DragonFly commits List (threaded) for 2003-09
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: cvs commit: src/crypto/openssh buffer.c

From:	David Rhodus <drhodus@xxxxxxxxx>
Date:	Tue, 16 Sep 2003 12:58:07 -0400

On Tuesday, September 16, 2003, at 12:28 PM, Matthew Dillon wrote:

    Beat me to it.  I'm still trying to figure out what the
    security hole is, though.  Can another thread access the
    buffer while it is being expanded?  I have no idea.


Right now I'm not able to do much other than kill sshd, though
I think by the end of the day we should be able to exec from commands.
The last offer I got from an unnamed security company for a working
example was starting to get close to 6 digits....

I wonder if anyone will try to switch to DragonFly now that they need
a security fix and RELENG_4 is very unstable. I cvsup'd a RELENG_4
machine this morning and its already panic'd out.... Looks like even
though were is the development stages DragonFly is remanning a lot
more stable than FreeBSD's -Stable branch.

-DR

Follow-Ups:
- Re: cvs commit: src/crypto/openssh buffer.c
  - From: Kip Macy
- Re: cvs commit: src/crypto/openssh buffer.c
  - From: Matthew Dillon

References:
- Re: cvs commit: src/crypto/openssh buffer.c
  - From: Matthew Dillon

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]