From owner-freebsd-hubs@FreeBSD.ORG Mon Dec 1 08:00:15 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0FCAA16A4CE for ; Mon, 1 Dec 2003 08:00:15 -0800 (PST) Received: from muse.csie.ntu.edu.tw (muse.csie.ntu.edu.tw [140.112.28.158]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4390243FE5 for ; Mon, 1 Dec 2003 08:00:10 -0800 (PST) (envelope-from rafan@muse.csie.ntu.edu.tw) Received: by muse.csie.ntu.edu.tw (Postfix, from userid 1001) id 1BEB6530C7; Tue, 2 Dec 2003 00:00:09 +0800 (CST) Date: Tue, 2 Dec 2003 00:00:09 +0800 From: Rong-en Fan To: hubs@freebsd.org Message-ID: <20031201160009.GA7391@muse.csie.ntu.edu.tw> Mime-Version: 1.0 Content-Type: text/plain; charset=big5 Content-Disposition: inline User-Agent: Mutt/1.5.4i Subject: sparc64 disc2 X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Dec 2003 16:00:15 -0000 Hi all, I found that MD5 checksum of 5.2-BETA sparc64-disc2.iso on ftp-master.us (ftp-master also?) is not the same in CHECKSUM.MD5. MD5 (5.2-BETA-sparc64-disc2.iso) = 6b89b9a9a4d5adb16fa3f705ca52d4a7 in CHECKSUM.MD5 MD5 (5.2-BETA-sparc64-disc2.iso) = 668ae2b96c623aacdd5149e241bc3c08 what's wrong? My problem or the file is corrupted on ftp-master.us? Regards, Rong-En Fan, ftp6.tw From owner-freebsd-hubs@FreeBSD.ORG Mon Dec 1 08:22:20 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2394016A4CE; Mon, 1 Dec 2003 08:22:20 -0800 (PST) Received: from electra.cse.Buffalo.EDU (electra.cse.Buffalo.EDU [128.205.32.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8946343FE5; Mon, 1 Dec 2003 08:20:44 -0800 (PST) (envelope-from kensmith@cse.Buffalo.EDU) Received: from electra.cse.Buffalo.EDU (kensmith@localhost [127.0.0.1]) hB1GKhus024362; Mon, 1 Dec 2003 11:20:43 -0500 (EST) Received: (from kensmith@localhost) by electra.cse.Buffalo.EDU (8.12.10/8.12.9/Submit) id hB1GKhcp024361; Mon, 1 Dec 2003 11:20:43 -0500 (EST) Date: Mon, 1 Dec 2003 11:20:43 -0500 From: Ken Smith To: hubs@freebsd.org Message-ID: <20031201162043.GA24247@electra.cse.Buffalo.EDU> References: <20031201160009.GA7391@muse.csie.ntu.edu.tw> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031201160009.GA7391@muse.csie.ntu.edu.tw> User-Agent: Mutt/1.4.1i cc: re@freebsd.org Subject: Re: sparc64 disc2 X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Dec 2003 16:22:20 -0000 On Tue, Dec 02, 2003 at 12:00:09AM +0800, Rong-en Fan wrote: > I found that MD5 checksum of 5.2-BETA sparc64-disc2.iso on > ftp-master.us (ftp-master also?) is not the same in CHECKSUM.MD5. > > MD5 (5.2-BETA-sparc64-disc2.iso) = 6b89b9a9a4d5adb16fa3f705ca52d4a7 > > in CHECKSUM.MD5 > MD5 (5.2-BETA-sparc64-disc2.iso) = 668ae2b96c623aacdd5149e241bc3c08 > > what's wrong? My problem or the file is corrupted on ftp-master.us? Looks like the files don't match the CHECKSUM.MD5 file on ftp-master itself: ftp-master 12 % cat CHECKSUM.MD5 MD5 (5.2-BETA-sparc64-disc2.iso) = 668ae2b96c623aacdd5149e241bc3c08 MD5 (5.2-BETA-sparc64-miniinst.iso) = 1c2202710aac091b2a880c5c29b30168 ftp-master 13 % md5 *.iso MD5 (5.2-BETA-sparc64-disc2.iso) = 6b89b9a9a4d5adb16fa3f705ca52d4a7 MD5 (5.2-BETA-sparc64-miniinst.iso) = 1c2202710aac091b2a880c5c29b30168 I'll cc this to re@, either the file was corrupted on its way to ftp-master or the CHECKSUM.MD5 file isn't right. -- Ken Smith - From there to here, from here to | kensmith@cse.buffalo.edu there, funny things are everywhere. | - Theodore Geisel | From owner-freebsd-hubs@FreeBSD.ORG Tue Dec 2 04:06:41 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77AAB16A4CE for ; Tue, 2 Dec 2003 04:06:41 -0800 (PST) Received: from mail.tcoip.com.br (erato.tco.net.br [200.220.254.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C55D043F93 for ; Tue, 2 Dec 2003 04:06:37 -0800 (PST) (envelope-from dcs@tcoip.com.br) Received: from tcoip.com.br ([10.0.2.6]) by mail.tcoip.com.br (8.11.6/8.11.6) with ESMTP id hB2C6ab19667 for ; Tue, 2 Dec 2003 10:06:36 -0200 Message-ID: <3FCC804C.1070506@tcoip.com.br> Date: Tue, 02 Dec 2003 10:06:36 -0200 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) Gecko/20031007 X-Accept-Language: en-us, en, pt-br, ja MIME-Version: 1.0 To: hubs@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Mirroring in .br X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Dec 2003 12:06:41 -0000 People, I'm moving my mirror to a new machine, where I'll be able to=20 keep a full mirror. Presently I rsync and cvsup from The Masters, but=20 I'm considering going for exclusive cvsup use (how do the packages fare, = rsync vs cvsup?). I'm also considering cvsupping closer to home. Are there any full=20 mirrors around I can sync with? --=20 Daniel C. Sobral Ger=EAncia de Opera=E7=F5es Divis=E3o de Comunica=E7=E3o de Dados Coordena=E7=E3o de Seguran=E7a VIVO Centro Oeste Norte Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo@tco.net.br Daniel.Sobral@tcoip.com.br dcs@tcoip.com.br From owner-freebsd-hubs@FreeBSD.ORG Tue Dec 2 17:36:27 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCCEA16A4CE for ; Tue, 2 Dec 2003 17:36:27 -0800 (PST) Received: from ivoti.terra.com.br (ivoti.terra.com.br [200.176.3.