Multiple BSD Vendor exec() Ptrace Race Condition Vulnerability
OpenBSD has released kernel patches that will eliminate this vulnerability for versions 2.8 and 2.9. Administrators are advised to build and boot new kernels after applying these fixes.
NetBSD has fixed this vulnerability in their main source tree and has made patches available for 1.4 and 1.5 based systems.
NetBSD NetBSD 1.4.1
NetBSD NetBSD 1.4.2
NetBSD NetBSD 1.4.3
NetBSD NetBSD 1.5
OpenBSD OpenBSD 2.8
OpenBSD OpenBSD 2.9