Re: fixes for stack clash vulnerability

2017-06-28 Thread Mark Millard
Jov amutu at amutu.com wrote on Wed Jun 28 14:40:16 UTC 2017 > There is a commit fix this: https://svnweb.freebsd.org/changeset/base/320317 Unfortunately the change broke other behavior resulting in some failing stack allocations for new threads and so there is also now:

Re: fixes for stack clash vulnerability

2017-06-28 Thread Dan Mack
Thanks Jov - I missed it! Looks like it will MFC around Saturday :-) Dan On Wed, 28 Jun 2017, Jov wrote: There is a commit fix this: https://svnweb.freebsd.org/changeset/base/320317 Jov 2017年6月28日 10:27 PM,"Dan Mack" 写道: FreeBSD is mentioned as being vulnerable to

Re: fixes for stack clash vulnerability

2017-06-28 Thread Jov
There is a commit fix this: https://svnweb.freebsd.org/changeset/base/320317 Jov 2017年6月28日 10:27 PM,"Dan Mack" 写道: > FreeBSD is mentioned as being vulnerable to this and Qualsys has working > exploits which might be released soon: > >

fixes for stack clash vulnerability

2017-06-28 Thread Dan Mack
FreeBSD is mentioned as being vulnerable to this and Qualsys has working exploits which might be released soon: https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash I don't remember seeing an advisory or seeing any fixes on the svn commit stream so just curious. Dan