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 48C1F43FDF for ; Tue, 2 Dec 2003 17:36:26 -0800 (PST) (envelope-from jonny@jonny.eng.br) Received: from gunga.terra.com.br (gunga.terra.com.br [200.176.3.45]) by ivoti.terra.com.br (Postfix) with ESMTP id BE80A79C291; Tue, 2 Dec 2003 23:36:24 -0200 (BRST) Received: from jonny.eng.br (unknown [200.149.250.253]) (authenticated user dioni21) by gunga.terra.com.br (Postfix) with ESMTP id 1477512804F; Tue, 2 Dec 2003 23:36:24 -0200 (BRST) Message-ID: <3FCD3E15.5000509@jonny.eng.br> Date: Tue, 02 Dec 2003 23:36:21 -0200 From: =?ISO-8859-1?Q?Jo=E3o_Carlos_Mendes_Lu=EDs?= User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: pt-br, en-us, en, pt MIME-Version: 1.0 To: "Daniel C. Sobral" References: <3FCC804C.1070506@tcoip.com.br> In-Reply-To: <3FCC804C.1070506@tcoip.com.br> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit cc: hubs@freebsd.org Subject: Re: Mirroring in .br X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 01:36:27 -0000 Daniel C. Sobral wrote: > People, I'm moving my mirror to a new machine, where I'll be able to > keep a full mirror. Presently I rsync and cvsup from The Masters, but > I'm considering going for exclusive cvsup use (how do the packages fare, > rsync vs cvsup?). Note that cvsup drops down to rsync protocol if the source is not a CVS repository. So, there may be no advantage in the change. > I'm also considering cvsupping closer to home. Are there any full > mirrors around I can sync with? Maybe Matrix Internet. They have an IBM Shark file server with lots of disk space. I may say that UFRJ does not have full mirror, and really doubt Unicamp has too. Maybe your best chance is traceroute to all tier-1 mirrors and select the one with most bandwidth available. Jonny -- João Carlos Mendes Luís - Networking Engineer - jonny@jonny.eng.br From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 02:23:32 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18ACC16A4D2 for ; Wed, 3 Dec 2003 02:23:32 -0800 (PST) Received: from apolo.ccuec.unicamp.br (apolo.ccuec.unicamp.br [143.106.80.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id BFFE343FE0 for ; Wed, 3 Dec 2003 02:23:28 -0800 (PST) (envelope-from rbueno@ccuec.unicamp.br) Received: from mercurio.ccuec.unicamp.br (mercurio.ccuec.unicamp.br [143.106.80.15]) by apolo.ccuec.unicamp.br (Postfix) with ESMTP id 3D138333923 for ; Wed, 3 Dec 2003 08:23:26 -0200 (BRST) Received: from localhost (localhost [127.0.0.1]) by mercurio.ccuec.unicamp.br (Postfix) with ESMTP id 0694B230A8 for ; Wed, 3 Dec 2003 08:23:26 -0200 (BRST) Received: from mercurio.ccuec.unicamp.br ([127.0.0.1]) by localhost (mercurio.ccuec.unicamp.br [127.0.0.1:10027]) (amavisd-new) with SMTP id 29820-09 for ; Wed, 3 Dec 2003 08:23:25 -0200 (BRST) Received: from trindade.ccuec.unicamp.br (trindade.ccuec.unicamp.br [143.106.30.69]) by mercurio.ccuec.unicamp.br (Postfix) with ESMTP id 32CC5230A6 for ; Wed, 3 Dec 2003 08:23:25 -0200 (BRST) Received: from trindade.ccuec.unicamp.br (localhost [127.0.0.1]) hB3ANOc6038109 for ; Wed, 3 Dec 2003 08:23:25 -0200 (BRST) (envelope-from rbueno@trindade.ccuec.unicamp.br) Received: (from rbueno@localhost)hB3ANOmI038108 for hubs@freebsd.org; Wed, 3 Dec 2003 08:23:24 -0200 (BRST) (envelope-from rbueno) Date: Wed, 3 Dec 2003 08:23:24 -0200 From: Ricardo Bueno da Silva To: hubs@freebsd.org Message-ID: <20031203102324.GA37990@ccuec.unicamp.br> References: <3FCC804C.1070506@tcoip.com.br> <3FCD3E15.5000509@jonny.eng.br> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <3FCD3E15.5000509@jonny.eng.br> Organization: Universidade Estadual de Campinas ( UNICAMP ) X-OS: FreeBSD User-Agent: Mutt/1.5.5.1i X-Virus-Scanned: by amavisd-new Subject: Re: Mirroring in .br X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: rbueno@ccuec.unicamp.br List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 10:23:32 -0000 On Tue, Dec 02, 2003 at 11:36:21PM -0200, João Carlos Mendes Luís wrote: > Daniel C. Sobral wrote: > >People, I'm moving my mirror to a new machine, where I'll be able to > >keep a full mirror. Presently I rsync and cvsup from The Masters, but > >I'm considering going for exclusive cvsup use (how do the packages fare, > >rsync vs cvsup?). > > Note that cvsup drops down to rsync protocol if the source is not a CVS > repository. So, there may be no advantage in the change. > > >I'm also considering cvsupping closer to home. Are there any full > >mirrors around I can sync with? > > Maybe Matrix Internet. They have an IBM Shark file server