os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add pointers to recent security advisories

Browse source 
bugtraq moved from geek-girl to securityfocus
"will" -> "we'll" in evil dwarves warning.

Submitted by: "Keith R. Jarvis" <kjarvis@iss.net>
This commit is contained in:
Warner Losh 1999-09-22 02:15:24 +00:00
parent eb4f6865c3
commit 1eee3e63b3
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=5685
3 changed files with 30 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

14
en/security/advisories.xml
View file

@ -1,10 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.14 1999/09/06 22:51:27 jkh Exp $">
<!ENTITY title "FreeBSD Security Information">
<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
]>
<!-- $FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $ -->
<!-- $FreeBSD: www/en/security/security.sgml,v 1.14 1999/09/06 22:51:27 jkh Exp $ -->
<html>
&header;
@ -138,6 +138,12 @@ currently available:</P>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:07.rst.asc">FreeBSD-SA-98:07.rst.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:08.fragment.asc">FreeBSD-SA-98:08.fragment.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:01.chflags.asc">FreeBSD-SA-99:01.chflags.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:02.profil.asc">FreeBSD-SA-99:02.profil.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:03.ftpd.asc">FreeBSD-SA-99:03.ftpd.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:04.core.asc">FreeBSD-SA-99:04.core.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:05.fts.asc">FreeBSD-SA-99:05.fts.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:06.amd.asc">FreeBSD-SA-99:06.amd.asc</A></LI>
</UL>
<A NAME=ml></A>
@ -181,7 +187,7 @@ issues to watch for in this are are:
<LI>strcpy() and sprintf() calls from unbounded data. Use strncpy and
snprintf() when the length is known (or implement some other form of
bounds-checking when the length is unknown). In fact, never ever use
gets() or sprintf(), period. If you do - will send evil dwarfs after you.
gets() or sprintf(), period. If you do - we'll send evil dwarfs after you.
<P></P></LI>
<LI>If you have to check the user input so it does not contain bad
@ -442,7 +448,7 @@ wanted to know about security... and more.</LI>
http://www.cert.org</A> and <A href="http://www.auscert.org.au">
http://www.auscert.org.au</A>.</LI>
<LI>Mailing lists such as <A HREF="http://www.geek-girl.com/bugtraq/">
<LI>Mailing lists such as <A HREF="http://www.securityfocus.com/forums/bugtraq/intro.html">
Bugtraq</A> and <A HREF="http://www.nfr.net/forum/firewall-wizards.html">
Firewall Wizards</A>.</LI>
</UL>

14
en/security/security.sgml
View file

@ -1,10 +1,10 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $">
<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.14 1999/09/06 22:51:27 jkh Exp $">
<!ENTITY title "FreeBSD Security Information">
<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
]>
<!-- $FreeBSD: www/en/security/security.sgml,v 1.13 1999/09/06 07:02:58 peter Exp $ -->
<!-- $FreeBSD: www/en/security/security.sgml,v 1.14 1999/09/06 22:51:27 jkh Exp $ -->
<html>
&header;
@ -138,6 +138,12 @@ currently available:</P>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:07.rst.asc">FreeBSD-SA-98:07.rst.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:08.fragment.asc">FreeBSD-SA-98:08.fragment.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:01.chflags.asc">FreeBSD-SA-99:01.chflags.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:02.profil.asc">FreeBSD-SA-99:02.profil.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:03.ftpd.asc">FreeBSD-SA-99:03.ftpd.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:04.core.asc">FreeBSD-SA-99:04.core.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:05.fts.asc">FreeBSD-SA-99:05.fts.asc</A></LI>
<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-99:06.amd.asc">FreeBSD-SA-99:06.amd.asc</A></LI>
</UL>
<A NAME=ml></A>
@ -181,7 +187,7 @@ issues to watch for in this are are:
<LI>strcpy() and sprintf() calls from unbounded data. Use strncpy and
snprintf() when the length is known (or implement some other form of
bounds-checking when the length is unknown). In fact, never ever use
gets() or sprintf(), period. If you do - will send evil dwarfs after you.
gets() or sprintf(), period. If you do - we'll send evil dwarfs after you.
<P></P></LI>
<LI>If you have to check the user input so it does not contain bad
@ -442,7 +448,7 @@ wanted to know about security... and more.</LI>
http://www.cert.org</A> and <A href="http://www.auscert.org.au">
http://www.auscert.org.au</A>.</LI>
<LI>Mailing lists such as <A HREF="http://www.geek-girl.com/bugtraq/">
<LI>Mailing lists such as <A HREF="http://www.securityfocus.com/forums/bugtraq/intro.html">
Bugtraq</A> and <A HREF="http://www.nfr.net/forum/firewall-wizards.html">
Firewall Wizards</A>.</LI>
</UL>