From owner-doc-jp-work@jp.FreeBSD.org Sun Mar 24 14:31:05 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g2O5V5f40799;
	Sun, 24 Mar 2002 14:31:05 +0900 (JST)
	(envelope-from owner-doc-jp-work@jp.FreeBSD.org)
Received: from eos.ocn.ne.jp (eos.ocn.ne.jp [210.190.142.171])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g2O5V0c40786
	for <doc-jp-work@jp.FreeBSD.org>; Sun, 24 Mar 2002 14:31:00 +0900 (JST)
	(envelope-from hrs@eos.ocn.ne.jp)
Received: from mail.hrslab.yi.org (p12087-adsao04hon-acca.tokyo.ocn.ne.jp [61.199.17.87])
	by eos.ocn.ne.jp (OCN) with ESMTP id OAA27516
	for <doc-jp-work@jp.FreeBSD.org>; Sun, 24 Mar 2002 14:30:59 +0900 (JST)
Received: from localhost (alph.hrslab.yi.org [192.168.0.10])
	by mail.hrslab.yi.org (8.9.3/3.7W/DomainMaster) with ESMTP id OAA50392
	for <doc-jp-work@jp.FreeBSD.org>; Sun, 24 Mar 2002 14:30:47 +0900 (JST)
	(envelope-from hrs@eos.ocn.ne.jp)
Date: Sun, 24 Mar 2002 14:30:34 +0900 (JST)
Message-Id: <20020324.143034.35007727.hrs@eos.ocn.ne.jp>
To: doc-jp-work@jp.FreeBSD.org
From: Hiroki Sato <hrs@eos.ocn.ne.jp>
In-Reply-To: <20020322.150702.48531528.hrs@eos.ocn.ne.jp>
References: <200203181500.g2IF04132479@freefall.freebsd.org>
	<20020322.150702.48531528.hrs@eos.ocn.ne.jp>
X-Mailer: Mew version 2.1 on Emacs 20.7 / Mule 4.0 (HANANOEN)
Mime-Version: 1.0
Content-Type: Multipart/Mixed;
 boundary="--Next_Part(Sun_Mar_24_14:30:34_2002_879)--"
Content-Transfer-Encoding: 7bit
Reply-To: doc-jp-work@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020312
X-Sequence: doc-jp-work 312
Subject: [doc-jp-work 312] Re: ANNOUNCE: FreeBSD Ports Security
 Advisory FreeBSD-SA-02:18.zlib
Errors-To: owner-doc-jp-work@jp.FreeBSD.org
Sender: owner-doc-jp-work@jp.FreeBSD.org
X-Originator: hrs@eos.ocn.ne.jp

----Next_Part(Sun_Mar_24_14:30:34_2002_879)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

$B:4F#!wEl5~M}2JBg3X$G$9!#(B

 02:14-02:18 $B$N=$@5HG$=$N(B 2 $B$G$9!#<g$KF|K\8lE*$KJQ$J$H$3$m$N=$@5$G$9!#(B

 $BLdBj$,$J$$$h$&$G$7$?$i!"(B25 $BF|$K$O(B announce-jp $B$X2s$7$^$9!#(B

--
| $B:4F#(B $B9-@8!wEl5~M}2JBg3X(B <hrs@eos.ocn.ne.jp>
|                         <hrs@FreeBSD.org> (FreeBSD Project)

----Next_Part(Sun_Mar_24_14:30:34_2002_879)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

Index: 02:16
===================================================================
RCS file: /home/cvs/private/hrs/announce-jp/FreeBSD-SA/02:16,v
retrieving revision 1.3
diff -d -u -I\$FreeBSD:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.3 02:16
--- 02:16	22 Mar 2002 06:01:02 -0000	1.3
+++ 02:16	24 Mar 2002 04:35:36 -0000
@@ -38,7 +38,7 @@
 $B%b%8%e!<%k(B:	netscape
 $B9pCNF|(B:		2002-03-12
 $B%/%l%8%C%H(B:	Florian Wesch <fw@dividuum.de>
-$B1F6AHO0O(B:	$B%P!<%8%g%s(B 4.77 $B$h$jA0$N(B Netscape ports $B$9$Y$F(B
+$B1F6AHO0O(B:	$B%P!<%8%g%s(B 4.77 $B$h$jA0$N$9$Y$F$N(B Netscape ports
 $B=$@5F|(B:		2001-04-07 16:41:36 UTC
 FreeBSD $B$K8GM-$+(B:	NO
 