with lots of > disk space. I may say that UFRJ does not have full mirror, and really > doubt Unicamp has too. You're right. I don't have full mirror. Nowadays I have last release (including packages-release) for: alpha and i386 (4.9 and 5.1) amd64, ia64, pc98 and sparc64 (5.1) and CERT, docs and some ISOs. Ricardo > > Maybe your best chance is traceroute to all tier-1 mirrors and select the > one with most bandwidth available. > > Jonny > > -- > João Carlos Mendes Luís - Networking Engineer - jonny@jonny.eng.br > > > _______________________________________________ > freebsd-hubs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hubs > To unsubscribe, send any mail to "freebsd-hubs-unsubscribe@freebsd.org" -- Ricardo Bueno da Silva e-mail: rbueno@ccuec.unicamp.br Centro de Computacao - CCUEC Fone: (0xx19) 3788-2200 Universidade Estadual de Campinas - UNICAMP Fax: (0xx19) 3788-2251 "As vezes voce esta discutindo com um imbecil... e ele tambem." (Millor Fernandes) From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 07:12:32 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 180C016A4CE for ; Wed, 3 Dec 2003 07:12:32 -0800 (PST) Received: from amun.isnic.is (amun.isnic.is [193.4.58.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id A300143F75 for ; Wed, 3 Dec 2003 07:12:30 -0800 (PST) (envelope-from oli@amun.isnic.is) Received: from amun.isnic.is (oli@localhost [127.0.0.1]) by amun.isnic.is (8.12.9p2/8.12.9/isnic) with ESMTP id hB3FCQ77077716; Wed, 3 Dec 2003 15:12:27 GMT (envelope-from oli@amun.isnic.is) Received: (from oli@localhost) by amun.isnic.is (8.12.9p2/8.12.9/Submit) id hB3FCPSJ077714; Wed, 3 Dec 2003 15:12:25 GMT (envelope-from oli) Date: Wed, 3 Dec 2003 15:12:25 +0000 From: Olafur Osvaldsson To: =?iso-8859-1?Q?Jo=E3o_Carlos_Mendes_Lu=EDs?= Message-ID: <20031203151225.GF70612@isnic.is> References: <3FCC804C.1070506@tcoip.com.br> <3FCD3E15.5000509@jonny.eng.br> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IJpNTDwzlM2Ie8A6" Content-Disposition: inline In-Reply-To: <3FCD3E15.5000509@jonny.eng.br> User-Agent: Mutt/1.3.28i X-Spam-Status: No, hits=0.0 required=5.9 tests=none autolearn=no version=2.60-isnic X-Spam-Checker-Version: SpamAssassin 2.60-isnic (1.212-2003-09-23-exp) on amun.isnic.is cc: hubs@freebsd.org Subject: Re: Mirroring in .br X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 15:12:32 -0000 --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Jo=E3o, On Tue, 02 Dec 2003, Jo=E3o Carlos Mendes Lu=EDs wrote: > Note that cvsup drops down to rsync protocol if the source is not a CVS= =20 > repository. So, there may be no advantage in the change. If I remember correctly there are huge memory savings both on the client and the server if using cvsup, John Polstra is on this list if I remember correctly and he should know if I'm correct or not, if he doesn't answer you can ask using the email address at http://www.cvsup.org/contact.html /Oli --=20 Olafur Osvaldsson Systems Administrator Internet a Islandi hf. Tel: +354 525-5291 Email: oli@isnic.is --IJpNTDwzlM2Ie8A6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/zf1Z8xNRBRknOFwRAgkcAJ0VU91LS9b0qk1NSAR3ePzgJGVbWQCfc+8p JDQEwnUSyk5PqCRbrnBlhU4= =I9Rv -----END PGP SIGNATURE----- --IJpNTDwzlM2Ie8A6-- From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 14:13:17 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2DA2916A4CF for ; Wed, 3 Dec 2003 14:13:17 -0800 (PST) Received: from white.imgsrc.co.jp (ns.imgsrc.co.jp [210.226.20.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77D5343FBD for ; Wed, 3 Dec 2003 14:13:15 -0800 (PST) (envelope-from kuriyama@imgsrc.co.jp) Received: from localhost (localhost [127.0.0.1]) by white.imgsrc.co.jp (Postfix) with ESMTP id 3C5C328409E; Thu, 4 Dec 2003 07:13:14 +0900 (JST) Received: from black.imgsrc.co.jp (black.imgsrc.co.jp [2001:218:422:2::130]) by white.imgsrc.co.jp (Postfix) with ESMTP id BFE94284098; Thu, 4 Dec 2003 07:13:12 +0900 (JST) Received: from black.imgsrc.co.jp (black.imgsrc.co.jp [2001:218:422:2::130]) by black.imgsrc.co.jp (Postfix) with ESMTP id 970521E4A62; Thu, 4 Dec 2003 07:13:12 +0900 (JST) Date: Thu, 04 Dec 2003 07:13:12 +0900 Message-ID: <7m65gxa6tj.wl@black.imgsrc.co.jp> From: Jun Kuriyama To: =?ISO-8859-1?Q?Jo=E3o?= Carlos Mendes =?ISO-8859-1?Q?Lu=EDs?