Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail
From: Nate Williams (nate@yogotech.com)
Date: 09/24/01
- Next message: Alex Danielski: "(no subject)"
- Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail"
- In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Nate Williams <nate@yogotech.com> Date: Mon, 24 Sep 2001 15:09:39 -0600 To: Kris Kennaway <kris@obsecurity.org>
> > > =============================================================================
> > > FreeBSD-SA-01:60 Security Advisory
> > > FreeBSD, Inc.
> > >
> > > Topic: Multiple vulnerabilities in procmail signal handling
> > > V. Solution
> > >
> > > The port procmail-3.20 and later versions include fixes for these
> > > vulnerabilities.
> >
> > I'm guessing this is supposed to be procmail-3.21 and later?
>
> No, it's meant to be 3.20 and later.
Ahh, I read the vulnerability wrong. It says
procmail versions prior to procmail 3.20 performed unsafe actions
while in the signal handlers.
I didn't parse 'prior to procmail 3.20' very well.
I'm sorry, my bad, ....
Nate
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Alex Danielski: "(no subject)"
- Previous message: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail"
- In reply to: Kris Kennaway: "Re: FreeBSD Security Advisory FreeBSD-SA-01:60.procmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
