HEADS UP! Watch out for security on your machines and exploits!
Kris Kennaway
kris at obsecurity.org
Thu Dec 4 07:10:16 PST 2003
On Thu, Dec 04, 2003 at 03:23:03PM +0200, Peter Pentchev wrote:
> On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote:
> > On Wed, 3 Dec 2003, Peter Wemm wrote:
> >
> > > Please take EXTRA care to watch your mirrors for 'funny stuff' and make damn
> > > sure that you're fully up todate with patches.
> > >
> > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and
> > > probed. Especially now.
> >
> > (I'm cc'ing ports@ on this.)
> >
> > Since the gentoo hack was obviously made through a vunerable version of
> > rsync, I ask if it's possible to update the rsync port to the new version.
>
> I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port
> maintainer, earlier today.
Because of the severity of this, I put on my portmgr hat and updated
it myself a few minutes ago. It should be retagged for 5.2.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hubs/attachments/20031204/954b94fa/attachment.bin
More information about the freebsd-hubs
mailing list