= In-Reply-To: <3FCD3E15.5000509@jonny.eng.br> References: <3FCC804C.1070506@tcoip.com.br> <3FCD3E15.5000509@jonny.eng.br> User-Agent: Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.6 Emacs/21.3 (i386--freebsd) MULE/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: by AMaViS snapshot-20020531 cc: hubs@freebsd.org Subject: Re: Mirroring in .br X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 22:13:17 -0000 At Tue, 02 Dec 2003 23:36:21 -0200, Jo=E3o Carlos Mendes Lu=EDs wrote: > Note that cvsup drops down to rsync protocol if the source is not a CVS=20 > repository. So, there may be no advantage in the change. What "rsync" in CVSup means is, sync'ing one file with the same algorithm of rsync. CVSup does better way to compare trees (especially -s option on the client side). --=20 Jun Kuriyama // IMG SRC, Inc. // FreeBSD Project From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 15:48:50 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6C1F16A4CE for ; Wed, 3 Dec 2003 15:48:50 -0800 (PST) Received: from canning.wemm.org (canning.wemm.org [192.203.228.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8867643FBD for ; Wed, 3 Dec 2003 15:48:49 -0800 (PST) (envelope-from peter@wemm.org) Received: from wemm.org (localhost [127.0.0.1]) by canning.wemm.org (Postfix) with ESMTP id 7238C2A7EA for ; Wed, 3 Dec 2003 15:48:49 -0800 (PST) (envelope-from peter@wemm.org) X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: hubs@freebsd.org Date: Wed, 03 Dec 2003 15:48:49 -0800 From: Peter Wemm Message-Id: <20031203234849.7238C2A7EA@canning.wemm.org> Subject: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 23:48:51 -0000 There's definately a targeting of open source projects and infrastructure machines going on. Another linux mirror has been compromised. There's worrying developments on savannah.gnu.org, etc. Please take EXTRA care to watch your mirrors for 'funny stuff' and make damn sure that you're fully up todate with patches. Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and probed. Especially now. Cheers, -Peter -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com "All of this is for nothing if we don't go to the stars" - JMS/B5 From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 15:56:04 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A1E6E16A4CE for ; Wed, 3 Dec 2003 15:56:04 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-234.dsl.lsan03.pacbell.net [63.207.60.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id AB06443F93 for ; Wed, 3 Dec 2003 15:56:03 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id D0C9A66C55; Wed, 3 Dec 2003 15:56:01 -0800 (PST) Date: Wed, 3 Dec 2003 15:56:01 -0800 From: Kris Kennaway To: Peter Wemm Message-ID: <20031203235601.GA70953@xor.obsecurity.org> References: <20031203234849.7238C2A7EA@canning.wemm.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nFreZHaLTZJo0R7j" Content-Disposition: inline In-Reply-To: <20031203234849.7238C2A7EA@canning.wemm.org> User-Agent: Mutt/1.4.1i cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Dec 2003 23:56:04 -0000 --nFreZHaLTZJo0R7j Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 03, 2003 at 03:48:49PM -0800, Peter Wemm wrote: > There's definately a targeting of open source projects and infrastructure > machines going on. Another linux mirror has been compromised. There's > worrying developments on savannah.gnu.org, etc. =20 >=20 > Please take EXTRA care to watch your mirrors for 'funny stuff' and make d= amn > sure that you're fully up todate with patches. >=20 > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and > probed. Especially now. In particular, make sure you're running the latest openssh and sendmail, and any third-party software you're running like apache, which may have had vulnerabilities recently. A lot of cvsup/ftp/www mirrors are really bad about staying up-to-date with security patches - last time I checked there were a lot that were running old vulnerable sshds, etc. Kris --nFreZHaLTZJo0R7j Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/zngRWry0BWjoQKURAuGrAJ9vmeDs4eJsrO7EpHT0sMhM/QsTcACg+URs tNBUR66jZlPaBKGlCs5V8CA= =Uu6T -----END PGP SIGNATURE----- --nFreZHaLTZJo0R7j-- From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 16:24:14 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA32616A4CE for ; Wed, 3 Dec 2003 16:24:14 -0800 (PST) Received: from farside.isc.org (farside.isc.org [204.152.187.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C97343F93 for ; Wed, 3 Dec 2003 16:24:14 -0800 (PST) (envelope-from Peter_Losher@isc.org) Received: from dhcp-186.sql1.isc.org (dhcp-186.sql1.isc.org [204.152.187.186]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by farside.isc.org (Postfix) with ESMTP id B7E1CA85C for ; Thu, 4 Dec 2003 00:24:11 +0000 (UTC) (envelope-from Peter_Losher@isc.org) From: Peter Losher Organization: ISC To: hubs@freebsd.org Date: Wed, 3 Dec 2003 16:24:09 -0800 User-Agent: KMail/1.5.3 References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031203235601.GA70953@xor.obsecurity.org> In-Reply-To: <20031203235601.GA70953@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200312031624.09437.Peter_Losher@isc.org> Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 00:24:14 -0000 On Wednesday 03 December 2003 03:56 pm, Kris Kennaway wrote: > In particular, make