@@ -80,8 +80,8 @@
 Navigator $B$K(B `about:' $B$+$i$O$8$^$k(B URL $B$r;XDj$9$k$H!"%;%-%e%j%F%#>e=EMW$J(B
 $B>pJs$rI=<($5$;$k$3$H$,2DG=$G$9!#$?$H$($P(B `about:global' $B$O:G6a%"%/%;%9$7$?(B
 URL $B$N%j%9%H$rI=<($7$^$9$7!"(B`about:cache' $B$O$=$l$K2C$(!"%Z!<%8$r(B
-$B1\Mw$7$?;~9o$H%G%#%9%/%-%c%C%7%e$K$*$$$FBP1~$9$k%U%!%$%kL>$rI=<($7$^$9!#(B
-$B$^$?(B `about:config' $B$O!"$9$Y$F$N%V%i%&%6$N@_Dj$rI=<($5$;$k$3$H$,$G$-$^$9!#(B
+$B1\Mw$7$?;~9o$*$h$S%G%#%9%/%-%c%C%7%e$K$*$$$FBP1~$9$k%U%!%$%kL>$rI=<($7$^$9!#(B
+$B$^$?(B `about:config' $B$O!"$9$Y$F$N%V%i%&%6@_Dj$rI=<($5$;$k$3$H$,$G$-$^$9!#(B
 
 JavaScript executed from the comment block of a maliciously
 constructed image can send information from an `about:' URL back to a
@@ -97,7 +97,7 @@
 format.  The ports collection shipped with FreeBSD 4.5 contains some
 Netscape versions which are vulnerable to these problems.
 
-Netscape $B$N(B port $B$O%G%U%)%k%H$G%$%s%9%H!<%k$5$l$k$b$N$G$O$J$/!"(B
+Netscape $B$N(B port $B$O$$$:$l$b%G%U%)%k%H$G%$%s%9%H!<%k$5$l$k$b$N$G$O$J$/!"(B
 $B!V(BFreeBSD $B%7%9%F%`$N0lIt!W$r9=@.$9$k$b$N$G$b$"$j$^$;$s!#(B
 $B$=$l$i$O?t@i8D$K$*$h$V%5!<%I%Q!<%F%#@=%"%W%j%1!<%7%g%s$,$9$0$K(B
 $B%$%s%9%H!<%k$G$-$k7A$G<}$a$i$l$F$$$k(B FreeBSD Ports Collection $B$N0lIt$G$9!#(B
Index: 02:17
===================================================================
RCS file: /home/cvs/private/hrs/announce-jp/FreeBSD-SA/02:17,v
retrieving revision 1.3
diff -d -u -I\$FreeBSD:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.3 02:17
--- 02:17	22 Mar 2002 06:01:02 -0000	1.3
+++ 02:17	24 Mar 2002 04:32:06 -0000
@@ -102,6 +102,7 @@
 mod_frontpage $B$N(B port/package $B$,%$%s%9%H!<%k$5$l$F$$$k>l9g$O!"(B
 $B$=$l$r%7%9%F%`$+$i:o=|$7$^$9!#(B
 
+
 V.   $B2r7h:v(B - Solution
 
 Do one of the following:
Index: 02:18
===================================================================
RCS file: /home/cvs/private/hrs/announce-jp/FreeBSD-SA/02:18,v
retrieving revision 1.3
diff -d -u -I\$FreeBSD:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.3 02:18
--- 02:18	22 Mar 2002 06:01:02 -0000	1.3
+++ 02:18	24 Mar 2002 04:37:34 -0000
@@ -11,7 +11,7 @@
   From: FreeBSD Security Advisories <security-advisories@FreeBSD.ORG>
   Date: Mon, 18 Mar 2002 07:00:04 -0800 (PST)
   Message-Id: <200203181500.g2IF04C32485@freefall.freebsd.org>
-  X-Sequence: announce-jp xxx
+  X-Sequence: announce-jp 950
 
  $B$rF|K\8lLu$7$?$b$N$G$9!#(B
 
@@ -39,7 +39,7 @@
                 Owen Taylor <otaylor@redhat.com>
 $B1F6AHO0O(B:	FreeBSD $B$N$9$Y$F$N%j%j!<%9(B
                 $B=$@5F|$h$jA0$N(B FreeBSD 4.5-STABLE
-                zlib $B$r;HMQ$b$7$/$O(B include $B$7$F$$$kB?$/$N(B ports
+                zlib $B$r;HMQ!"$b$7$/$O4^$s$G$$$k$5$^$6$^$J(B ports
 $B=$@5F|(B:		2002-02-22 02:48:40 UTC (RELENG_4)
                 2002-02-23 00:14:28 UTC (RELENG_4_5)
                 2002-02-23 00:15:19 UTC (RELENG_4_4)
@@ -54,7 +54,7 @@
 data compression/decompression routines.
 
 zlib $B$O!"B?$/$N%"%W%j%1!<%7%g%s$G;HMQ$5$l$F$$$k!"%G!<%?05=L(B/$BI|85%k!<%A%s$r(B
-$BDs6!$9$k05=L%i%$%V%i%j$N0l$D$G$9!#(B
+$BDs6!$9$k$?$a$N05=L%i%$%V%i%j$N0l$D$G$9!#(B
 
