSH versions 3.7p1
2003 Nov 28
2
Kerberized applications in FreeBSD 5.x
In FreeBSD 5.x only telnet/telnetd works 'out of box' with kerberos.
Why ftp/ftpd, ssh/sshd and cvs do not support kerberos ?
Thanks!
2003 Mar 31
8
what was that?
What does mean this bizarre msgid?
maillog:
Mar 31 19:31:15 cu sm-mta[5352]: h2VFVEGS005352: from=<nb@sindbad.ru>,
size=1737, class=0, nrcpts=1,
msgid=<!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAfp4Fa2ShPE2u4pP/QpPDIMKAAAAQAAAAj+zb4Isbuk+tYEPVF9Vf,
proto=ESMTP, daemon=MTA, relay=wg.pu.ru [193.124.85.219]
--
Nikolaj I. Potanin, SA http://www.drweb.ru
ID
2003 Aug 06
2
Checking realpath file up to date
On the advisory about the realpath problem it says that it was corrected:
RELENG_4_8
src/UPDATING 1.73.2.80.2.3
src/lib/libc/stdlib/realpath.c 1.9.14.1
src/sys/conf/newvers.sh 1.44.2.29.2.2
I ran cvsup and when I look at my src/lib/libc/stdlib/realpath.c I see
2004 Aug 17
1
remotely exploitable vulnerability in lukemftpd / tnftpd
Hi Everyone,
http://vuxml.freebsd.org/c4b025bb-f05d-11d8-9837-000c41e2cdad.html
A critical vulnerability was found in lukemftpd, which shipped with some
FreeBSD versions (4.7 and later). However, with the exception of
FreeBSD 4.7, lukemftpd was not built and installed by default. So,
unless you are running FreeBSD 4.7-RELEASE or specified WANT_LUKEMFTP
when building FreeBSD from source, you
2004 Mar 29
1
cvs commit: ports/multimedia/xine Makefile
Jacques A. Vidrine wrote:
> On Mon, Mar 29, 2004 at 08:14:29PM +0200, Oliver Eikemeier wrote:
>
>>Jacques A. Vidrine wrote:
>>
>>>On Sun, Mar 28, 2004 at 03:44:06PM -0800, Oliver Eikemeier wrote:
>>>
>>>>eik 2004/03/28 15:44:06 PST
>>>>
>>>>FreeBSD ports repository
>>>>
>>>>Modified files:
2004 Feb 29
5
mbuf vulnerability
In
http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903
it seems RELENG_4 is vulnerable. Is there any work around to a system that
has to have ports open ?
Version: 1 2/18/2004@03:47:29 GMT
>Initial report
>
<<https://ialert.idefense.com/KODetails.jhtml?irId=207650>https://ialert.idefense.com/KODetails.jhtml?irId=207650;
>ID#207650:
>FreeBSD Memory Buffer
2003 Oct 02
3
HEADS UP: upcoming security advisories
Hello Folks,
Just a status on upcoming advisories.
FreeBSD-SA-03:15.openssh
This is in final review and should be released today. Fixes
for this issue entered the tree on September 24. I apologize
for the delay in getting this one out.
FreeBSD-SA-03:16.filedesc
A reference counting bug was discovered that could lead to
kernel memory disclosure or a system panic.
2004 Feb 26
3
Environment Poisoning and login -p
There's been an ongoing discussion (started by
Colin Percival's recent work on nologin) about
environment-poisoning attacks via "login -p".
I thought I saw a way to address this, but the more I learn,
the uglier this looks. Maybe some of the good folks who read
freebsd-security can puzzle this one out:
Problem: login -p can be used to propagate environment flags
in order to
2004 Mar 16
3
portaudit
Any reason why portaudit and its associated infrastructure was not announced to
this list or security-notifications? I recently discovered it, and discovered
the feature was added to bsd.port.mk in the beginning of feburary. Seeing as
the security officer apparently (without announcement) no longer issues
security notices (SNs) for ports, I am assuming that portaudit has replaced
SNs entirely,
2003 Sep 30
1
OpenSSL heads-up
Hello Everyone,
You may have seen the recent announcement regarding new OpenSSL
vulnerabilities. <URL: http://www.openssl.org/news/secadv_20030930.txt >
Just thought I'd drop a line to head off the usual questions. :-)
Don't panic. The vulnerability is denial-of-service.
OpenSSL 0.9.7c will be imported into -CURRENT and -STABLE over the
next couple of days, and included
2004 May 03
1
Bad VuXML check on PNG port ?
Hello,
The current png-1.2.5_4 port has no more vulnerability.
It has been corrected by ache@FreeBSD.org yesterday.
But when i try to install the updated port to remplace
the vulnerable one this is what i am told :
# make install
===> png-1.2.5_4 has known vulnerabilities:
>> libpng denial-of-service.
Reference:
2003 Aug 11
1
Kernel build fails (RELENG_4_5)
Hi Jacques, list,
On Mon, Aug 11, 2003 at 09:09:18AM +0100, Bruce M Simpson wrote:
> cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -g -nostdinc -I- -I. -I/usr/src/sys -I/usr/src/sys/../include -I/usr/src/sys/contrib/ipfilter -D_KERNEL -include opt_global.h -elf