On Jul 27, 2011, at 10:16 AM, grarpamp wrote:
malloc(3) has never provided zeroed memory. If you need zeroed memory in C,
you either need to zero it yourself using memset(3), or use calloc(3).
Or, in lieu, use -Z, presumably.
No developer should ever assume that malloc(3) returns zeroed
Hi--
Are folks familiar with:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997
http://www.isc.org/software/dhcp/advisories/cve-2011-0997
http://nakedsecurity.sophos.com/2011/04/07/flaw-in-iscs-dhclient-could-allow-remote-code-execution/
Checking
Hi--
On Aug 19, 2010, at 12:08 PM, FreeBSD Security Officer wrote:
If you haven't updated your affected systems for FreeBSD-SA-10:07.mbuf yet,
there's another reason to do it now: Exploit code was posted earlier today
to the full-disclosure list.
Is it confirmed that this advisory does *not*
Hi--
On Jan 28, 2010, at 1:56 PM, Garance A Drosihn wrote:
On 2010/01/28 12:18, Chris Palmer wrote:
For backwards compatibility, which do people prefer: Creating a new $N$
prefix every time we re-tune the algorithm, or using a new notation to say
how many times this password was hashed? For
Hi--
On Dec 3, 2009, at 3:05 AM, Andrea Venturoli wrote:
Sorry, this might seem a stupid question, but...
In several places I read that FreeBSD 6.x is NOT affected; however, I heard
some people discussing how to apply the patch to such systems. So, I'd like
to know for sure: is 6.x
Hi--
On Dec 1, 2009, at 11:09 AM, Mike Tancsa wrote:
http://isc.sans.org/trends.html
and
http://isc.sans.org/port.html
Do not seem to show any increase.
I've checked, and the volume of attempts over the past few days seems pretty
constant, although there was actually a decrease around Nov
Hi, all--
Apropos of this security issue with BIND, I just tried updating a
FreeBSD-6.3-STABLE system with dns/bind95, and it loudly complains
about the OpenSSL version which comes with the system:
[ ... ]
config.status: creating include/isc/platform.h
config.status: creating config.h
Doug Barton wrote:
Chuck Swiger wrote:
Doug Barton wrote:
[ ... ]
Right. As I understood it, you were arguing in favor of MFC'ing a fix to
RELENG_5 because you have machines from that branch in a production
setting. If I misunderstood your point, I apologize.
I would like CVE-2007-0493
Doug Barton wrote:
Chris Marlatt wrote:
[ ... ]
Yes, but whether a full upgrade is needed for support or not depends
on your definition. Given that FreeBSD is not vulnerable to these issues
in its default configuration, one could easily argue that an upgrade for
RELENG_5 isn't necessary.
Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Chuck Swiger writes:
Checksumming the device image is a fine way of checking the integrity of it,
assuming it is read-only. The only thing you might want to do is use two or
three checksum algorithms (ie, use sha256 and md5 and something
Hi, Winston--
Winston Tsai wrote:
[ ...followups set to just one group... ]
Openssl speed des-cbc
And got the following result:
16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
43251.97k 44919.41k 45342.43k 45506.13k 45579.98k
Then I did kldunload hifn; kldunload cryptodev and ran
Mike Silbersack wrote:
[ ... ]
Actually, even though you haven't mentioned the company, someone with
the resources to consider breaking AES would probably not find it too
difficult to find the company's name. You _have_ admitted that you
are one of the people who knows the passphrase.
Hey,
Dag-Erling Smørgrav wrote:
[EMAIL PROTECTED] writes:
Can this be achieved within the regular system build process, or must I
roll my own?
You need to change src/crypto/openssh/config.h so it says
/* #undef PAM */
#define SKEY 1
#define OPIE 1
instead of
#define PAM 1
/* #undef SKEY */
/*
13 matches
Mail list logo