similar to: *BSD user-ppp local root (when conditions permit)

Good day. Just spotted the new advisory from CORE: http://www.securityfocus.com/archive/1/462728/30/0/threaded Not an expert, but FreeBSD's src/sys/kern/uipc_mbuf2.c has the very simular code. Robert, anyone, could you please check? Thank you. -- Eygene

I've used that patch to close the hole. This patch is temporary and doesn't fix real trouble maker - problem in new version in getenv() (after 6.3 it got changed to something monstrous and non-working right if environment has only one variable), hope it will get fixed soon. *** rtld.c.orig Tue Dec 1 16:55:13 2009 --- rtld.c Tue Dec 1 16:55:55 2009 *************** *** 357,374 ****

Colin, good day! Spotted two patches for x11-servers/xorg-server port: see entries for x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you

Hi, Does FASTIPSec in FreeBSD use OCF framework ? Where can I find more documentation ? I wish to run cryptographic algorithms after setting a VPN. What command should I use to run a particular crytographic algorithm (e.g. 3DES etc.) Where can I find all such information ? -- Regards, Bubble

Here's a patch that makes rsync try to find an existing file in a group of hard-linked files so that it doesn't create the first one in the group from scratch if a later file could be used instead. Details: I decided to avoid having the code do an extra scan down the list when we encounter the lead file in the list. This is because it would be bad to have to do the same scan in the

This note is essentially a request for a reality check. I use IPFW & natd on the box that provides the interface between my home networks and the Internet; the connection is (static) residential DSL. I configured IPFW to accept & log all SSH "setup" requests, and use natd to forward such requests to an internal machine that only accepts public key authentication; that

Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the

As those of you who watch CVS will be aware Wayne has been making progress in reducing memory requirements of rsync. Much of what he has done has been the product of discussions between he and myself that started a month ago with John Van Essen. Most recently Wayne has changed how the file_struct and its associated data are allocated, eliminating the string areas. Most of these changes have been

Hi, I am just new to the FreeBSD system and look forward to take active part in contributing. Can someone please guide where can I find OCF source code in FreeBSD and also is there IKE implementation and OpenSWAN ? Regards, Raja

subj [ODiP] == Dmitry Grigorovich

Hello, If an ordinary user runs: -- snip -- cat > starv.c <<EOF main(){ char *point; while(1) { point = ( char * ) malloc(10000); }} EOF cc starv.c while true do ./a.out & done -- snip -- This will fast starv the operating system (FreeBSD 6.2). I have tried to limit the number of processes and the amount of memmory consumed (in login.conf). There is also a file /etc/malloc.conf

I'm not really a developer, but was considering if there is a key vulnerability in geli given that when you change a key there isn't a disk update. Consider the scenario where a new file system is created and populated with some files. At a later time the original key is changed because someone has gained access to the key and passphrase. A new key is generated and attached, but none of

Hi, I often use the mod() and instring() functions that are available in the clim.pact package. This package has a lot of dependencies, including installation of netCDF, and I haven't yet been able to get library(clim.pact) to work on a Mac OS 10.4.6. A previous request for help with the Mac problem yielded no results, so now I wonder if I could just extract the definitions for the couple

I am a little new to managing large numbers of CentOS/RHEL servers and was wondering what you experienced sysadmins prefer, Spacewalk or Puppet? Thanks, Dan Burkland -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20091103/de975d32/attachment-0004.html>

>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [patch] [vuxml] net/wireshark: fix DoS in SMTP dissector >Severity: serious >Priority: high >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEASE i386 >Description: Today the DoS

? 2007-3-15???8:00?freebsd-security-request@freebsd.org ??? > Send freebsd-security mailing list submissions to > freebsd-security@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-security > or, via email, send a message with subject or body 'help' to > freebsd-security-request@freebsd.org

OK. Now that I've saved the results of some simulations using the save() patch that I supplied earlier, I've gotten around to finding out why load segfaults when I try to restore the data. The reason is that I have several variable names which have become horribly long during the simulation -- on the order of 20K characters! save() is perfectly happy to write these variable names out,

OK. Now that I've saved the results of some simulations using the save() patch that I supplied earlier, I've gotten around to finding out why load segfaults when I try to restore the data. The reason is that I have several variable names which have become horribly long during the simulation -- on the order of 20K characters! save() is perfectly happy to write these variable names out,

Good day. I am posting the follow-up to the -hackers and CC'ing to the -security, because some more-or-less nasty points were found. Sat, Feb 23, 2008 at 10:32:02PM +0300, Eygene Ryabinkin wrote: > But there is another concern with bzero(): it is well-known function. > Especially for compilers. And it is bad: some arrays inside g_eli, > that hold decryption keys are the local

> Thanks all point about security, I''ll do as follows. > I thought that the point was the following two. > > > 1. Storage place of encrypted password > Should I store it in /etc/xen/passwd ? > Or, should I wait for DB of Xen that will be released in > the future? The xend life cycle management patches were posted by Alistair a couple of months back.