Re: FreeBSD Security Advisory FreeBSD-SA-10:05.opie
Hello!
2010/5/27 FreeBSD Security Advisories <security-advisories@freebsd.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> FreeBSD-SA-10:05.opie =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=
=A0 =A0 =A0 =A0 =A0 =A0 Security Advisory
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0The FreeBSD Project
....
> IV. =A0Workaround
> No workaround is available, but systems without OPIE capable services
> running are not vulnerable.
Wouldn't just commenting out all references to pam_opie* in
/etc/pam.d/* create a viable workaround?
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch
> # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch.asc
Apparently correct URLs are
# fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch
# fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch.asc
--=20
Sincerely, Dmitry
nic-hdl: LYNX-RIPE
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 5 篇):