FreeBSD Security Advisory FreeBSD-SA-10:05.opie
Dmitry Pryanishnikov
lynx.ripe at gmail.com
Thu May 27 07:00:41 UTC 2010
Hello!
2010/5/27 FreeBSD Security Advisories <security-advisories at freebsd.org>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> =============================================================================
> FreeBSD-SA-10:05.opie Security Advisory
> The FreeBSD Project
...
> IV. Workaround
> No workaround is available, but systems without OPIE capable services
> running are not vulnerable.
Wouldn't just commenting out all references to pam_opie* in
/etc/pam.d/* create a viable workaround?
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch
> # fetch http://security.FreeBSD.org/patches/SA-10-05/opie.patch.asc
Apparently correct URLs are
# fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch
# fetch http://security.FreeBSD.org/patches/SA-10:05/opie.patch.asc
--
Sincerely, Dmitry
nic-hdl: LYNX-RIPE
More information about the freebsd-security
mailing list