Re: Upcoming FreeBSD Security Advisory

看板FB_security作者時間16年前 (2009/12/02 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串13/17 (看更多)
Dag-Erling Sm=C3=B8rgrav napsal/wrote, On 12/01/09 14:12: > As to the second: yes, 6.1 is most likely affected. Probably no. The older algorithm used in 6.1 looks like ----------------- if (trusted) { variable =3D getenv(NAME); .... ----------------- The affected algorithm looks like: ----------------- if (!trusted) { unsetenv(NAME); ... }; variable =3D getenv(NAME); ----------------- As far as I know such change has been MFCed into 6.3, 6.4, 7.x but not=20 into 6.1. So 6.1 should not be affected by this bug (but remain=20 vulnerable to problem that triggered the change of old algorithm to new).= Dan _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 dan. 的文章
文章代碼(AID): #1B5LdcGu (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 13 之 17 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共17篇)
更多 dan. 的文章
文章代碼(AID): #1B5LdcGu (FB_security)