From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 06:35:09 2006 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 12A3C16A41F; Wed, 11 Jan 2006 06:35:09 +0000 (GMT) (envelope-from bde@zeta.org.au) Received: from mailout1.pacific.net.au (mailout1.pacific.net.au [61.8.0.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id 624EC43D49; Wed, 11 Jan 2006 06:35:08 +0000 (GMT) (envelope-from bde@zeta.org.au) Received: from mailproxy2.pacific.net.au (mailproxy2.pacific.net.au [61.8.0.87]) by mailout1.pacific.net.au (8.13.4/8.13.4/Debian-3) with ESMTP id k0B6Z0kH001382; Wed, 11 Jan 2006 17:35:00 +1100 Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246]) by mailproxy2.pacific.net.au (8.13.4/8.13.4/Debian-3) with ESMTP id k0B6YwfA002904; Wed, 11 Jan 2006 17:34:58 +1100 Date: Wed, 11 Jan 2006 17:34:58 +1100 (EST) From: Bruce Evans X-X-Sender: bde@delplex.bde.org To: joe In-Reply-To: <200601110309.k0B39SQ8006489@www.freebsd.org> Message-ID: <20060111171411.O73013@delplex.bde.org> References: <200601110309.k0B39SQ8006489@www.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-bugs@FreeBSD.org, freebsd-gnats-submit@FreeBSD.org, dds@FreeBSD.org Subject: Re: bin/91622: /bin/cp does not update atime of the source file X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 06:35:09 -0000 On Wed, 11 Jan 2006, joe wrote: >> Environment: > RELENG_4 20051028 >> Description: > [cp fails to update atime] > > this occurs regardless of whether or not the user has > rwx permissions on the source file. does not apply of > course if the source filesystem is mounted read-only. > they are read-write here. > > since the source file is indeed being read, the atime should be updated. This is because cp(1) doesn't actually read(2) the file. It mmap(2)'s the file and reads memory. POSIX doesn't seem to require that cp sets atimes or otherwise acts as if it reads the file. Similar for cmp(1) and other utilities that use mmap() to read files (install(1) is another). The problem is mostly fixed in -current by "setting" (not actually setting, but marking for update) atimes in mmap(). I think to be strictly correct, setting of atimes should be nearer to munmap(2) than mmap(). No read has occurred from userland's viewpoint at mmap() time. However, since the OS can't tell if applications read mmapped memory unless their is a pagefault, the atime would have to be set on every pagefault to be as correct as possible, and I think mmap() prefaults some pages so it would have to set the atime whether or not the application reads the pages. So I think setting atimes in mmap() is required in practice. This leaves the problem that later pagefaults never set the atime, so the atime set by mmap() becomes out of date. I think the atime should be set by mmap() of there is at least one later pagefault. Setting it for every pagefault may be too inefficient. Bruce From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 08:19:05 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CAAE816A41F; Wed, 11 Jan 2006 08:19:05 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5E00F43D58; Wed, 11 Jan 2006 08:19:04 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0B8J4Px066556; Wed, 11 Jan 2006 08:19:04 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0B8J4Eo066554; Wed, 11 Jan 2006 08:19:04 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 11 Jan 2006 08:19:04 GMT Message-Id: <200601110819.k0B8J4Eo066554@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 08:19:06 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo Announced: 2006-01-11 Credits: Frank Lichtenheld Affects: All FreeBSD releases. Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE) 2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2) 2006-01-11 08:03:55 UTC (RELENG_5, 5.4-STABLE) 2006-01-11 08:04:33 UTC (RELENG_5_4, 5.4-RELEASE-p9) 2006-01-11 08:05:54 UTC (RELENG_5_3, 5.3-RELEASE-p24) 2006-01-11 08:06:47 UTC (RELENG_4, 4.11-STABLE) 2006-01-11 08:07:18 UTC (RELENG_4_11, 4.11-RELEASE-p14) 2006-01-11 08:08:08 UTC (RELENG_4_10, 4.10-RELEASE-p20) CVE Name: CAN-2005-3011 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background TeX is a document typesetting system which is popular in the mathematics, physics, and computer science realms because of its ability to typeset complex mathematical formulas. texindex(1) is a utility which is often used to generate a sorted index of a TeX file. II. Problem Description The "sort_offline" function used by texindex(1) employs the "maketempname" function, which produces predictable file names and fails to validate that the paths do not exist. III. Impact These predictable temporary file names are problematic because they allow an attacker to take advantage of a race condition in order to execute a symlink attack, which could enable them to overwrite files on the system in the context of the user running the texindex(1) utility. IV. Workaround No workaround is available, but the problematic code is only executed if the input file being processed is 500kB or more in length; as a result, users working with documents of less than several hundred pages are very unlikely to be affected. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.10, 4.11, 5.3, 5.4, and 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 4.x and 5.x] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex5x.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex5x.patch.asc [FreeBSD 6.x] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/texinfo/texindex # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 contrib/texinfo/util/texindex.c 1.1.1.3.2.4 RELENG_4_11 src/UPDATING 1.73.2.91.2.15 src/sys/conf/newvers.sh 1.44.2.39.2.18 contrib/texinfo/util/texindex.c 1.1.1.3.2.3.6.1 RELENG_4_10 src/UPDATING 1.73.2.90.2.21 src/sys/conf/newvers.sh 1.44.2.34.2.22 contrib/texinfo/util/texindex.c 1.1.1.3.2.3.4.1 RELENG_5 contrib/texinfo/util/texindex.c 1.1.1.7.4.1 RELENG_5_4 src/UPDATING 1.342.2.24.2.18 src/sys/conf/newvers.sh 1.62.2.18.2.14 contrib/texinfo/util/texindex.c 1.1.1.7.8.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.27 src/sys/conf/newvers.sh 1.62.2.15.2.29 contrib/texinfo/util/texindex.c 1.1.1.7.6.1 RELENG_6 contrib/texinfo/util/texindex.c 1.1.1.8.2.1 RELENG_6_0 src/UPDATING 1.416.2.3.2.7 src/sys/conf/newvers.sh 1.69.2.8.2.3 contrib/texinfo/util/texindex.c 1.1.1.8.4.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:01.texindex.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxL4PFdaIBMps37IRAoJSAJ9kEVz5knEPcpUDw4psmKpbBjFH8wCfa7mq u+tT93VL13dZm8/9WCMU51k= =z4va -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 08:19:12 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2095616A422; Wed, 11 Jan 2006 08:19:12 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id E2F6743D4C; Wed, 11 Jan 2006 08:19:10 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0B8JAkO066607; Wed, 11 Jan 2006 08:19:10 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0B8JACE066605; Wed, 11 Jan 2006 08:19:10 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 11 Jan 2006 08:19:10 GMT Message-Id: <200601110819.k0B8JACE066605@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:02.ee X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 08:19:12 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:02.ee Security Advisory The FreeBSD Project Topic: ee temporary file privilege escalation Category: core Module: ee Announced: 2006-01-11 Credits: Christian S.J. Peron Affects: All FreeBSD versions Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE) 2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2) 2006-01-11 08:03:55 UTC (RELENG_5, 5.4-STABLE) 2006-01-11 08:04:33 UTC (RELENG_5_4, 5.4-RELEASE-p9) 2006-01-11 08:05:54 UTC (RELENG_5_3, 5.3-RELEASE-p24) 2006-01-11 08:06:47 UTC (RELENG_4, 4.11-STABLE) 2006-01-11 08:07:18 UTC (RELENG_4_11, 4.11-RELEASE-p14) 2006-01-11 08:08:08 UTC (RELENG_4_10, 4.10-RELEASE-p20) CVE Name: CVE-2006-0055 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The ee utility is a simple screen oriented text editor. This editor is popular with a lot of users due to its ease of use. II. Problem Description The ispell_op function used by ee(1) while executing spell check operations employs an insecure method of temporary file generation. This method produces predictable file names based on the process ID and fails to confirm which path will be over written with the user. It should be noted that ispell does not have to be installed in order for this to be exploited. The option simply needs to be selected. III. Impact These predictable temporary file names are problematic because they allow an attacker to take advantage of a race condition in order to execute a symlink attack, which could allow them to overwrite files on the system in the context of the user running the ee(1) editor. IV. Workaround Instead of invoking ispell through ee(1), invoke it directly. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.10, 4.11, 5.3, 5.4, and 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:02/ee.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:02/ee.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/usr.bin/ee # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 usr.bin/ee/ee.c 1.16.2.9 RELENG_4_11 src/UPDATING 1.73.2.91.2.15 src/sys/conf/newvers.sh 1.44.2.39.2.18 usr.bin/ee/ee.c 1.16.2.7.6.1 RELENG_4_10 src/UPDATING 1.73.2.90.2.21 src/sys/conf/newvers.sh 1.44.2.34.2.22 usr.bin/ee/ee.c 1.16.2.7.4.1 RELENG_5 usr.bin/ee/ee.c 1.31.4.2 RELENG_5_4 src/UPDATING 1.342.2.24.2.18 src/sys/conf/newvers.sh 1.62.2.18.2.14 usr.bin/ee/ee.c 1.31.4.1.2.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.27 src/sys/conf/newvers.sh 1.62.2.15.2.29 usr.bin/ee/ee.c 1.31.6.1 RELENG_6 usr.bin/ee/ee.c 1.32.2.1 RELENG_6_0 src/UPDATING 1.416.2.3.2.7 src/sys/conf/newvers.sh 1.69.2.8.2.3 usr.bin/ee/ee.c 1.32.4.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0055 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:02.ee.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxL4YFdaIBMps37IRAlL2AJ4x+2WoVU3OJMEab2ch6sbBRaLoogCglFSE n4bkyDA2e6afV7tG4ja8foA= =42lw -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 08:19:16 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69A1D16A41F; Wed, 11 Jan 2006 08:19:16 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id F38BB43D49; Wed, 11 Jan 2006 08:19:14 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0B8JE2d066660; Wed, 11 Jan 2006 08:19:14 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0B8JEl0066658; Wed, 11 Jan 2006 08:19:14 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 11 Jan 2006 08:19:14 GMT Message-Id: <200601110819.k0B8JEl0066658@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:03.cpio X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 08:19:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:03.cpio Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities cpio Category: contrib Module: contrib_cpio Announced: 2006-01-11 Credits: Imran Ghory, Richard Harms Affects: All FreeBSD releases. Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE) 2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2) 2006-01-11 08:03:55 UTC (RELENG_5, 5.4-STABLE) 2006-01-11 08:04:33 UTC (RELENG_5_4, 5.4-RELEASE-p9) 2006-01-11 08:05:54 UTC (RELENG_5_3, 5.3-RELEASE-p24) 2006-01-11 08:06:47 UTC (RELENG_4, 4.11-STABLE) 2006-01-11 08:07:18 UTC (RELENG_4_11, 4.11-RELEASE-p14) 2006-01-11 08:08:08 UTC (RELENG_4_10, 4.10-RELEASE-p20) CVE Name: CVE-2005-1111, CVE-2005-1229, CVE-2005-4268 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The cpio utility copies files into or out of a cpio or tar archive. II. Problem Description A number of issues has been discovered in cpio: . When creating a new file, cpio closes the file before setting its permissions. (CVE-2005-1111) . When extracting files cpio does not properly sanitize file names to filter out ".." components, even if the --no-absolute-filenames option is used. (CVE-2005-1229) . When adding large files (larger than 4 GB) to a cpio archive on 64-bit platforms an internal buffer might overflow. (CVE-2005-4268) III. Impact . The first problem can allow a local attacker to change the permissions of files owned by the user executing cpio providing that they have write access to the directory in which the file is being extracted. (CVE-2005-1111) . The lack of proper file name sanitation can allow an attacker to overwrite arbitrary local files when extracting files from a cpio a archive. (CVE-2005-1229) . The buffer-overflow on 64-bit platforms could lead cpio to a Denial-of-Service situation (crash) or possibly execute arbitrary code with the permissions of the user running cpio. (CVE-2005-4268) IV. Workaround Use a different utility to create and extract cpio archives, for example pax(1) or (on FreeBSD 5.3 or later) tar(1). If this is not possible, do not extract untrusted archives and when running on 64-bit platforms do not add untrusted files to cpio archives. V. Solution NOTE WELL: The solution described below causes cpio to not exact files with absolute paths by default anymore. If it is required that cpio exact files with absolute names, use the --absolute-filenames parameter. Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.10, 4.11, 5.3, 5.4, and 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:03/cpio.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:03/cpio.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/cpio # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 contrib/cpio/copyin.c 1.6.6.2 contrib/cpio/copyout.c 1.2.8.1 contrib/cpio/cpio.1 1.3.6.1 contrib/cpio/extern.h 1.2.8.1 contrib/cpio/global.c 1.1.1.1.8.1 contrib/cpio/main.c 1.3.2.1 RELENG_4_11 src/UPDATING 1.73.2.91.2.15 src/sys/conf/newvers.sh 1.44.2.39.2.18 contrib/cpio/copyin.c 1.6.6.1.12.1 contrib/cpio/copyout.c 1.2.36.1 contrib/cpio/cpio.1 1.3.34.1 contrib/cpio/extern.h 1.2.36.1 contrib/cpio/global.c 1.1.1.1.36.1 contrib/cpio/main.c 1.3.30.1 RELENG_4_10 src/UPDATING 1.73.2.90.2.21 src/sys/conf/newvers.sh 1.44.2.34.2.22 contrib/cpio/copyin.c 1.6.6.1.10.1 contrib/cpio/copyout.c 1.2.30.1 contrib/cpio/cpio.1 1.3.28.1 contrib/cpio/extern.h 1.2.30.1 contrib/cpio/global.c 1.1.1.1.30.1 contrib/cpio/main.c 1.3.24.1 RELENG_5 contrib/cpio/copyin.c 1.7.8.1 contrib/cpio/copyout.c 1.2.32.1 contrib/cpio/cpio.1 1.3.30.1 contrib/cpio/extern.h 1.2.32.1 contrib/cpio/global.c 1.1.1.1.32.1 contrib/cpio/main.c 1.3.26.1 RELENG_5_4 src/UPDATING 1.342.2.24.2.18 src/sys/conf/newvers.sh 1.62.2.18.2.14 contrib/cpio/copyin.c 1.7.12.1 contrib/cpio/copyout.c 1.2.38.1 contrib/cpio/cpio.1 1.3.36.1 contrib/cpio/extern.h 1.2.38.1 contrib/cpio/global.c 1.1.1.1.38.1 contrib/cpio/main.c 1.3.32.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.27 src/sys/conf/newvers.sh 1.62.2.15.2.29 contrib/cpio/copyin.c 1.7.10.1 contrib/cpio/copyout.c 1.2.34.1 contrib/cpio/cpio.1 1.3.32.1 contrib/cpio/extern.h 1.2.34.1 contrib/cpio/global.c 1.1.1.1.34.1 contrib/cpio/main.c 1.3.28.1 RELENG_6 contrib/cpio/copyin.c 1.7.14.1 contrib/cpio/copyout.c 1.2.40.1 contrib/cpio/cpio.1 1.3.38.1 contrib/cpio/extern.h 1.2.40.1 contrib/cpio/global.c 1.1.1.1.40.1 contrib/cpio/main.c 1.3.34.1 RELENG_6_0 src/UPDATING 1.416.2.3.2.7 src/sys/conf/newvers.sh 1.69.2.8.2.3 contrib/cpio/copyin.c 1.7.16.1 contrib/cpio/copyout.c 1.2.42.1 contrib/cpio/cpio.1 1.3.40.1 contrib/cpio/extern.h 1.2.42.1 contrib/cpio/global.c 1.1.1.1.42.1 contrib/cpio/main.c 1.3.36.1 - ------------------------------------------------------------------------- VII. References [CVE-2005-1111] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1111 http://marc.theaimsgroup.com/?l=bugtraq&m=111342664116120 https://savannah.gnu.org/patch/?func=detailitem&item_id=4006 https://savannah.gnu.org/patch/?func=detailitem&item_id=4007 [CVE-2005-1229] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1229 http://marc.theaimsgroup.com/?l=bugtraq&m=111403177526312 https://savannah.gnu.org/patch/?func=detailitem&item_id=4005 [CVE-2005-4268] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4268 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxL4mFdaIBMps37IRAqQnAJ9Js/Joq8LJJT1kX6DXStgJMliqJQCfdZCx bxuCX+ps+C0MR5UcLOExHvM= =7laG -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 08:19:24 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9441716A44B; Wed, 11 Jan 2006 08:19:24 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EDB343D49; Wed, 11 Jan 2006 08:19:23 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0B8JNqx066716; Wed, 11 Jan 2006 08:19:23 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0B8JN3w066714; Wed, 11 Jan 2006 08:19:23 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 11 Jan 2006 08:19:23 GMT Message-Id: <200601110819.k0B8JN3w066714@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:04.ipfw X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 08:19:24 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:04.ipfw Security Advisory The FreeBSD Project Topic: ipfw IP fragment denial of service Category: core Module: ipfw Announced: 2006-01-11 Credits: Oleg Bulyzhin Affects: FreeBSD 6.0-RELEASE Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE) 2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2) CVE Name: CVE-2006-0054 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ipfw(8) is a system facility which provides IP packet filtering, accounting, and redirection. Among the many features, while discarding packets it can perform actions defined by the user, such as sending back TCP reset or ICMP unreachable packets. These operations can be performed by using the reset, reject or uncreach actions. II. Problem Description The firewall maintains a pointer to layer 4 header information in the event that it needs to send a TCP reset or ICMP error message to discard packets. Due to incorrect handling of IP fragments, this pointer fails to get initialized. III. Impact An attacker can cause the firewall to crash by sending ICMP IP fragments to or through firewalls which match any reset, reject or unreach actions. IV. Workaround Change any reset, reject or unreach actions to deny. It should be noted that this will result in packets being silently discarded. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE or to the RELENG_6_0 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:04/ipfw.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:04/ipfw.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/sys/netinet/ip_fw2.c 1.106.2.6 RELENG_6_0 src/UPDATING 1.416.2.3.2.7 src/sys/conf/newvers.sh 1.69.2.8.2.3 src/sys/netinet/ip_fw2.c 1.106.2.3.2.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0054 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxL4vFdaIBMps37IRAmrZAJ4qRzdR0zR0u9ZY5RTTsMF5ZcGBUACfa5Gn 9kbuhOTex8BBlNFRHYCd9e4= =WcS+ -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 09:41:27 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B1CE16A41F for ; Wed, 11 Jan 2006 09:41:27 +0000 (GMT) (envelope-from h-k@mail.ru) Received: from f42.mail.ru (f42.mail.ru [194.67.57.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA11C43D5D for ; Wed, 11 Jan 2006 09:41:24 +0000 (GMT) (envelope-from h-k@mail.ru) Received: from mail by f42.mail.ru with local id 1EwcTq-0002qW-00 for freebsd-security@freebsd.org; Wed, 11 Jan 2006 12:41:22 +0300 Received: from [212.5.80.7] by win.mail.ru with HTTP; Wed, 11 Jan 2006 12:41:22 +0300 From: dawnshade To: freebsd-security@freebsd.org Mime-Version: 1.0 X-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: unknown via proxy [212.5.80.7] Date: Wed, 11 Jan 2006 12:41:22 +0300 In-Reply-To: <200601110819.k0B8J4Eo066554@freefall.freebsd.org> Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Message-Id: Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dawnshade List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 09:41:27 -0000 -----Original Message----- From: FreeBSD Security Advisories To: FreeBSD Security Advisories Date: Wed, 11 Jan 2006 08:19:04 GMT Subject: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex > > # cd /usr/src > # patch < /path/to/patch > # cd /usr/src/gnu/usr.bin/texinfo/texindex > # make obj && make depend && make && make install does not compile on 5.4-RELEASE make obj && make depend && make && make install make: don't know how to make /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop root@serv.slavcred.ru [ttyp1] /usr/src/gnu/usr.bin/texinfo/texindex make clean rm -f texindex texindex.o texindex.1.gz texindex.1.cat.gz root@serv.slavcred.ru [ttyp1] /usr/src/gnu/usr.bin/texinfo/texindex make obj && make depend && make && make install cc -O -pipe -march=pentium4 -DHAVE_CONFIG_H -DLOCALEDIR=\"/usr/share/locale\" -I/usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo -I/usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo/lib -c /usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo/util/texindex.c make: don't know how to make /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop uname -a FreeBSD serv.*.ru 5.4-RELEASE-p3 FreeBSD 5.4-RELEASE-p3 #0: Mon Jul 4 19:06:03 MSD 2005 root@serv.*.ru:/usr/obj/usr/src/sys/9 i386 > RELENG_5_4 > src/UPDATING 1.342.2.24.2.18 > src/sys/conf/newvers.sh 1.62.2.18.2.14 > contrib/texinfo/util/texindex.c 1.1.1.7.8.1 head -n 2 /usr/src/contrib/texinfo/util/texindex.c /* texindex -- sort TeX index dribble output into an actual index. $Id: texindex.c,v 1.9 2003/05/19 13:10:59 karl Exp $ From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 09:51:06 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8467016A41F for ; Wed, 11 Jan 2006 09:51:06 +0000 (GMT) (envelope-from nexus@hoth.amu.edu.pl) Received: from hoth.amu.edu.pl (hoth.amu.edu.pl [150.254.110.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 13A6643D64 for ; Wed, 11 Jan 2006 09:51:04 +0000 (GMT) (envelope-from nexus@hoth.amu.edu.pl) Received: from localhost (localhost [127.0.0.1]) by hoth.amu.edu.pl (Postfix) with ESMTP id 71CC610E4AB; Wed, 11 Jan 2006 10:51:02 +0100 (CET) Received: from hoth.amu.edu.pl ([127.0.0.1]) by localhost (hoth.amu.edu.pl [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 04932-03-41; Wed, 11 Jan 2006 10:51:01 +0100 (CET) Received: from toshiba.fizyka.amu.edu.pl (hoth.amu.edu.pl [150.254.110.14]) by hoth.amu.edu.pl (Postfix) with ESMTP id D15B710E49C; Wed, 11 Jan 2006 10:51:01 +0100 (CET) Date: Wed, 11 Jan 2006 10:51:00 +0100 From: Bohdan Horst To: dawnshade Message-ID: <20060111095100.GB1768@aristo> References: <200601110819.k0B8J4Eo066554@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.11 X-Virus-Scanned: amavisd-new at hoth.amu.edu.pl Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 09:51:06 -0000 On Wed, Jan 11, 2006 at 12:41:22PM +0300, dawnshade wrote: > > > -----Original Message----- > From: FreeBSD Security Advisories > To: FreeBSD Security Advisories > Date: Wed, 11 Jan 2006 08:19:04 GMT > Subject: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex > > > > > > # cd /usr/src > > # patch < /path/to/patch > > # cd /usr/src/gnu/usr.bin/texinfo/texindex > > # make obj && make depend && make && make install > > does not compile on 5.4-RELEASE > try: cd /usr/src/gnu/usr.bin/texinfo make obj && make depend && make && make install regards -- Bohdan 'Nexus' Horst From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 09:51:15 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C325416A41F for ; Wed, 11 Jan 2006 09:51:15 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd4mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 354BF43D6B for ; Wed, 11 Jan 2006 09:51:13 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd3mr1so.prod.shaw.ca (pd3mr1so-qfe3.prod.shaw.ca [10.0.141.177]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISX00EMKA1CUYE0@l-daemon> for freebsd-security@freebsd.org; Wed, 11 Jan 2006 02:51:12 -0700 (MST) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd3mr1so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISX0058TA1CYSD0@pd3mr1so.prod.shaw.ca> for freebsd-security@freebsd.org; Wed, 11 Jan 2006 02:51:12 -0700 (MST) Received: from [192.168.0.60] ([24.87.209.6]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISX00COWA1BZJ80@l-daemon> for freebsd-security@freebsd.org; Wed, 11 Jan 2006 02:51:12 -0700 (MST) Date: Wed, 11 Jan 2006 01:51:11 -0800 From: Colin Percival In-reply-to: To: dawnshade Message-id: <43C4D50F.7090208@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=windows-1251 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.93.0.0 References: User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051228) Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 09:51:15 -0000 dawnshade wrote: >># cd /usr/src >># patch < /path/to/patch >># cd /usr/src/gnu/usr.bin/texinfo/texindex >># make obj && make depend && make && make install > > does not compile on 5.4-RELEASE > > make obj && make depend && make && make install > make: don't know how to make /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop Oops. The instructions should be as follows: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/texinfo/libtxi # make obj && make depend && make # cd /usr/src/gnu/usr.bin/texinfo/texindex # make obj && make depend && make && make install Colin Percival From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 10:04:53 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6B9B16A41F for ; Wed, 11 Jan 2006 10:04:53 +0000 (GMT) (envelope-from victor@bsdes.net) Received: from alf.dyndns.ws (244.Red-217-126-240.staticIP.rima-tde.net [217.126.240.244]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21F4443D76 for ; Wed, 11 Jan 2006 10:04:51 +0000 (GMT) (envelope-from victor@bsdes.net) Received: from alf.dyndns.ws (pato.euesrg02.net [192.168.0.3]) by alf.dyndns.ws (8.13.1/8.13.1) with ESMTP id k0BA4d7L095549 for ; Wed, 11 Jan 2006 11:04:39 +0100 (CET) (envelope-from victor@bsdes.net) Date: Wed, 11 Jan 2006 11:04:38 +0100 From: Victor Balada Diaz To: freebsd-security@freebsd.org Message-ID: <20060111100438.GA692@pato.euesrg02.