cvs commit: src/crypto/openssh buffer.c
David Rhodus
drhodus at catpa.com
Tue Sep 16 09:58:39 PDT 2003
On Tuesday, September 16, 2003, at 12:28 PM, Matthew Dillon wrote:
Beat me to it. I'm still trying to figure out what the
security hole is, though. Can another thread access the
buffer while it is being expanded? I have no idea.
Right now I'm not able to do much other than kill sshd, though
I think by the end of the day we should be able to exec from commands.
The last offer I got from an unnamed security company for a working
example was starting to get close to 6 digits....
I wonder if anyone will try to switch to DragonFly now that they need
a security fix and RELENG_4 is very unstable. I cvsup'd a RELENG_4
machine this morning and its already panic'd out.... Looks like even
though were is the development stages DragonFly is remanning a lot
more stable than FreeBSD's -Stable branch.
-DR
More information about the Commits
mailing list