similar to: Security Officer-supported branches update

Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below (and should appear at <URL: http://www.freebsd.org/security/ > soon). FreeBSD 4.7 has `expired', but I have extended the EoL date for FreeBSD 5.1. If you are running FreeBSD 4.7 or older and you wish to be certain to get critical

Hello Everyone! It has been my pleasure and privilege to serve as the FreeBSD Security Officer for the past 3+ years. With the crucial support of the FreeBSD Security Team members, a lot has been accomplished: hundreds of security issues have been researched and tracked, with some resulting in security advisories and patches; software in the Ports Collection are updated more quickly

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:12.jailroute Security Advisory The FreeBSD Project Topic: Jailed processes can manipulate host routing tables Category: core Module: kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://security.freebsd.org/ >. FreeBSD 5.3 and FreeBSD 5.4 have `expired' and are no longer supported effective November 1, 2006. The end-of-life date for FreeBSD 6.0 has

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://security.freebsd.org/ >. FreeBSD 5.3 and FreeBSD 5.4 have `expired' and are no longer supported effective November 1, 2006. The end-of-life date for FreeBSD 6.0 has

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://www.freebsd.org/security/ >. FreeBSD 4.10 has `expired' and is no longer supported effective June 1, 2006. Also note that FreeBSD 5.3 and FreeBSD 5.4 will cease to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://www.freebsd.org/security/ >. FreeBSD 4.10 has `expired' and is no longer supported effective June 1, 2006. Also note that FreeBSD 5.3 and FreeBSD 5.4 will cease to

CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:10.cvs Security Advisory The FreeBSD Project Topic: CVS pserver protocol parser errors Category: contrib Module: contrib_cvs Announced:

Take the usual precautions when upgrading. Also note that I have changed some configuration defaults: the server no longer accepts protocol version 1 nor password authentication by default. If your ssh client does not support ssh protocol version 2 or keyboard-interactive authentication, the recommended measures are: 1) get a better client 2) get a better client (I mean it) 3) get a better

Hi Folks, I have extended the lifetime of the RELENG_4_8 security branch, and of security branches in general: ----- Forwarded message from Jacques Vidrine <nectar@FreeBSD.org> ----- Date: Sat, 3 Apr 2004 07:23:54 -0800 (PST) From: Jacques Vidrine <nectar@FreeBSD.org> To: doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit:

Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent releases and EoL (end-of-life) events. The new list is below (and should appear at <URL: http://www.freebsd.org/security/ > soon). In particular, FreeBSD 4.6 and FreeBSD 5.0 have `expired'. If you wish to be certain to get critical bug fixes, it is recommended that you upgrade

Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://www.freebsd.org/security/ >. FreeBSD 4.8 has `expired' and is no longer supported effective April 1, 2005. Also note that FreeBSD 4.9 ceased to be supported on November 1, 2004. If you are running FreeBSD 4.8

Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://www.freebsd.org/security/ >. FreeBSD 5.2.1 has `expired' and is no longer supported effective January 1, 2005. Also note that FreeBSD 4.9 ceased to be supported on November 1, 2004, while FreeBSD 4.8 will

Bill Moran wrote: > This report seems pretty vague. I'm unsure as to whether the alleged > "bug" gives the user any more permissions than he'd already have? Anyone > know any details? This is a local denial of service bug, which was fixed 6 weeks ago in HEAD and RELENG_6. There is no opportunity for either remote denial of service or any privilege escalation. >

Hi all, There are rumours flying around about a supposed vulnerability in OpenSSH. Two details which I've seen mentioned many times are (a) that this exploit was used to break into a RedHat system running OpenSSH 4.3 plus backported security patches, and (b) that "recent" versions of OpenSSH are not affected; but it's not clear if there is any basis for these rumours. Given

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05

Dear FreeBSD users, Slightly more than three years ago, I released FreeBSD Update, my first major contribution to FreeBSD. Since then, I have become a FreeBSD committer, joined the FreeBSD Security Team, released Portsnap, and become the FreeBSD Security Officer. However, as I have gone from being a graduate student at Oxford University -- busy writing my thesis -- to a researcher at Simon

[bcc: to re@] Considering the amount of changes between 4.x and 5.x, and the performance issues of the latter, I think I can safely predict that RELENG_4 will be around for a long time after the RELENG_5 branch. While I understand that some will resist making RELENG_4 any more useful than it currently is (to encourage users to move to 5.x), I think there is one issue that should be addressed: the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below and at <URL: http://security.freebsd.org/ >. FreeBSD 4.11 and FreeBSD 6.0 have `expired' and are no longer supported effective February 1, 2007. Discussions concerning FreeBSD releases