Picon

FreeBSD Security Advisory FreeBSD-SA-03:08.realpath


=============================================================================
FreeBSD-SA-03:08.realpath                                   Security Advisory
                                                          The FreeBSD Project

Topic:          Single byte buffer overflow in realpath(3)

Category:       core
Module:         libc
Announced:      2003-08-03
Credits:        Janusz Niewiadomski <funkysh <at> isec.pl>,
                Wojciech Purczynski <cliph <at> isec.pl>,
                CERT/CC
Affects:        All releases of FreeBSD up to and including 4.8-RELEASE
                and 5.0-RELEASE
                FreeBSD 4-STABLE prior to May 22 17:11:44 2003 UTC
Corrected:      2003-08-03 23:46:24 UTC (RELENG_5_0)
                2003-08-03 23:43:43 UTC (RELENG_4_8)
                2003-08-03 23:44:12 UTC (RELENG_4_7)
                2003-08-03 23:44:36 UTC (RELENG_4_6)
                2003-08-03 23:44:56 UTC (RELENG_4_5)
                2003-08-03 23:45:41 UTC (RELENG_4_4)
                2003-08-03 23:46:03 UTC (RELENG_4_3)
                2003-08-03 23:47:39 UTC (RELENG_3)
FreeBSD only:   NO

I.   Background

The realpath(3) function is used to determine the canonical,
absolute pathname from a given pathname which may contain extra
(Continue reading)

Picon

FreeBSD Security Advisory FreeBSD-SA-03:08.realpath [REVISED]


=============================================================================
FreeBSD-SA-03:08.realpath                                   Security Advisory
                                                          The FreeBSD Project

Topic:          Single byte buffer overflow in realpath(3)

Category:       core
Module:         libc
Announced:      2003-08-03
Credits:        Janusz Niewiadomski <funkysh <at> isec.pl>,
                Wojciech Purczynski <cliph <at> isec.pl>,
                CERT/CC
Affects:        All releases of FreeBSD up to and including 4.8-RELEASE
                and 5.0-RELEASE
                FreeBSD 4-STABLE prior to May 22 17:11:44 2003 UTC
Corrected:      2003-08-03 23:46:24 UTC (RELENG_5_0)
                2003-08-03 23:43:43 UTC (RELENG_4_8)
                2003-08-03 23:44:12 UTC (RELENG_4_7)
                2003-08-03 23:44:36 UTC (RELENG_4_6)
                2003-08-03 23:44:56 UTC (RELENG_4_5)
                2003-08-03 23:45:41 UTC (RELENG_4_4)
                2003-08-03 23:46:03 UTC (RELENG_4_3)
                2003-08-03 23:47:39 UTC (RELENG_3)
FreeBSD only:   NO

0.   Revision History

v1.0  2003-08-03  Initial release
v1.1  2003-08-04  Updated information for lukemftpd
(Continue reading)

FreeBSD Security Advisories | 11 Aug 04:57 2003
Picon

FreeBSD Security Advisory FreeBSD-SA-03:09.signal


=============================================================================
FreeBSD-SA-03:09.signal                                     Security Advisory
                                                          The FreeBSD Project

Topic:          Insufficient range checking of signal numbers

Category:       core
Module:         sys
Announced:      2003-08-10
Affects:        All releases of FreeBSD up to and including 4.8-RELEASE-p1,
                5.1-RELEASE (but see `Problem Description' below)
                FreeBSD 4-STABLE prior to the correction date
Corrected:      2003-08-10 23:09:28 UTC (RELENG_4)
                2003-08-10 23:14:08 UTC (RELENG_5_1)
                2003-08-10 23:17:48 UTC (RELENG_5_0)
                2003-08-10 23:19:35 UTC (RELENG_4_8)
                2003-08-10 23:20:30 UTC (RELENG_4_7)
                2003-08-10 23:21:18 UTC (RELENG_4_6)
                2003-08-10 23:22:19 UTC (RELENG_4_5)
                2003-08-10 23:23:05 UTC (RELENG_4_4)
                2003-08-10 23:23:56 UTC (RELENG_4_3)
FreeBSD only:   YES

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.

