On Tue, 1 Dec 2009, Dan Lukes wrote:
Dag-Erling Smørgrav napsal/wrote, On 12/01/09 14:12:As to the second: yes, 6.1 is most likely affected.Probably no. The older algorithm used in 6.1 looks like ----------------- if (trusted) { variable = getenv(NAME); .... ----------------- The affected algorithm looks like: ----------------- if (!trusted) { unsetenv(NAME); ... }; variable = getenv(NAME); -----------------As far as I know such change has been MFCed into 6.3, 6.4, 7.x but not into 6.1. So 6.1 should not be affected by this bug (but remain vulnerable to problem that triggered the change of old algorithm to new).
That is correct. 6.x should not be affected. The security issue exists with the combination of the getenv() to unsetenv() change in rtld.c and the addition of the new env code. The unsetenv() in 6.x would not stop if environ was corrupted.
Sean -- [email protected]
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
