Re: Sicherheit von Pine

From: Noel Koethe <noel(at)koethe.net>
Date: Mon, 1 Oct 2001 18:35:48 +0200



On Mon, 01 Okt 2001, Bernd Walter wrote:



> > Bei der Installation aus den ports erscheint allerdings eine


> > Warnung bezueglich der mangelnden Sicherheit und der Qualitaet


> > des Codes.


> 


> Sicher?


> In meinen ports kann ich keinen Hinweis darauf finden.


> Wie lautet die Meldung genau?



# cd /usr/ports/mail/pine4


# make



                    lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk


                    x SECURITY NOTE: The pine software has had several remote            x


                    x vulnerabilities discovered in the past, which allowed remote       x


                    x attackers to execute arbitrary code as you on your local system,   x


                    x by the action of sending a specially-prepared email. All such      x


                    x KNOWN problems have been fixed, but the pine code is written in a  x


                    x very insecure style and the FreeBSD Security Officer believes      x


                    x there are likely to be other undiscovered vulnerabilities. Do you  x


                    x wish to proceed with the installation of pine anyway?              x


                    tqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqu


                    x                        [ Yes ]         No                          x


                    mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj



-- 
Noch einen schönen Tag
	Noèl Köthe
To Unsubscribe: send mail to majordomo(at)de.FreeBSD.org
with "unsubscribe de-bsd-questions" in the body of the message


Received on Mon 01 Oct 2001 - 18:36:07 CEST













search this site