From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Feb 17 01:41:06 1997
Received: by jaz.jp.freebsd.org (8.8.5+2.7Wbeta5/8.7.3) id BAA19477
	Mon, 17 Feb 1997 01:41:06 +0900 (JST)
Received: by jaz.jp.freebsd.org (8.8.5+2.7Wbeta5/8.7.3) with ESMTP id BAA19472
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 17 Feb 1997 01:41:04 +0900 (JST)
Received: from mail.ba2.so-net.or.jp (mail.ba2.so-net.or.jp [202.238.95.33]) by mgate01.so-net.or.jp (8.7.5/3.4W397011716) with ESMTP id BAA20932 for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 17 Feb 1997 01:42:29 +0900 (JST)
Received: from freebsd.hs.or.jp (ppp8f8e.pppp.ap.so-net.or.jp [210.132.143.142]) by mail.ba2.so-net.or.jp (8.7.3/3.4W397012120) with ESMTP id BAA26954 for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 17 Feb 1997 01:40:31 +0900 (JST)
Received: from localhost (localhost [127.0.0.1]) by freebsd.hs.or.jp (8.7.5/3.5W-97021222) with ESMTP id BAA11262 for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 17 Feb 1997 01:39:58 +0900 (JST)
Message-Id: <199702161639.BAA11262@freebsd.hs.or.jp>
From: Hiroaki Satoh (=?ISO-2022-JP?B?GyRCOjRGIzkoTEAbKEI=?=) <hsato@onosokki.co.jp>
To: FreeBSD-users-jp@jp.freebsd.org
In-reply-to: Your message of "Sun, 16 Feb 1997 22:45:55 JST"
References: <199702141442.XAA00736@infonia.or.jp>  <199702161345.WAA02124@marble.eps.nagoya-u.ac.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
Date: Mon, 17 Feb 1997 01:39:57 +0900
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=19]
X-Sequence: FreeBSD-users-jp 9839
Subject: [FreeBSD-users-jp 9839] [Q] 
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org


$B:4F#9(L@!wAjLO86(B.So-net $B$H$$$$$^$9!%(B

FreeBSD 2.1.5R$B$r;H$C$F$$$^$9!%(B

$B0J2<$N(BFreeBSD 2.1.x $B$N(B setlocale() $B$N%;%-%e%j%F%#%[!<%k$K4X$7!$(B
$B%P%$%J%j$G$N%Q%C%A$,=P$5$l$kM=Dj$O$J$$$N$G$7$g$&$+(B?

"ppp"$B$J$I8D!9$N%3%^%s%I$J$i$P<+J,$G%3%s%Q%$%k$7$F$b$+$^$o$J$$$N$G$9$,!$(B
$B:#2s$O%7%'%"!<%I%i%$%V%i%j!$$7$+$b(B"libc"($B$5$i$K$O4v$D$+$N%9%?%F%#%C%/(B
$B%j%s%/%W%m%0%i%`(B)$B$H$$$&$3$H$b$"$j!$>/$7m4m0$7$F$*$j$^$9!%(B

$B$=$3$G!$LdBj$N%b%8%e!<%k$r2~$a$?%P%$%J%j%Q%C%1!<%8$,$"$k$H=u$+$k$N$G$9$,(B
$B$3$l$+$i:n$i$l$k$H$+$$$&OC$7$O$"$j$^$;$s$G$7$g$&$+(B?

$B"((B2.2R$B$N(BCD$B$,=P$?$i!$Aa5^$K(BUPGRADE$B$9$kM=Dj$G$O$"$j$^$9!%$R$g$C$H$7$?$i(B
$B$3$A$i$,@h$K=P$k(B?

=============================================================================
FreeBSD-SA-97:01                                            Security Advisory
Revised: Wed Feb 05 09:58:56 PDT 1997                           FreeBSD, Inc.

Topic:          setlocale() bug in all released versions of FreeBSD

Category:       core
Module:         libc
Announced:      1997-02-05
Affects:        FreeBSD 2.1.6 and earlier systems suffer from this
                vulnerability for all binaries due to setlocale() being
                called from crt0.o.

Corrected:      1997-02-05 -stable, 1996-11-27 -current and RELENG_2_2 sources
Source:         FreeBSD specific bug
FreeBSD only:   unknown

Patches:        ftp://freebsd.org/pub/CERT/patches/SA-97:01/

=============================================================================

$B"(JL7o(B $B$G$9$,!$(B2.2R$B$G$O(Bmsdosfs$B$NNc$N(B1G$BD6$N%Q!<%F%#%7%g%s$N%8%*%a%H%jJQ49(B
$B$K4X$9$k!$=q$-9~$_;~$N%U%!%$%kGK2u$NLdBj$OD>$C$F$$$k$N$G$9$h$M(B? 
$B$^$?(B VFAT$B$d(BFAT32$B$X$NBP1~$O$I$N$h$&$K?J$s$G$$$k$N$G$7$g$&$+(B?