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Subject: FreeBSD-update on !i386 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 10:04:53 -0000 Hi, seems that Colin Percival doesn't release binary updates to amd64. I can't find the freebsd-update server, so: Is there any way to use freebsd-update with amd64? i don't have any problems on making my own binary patches if someone tell me how. Thanks in advance. -- La prueba mas fehaciente de que existe vida inteligente en otros planetas, es que no han intentado contactar con nosotros. From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 10:21:59 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4603416A41F; Wed, 11 Jan 2006 10:21:59 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4AEEC43D83; Wed, 11 Jan 2006 10:21:56 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0BALtA1073538; Wed, 11 Jan 2006 10:21:55 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0BALtVT073537; Wed, 11 Jan 2006 10:21:55 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 11 Jan 2006 10:21:55 GMT Message-Id: <200601111021.k0BALtVT073537@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex [REVISED] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 10:21:59 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo Announced: 2006-01-11 Credits: Frank Lichtenheld Affects: All FreeBSD releases. Corrected: 2006-01-11 08:02:16 UTC (RELENG_6, 6.0-STABLE) 2006-01-11 08:03:18 UTC (RELENG_6_0, 6.0-RELEASE-p2) 2006-01-11 08:03:55 UTC (RELENG_5, 5.4-STABLE) 2006-01-11 08:04:33 UTC (RELENG_5_4, 5.4-RELEASE-p9) 2006-01-11 08:05:54 UTC (RELENG_5_3, 5.3-RELEASE-p24) 2006-01-11 08:06:47 UTC (RELENG_4, 4.11-STABLE) 2006-01-11 08:07:18 UTC (RELENG_4_11, 4.11-RELEASE-p14) 2006-01-11 08:08:08 UTC (RELENG_4_10, 4.10-RELEASE-p20) CVE Name: CAN-2005-3011 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . 0. Revision History. v1.0 2006-01-11 Initial release. v1.1 2006-01-11 Corrected instructions for rebuilding texindex. I. Background TeX is a document typesetting system which is popular in the mathematics, physics, and computer science realms because of its ability to typeset complex mathematical formulas. texindex(1) is a utility which is often used to generate a sorted index of a TeX file. II. Problem Description The "sort_offline" function used by texindex(1) employs the "maketempname" function, which produces predictable file names and fails to validate that the paths do not exist. III. Impact These predictable temporary file names are problematic because they allow an attacker to take advantage of a race condition in order to execute a symlink attack, which could enable them to overwrite files on the system in the context of the user running the texindex(1) utility. IV. Workaround No workaround is available, but the problematic code is only executed if the input file being processed is 500kB or more in length; as a result, users working with documents of less than several hundred pages are very unlikely to be affected. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE, or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or RELENG_4_10 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.10, 4.11, 5.3, 5.4, and 6.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 4.x and 5.x] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex5x.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex5x.patch.asc [FreeBSD 6.x] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:01/texindex.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/gnu/usr.bin/texinfo/libtxi # make obj && make depend && make # cd /usr/src/gnu/usr.bin/texinfo/texindex # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 contrib/texinfo/util/texindex.c 1.1.1.3.2.4 RELENG_4_11 src/UPDATING 1.73.2.91.2.15 src/sys/conf/newvers.sh 1.44.2.39.2.18 contrib/texinfo/util/texindex.c 1.1.1.3.2.3.6.1 RELENG_4_10 src/UPDATING 1.73.2.90.2.21 src/sys/conf/newvers.sh 1.44.2.34.2.22 contrib/texinfo/util/texindex.c 1.1.1.3.2.3.4.1 RELENG_5 contrib/texinfo/util/texindex.c 1.1.1.7.4.1 RELENG_5_4 src/UPDATING 1.342.2.24.2.18 src/sys/conf/newvers.sh 1.62.2.18.2.14 contrib/texinfo/util/texindex.c 1.1.1.7.8.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.27 src/sys/conf/newvers.sh 1.62.2.15.2.29 contrib/texinfo/util/texindex.c 1.1.1.7.6.1 RELENG_6 contrib/texinfo/util/texindex.c 1.1.1.8.2.1 RELENG_6_0 src/UPDATING 1.416.2.3.2.7 src/sys/conf/newvers.sh 1.69.2.8.2.3 contrib/texinfo/util/texindex.c 1.1.1.8.4.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:01.texindex.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxNZZFdaIBMps37IRAkQ5AKCayEHnnoglWAyY2wA22huF9xmIxgCdFwpn ePrdykp4BUjKqAMYCUupMK8= =q74p -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 14:34:59 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91C7516A41F for ; Wed, 11 Jan 2006 14:34:59 +0000 (GMT) (envelope-from alex@fafula.com) Received: from fafula.com (wj118.internetdsl.tpnet.pl [80.55.191.118]) by mx1.FreeBSD.org (Postfix) with ESMTP id D192B43D66 for ; Wed, 11 Jan 2006 14:34:58 +0000 (GMT) (envelope-from alex@fafula.com) Received: by fafula.com (Postfix, from userid 1001) id B4853422A; Wed, 11 Jan 2006 15:35:01 +0100 (CET) Date: Wed, 11 Jan 2006 15:35:01 +0100 From: Aleksander Fafula To: freebsd-security@freebsd.org Message-ID: <20060111143501.GB21628@fafula.com> References: <200601110819.k0B8JEl0066658@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline In-Reply-To: <200601110819.k0B8JEl0066658@freefall.freebsd.org> User-Agent: Mutt/1.4.2.1i Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:03.cpio X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 14:34:59 -0000 Hello. I am preparing the translations of Security Advisories. This is why I have a few questions. I don't unerstand who are 'they', (files?): > . The first problem can allow a local attacker to change the > permissions of files owned by the user executing cpio providing > that they have write access to the directory in which the file is > being extracted. (CVE-2005-1111) I am having prolem with translating this: > NOTE WELL: The solution described below causes cpio to not exact files > with absolute paths by default anymore. If it is required that cpio > exact files with absolute names, use the --absolute-filenames > parameter. Shouldn't 'exact' be 'extract'. It's very interesting for me as I see 'exact' here two times (two typos or maybe I don't understand this). Thank you very much for your answers. Best regards, Aleksander Fafula PS Another suggestion is: Security Advisories on www.freebsd.org should be ordered by date. Displaying 1,2,3 and no 4 causes people to omit advisory no 4! It should be displayed 4, 3, 2, 1 and probably all new releases - no matter how many. On http://www.freebsd.org/security/ sorting of advisories seems like above. -- Still looking for the last digit of pi... From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 20:53:36 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 038A616A41F for ; Wed, 11 Jan 2006 20:53:36 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DA0543D49 for ; Wed, 11 Jan 2006 20:53:35 +0000 (GMT) (envelope-from simon@zaphod.nitro.dk) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 80DE4114C1; Wed, 11 Jan 2006 21:53:34 +0100 (CET) Date: Wed, 11 Jan 2006 21:53:34 +0100 From: "Simon L. Nielsen" To: Aleksander Fafula Message-ID: <20060111205333.GB839@zaphod.nitro.dk> References: <200601110819.k0B8JEl0066658@freefall.freebsd.org> <20060111143501.GB21628@fafula.