Alan Evans wrote: > I'm sure FreeBSD is vulnerable. > > http://www.us-cert.gov/cas/techalerts/TA04-111A.html > > There's a draft that (sort of) addresses this. Should > we adopt it? This issue is being discussed on freebsd-security now, and Mike Silbersack <silby at silby.com> has some patches available for review and testing. -- -Chuck