tech-security: Re: amd vulnerability?

Subject: Re: amd vulnerability?
To: Aaron Brown <abrown@cs.berkeley.edu>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-security
Date: 09/09/1999 09:52:35

  by redmail.netbsd.org with SMTP; 9 Sep 1999 08:28:11 -0000
	by antioche.lip6.fr (8.9.3/8.9.3) with ESMTP id KAA07258;
	Thu, 9 Sep 1999 10:27:50 +0200 (MEST)
Date: Thu, 9 Sep 1999 09:52:35 +0200
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
To: Aaron Brown <abrown@cs.berkeley.edu>
Cc: tech-security@netbsd.org
Subject: Re: amd vulnerability?
Message-ID: <19990909095235.A3224@antioche.eu.org>
References: <qd8hfl5ywls.fsf@pesto.CS.Berkeley.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <qd8hfl5ywls.fsf@pesto.CS.Berkeley.EDU>; from Aaron Brown on Wed, Sep 08, 1999 at 01:30:39PM -0700

On Wed, Sep 08, 1999 at 01:30:39PM -0700, Aaron Brown wrote:
> Hi all,
> 
> Does anyone know if NetBSD (1.4.1/i386, or any other version) is
> vulnerable to the amd/amutils buffer overflow exploit that's been
> hitting Linux machines recently?

I fear they are, yes. -current should be safe now, some work is being made
for the 1.4 branch.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--