Is df afftected by this FreeBSD's security problem?

Matthew Dillon dillon at backplane.com
Wed Nov 5 09:29:46 PST 2014


SA-14:24 - sshd. probably not.  I don't think we link against kerberos.

SA-14:25 - setlogin - no, we are not affected.  Our kernel zero's the
buffer.

SA-14:26 - The ftp issue was fixed at the same time FreeBSD fixed it.  Note
that even with a vulnerable program, the issue is not likely to get hit by
normal users because our 'fetch' program is different and most use cases
via 'ftp' will use -o.

-Matt


On Tue, Nov 4, 2014 at 5:18 PM, lhmwzy <lhmwzy at gmail.com> wrote:

> https://www.freebsd.org/security/advisories/FreeBSD-SA-14:24.sshd.asc
> https://www.freebsd.org/security/advisories/FreeBSD-SA-14:25.setlogin.asc
> https://www.freebsd.org/security/advisories/FreeBSD-SA-14:26.ftp.asc
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20141105/c01be02f/attachment-0001.htm>


More information about the Users mailing list