sure you're running the latest openssh and > sendmail, and any third-party software you're running like apache, > which may have had vulnerabilities recently. Also stress password security; the Debian note stated that it all started when a non-privileged user's password was sniffed, and compromised. -Peter -- Peter_Losher@isc.org | ISC | OpenPGP Key E8048D08 | "The bits must flow" From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 16:33:01 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F57316A4CE for ; Wed, 3 Dec 2003 16:33:01 -0800 (PST) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01C5243FE1 for ; Wed, 3 Dec 2003 16:33:00 -0800 (PST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.9/8.12.9) with ESMTP id hB40WwDa099004 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK CN=khavrinen.lcs.mit.edu issuer=SSL+20Client+20CA); Wed, 3 Dec 2003 19:32:58 -0500 (EST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.9/8.12.9/Submit) id hB40Wv2f099001; Wed, 3 Dec 2003 19:32:57 -0500 (EST) (envelope-from wollman) Date: Wed, 3 Dec 2003 19:32:57 -0500 (EST) From: Garrett Wollman Message-Id: <200312040032.hB40Wv2f099001@khavrinen.lcs.mit.edu> To: Peter Losher In-Reply-To: <200312031624.09437.Peter_Losher@isc.org> References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031203235601.GA70953@xor.obsecurity.org> <200312031624.09437.Peter_Losher@isc.org> X-Spam-Score: -18.7 () IN_REP_TO,MANY_EXCLAMATIONS,QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES X-Scanned-By: MIMEDefang 2.37 cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 00:33:01 -0000 < said: > Also stress password security; the Debian note stated that it all started > when a non-privileged user's password was sniffed, and compromised. Indeed, it's a good idea to configure these systems with the following sshd_config lines: PasswordAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no PAMAuthenticationViaKbdInt no -GAWollman From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 16:47:34 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3811F16A4CF for ; Wed, 3 Dec 2003 16:47:34 -0800 (PST) Received: from anduril.ncsa.uiuc.edu (anduril.ncsa.uiuc.edu [141.142.102.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id A999D43FEA for ; Wed, 3 Dec 2003 16:47:32 -0800 (PST) (envelope-from jdugan@anduril.ncsa.uiuc.edu) Received: by anduril.ncsa.uiuc.edu (Postfix, from userid 501) id AF123182C4F; Wed, 3 Dec 2003 18:47:44 -0600 (CST) Date: Wed, 3 Dec 2003 18:47:44 -0600 From: Jon Dugan To: hubs@freebsd.org Message-ID: <20031204004744.GA1040@ncsa.uiuc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031203234849.7238C2A7EA@canning.wemm.org> User-Agent: Mutt/1.4i Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 00:47:34 -0000 In addition there may be a vulnerability in rsync running in daemon mode. I received a forwarded email about this, so it is unverified at this time, but if you offer rsyncd access you may wish to monitor this. On Wed, Dec 03, 2003 at 03:48:49PM -0800, Peter Wemm wrote: > There's definately a targeting of open source projects and infrastructure > machines going on. Another linux mirror has been compromised. There's > worrying developments on savannah.gnu.org, etc. > > Please take EXTRA care to watch your mirrors for 'funny stuff' and make damn > sure that you're fully up todate with patches. > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and > probed. Especially now. > > Cheers, > -Peter > -- > Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com > "All of this is for nothing if we don't go to the stars" - JMS/B5 > > _______________________________________________ > freebsd-hubs@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hubs > To unsubscribe, send any mail to "freebsd-hubs-unsubscribe@freebsd.org" -- Jon Dugan | Senior Network Engineer, NCSA Network Research jdugan@ncsa.uiuc.edu | 269 CAB, 605 E Springfield, Champaign, IL 61820 217-244-7715 | http://www.ncsa.uiuc.edu/~jdugan/ From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 16:55:32 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A78E16A4CE for ; Wed, 3 Dec 2003 16:55:32 -0800 (PST) Received: from farside.isc.org (farside.isc.org [204.152.187.