Re: OpenBSD Local Root Compromise

From: Dries Schellekens (gwyllion@ace.ulyssis.org)
Date: 04/11/02

Previous message: Simon Lodal: "IBM Informix Web DataBlade: Auto-decoding HTML entities"
In reply to: Milos Urbanek: "OpenBSD Local Root Compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 11 Apr 2002 23:16:34 +0200 (CEST)
From: Dries Schellekens <gwyllion@ace.ulyssis.org>
To: Milos Urbanek <urbanek@zoom-int.cz>

On Thu, 11 Apr 2002, Milos Urbanek wrote:

> Available Fixes:
> This bug was patched in OpenBSD Current on April 8, 2002.
> Official patch for other OpenBSD releases is not available at the moment
> but the bug can be solved by applying the attached source code patch
> to the 1.23 revision of the appropriate file and installing new mail
> binary.

http://www.openbsd.org/errata.html and
http://www.openbsd.org/errata29.html contain a patch.

-- 
Dries Schellekens
email: gwyllion@ulyssis.org

Previous message: Simon Lodal: "IBM Informix Web DataBlade: Auto-decoding HTML entities"
In reply to: Milos Urbanek: "OpenBSD Local Root Compromise"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Is fork() hook ever possible?
... to OpenBSD's version fixes the bug where a parent and child ... here instead of /dev/random, like OpenBSD did. ... time/pid are at the beginning of the struct, ... In your new patch you pass unneded stack garbadge at the beginning of the ...
(freebsd-current)
Weekly Python Patch/Bug Summary
... Patch / Bug Summary ... http://python.org/sf/606098 closed by rhettinger ... http://python.org/sf/1088716 closed by loewis ...
(comp.lang.python)
[Full-Disclosure] RE: [kinda-but-not-really-Full-Disclosure-so-we-feel-warm-and-fuzzy] Re: <to va
... Because it must be realised that as soon as a patch and or advisory is ... there are global teams of people working to discover and exploit said bug. ... quiet and MS just released patches for 'undisclosed' problems... ... > engineer a ms patch to find the changed code and produce a working ...
(Full-Disclosure)
Re: Cant take skilled talent?
... least playing an easier version of the game than everyone else has. ... mind changing or removing the patch if TB emailed me about it. ... -fixing skilled bug is good ... The patch simply stops the monsters from growing too powerful compared to the ...
(rec.games.roguelike.adom)
RE: Mailslot bug (MS06-035) vs non-Mailslot bug (CVE-2006-3942)
... made patch for SRV.SYS. ... vulnerabilities that everyone is so afraid to talk about. ... the mailslot bug, and they didn't have any technical details to turn to, ... So keep on truckin Core Security, Michal Zalewski, and even ...
(Bugtraq)