 
 II.  $BLdBj$N>\:Y(B - Problem Description
@@ -68,10 +68,10 @@
 
 zlib $B$K$O%W%m%0%i%`$K8m$j$,$"$j!"F0E*$K3NJ]$7$?%a%b%j%;%0%a%s%H$r(B
 (2 $B=E$K(B free $B$9$k$3$H$G(B) 2 $B2s0J>e2rJ|$7$h$&$H$9$k2DG=@-$,$"$j$^$9!#(B
-$B$=$N$?$a967b<T$,(B zlib $B$rMxMQ$7$F$$$k%W%m%0%i%`$KBP$7$FFC<l$J(B
+$B$b$7967b<T$,(B zlib $B$rMxMQ$7$F$$$k%W%m%0%i%`$KBP$7$FFC<l$J(B
 $B:Y9)$r;\$7$?IT@5$J05=L:Q$_%G!<%?%V%m%C%/$rEO$9$3$H$,$G$-$k>l9g!"(B
 $B$=$N%W%m%0%i%`$,:Y9)$5$l$?%G!<%?$rI|85$7$h$&$H$7$?;~$K!"(Bzlib $B%k!<%A%s$,(B
-$B%a%b%j$rJ#?t2s2rJ|$7$h$&$H$9$k$h$&$K$G$-$k2DG=@-$,$"$j$^$9!#(B
+$B%a%b%j$rJ#?t2s2rJ|$7$h$&$H$9$k$h$&$K;E8~$1$k$3$H$,2DG=$G$9!#(B
 
 Unlike some implementations of malloc(3)/free(3), the malloc(3) and
 free(3) routines used in FreeBSD (aka phkmalloc, written by
@@ -80,7 +80,7 @@
 
 FreeBSD $B$,:NMQ$7$F$$$k(B malloc(3) $B$H(B free(3) $B$N<BAu(B (Poul-Henning Kamp
 <phk@FreeBSD.org> $B;a$K$h$C$F=q$+$l$?$b$N$G!"(Bphkmalloc $B$H$b(B
-$B8F$P$l$F$$$^$9(B) $B$O!"B>$N(Bmalloc(3)/free(3) $B$N<BAu$H$O0[$J$j!"(B
+$B8F$P$l$F$$$^$9(B) $B$O!"B>$N(B malloc(3)/free(3) $B$N<BAu$H$O0[$J$j!"(B
 $B$3$N<o$N%P%0$K$h$k%;%-%e%j%F%#>e$N<eE@$O$"$j$^$;$s!#(B
 Poul-Henning Kamp $B;a$O<!$N$h$&$K=R$Y$F$$$^$9!#(B
 
@@ -91,7 +91,7 @@
 
   malloc $B$NB?$/$O4IM}MQ%G!<%?$r3NJ]$7$?%a%b%j$N$9$0NY$KCV$$$F$$$k!#(B
   $B$3$&$9$k$H(B 2 $B2s(B free(3) $B$9$k$H$+!"JQ99$7$?%]%$%s%?$r(B free(3) $B$9$k(B
-  $B$H$$$&$h$&$K!"%W%m%0%i%`$,3NJ]$7$?%a%b%j$N30$r%"%/%;%9$7$F$7$^$&(B
+  $B$H$$$&$h$&$K!"3NJ]$7$?%a%b%j$N30$r%W%m%0%i%`$,%"%/%;%9$7$F$7$^$&(B
   $B$h$&$J>l9g$K9%$^$7$/$J$$>u67$r$D$/$j=P$92DG=@-$,9b$$!#(B
 
   phkmalloc(3) does not store housekeeping next to allocated data,
@@ -166,7 +166,7 @@
 RELENG_4_4 or RELENG_4_5 security branches dated after the respective
 correction dates.
 1) $B<eE@$r;}$C$?%7%9%F%`$r(B 4.5-STABLE, $B$"$k$$$O=$@5F|0J9_$N(B RELENG_4_4
-   $B$b$7$/$O(B RELENG_4_5 $B$K99?7$7!"%7%9%F%`$r:F9=C[$9$k!#(B
+   $B$b$7$/$O(B RELENG_4_5 $B%;%-%e%j%F%#%V%i%s%A$K99?7$9$k!#(B
 
 2) To patch your present system: download the relevant patch from the
 below location, and execute the following commands as root:
@@ -201,8 +201,8 @@
 of zlib that have not been corrected by updating the FreeBSD libz.
 Efforts are underway to identify and correct these ports.
 
-$B$5$^$6$^$J(B port $B$,(B zlib $B$r@EE*$K%j%s%/$7$F$$$k$+!"FH<+$N%P!<%8%g%s$N(B
-zlib $B$r;H$C$F$$$k$N$G$9$,!"$3$l$i$O(B FreeBSD $B$N(B libz $B$r99?7$7$F$b(B
+$B$5$^$6$^$J(B port $B$,(B zlib $B$r@EE*$K%j%s%/$7$F$$$?$j!"FH<+$N%P!<%8%g%s$N(B
+zlib $B$r;H$C$F$$$^$9$,!"$3$l$i$O(B FreeBSD $B$N(B libz $B$r99?7$7$F$b(B
 $B%;%-%e%j%F%#>e$NLdBj$,=$@5$5$l$k$3$H$O$"$j$^$;$s!#8=:_!"$=$N$h$&$J(B
 port $B$rFCDj!&=$@5$9$k:n6H$,9T$J$o$l$F$$$^$9!#(B
 

----Next_Part(Sun_Mar_24_14:30:34_2002_879)----
