On Tue, 18 Nov 2003, Coleman Kane wrote: > This does fall under reliability fix category, though, since it > isn't really a security issue, the bug puts the system into one > of its most secure states: halted. Well, that is as long as > youve disabled the kdb, which you should have on a production > box. It's a denial of service attack then. It's very simple really: the OpenBSD team graciously maintains and develops a distribution of software. If one of the components exhibits a security flaw in a reasonable configuration then it is a security hole. That's all there is to it. No need for PR damage control. -- Thamer Al-Harbash GPG Key fingerprint: D7F3 1E3B F329 8DD5 FAE3 03B1 A663 E359 D686 AA1F
