Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FreeBSD Security Advisory: FreeBSD-SA-00:11.ircii

From: kris () FREEBSD ORG (Kris Kennaway)
Date: Mon, 10 Apr 2000 21:35:36 -0700

On Tue, 11 Apr 2000, matthew green wrote:


just to clear up some incorrect info in here:

   The bug was originally reported in 1997 in a much older version of
   ircII, but was apparently not corrected at the time, and the problem
   was recently rediscovered independently. Development on the version of
   ircII previously in ports ceased several years ago, and has been taken
   up by a new group who have fixed this problem (and possibly
   others). FreeBSD now provides this new version of ircII.


i honestly have no idea where _this_ paragraph's information came from.


The bugtraq posting by the first person I credited (I forget his name).


ircII was fixed "back then" when the bug was originally reported here,
by the same group of people (mainly, myself) who had been maintaining
ircII for several years and _still_ maintain it today.  4.4S was only
released about 3 weeks ago, as i recall...


Okay, so the 4.4S is maintained by the same people who did 4.4? I assumed
otherwise since they were hosted in different places and the previous site
we were using to obtain the software had no mention of anything beyond
4.4.

So the bug was fixed in 2.whatever, and reappeared in 4.4? I'll update the
advisory once I'm sure of the details. Sorry for the incorrectness.

Kris

----
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <forsythe () alum mit edu>
Previous By Date Next
Previous By Thread Next

Current thread: