2002-Aug-22

Looking at PR security/14444. Wonder if it matters for netbsd-1-5. Sent email to gnats (and others involved) about it.

The fixes for ASN1 security issue weren't pulled to netbsd-1-5, so I send-pr'd bin/18043: please pull up asn1_lib.c fix to netbsd-1-5. (In regards to OpenSSL fixes, apparently the the potential exploits have been replaced with DoS issues instead. netbsd-1-5 may just upgrade entire OpenSSL.) (cyber closed on 21/Jun/2003: "issue was resolved by prior commit". * I should check this.)

The kernel operating system version details (uname -v) can is set in /sys/arch/ARCH/compile/KERNEL/vers.c. But can't be changed there, since it is overwritten by /sys/conf/newvers.sh.

A fix for bug in NFS server code allows remote denial of service (FreeBSD-SA-02:36.nfs) was pulled in for netbsd-1-6, but not netbsd-1-5. So I send-pr'd kern/18044: please pull in nfs_socket.c fix to netbsd-1-5.