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ftEhullJWpWg/VHq" Content-Disposition: inline In-Reply-To: <20060111143501.GB21628@fafula.com> User-Agent: Mutt/1.5.11 Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:03.cpio X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 20:53:36 -0000 --ftEhullJWpWg/VHq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2006.01.11 15:35:01 +0100, Aleksander Fafula wrote: > I am preparing the translations of Security Advisories. This is why=20 > I have a few questions. Hey, Sure, ask away. We (FreeBSD Security Team) try to proof read a lot to fix typo's and make the text as clear as possibly, but unfortunately some things slip through. > I don't unerstand who are 'they', (files?): >=20 > > . The first problem can allow a local attacker to change the > > permissions of files owned by the user executing cpio providing > > that they have write access to the directory in which the file is > > being extracted. (CVE-2005-1111) Here "they" refers to the local attacker. > > NOTE WELL: The solution described below causes cpio to not exact files > > with absolute paths by default anymore. If it is required that cpio > > exact files with absolute names, use the --absolute-filenames > > parameter. >=20 > Shouldn't 'exact' be 'extract'. It's very interesting for me as=20 > I see 'exact' here two times (two typos or maybe I don't understand=20 > this). Whoops, yes it should be "extract" in both cases... well, at least I was consistent in my typos... ;-). I accept the pointy hat for this one. > Another suggestion is:=20 > Security Advisories on www.freebsd.org should be ordered by date. > Displaying 1,2,3 and no 4 causes people to omit advisory no 4! It=20 > should be displayed 4, 3, 2, 1 and probably all new releases - no matter > how many. > On http://www.freebsd.org/security/ sorting of advisories seems like abov= e. I agree in general, and I will try to improve it (though defining "new" items is not too easy for something like this). Xin Li has already reverse the order so 4, 3, and 2 are shown making it more clear that there have been 4 so far in 2006. --=20 Simon L. Nielsen FreeBSD Security Team --ftEhullJWpWg/VHq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxXBNh9pcDSc1mlERAhAsAJ40DEykoPQfiB8nyEFUFbfMffAL0wCgtWpn MNhH1uf3RC5oHVKEdhz70Pc= =6lwV -----END PGP SIGNATURE----- --ftEhullJWpWg/VHq-- From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 07:42:43 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A92916A41F for ; Thu, 12 Jan 2006 07:42:43 +0000 (GMT) (envelope-from kolicz@EUnet.yu) Received: from smtpclu-2.eunet.yu (smtpclu-2.eunet.yu [194.247.192.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7E9C043D45 for ; Thu, 12 Jan 2006 07:42:41 +0000 (GMT) (envelope-from kolicz@EUnet.yu) Received: from faust.net (P-13.66.EUnet.yu [213.240.13.66]) by smtpclu-2.eunet.yu (8.13.4/8.13.4) with ESMTP id k0C7gbAd010190 for ; Thu, 12 Jan 2006 08:42:38 +0100 Received: by faust.net (Postfix, from userid 1001) id AFBF5B844; Thu, 12 Jan 2006 08:42:28 +0100 (CET) Date: Thu, 12 Jan 2006 08:42:28 +0100 From: Zoran Kolic To: freebsd-security@freebsd.org Message-ID: <20060112074228.GB651@faust.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Virus-Scan: EUnet-AVAS-Milter X-AVAS-Virus-Status: clean X-Spam-Checker: EUnet-AVAS-Milter X-AVAS-Spam-Score: -1.1 X-AVAS-Spam-Symbols: AWL BAYES_50 NO_RELAYS TW_PF Subject: ICMP 3.3 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 07:42:43 -0000 Hi all! For a long time I see icmp 3.3 packets in my log, coming from 65.59.245.131. Cannot find what this address is in fact. Every day, on both i386 and amd64. I use ipfw and not a server at all. Comes even if I just look for mail in console. Does someone have similar item in log? One more question. What are those udp probes on 1025-7 ports? Best regards Zoran From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 08:18:21 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DE8E16A41F for ; Thu, 12 Jan 2006 08:18:21 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: from krichy.tvnetwork.hu (krichy.TvNetWork.Hu [80.95.68.194]) by mx1.FreeBSD.org (Postfix) with SMTP id 7457743D46 for ; Thu, 12 Jan 2006 08:18:19 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: (qmail 19828 invoked by uid 1000); 12 Jan 2006 08:15:22 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Jan 2006 08:15:22 -0000 Date: Thu, 12 Jan 2006 09:15:22 +0100 (CET) From: Richard Kojedzinszky To: Colin Percival In-Reply-To: <43C4D50F.7090208@freebsd.org> Message-ID: References: <43C4D50F.7090208@freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 08:18:21 -0000 Hi all, I ran into the same trouble, but i decided to cvsup my sources, and try to rebuild all, but that also failed. I gave the same: ===> gnu/usr.bin/texinfo/texindex cc -O -pipe -DHAVE_CONFIG_H -DLOCALEDIR=\"/usr/share/locale\" -I/usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo -I/usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo/lib -I/usr/obj/usr/src/i386/legacy/usr/include -c /usr/src/gnu/usr.bin/texinfo/texindex/../../../../contrib/texinfo/util/texindex.c make: don't know how to make /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop *** Error code 2 Stop in /usr/src/gnu/usr.bin/texinfo. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. Has someone else also ran into this problem? Regards, Kojedzinszky Richard TvNetWork Rt. E-mail: krichy@tvnetwork.hu PGP: 0x24E79141 Fingerprint = 6847 ECFF EF58 0C09 18A5 16CF 270F 0C6F 24E7 9141 On Wed, 11 Jan 2006, Colin Percival wrote: > dawnshade wrote: >>> # cd /usr/src >>> # patch < /path/to/patch >>> # cd /usr/src/gnu/usr.bin/texinfo/texindex >>> # make obj && make depend && make && make install >> >> does not compile on 5.4-RELEASE >> >> make obj && make depend && make && make install >> make: don't know how to make /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop > > Oops. The instructions should be as follows: > > # cd /usr/src > # patch < /path/to/patch > # cd /usr/src/gnu/usr.bin/texinfo/libtxi > # make obj && make depend && make > # cd /usr/src/gnu/usr.bin/texinfo/texindex > # make obj && make depend && make && make install > > Colin Percival > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 08:21:29 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE60616A426 for ; Thu, 12 Jan 2006 08:21:29 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd5mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CB2943D60 for ; Thu, 12 Jan 2006 08:21:26 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd2mr5so.prod.shaw.ca (pd2mr5so-qfe3.prod.shaw.ca [10.0.141.8]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ006FX0JO2VE0@l-daemon> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 01:21:24 -0700 (MST) Received: from pn2ml3so.prod.shaw.ca ([10.0.121.147]) by pd2mr5so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ00MW00JO2U90@pd2mr5so.prod.shaw.ca> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 01:21:24 -0700 (MST) Received: from [192.168.0.60] ([24.87.209.6]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ00HRG0JO94H0@l-daemon> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 01:21:24 -0700 (MST) Date: Thu, 12 Jan 2006 00:21:23 -0800 From: Colin Percival In-reply-to: To: Richard Kojedzinszky Message-id: <43C61183.2020806@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.93.0.0 References: <43C4D50F.7090208@freebsd.org> User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051228) Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 08:21:30 -0000 Richard Kojedzinszky wrote: > I ran into the same trouble, but i decided to cvsup my sources, and try > to rebuild all, but that also failed. > [...] > make: don't know how to make > /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop You probably have an old obj tree lying around. Try deleting /usr/obj . Colin Percival From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 09:17:35 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3633A16A420 for ; Thu, 12 Jan 2006 09:17:35 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: from krichy.tvnetwork.hu (krichy.TvNetWork.Hu [80.95.68.194]) by mx1.FreeBSD.org (Postfix) with SMTP id 2DF4F43D48 for ; Thu, 12 Jan 2006 09:17:33 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: (qmail 22894 invoked by uid 1000); 12 Jan 2006 09:14:37 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Jan 2006 09:14:37 -0000 Date: Thu, 12 Jan 2006 10:14:37 +0100 (CET) From: Richard Kojedzinszky To: Colin Percival In-Reply-To: <43C61183.2020806@freebsd.org> Message-ID: References: <43C4D50F.7090208@freebsd.org> <43C61183.2020806@freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 09:17:35 -0000 Ok, I have tried that, removed the whole /usr/obj, then issued make buildworld, but again it failed. My source is up to date, to RELENG_5_4, from cvsup.de.freebsd.org. What should i try next? regards, Kojedzinszky Richard TvNetWork Rt. E-mail: krichy@tvnetwork.hu PGP: 0x24E79141 Fingerprint = 6847 ECFF EF58 0C09 18A5 16CF 270F 0C6F 24E7 9141 On Thu, 12 Jan 2006, Colin Percival wrote: > Richard Kojedzinszky wrote: >> I ran into the same trouble, but i decided to cvsup my sources, and try >> to rebuild all, but that also failed. >> [...] >> make: don't know how to make >> /usr/src/gnu/usr.bin/texinfo/texindex/../libtxi/libtxi.a. Stop > > You probably have an old obj tree lying around. Try deleting /usr/obj . > > Colin Percival > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 11:04:35 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D49C16A420 for ; Thu, 12 Jan 2006 11:04:35 +0000 (GMT) (envelope-from cs@schug.net) Received: from schug.net (schug.net [195.27.130.