On Fri, Mar 16, 2007 at 09:42:47AM +0100, Karel Kulhavy wrote:
> http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1703
> says:
> Vulnerable Packages
> OpenBSD 4.1 prior to Feb. 26th, 2006.
> OpenBSD 4.0 Current
> OpenBSD 4.0 Stable
> [...]
>
> OpenBSD-current, 4.1, 4.0 and 3.9 have the fix incorporated in their source
> code tree and kernel binaries for those versions and the upcoming version 4.1
> include the fix.
>
> I have OpenBSD 4.0. Is my system vulnerable or not?
4.0-release is vulnerable, a recentish 4.0-stable isn't. Similarly, all
4.0-currents are vulnerable (and should be updated to the newer
-current), as was the 4.1 branch of -current. Recent -current is not
vulnerable, nor is 4.1.
Joachim