I.   Background
(Continue reading)

FreeBSD Security Advisories | 11 Aug 04:57 2003
Picon

FreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2


=============================================================================
FreeBSD-SA-03:10.ibcs2                                      Security Advisory
                                                          The FreeBSD Project

Topic:          Kernel memory disclosure via ibcs2

Category:       core
Module:         sys
Announced:      2003-08-10
Credits:        David Rhodus <drhodus <at> catpa.com>
Affects:        All FreeBSD releases up to and including 4.8-RELEASE-p2,
                5.1-RELEASE-p1
Corrected:      2003-08-10 23:30:18 UTC (RELENG_4)
                2003-08-10 23:28:16 UTC (RELENG_5_1)
                2003-08-10 23:29:10 UTC (RELENG_5_0)
                2003-08-10 23:31:11 UTC (RELENG_4_8)
                2003-08-10 23:31:51 UTC (RELENG_4_7)
                2003-08-10 23:32:22 UTC (RELENG_4_6)
                2003-08-10 23:32:44 UTC (RELENG_4_5)
                2003-08-10 23:33:18 UTC (RELENG_4_4)
                2003-08-10 23:33:50 UTC (RELENG_4_3)
                2003-08-10 23:35:21 UTC (RELENG_3)
FreeBSD only:   YES

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.

(Continue reading)

Kirk McKusick | 12 Aug 19:42 2003

BSDCon Early Registration Deadline Aug 15th

The August 15th early registration discount deadline for BSDCon
is rapidly approaching. If the BSD community wants to continue
having our own event, we need to support it by showing up. So,
please go to http://www.usenix.org/events/bsdcon03/ and register.

	Kirk McKusick
_______________________________________________
freebsd-announce <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe <at> freebsd.org"

FreeBSD Security Advisories | 13 Aug 00:37 2003
Picon

FreeBSD Security Advisory FreeBSD-SA-03:09.signal [REVISED]


=============================================================================
FreeBSD-SA-03:09.signal                                     Security Advisory
                                                          The FreeBSD Project

Topic:          Insufficient range checking of signal numbers

Category:       core
Module:         sys
Announced:      2003-08-10
Affects:        All releases of FreeBSD up to and including 4.8-RELEASE-p1,
                5.1-RELEASE (but see `Impact' below)
                FreeBSD 4-STABLE prior to the correction date
Corrected:      2003-08-10 23:09:28 UTC (RELENG_4)
                2003-08-10 23:14:08 UTC (RELENG_5_1)
                2003-08-10 23:17:48 UTC (RELENG_5_0)
                2003-08-10 23:19:35 UTC (RELENG_4_8)
                2003-08-11 10:14:38 UTC (RELENG_4_7)
                2003-08-11 10:16:35 UTC (RELENG_4_6)
                2003-08-12 20:23:24 UTC (RELENG_4_5)
                2003-08-12 20:23:51 UTC (RELENG_4_4)
                2003-08-12 20:24:13 UTC (RELENG_4_3)
FreeBSD only:   YES

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.

0.   Revision History
(Continue reading)

Kris Kennaway | 16 Aug 11:46 2003

Ports scheduled for removal on Nov 7

Dear FreeBSD users,

The following ports are scheduled for removal on November 7 if they
are still broken at that time and no PRs have been submitted to fix
them.  If you are interested in saving these ports, please send your
patches to the maintainer.  If the maintainer is unresponsive or the
port has no maintainer, then please submit them via send-pr.

