1 files changed, 0 insertions, 126 deletions
diff --git a/share/security/advisories/FreeBSD-SA-02:28.resolv.asc b/share/security/advisories/FreeBSD-SA-02:28.resolv.asc
deleted file mode 100644
index a4c50b636a..0000000000
--- a/share/security/advisories/FreeBSD-SA-02:28.resolv.asc
+++ /dev/null
@@ -1,126 +0,0 @@
-=============================================================================
-FreeBSD-SA-02:28.resolv                                     Security Advisory
-                                                          The FreeBSD Project
-
-Topic:          buffer overflow in resolver
-
-Category:       core
-Module:         libc
-Announced:      2002-06-26
-Credits:        Joost Pol <joost@pine.nl>
-Affects:        All releases prior to and including 4.6-RELEASE
-Corrected:      2002-06-26 06:34:18 UTC (RELENG_4)
-                2002-06-26 08:44:24 UTC (RELENG_4_6)
-                2002-06-26 18:53:20 UTC (RELENG_4_5)
-                2002-06-26 21:43:44 UTC (RELENG_4_4)
-FreeBSD only:   NO
-
-0.   Revision History
-
-v1.0  2002-06-26  Initial release
-v1.1  2002-06-XX  Add RELENG_4_4 update and workaround
-
-I.   Background
-
-The resolver implements functions for making, sending and interpreting
-query and reply messages with Internet domain name servers.
-Hostnames, IP addresses, and other information are queried using the
-resolver.
-
-II.  Problem Description
-
-DNS messages have specific byte alignment requirements, resulting in
-padding in messages.  In a few instances in the resolver code, this
-padding is not taken into account when computing available buffer
-space.  As a result, the parsing of a DNS message may result in a
-buffer overrun of up to a few bytes for each record included in the
-message.
-
-III. Impact
-
-An attacker (either a malicious domain name server or an agent that
-can spoof DNS messages) may produce a specially crafted DNS message
-that will exploit this bug when parsed by an application using the
-resolver.  It may be possible for such an exploit to result in the
-execution of arbitrary code with the privileges of the resolver-using
-application.  Though no exploits are known to exist today, since
-practically all Internet applications utilize the resolver, the
-severity of this issue is high.
-
-IV.  Workaround
-
-By using a local caching nameserver that reconstructs all DNS responses,
-such as BIND 9, any badly formed DNS responses may be `filtered out',
-including malicious ones.  Note that the name server must be run locally
-on the same host as the resolver-using application, or other measures
-must be taken to ensure the integrity of communications between the
-name server and the application.  Failure to do so may allow the
-possibility of spoofed DNS responses which bypass the name server.
-
-V.   Solution
-
-Do one of the following:
-
-1) Upgrade your vulnerable system to 4.6-STABLE; or to the RELENG_4_6,
-RELENG_4_5, or RELENG_4_4 security branch dated after the correction 
-date (4.6-RELEASE-p1, 4.5-RELEASE-p7, or 4.4-RELEASE-p14).
-
-2) To patch your present system:
-
-The following patch has been verified to apply to FreeBSD 4.5,
-FreeBSD 4.4, and FreeBSD 4.6 systems.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch.asc
-
-b) Execute the following commands as root:
-
-# cd /usr/src
-# patch < /path/to/patch
-
-c) Recompile the operating systems as described in
-<URL:http://www.freebsd.org/doc/handbook/makeworld.html>.
-
-Note that any statically linked applications that are not part of
-the base system (i.e. from the Ports Collection or other 3rd-party
-sources) must be recompiled.
-
-All affected applications must be restarted for them to use the
-corrected library.  Though not required, rebooting may be the easiest
-way to accomplish this.
-
-VI.  Correction details
-
-The following list contains the revision numbers of each file that was
-corrected in FreeBSD.
-
-Path                                                             Revision
-  Branch
-- -------------------------------------------------------------------------
-src/lib/libc/net/gethostbydns.c
-  RELENG_4                                                       1.27.2.2
-  RELENG_4_6                                                    1.27.10.1
-  RELENG_4_5                                                     1.27.8.1
-  RELENG_4_4                                                     1.27.6.1
-src/lib/libc/net/getnetbydns.c
-  RELENG_4                                                       1.13.2.2
-  RELENG_4_6                                                 1.13.2.1.8.1
-  RELENG_4_5                                                 1.13.2.1.6.1
-  RELENG_4_4                                                 1.13.2.1.4.1
-src/lib/libc/net/name6.c
-  RELENG_4                                                        1.6.2.6
-  RELENG_4_6                                                  1.6.2.5.8.1
-  RELENG_4_5                                                  1.6.2.5.6.1
-  RELENG_4_4                                                  1.6.2.5.4.1
-src/sys/conf/newvers.sh
-  RELENG_4_6                                                1.44.2.23.2.2
-  RELENG_4_5                                                1.44.2.20.2.8
-  RELENG_4_4                                               1.44.2.17.2.13
-- -------------------------------------------------------------------------
-
-VII. References
-
-<URL:http://www.pine.nl/advisories/pine-cert-20020601.html>