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8E5043D69 for ; Thu, 12 Jan 2006 11:04:31 +0000 (GMT) (envelope-from cs@schug.net) Received: by schug.net (Postfix, from userid 10000) id AA9BAC5921; Thu, 12 Jan 2006 12:04:24 +0100 (CET) Date: Thu, 12 Jan 2006 12:04:24 +0100 From: Christoph Schug To: Richard Kojedzinszky Message-ID: <20060112110424.GC29801@voodoo.schug.net> References: <43C4D50F.7090208@freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i Organization: SpaceNet AG Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 11:04:35 -0000 On Thu, Jan 12, 2006, Richard Kojedzinszky wrote: > I ran into the same trouble, but i decided to cvsup my sources, and try to > rebuild all, but that also failed. Can you check your system clock is correct? I had sames strange build results in the past when my system time drifted several hours after my NTP server died without notice. -cs From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 11:58:50 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3739916A422 for ; Thu, 12 Jan 2006 11:58:50 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: from krichy.tvnetwork.hu (krichy.TvNetWork.Hu [80.95.68.194]) by mx1.FreeBSD.org (Postfix) with SMTP id 4C3D743D45 for ; Thu, 12 Jan 2006 11:58:48 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: (qmail 31769 invoked by uid 1000); 12 Jan 2006 11:55:51 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Jan 2006 11:55:51 -0000 Date: Thu, 12 Jan 2006 12:55:51 +0100 (CET) From: Richard Kojedzinszky To: Christoph Schug In-Reply-To: <20060112110424.GC29801@voodoo.schug.net> Message-ID: References: <43C4D50F.7090208@freebsd.org> <20060112110424.GC29801@voodoo.schug.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 11:58:50 -0000 Yes, my clock is right. I have no idea what am i doing wrong. If someone would confirm that the sources compile well, than I will try to find the bug in my system. regards, Kojedzinszky Richard TvNetWork Rt. E-mail: krichy@tvnetwork.hu PGP: 0x24E79141 Fingerprint = 6847 ECFF EF58 0C09 18A5 16CF 270F 0C6F 24E7 9141 On Thu, 12 Jan 2006, Christoph Schug wrote: > On Thu, Jan 12, 2006, Richard Kojedzinszky wrote: > >> I ran into the same trouble, but i decided to cvsup my sources, and try to >> rebuild all, but that also failed. > > Can you check your system clock is correct? I had sames strange build > results in the past when my system time drifted several hours after my > NTP server died without notice. > > -cs > From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 12:34:24 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3C89E16A41F for ; Thu, 12 Jan 2006 12:34:24 +0000 (GMT) (envelope-from h-k@mail.ru) Received: from f53.mail.ru (f53.mail.ru [194.67.57.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAEF43D46 for ; Thu, 12 Jan 2006 12:34:23 +0000 (GMT) (envelope-from h-k@mail.ru) Received: from mail by f53.mail.ru with local id 1Ex1en-000JQJ-00; Thu, 12 Jan 2006 15:34:21 +0300 Received: from [212.5.80.7] by win.mail.ru with HTTP; Thu, 12 Jan 2006 15:34:21 +0300 From: dawnshade To: Richard Kojedzinszky Mime-Version: 1.0 X-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: unknown via proxy [212.5.80.7] Date: Thu, 12 Jan 2006 15:34:21 +0300 In-Reply-To: Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Message-Id: Cc: freebsd-security@freebsd.org Subject: Re[2]: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dawnshade List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 12:34:24 -0000 -----Original Message----- From: Richard Kojedzinszky To: Christoph Schug Date: Thu, 12 Jan 2006 12:55:51 +0100 (CET) Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex > > > Yes, my clock is right. I have no idea what am i doing wrong. If someone > would confirm that the sources compile well, than I will try to find the > bug in my system. > try following command: rm -R /usr/obj/* && cd /usr/src/gnu/usr.bin/texinfo/libtxi && make clean && make obj && make depend && make && cd /usr/src/gnu/usr.bin/texinfo/texindex&& make clean && make obj && make depend && make && make install for me works fine. From owner-freebsd-security@FreeBSD.ORG Wed Jan 11 03:10:08 2006 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8EDA516A41F for ; Wed, 11 Jan 2006 03:10:08 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D29A43D46 for ; Wed, 11 Jan 2006 03:10:08 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0B3A7Pn044360 for ; Wed, 11 Jan 2006 03:10:07 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0B3A79d044359; Wed, 11 Jan 2006 03:10:07 GMT (envelope-from gnats) Date: Wed, 11 Jan 2006 03:10:07 GMT Message-Id: <200601110310.k0B3A79d044359@freefall.freebsd.org> To: joe From: FreeBSD-gnats-submit@FreeBSD.org In-Reply-To: Your message of Wed, 11 Jan 2006 03:09:28 GMT <200601110309.k0B39SQ8006489@www.freebsd.org> X-Mailman-Approved-At: Thu, 12 Jan 2006 13:54:28 +0000 Cc: Subject: Re: bin/91622: /bin/cp does not update atime of the source file X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-bugs@FreeBSD.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 03:10:08 -0000 Thank you very much for your problem report. It has the internal identification `bin/91622'. The individual assigned to look at your report is: freebsd-bugs. You can access the state of your problem report at any time via this link: http://www.freebsd.org/cgi/query-pr.cgi?pr=91622 >Category: bin >Responsible: freebsd-bugs >Synopsis: /bin/cp does not update atime of the source file >Arrival-Date: Wed Jan 11 03:10:07 GMT 2006 From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 14:07:48 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD1D216A420 for ; Thu, 12 Jan 2006 14:07:48 +0000 (GMT) (envelope-from simon@eddie.nitro.dk) Received: from eddie.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id E28D743D48 for ; Thu, 12 Jan 2006 14:07:47 +0000 (GMT) (envelope-from simon@eddie.nitro.dk) Received: by eddie.nitro.dk (Postfix, from userid 1000) id DCB20119C4F; Thu, 12 Jan 2006 15:07:46 +0100 (CET) Date: Thu, 12 Jan 2006 15:07:46 +0100 From: "Simon L. Nielsen" To: Richard Kojedzinszky Message-ID: <20060112140746.GC5635@eddie.nitro.dk> References: <43C4D50F.7090208@freebsd.org> <20060112110424.GC29801@voodoo.schug.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="w7PDEPdKQumQfZlR" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.11 Cc: Christoph Schug , freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 14:07:48 -0000 --w7PDEPdKQumQfZlR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2006.01.12 12:55:51 +0100, Richard Kojedzinszky wrote: > On Thu, 12 Jan 2006, Christoph Schug wrote: > >On Thu, Jan 12, 2006, Richard Kojedzinszky wrote: > >>I ran into the same trouble, but i decided to cvsup my sources, and try= to > >>rebuild all, but that also failed. > > > >Can you check your system clock is correct? I had sames strange build > >results in the past when my system time drifted several hours after my > >NTP server died without notice. > > Yes, my clock is right. I have no idea what am i doing wrong. If someone= =20 > would confirm that the sources compile well, than I will try to find the= =20 > bug in my system. My buildworld of RELENG_5_4 on my mailserver (which already runs 5.4, just for reference) just completed successfully, so it sounds like a local problem. --=20 Simon L. Nielsen --w7PDEPdKQumQfZlR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDxmKyh9pcDSc1mlERAkcxAKCoTQVCjgaNw5WWwPFqVEVDntR3PgCeMXTe MbMrSJ/VNkD24FMCFQb+aA0= =w8gu -----END PGP SIGNATURE----- --w7PDEPdKQumQfZlR-- From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 15:03:32 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6FA016A41F; Thu, 12 Jan 2006 15:03:32 +0000 (GMT) (envelope-from wxs@syn.csh.rit.edu) Received: from syn.csh.rit.edu (syn.csh.rit.edu [129.21.60.158]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1088843D45; Thu, 12 Jan 2006 15:03:31 +0000 (GMT) (envelope-from wxs@syn.csh.rit.edu) Received: from syn.csh.rit.edu (localhost [127.0.0.1]) by syn.csh.rit.edu (8.13.4/8.13.4) with ESMTP id k0CF3ZUW005322; Thu, 12 Jan 2006 10:03:35 -0500 (EST) (envelope-from wxs@syn.csh.rit.edu) Received: (from wxs@localhost) by syn.csh.rit.edu (8.13.4/8.13.4/Submit) id k0CF3WXC005321; Thu, 12 Jan 2006 10:03:32 -0500 (EST) (envelope-from wxs) Date: Thu, 12 Jan 2006 10:03:32 -0500 From: Wesley Shields To: "Simon L. Nielsen" Message-ID: <20060112150332.GB4933@csh.rit.edu> References: <43C4D50F.7090208@freebsd.org> <20060112110424.GC29801@voodoo.schug.net> <20060112140746.GC5635@eddie.nitro.