As usual, the build error logs can be obtained from
http://bento.freebsd.org

Kris

#-*- mode: makefile; tab-width: 32; -*-
# ex:ts=32
#
astro/sscalc	sscalc-1.0	kew <at> icehouse.net
audio/csound-manual	csound-manual-4.10	trevor <at> FreeBSD.org
audio/net-rhythmbox	net-rhythmbox-0.4.8_2	hendrik <at> scholz.net
audio/spiralsynthbaby	spiralsynthbaby-0.0.2	trevor <at> FreeBSD.org
benchmarks/iozone	iozone-3.172	jmz <at> FreeBSD.org
biology/emboss	emboss-2.4.1_1	wjv <at> FreeBSD.org
cad/gwave	gwave-20020122	dmlb <at> dmlb.org
chinese/chitex	zh-chitex-6.1.2p7.8_1	statue <at> freebsd.sinica.edu.tw
chinese/dictd	zh-tw-dictd-1.8.0_1	ports <at> FreeBSD.org
chinese/dictd-database	zh-dictd-database-1.4	statue <at> freebsd.sinica.edu.tw
comms/bayonne	bayonne-0.5.3_1	ports <at> FreeBSD.org
comms/vpb2	vpb2-2.0.3	dyfet <at> gnu.org
databases/firebird	firebird-1.0.2	chris <at> aims.com.au
databases/firebird-devel	firebird-1.0.r2	chris <at> aims.com.au
(Continue reading)

Justin T. Gibbs | 25 Aug 18:11 2003

FreeBSD Foundation Announces Native Support for Java JDK 1.3.1 on FreeBSD

Boulder, CO - August 25, 2003 - The FreeBSD Foundation today announced the
availability of a binary distribution of the Java JDK version 1.3.1 for
the widely used FreeBSD operating system.

Wes Peters of the FreeBSD Core Team commented "This announcement hallmarks
a new era of Java support for FreeBSD.  Having easy to install binary
Java packages will ensure that all users can enjoy the benefits of Java
technology on the FreeBSD platform."

Java users can download, without charge, the FreeBSD Foundation's Java
distribution from <http://www.FreeBSDFoundation.org/downloads/java.shtml>.
The FreeBSD Foundation is also providing OEM licenses to FreeBSD
distributors, permitting them to ship out-of-the-box Java support with
FreeBSD. 

Foundation Secretary and Treasurer, Justin T. Gibbs, pledged continued
support for Java technology on the FreeBSD platform.  "The FreeBSD Foundation
is committed to keeping FreeBSD a Java enabled platform.  With the 1.3.1 JDK
release behind us, the Foundation has turned its attention toward the 1.4.X
JDK.  The volunteers working on FreeBSD Java support already have us most of
the way there.  The Foundation is now financing efforts to accelerate the
completion of this work."

Noting the importance of Java support to the FreeBSD user base was FreeBSD
Foundation president Robert Watson.  "Java support is critical to the
success of FreeBSD in the enterprise-- this release will open many doors
for the FreeBSD platform."

About the FreeBSD Project

(Continue reading)

FreeBSD Security Advisories | 26 Aug 18:43 2003
Picon

FreeBSD Security Advisory FreeBSD-SA-03:11.sendmail


=============================================================================
FreeBSD-SA-03:11.sendmail                                   Security Advisory
                                                          The FreeBSD Project

Topic:          sendmail DNS map problem

Category:       contrib
Module:         contrib_sendmail
Announced:      2003-08-26
Credits:        Oleg Bulyzhin <oleg <at> rinet.ru>
Affects:        4.6-RELEASE (up to -p16), 4.7-RELEASE (up to -p13),
                4.8-RELEASE (up to -p3), 5.0-RELEASE (up to -p11)
                4-STABLE prior to Mar 29 19:33:18 2003 UTC
Corrected:      2003-08-25 22:33:14 UTC (RELENG_5_0)
                2003-08-25 22:35:23 UTC (RELENG_4_8)
                2003-08-25 22:36:10 UTC (RELENG_4_7)
                2003-08-25 22:38:53 UTC (RELENG_4_6)
FreeBSD only:   NO

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://www.freebsd.org/security/>.

I.   Background

FreeBSD includes sendmail(8), a general purpose internetwork mail
routing facility, as the default Mail Transfer Agent (MTA).

(Continue reading)


Gmane