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5363943FBF for ; Wed, 3 Dec 2003 16:55:31 -0800 (PST) (envelope-from Peter_Losher@isc.org) Received: from dhcp-186.sql1.isc.org (dhcp-186.sql1.isc.org [204.152.187.186]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by farside.isc.org (Postfix) with ESMTP id 151C7A85C for ; Thu, 4 Dec 2003 00:55:31 +0000 (UTC) (envelope-from Peter_Losher@isc.org) From: Peter Losher Organization: ISC To: hubs@freebsd.org Date: Wed, 3 Dec 2003 16:55:30 -0800 User-Agent: KMail/1.5.3 References: <20031204004744.GA1040@ncsa.uiuc.edu> In-Reply-To: <20031204004744.GA1040@ncsa.uiuc.edu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200312031655.30453.Peter_Losher@isc.org> Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 00:55:32 -0000 On Wednesday 03 December 2003 04:47 pm, Jon Dugan wrote: > In addition there may be a vulnerability in rsync running in daemon > mode. I received a forwarded email about this, so it is unverified at > this time, but if you offer rsyncd access you may wish to monitor > this. There's a note on /. about this (Gentoo was attacked) http://lists.netsys.com/pipermail/full-disclosure/2003-December/014440.html -Peter -- Peter_Losher@isc.org | ISC | OpenPGP Key E8048D08 | "The bits must flow" From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 17:26:45 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94C8016A4CE; Wed, 3 Dec 2003 17:26:45 -0800 (PST) Received: from FreeBSD.csie.NCTU.edu.tw (freebsd.csie.nctu.edu.tw [140.113.17.209]) by mx1.FreeBSD.org (Postfix) with ESMTP id BCBD543F3F; Wed, 3 Dec 2003 17:26:42 -0800 (PST) (envelope-from ijliao@FreeBSD.csie.NCTU.edu.tw) Received: from localhost (unknown [127.0.0.1]) by FreeBSD.csie.NCTU.edu.tw (Postfix) with ESMTP id 84E10106C0B; Thu, 4 Dec 2003 09:26:34 +0800 (CST) Received: from FreeBSD.csie.NCTU.edu.tw ([127.0.0.1]) by localhost (FreeBSD.csie.NCTU.edu.tw [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20354-02; Thu, 4 Dec 2003 09:26:25 +0800 (CST) Received: by FreeBSD.csie.NCTU.edu.tw (Postfix, from userid 1041) id 8A034106C29; Thu, 4 Dec 2003 09:26:25 +0800 (CST) Date: Thu, 4 Dec 2003 09:26:25 +0800 From: Ying-Chieh Liao To: Ken Smith Message-ID: <20031204012625.GB2971@freebsd.csie.nctu.edu.tw> References: <20031201160009.GA7391@muse.csie.ntu.edu.tw> <20031201162043.GA24247@electra.cse.Buffalo.EDU> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="BOKacYhQ+x31HxR3" Content-Disposition: inline In-Reply-To: <20031201162043.GA24247@electra.cse.Buffalo.EDU> X-Operating-System: FreeBSD 4.9-STABLE i386 X-PGP-Key-Location: http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x11C02382 X-PGP-Key-Fingerprint: 4E98 55CC 2866 7A90 EFD7 9DA5 ACC6 0165 11C0 2382 User-Agent: Mutt/1.5.5.1i cc: re@freebsd.org cc: hubs@freebsd.org Subject: Re: sparc64 disc2 X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 01:26:45 -0000 --BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Dec 01, 2003 at 11:20:43 -0500, Ken Smith wrote: > > I found that MD5 checksum of 5.2-BETA sparc64-disc2.iso on > > ftp-master.us (ftp-master also?) is not the same in CHECKSUM.MD5. > > MD5 (5.2-BETA-sparc64-disc2.iso) = 6b89b9a9a4d5adb16fa3f705ca52d4a7 > > in CHECKSUM.MD5 > > MD5 (5.2-BETA-sparc64-disc2.iso) = 668ae2b96c623aacdd5149e241bc3c08 > > what's wrong? My problem or the file is corrupted on ftp-master.us? > I'll cc this to re@, either the file was corrupted on its way to > ftp-master or the CHECKSUM.MD5 file isn't right. no response from re@ ? -- Pi seconds is a nanocentury. --- Tom Duff --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/zo1BrMYBZRHAI4IRAt6sAJ982eY2zWOy/ta5f6lnbO1gq//1dACfQzCg /bNBOz4eo0HqhaSSw8+/J9E= =vcxG -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3-- From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 21:11:16 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4CE016A4CE; Wed, 3 Dec 2003 21:11:16 -0800 (PST) Received: from gauss.stokely.org (builder.freebsdmall.com [65.86.180.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDAC543FDF; Wed, 3 Dec 2003 21:11:15 -0800 (PST) (envelope-from murray@gauss.stokely.org) Received: from gauss.stokely.org (localhost [127.0.0.1]) by gauss.stokely.org (8.12.10/8.12.9) with ESMTP id hB45B6Ym084613; Wed, 3 Dec 2003 21:11:06 -0800 (PST) (envelope-from murray@gauss.stokely.org) Received: (from murray@localhost) by gauss.stokely.org (8.12.10/8.12.9/Submit) id hB45B6JY084612; Wed, 3 Dec 2003 21:11:06 -0800 (PST) Date: Wed, 3 Dec 2003 21:11:06 -0800 From: Murray Stokely To: Ying-Chieh Liao Message-ID: <20031204051106.GH84246@freebsdmall.com> References: <20031201160009.GA7391@muse.csie.ntu.edu.tw> <20031201162043.GA24247@electra.cse.Buffalo.EDU> <20031204012625.GB2971@freebsd.csie.nctu.edu.tw> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031204012625.GB2971@freebsd.csie.nctu.edu.tw> User-Agent: Mutt/1.4.1i X-GPG-Key-ID: 1024D/0E451F7D X-GPG-Key-Fingerprint: E2CA 411D DD44 53FD BB4B 3CB5 B4D7 10A2 0E45 1F7D cc: Ken Smith cc: re@FreeBSD.org cc: hubs@FreeBSD.org Subject: Re: sparc64 disc2 X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 05:11:16 -0000 On Thu, Dec 04, 2003 at 09:26:25AM +0800, Ying-Chieh Liao wrote: > > I'll cc this to re@, either the file was corrupted on its way to > > ftp-master or the CHECKSUM.MD5 file isn't right. > > no response from re@ ? This is an ACK. I suspect the transfer was interrupted in route to ftp-master or something but that is pure conjecture. Scott made and pushed up that ISO so I think he's the only one who can figure this out. He's obviously busy at the moment so let's be patient. Sorry for the inconvenience. - Murray From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 04:38:12 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15E6616A4CE; Thu, 4 Dec 2003 04:38:12 -0800 (PST) Received: from mailbox.univie.ac.at (mailbox.univie.ac.at [131.130.1.