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060112140746.GC5635@eddie.nitro.dk> User-Agent: Mutt/1.5.11 Cc: Christoph Schug , Richard Kojedzinszky , freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 15:03:32 -0000 On Thu, Jan 12, 2006 at 03:07:46PM +0100, Simon L. Nielsen wrote: > On 2006.01.12 12:55:51 +0100, Richard Kojedzinszky wrote: > > On Thu, 12 Jan 2006, Christoph Schug wrote: > > >On Thu, Jan 12, 2006, Richard Kojedzinszky wrote: > > >>I ran into the same trouble, but i decided to cvsup my sources, and try to > > >>rebuild all, but that also failed. > > > > > >Can you check your system clock is correct? I had sames strange build > > >results in the past when my system time drifted several hours after my > > >NTP server died without notice. > > > > Yes, my clock is right. I have no idea what am i doing wrong. If someone > > would confirm that the sources compile well, than I will try to find the > > bug in my system. > > My buildworld of RELENG_5_4 on my mailserver (which already runs 5.4, > just for reference) just completed successfully, so it sounds like a > local problem. Could it be that the mirror you used is not up to date? I know someone yesterday was having problems getting an up to date ports tree from a .de mirror, though I don't know which one specifically. I'd try a different mirror and see if that helps. I had no problems doing a buildworld on a RELENG_6_0 box. -- WXS From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 15:54:40 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49C2F16A454 for ; Thu, 12 Jan 2006 15:54:40 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd5mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F61043D66 for ; Thu, 12 Jan 2006 15:54:31 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd2mr5so.prod.shaw.ca (pd2mr5so-qfe3.prod.shaw.ca [10.0.141.8]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ00MWWLGSSY00@l-daemon> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 08:53:16 -0700 (MST) Received: from pn2ml6so.prod.shaw.ca ([10.0.121.150]) by pd2mr5so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ00IKWLGSR0J0@pd2mr5so.prod.shaw.ca> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 08:53:16 -0700 (MST) Received: from [192.168.0.60] ([24.87.209.6]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ISZ005G4LGS1H20@l-daemon> for freebsd-security@freebsd.org; Thu, 12 Jan 2006 08:53:16 -0700 (MST) Date: Thu, 12 Jan 2006 07:53:15 -0800 From: Colin Percival In-reply-to: To: Richard Kojedzinszky Message-id: <43C67B6B.1060508@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.93.0.0 References: <43C4D50F.7090208@freebsd.org> <43C61183.2020806@freebsd.org> User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051228) Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 15:54:40 -0000 Richard Kojedzinszky wrote: > removed the whole /usr/obj, then issued make buildworld, but again it > failed. > My source is up to date, to RELENG_5_4, from cvsup.de.freebsd.org. > What should i try next? I don't know... buildworld works for me. Colin Percival From owner-freebsd-security@FreeBSD.ORG Thu Jan 12 18:37:12 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B45C16A41F for ; Thu, 12 Jan 2006 18:37:12 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: from krichy.tvnetwork.hu (krichy.TvNetWork.Hu [80.95.68.194]) by mx1.FreeBSD.org (Postfix) with SMTP id 5D66843D4C for ; Thu, 12 Jan 2006 18:37:10 +0000 (GMT) (envelope-from krichy@tvnetwork.hu) Received: (qmail 21016 invoked by uid 1000); 12 Jan 2006 18:34:12 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Jan 2006 18:34:12 -0000 Date: Thu, 12 Jan 2006 19:34:12 +0100 (CET) From: Richard Kojedzinszky To: Colin Percival In-Reply-To: <43C67B6B.1060508@freebsd.org> Message-ID: References: <43C4D50F.7090208@freebsd.org> <43C61183.2020806@freebsd.org> <43C67B6B.1060508@freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2006 18:37:12 -0000 Dear all, Thank you for all, it was my local problem. I dont know what was it, but after removing the whole /usr/obj and /usr/src, and getting the sources again it compiled well. As i remember, I've never touched /usr/src by hand, only cvsup'd some times, but something probably has been corrupted. Again, thanks for all, Regards, Kojedzinszky Richard TvNetWork Rt. E-mail: krichy@tvnetwork.hu PGP: 0x24E79141 Fingerprint = 6847 ECFF EF58 0C09 18A5 16CF 270F 0C6F 24E7 9141 On Thu, 12 Jan 2006, Colin Percival wrote: > Richard Kojedzinszky wrote: >> removed the whole /usr/obj, then issued make buildworld, but again it >> failed. >> My source is up to date, to RELENG_5_4, from cvsup.de.freebsd.org. >> What should i try next? > > I don't know... buildworld works for me. > > Colin Percival > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 09:30:36 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9244816A41F for ; Fri, 13 Jan 2006 09:30:36 +0000 (GMT) (envelope-from sl151@waikato.ac.nz) Received: from clint.its.waikato.ac.nz (smtp.waikato.ac.nz [130.217.66.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id D0EF643D45 for ; Fri, 13 Jan 2006 09:30:35 +0000 (GMT) (envelope-from sl151@waikato.ac.nz) Received: from ex4.its.waikato.ac.nz (ex4.its.waikato.ac.nz [130.217.70.144]) by clint.its.waikato.ac.nz (Postfix) with ESMTP id CB559E0891F for ; Fri, 13 Jan 2006 22:30:33 +1300 (NZDT) X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Fri, 13 Jan 2006 22:30:29 +1300 Message-ID: <53EF8EA01F1F5241BAB680A851B4F03F1E130C@ex4.its.waikato.ac.nz> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: FreeBSD Errata Advisory FreeBSD-SA-06:03.cpio Thread-Index: AcYYI/4TnUhfJ0nLSoSx9baqIWYXcg== From: "Lin, Shih-Min" To: Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: FreeBSD Errata Advisory FreeBSD-SA-06:03.cpio X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 09:30:36 -0000 Hi there, I'm following the security advisory to patch the cpio vulnerability = (update to 6_0_0 RELENG p2, make obj, make depend), yet when it comes to = make, it shows some error message as follows: /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:488: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:584: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:584: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:632: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:584: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:632: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:680: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:632: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:680: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:728: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:680: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:728: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:776: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:728: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:776: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:824: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:776: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:824: error: = redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: = previous definition of 'safer_name_suffix' was here /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c: In function = `process_copy_in': /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:986: error: = `abs_paths_flag' undeclared (first use in this function) /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:986: error: = (Each undeclared identifier is reported only once=20 /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:986: error: for = each function it appears in.) *** Error code 1 All of them look like the same thing, but what might have gone wrong? = (no problem with ee, ipfw and texinfo patch) From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 09:36:39 