DragonFly BSD
DragonFly commits List (threaded) for 2003-09
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: cvs commit: src/crypto/openssh buffer.c

From: David Rhodus <drhodus@xxxxxxxxx>
Date: Tue, 16 Sep 2003 12:58:07 -0400

On Tuesday, September 16, 2003, at 12:28 PM, Matthew Dillon wrote:
    Beat me to it.  I'm still trying to figure out what the
    security hole is, though.  Can another thread access the
    buffer while it is being expanded?  I have no idea.

Right now I'm not able to do much other than kill sshd, though I think by the end of the day we should be able to exec from commands. The last offer I got from an unnamed security company for a working example was starting to get close to 6 digits....

I wonder if anyone will try to switch to DragonFly now that they need
a security fix and RELENG_4 is very unstable. I cvsup'd a RELENG_4
machine this morning and its already panic'd out.... Looks like even
though were is the development stages DragonFly is remanning a lot
more stable than FreeBSD's -Stable branch.


[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]