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BB4843FA3; Thu, 4 Dec 2003 04:37:25 -0800 (PST) (envelope-from l.ertl@univie.ac.at) Received: from wireless (adslle.cc.univie.ac.at [131.130.102.11]) hB4CbIIe648562; Thu, 4 Dec 2003 13:37:19 +0100 Date: Thu, 4 Dec 2003 13:37:20 +0100 (CET) From: Lukas Ertl To: Peter Wemm In-Reply-To: <20031203234849.7238C2A7EA@canning.wemm.org> Message-ID: <20031204133520.A748@korben.in.tern> References: <20031203234849.7238C2A7EA@canning.wemm.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-DCC-ZID-Univie-Metrics: mailbox 4246; Body=0 Fuz1=0 Fuz2=0 cc: ports@freebsd.org cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 12:38:12 -0000 On Wed, 3 Dec 2003, Peter Wemm wrote: > Please take EXTRA care to watch your mirrors for 'funny stuff' and make damn > sure that you're fully up todate with patches. > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and > probed. Especially now. (I'm cc'ing ports@ on this.) Since the gentoo hack was obviously made through a vunerable version of rsync, I ask if it's possible to update the rsync port to the new version. regards, le -- Lukas Ertl eMail: l.ertl@univie.ac.at UNIX Systemadministrator Tel.: (+43 1) 4277-14073 Vienna University Computer Center Fax.: (+43 1) 4277-9140 University of Vienna http://mailbox.univie.ac.at/~le/ From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 05:23:12 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A519D16A4CE for ; Thu, 4 Dec 2003 05:23:12 -0800 (PST) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id D4DCC43FEC for ; Thu, 4 Dec 2003 05:23:07 -0800 (PST) (envelope-from roam@ringlet.net) Received: (qmail 10237 invoked from network); 4 Dec 2003 13:21:12 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 4 Dec 2003 13:21:11 -0000 Received: (qmail 2362 invoked by uid 1000); 4 Dec 2003 13:23:03 -0000 Date: Thu, 4 Dec 2003 15:23:03 +0200 From: Peter Pentchev To: Lukas Ertl Message-ID: <20031204132303.GB347@straylight.m.ringlet.net> Mail-Followup-To: Lukas Ertl , Peter Wemm , ports@freebsd.org, hubs@freebsd.org References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5I6of5zJg18YgZEa" Content-Disposition: inline In-Reply-To: <20031204133520.A748@korben.in.tern> User-Agent: Mutt/1.5.5.1i cc: ports@freebsd.org cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 13:23:12 -0000 --5I6of5zJg18YgZEa Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote: > On Wed, 3 Dec 2003, Peter Wemm wrote: >=20 > > Please take EXTRA care to watch your mirrors for 'funny stuff' and make= damn > > sure that you're fully up todate with patches. > > > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned and > > probed. Especially now. >=20 > (I'm cc'ing ports@ on this.) >=20 > Since the gentoo hack was obviously made through a vunerable version of > rsync, I ask if it's possible to update the rsync port to the new version. I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port maintainer, earlier today. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 I am the thought you are now thinking. --5I6of5zJg18YgZEa Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/zzU37Ri2jRYZRVMRAoi6AJ9nnTz2Ri0AjgOfXmWfYlpcrXA2FACgsouT /Ik2OkO5yB8ZOC6Tl0le2Gw= =oQjq -----END PGP SIGNATURE----- --5I6of5zJg18YgZEa-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 05:24:23 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D335216A4CE for ; Thu, 4 Dec 2003 05:24:23 -0800 (PST) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id EC17443FDF for ; Thu, 4 Dec 2003 05:24:17 -0800 (PST) (envelope-from roam@ringlet.net) Received: (qmail 10533 invoked from network); 4 Dec 2003 13:22:24 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 4 Dec 2003 13:22:22 -0000 Received: (qmail 2393 invoked by uid 1000); 4 Dec 2003 13:24:14 -0000 Date: Thu, 4 Dec 2003 15:24:14 +0200 From: Peter Pentchev To: Lukas Ertl Message-ID: <20031204132414.GC347@straylight.m.ringlet.net> Mail-Followup-To: Lukas Ertl , Peter Wemm , ports@freebsd.org, hubs@freebsd.org References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> <20031204132303.GB347@straylight.m.ringlet.