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DDF316A41F for ; Fri, 13 Jan 2006 09:36:39 +0000 (GMT) (envelope-from delphij@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD30D43D46 for ; Fri, 13 Jan 2006 09:36:38 +0000 (GMT) (envelope-from delphij@gmail.com) Received: by wproxy.gmail.com with SMTP id i20so559589wra for ; Fri, 13 Jan 2006 01:36:38 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ibNUFY11S6geC80ssqX+4UL6v9RihcvPbTPn1cWmWK6Dv1xyabGLOT50wJbgW9JWtpO+rnCF9qnup+/UV93ECaNJAFphMqzlH/ipqEMx4gV4Ctz1rGYQl6m0NsjLIyX3hapMJF+I6kaHrlRNupLiYEsJl/i2+OuYEsFYCZQI9Ws= Received: by 10.65.205.7 with SMTP id h7mr1695028qbq; Fri, 13 Jan 2006 01:36:38 -0800 (PST) Received: by 10.65.72.5 with HTTP; Fri, 13 Jan 2006 01:36:38 -0800 (PST) Message-ID: Date: Fri, 13 Jan 2006 17:36:38 +0800 From: Xin LI To: "Lin, Shih-Min" In-Reply-To: <53EF8EA01F1F5241BAB680A851B4F03F1E130C@ex4.its.waikato.ac.nz> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <53EF8EA01F1F5241BAB680A851B4F03F1E130C@ex4.its.waikato.ac.nz> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Errata Advisory FreeBSD-SA-06:03.cpio X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: delphij@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 09:36:39 -0000 Hi, On 1/13/06, Lin, Shih-Min wrote: > I'm following the security advisory to patch the cpio vulnerability (upda= te to 6_0_0 RELENG p2, make obj, make depend), yet when it comes to make, i= t shows some error message as follows: Please follow the instruction found in the revised advisory. The patch procedure in the first advisory was not quite correct... Cheers, -- Xin LI http://www.delphij.net From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 12:23:05 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D89216A41F; Fri, 13 Jan 2006 12:23:05 +0000 (GMT) (envelope-from marck@rinet.ru) Received: from woozle.rinet.ru (woozle.rinet.ru [195.54.192.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id A3EB643D45; Fri, 13 Jan 2006 12:23:04 +0000 (GMT) (envelope-from marck@rinet.ru) Received: from localhost (localhost [127.0.0.1]) by woozle.rinet.ru (8.13.3/8.13.3) with ESMTP id k0DCN3Bn061764; Fri, 13 Jan 2006 15:23:03 +0300 (MSK) (envelope-from marck@rinet.ru) Date: Fri, 13 Jan 2006 15:23:03 +0300 (MSK) From: Dmitry Morozovsky To: Richard Kojedzinszky In-Reply-To: Message-ID: <20060113152152.M73577@woozle.rinet.ru> References: <43C4D50F.7090208@freebsd.org> <43C61183.2020806@freebsd.org> <43C67B6B.1060508@freebsd.org> X-NCC-RegID: ru.rinet MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (woozle.rinet.ru [0.0.0.0]); Fri, 13 Jan 2006 15:23:03 +0300 (MSK) Cc: freebsd-security@freebsd.org, Colin Percival Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 12:23:05 -0000 On Thu, 12 Jan 2006, Richard Kojedzinszky wrote: RK> Dear all, RK> RK> Thank you for all, it was my local problem. I dont know what was it, but RK> after removing the whole /usr/obj and /usr/src, and getting the sources RK> again it compiled well. As i remember, I've never touched /usr/src by hand, RK> only cvsup'd some times, but something probably has been corrupted. For the reference: make cleandir; make cleandir in problem (source) dir seem to fix most problems related to stale files. Sincerely, D.Marck [DM5020, MCK-RIPE, DM3-RIPN] ------------------------------------------------------------------------ *** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru *** ------------------------------------------------------------------------ From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 12:51:02 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A08F916A41F for ; Fri, 13 Jan 2006 12:51:02 +0000 (GMT) (envelope-from prosa@pro.sk) Received: from ns.pro.sk (proxy.pro.sk [212.55.244.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id E014343D4C for ; Fri, 13 Jan 2006 12:51:01 +0000 (GMT) (envelope-from prosa@pro.sk) Received: from peter (Peter [192.168.1.53]) by ns.pro.sk (8.13.1/8.13.1) with SMTP id k0DCoxTJ019165 for ; Fri, 13 Jan 2006 13:50:59 +0100 (CET) (envelope-from prosa@pro.sk) Message-ID: <003d01c6183f$e80473d0$3501a8c0@pro.sk> From: "Peter Rosa" To: "FreeBSD Security" References: <43C4D50F.7090208@freebsd.org><43C61183.2020806@freebsd.org><43C67B6B.1060508@freebsd.org> <20060113152152.M73577@woozle.rinet.ru> Date: Fri, 13 Jan 2006 13:50:18 +0100 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1506 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1506 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2 (ns.pro.sk [192.168.1.1]); Fri, 13 Jan 2006 13:50:59 +0100 (CET) Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 12:51:02 -0000 Hi all, > For the reference: > make cleandir; make cleandir how could we list ALL possible options, defined in /usr/src, please? Those listed above are both new options I never heard about before. BTW, what are ALL possible options in /usr/ports too, please? Peter Rosa From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 12:59:10 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DEF016A41F for ; Fri, 13 Jan 2006 12:59:10 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from aiolos.otenet.gr (aiolos.otenet.gr [195.170.0.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id 547FB43D45 for ; Fri, 13 Jan 2006 12:59:08 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from flame.pc (aris.bedc.ondsl.gr [62.103.39.226]) by aiolos.otenet.gr (8.13.4/8.13.4/Debian-8) with SMTP id k0DCx7ei006284; Fri, 13 Jan 2006 14:59:07 +0200 Received: by flame.pc (Postfix, from userid 1001) id 6DA201179E; Fri, 13 Jan 2006 14:57:32 +0200 (EET) Date: Fri, 13 Jan 2006 14:57:32 +0200 From: Giorgos Keramidas To: Peter Rosa Message-ID: <20060113125732.GA1284@flame.pc> References: <20060113152152.M73577@woozle.rinet.ru> <003d01c6183f$e80473d0$3501a8c0@pro.sk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <003d01c6183f$e80473d0$3501a8c0@pro.sk> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 12:59:10 -0000 On 2006-01-13 13:50, Peter Rosa wrote: > > For the reference: > > make cleandir; make cleandir > > how could we list ALL possible options, defined in /usr/src, please? > Those listed above are both new options I never heard about before. They are already listed in the build(7) manpage. > BTW, what are ALL possible options in /usr/ports too, please? These are also listed in the ports(7) manpage. From owner-freebsd-security@FreeBSD.ORG Fri Jan 13 13:15:41 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 264D816A41F for ; Fri, 13 Jan 2006 13:15:41 +0000 (GMT) (envelope-from ertr1013@student.uu.se) Received: from pne-smtpout1-sn2.hy.skanova.net (pne-smtpout1-sn2.hy.skanova.net [81.228.8.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 39CE143D55 for ; Fri, 13 Jan 2006 13:15:39 +0000 (GMT) (envelope-from ertr1013@student.uu.se) Received: from falcon.midgard.homeip.net (83.253.29.241) by pne-smtpout1-sn2.hy.skanova.net (7.2.069.1) id 43C77BA400019B77 for freebsd-security@freebsd.org; Fri, 13 Jan 2006 14:15:38 +0100 Received: (qmail 72317 invoked by uid 1001); 13 Jan 2006 14:15:38 +0100 Date: Fri, 13 Jan 2006 14:15:38 +0100 From: Erik Trulsson To: Giorgos Keramidas Message-ID: <20060113131538.GA71535@falcon.midgard.homeip.net> Mail-Followup-To: Giorgos Keramidas , Peter Rosa , freebsd-security@freebsd.org References: <20060113152152.M73577@woozle.rinet.ru> <003d01c6183f$e80473d0$3501a8c0@pro.sk> <20060113125732.GA1284@flame.pc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060113125732.GA1284@flame.pc> User-Agent: Mutt/1.5.11 Cc: Peter Rosa , freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:01.texindex X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2006 13:15:41 -0000 On Fri, Jan 13, 2006 at 02:57:32PM +0200, Giorgos Keramidas wrote: > On 2006-01-13 13:50, Peter Rosa wrote: > > > For the reference: > > > make cleandir; make cleandir > > > > how could we list ALL possible options, defined in /usr/src, please? > > Those listed above are both new options I never heard about before. > > They are already listed in the build(7) manpage. Only in -CURRENT. For a person running 6.x or 5.x the build(7) manpage does not mention the 'cleandir' make target. > > > BTW, what are ALL possible options in /usr/ports too, please? > > These are also listed in the ports(7) manpage. Not quite all of them, but most. To find *ALL* available make targets and options under /usr/src and /usr/ports I am afraid one will have to read through all the relevant Makefiles carefully. -- Erik Trulsson ertr1013@student.uu.se