The Stack Clash vulnerability
Michelle Sullivan
michelle at sorbs.net
Thu Jun 22 23:19:09 UTC 2017
Peter,
Peter Jeremy wrote:
>
> paying someone to provide whatever level of support you want. With
> respect to your 9.x servers, no-one is saying you must replace the
> hardware, just that the FreeBSD Project will not continue to provide
> you with free support whilst you choose to run 9.x on them. Note that
>
You mistake me for someone who needs or is asking for support.
I already have the proposed patch available to me on my servers, I'm not
convinced it solves the issue, merely making it a *lot* more difficult
to exploit, however that was my 'first look' I have a lot more to
understand and think about and there are many more people of higher
intelligence looking at it than me.
That said, I'm suggesting that given the amount of time this issue has
been around and that it was supposedly fixed many years ago, that one
should consider a special case backport for those that are not capable
of creating their own patches... and before throwing accusations around
you should consider how many times I have ever suggested that a
particular bug gets backported... If you can't be bothered to check,
this is the first since I started using FreeBSD in 2003.
--
Michelle Sullivan
http://www.mhix.org/
More information about the freebsd-security
mailing list