On Fri, Jun 15, 2001 at 09:18:15AM +0200, Andreas Haugsnes wrote: > I must say that I gasped and had to wipe sweat from my > forehead when I read, tested and could confirm this > exploit. > > The OpenBSD-team has known about this for -6- days (15th of June), > and they haven't been able to come up with atleast a temporary fix? > I can't find anything on errdata / security warnings, > what's up with that? If it's any consolation, NetBSD now (as of the 15th) has a fix for this problem in-tree (a pullup for the impending 1.5.1 release is in the queue), and we only found out about it on the 14th. -- -- Jason R. Thorpe <thorpejat_private>
This archive was generated by hypermail 2b30 : Fri Jun 15 2001 - 20:21:49 PDT