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Qrgsu6vtpU/OV/zm" Content-Disposition: inline In-Reply-To: <20031204132303.GB347@straylight.m.ringlet.net> User-Agent: Mutt/1.5.5.1i cc: ports@freebsd.org cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 13:24:24 -0000 --Qrgsu6vtpU/OV/zm Content-Type: multipart/mixed; boundary="RIYY1s2vRbPFwWeW" Content-Disposition: inline --RIYY1s2vRbPFwWeW Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 04, 2003 at 03:23:03PM +0200, Peter Pentchev wrote: > On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote: > > On Wed, 3 Dec 2003, Peter Wemm wrote: > >=20 > > > Please take EXTRA care to watch your mirrors for 'funny stuff' and ma= ke damn > > > sure that you're fully up todate with patches. > > > > > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned = and > > > probed. Especially now. > >=20 > > (I'm cc'ing ports@ on this.) > >=20 > > Since the gentoo hack was obviously made through a vunerable version of > > rsync, I ask if it's possible to update the rsync port to the new versi= on. >=20 > I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port > maintainer, earlier today. Err.. for those who would like to use the fixed version of rsync, here is the patch. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If this sentence didn't exist, somebody would have invented it. --RIYY1s2vRbPFwWeW Content-Type: text/plain; charset=windows-1251 Content-Disposition: attachment; filename="net-rsync.patch" Content-Transfer-Encoding: quoted-printable Index: ports/net/rsync/Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/net/rsync/Makefile,v retrieving revision 1.86 diff -u -r1.86 Makefile --- ports/net/rsync/Makefile 16 Nov 2003 23:08:12 -0000 1.86 +++ ports/net/rsync/Makefile 4 Dec 2003 08:30:44 -0000 @@ -7,8 +7,8 @@ # =20 PORTNAME=3D rsync -PORTVERSION=3D 2.5.6 -PORTREVISION=3D 2 +PORTVERSION=3D 2.5.7 +PORTREVISION=3D 0 CATEGORIES=3D net ipv6 MASTER_SITES=3D ftp://samba.anu.edu.au/pub/rsync/ \ ftp://sunsite.auc.dk/pub/unix/rsync/ \ Index: ports/net/rsync/distinfo =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/net/rsync/distinfo,v retrieving revision 1.33 diff -u -r1.33 distinfo --- ports/net/rsync/distinfo 28 Jan 2003 16:50:01 -0000 1.33 +++ ports/net/rsync/distinfo 4 Dec 2003 08:32:17 -0000 @@ -1 +1 @@ -MD5 (rsync-2.5.6.tar.gz) =3D ec39fcea433df4d6a3a4e0896c655535 +MD5 (rsync-2.5.7.tar.gz) =3D 9b3ec929091d7849f42b973247918a55 Index: ports/net/rsync/files/patch-util.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: ports/net/rsync/files/patch-util.c diff -N ports/net/rsync/files/patch-util.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ ports/net/rsync/files/patch-util.c 4 Dec 2003 08:58:32 -0000 @@ -0,0 +1,14 @@ +--- util.c.old Thu Dec 4 10:57:42 2003 ++++ util.c Thu Dec 4 10:58:23 2003 +@@ -936,7 +936,11 @@ + #endif +=20 +=20 ++#ifdef SIZE_T_MAX ++#define MALLOC_MAX (SIZE_T_MAX / 2) ++#else /* SIZE_T_MAX */ + #define MALLOC_MAX 0x40000000 ++#endif /* SIZE_T_MAX */ +=20 + void *_new_array(unsigned int size, unsigned long num) + { --RIYY1s2vRbPFwWeW-- --Qrgsu6vtpU/OV/zm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/zzV+7Ri2jRYZRVMRAm2IAKC+aQOw/4gijKzOZKrKZAGl6GKQFwCdHda5 WvK2DPFkqPgJfLLNwEmlia4= =KN6+ -----END PGP SIGNATURE----- --Qrgsu6vtpU/OV/zm-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 06:11:18 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2856016A4CE; Thu, 4 Dec 2003 06:11:18 -0800 (PST) Received: from mailbox.univie.ac.at (mailbox.univie.ac.at [131.130.1.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id C399243FCB; Thu, 4 Dec 2003 06:11:16 -0800 (PST) (envelope-from l.ertl@univie.ac.at) Received: from wireless (adslle.cc.univie.ac.at [131.130.102.11]) hB4EB949618360; Thu, 4 Dec 2003 15:11:11 +0100 Date: Thu, 4 Dec 2003 15:11:12 +0100 (CET) From: Lukas Ertl To: Peter Pentchev In-Reply-To: <20031204132414.GC347@straylight.m.ringlet.net> Message-ID: <20031204151052.T600@korben.in.tern> References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> <20031204132414.GC347@straylight.m.ringlet.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-DCC-ZID-Univie-Metrics: mailbox 4246; Body=0 Fuz1=0 Fuz2=0 cc: ports@freebsd.org cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 14:11:18 -0000 On Thu, 4 Dec 2003, Peter Pentchev wrote: > On Thu, Dec 04, 2003 at 03:23:03PM +0200, Peter Pentchev wrote: > > On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote: > > > Since the gentoo hack was obviously made through a vunerable version of > > > rsync, I ask if it's possible to update the rsync port to the new version. > > > > I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port > > maintainer, earlier today. > > Err.. for those who would like to use the fixed version of rsync, here > is the patch. Thanks! regards, le -- Lukas Ertl eMail: l.ertl@univie.ac.at UNIX Systemadministrator Tel.: (+43 1) 4277-14073 Vienna University Computer Center Fax.: (+43 1) 4277-9140 University of Vienna http://mailbox.univie.ac.at/~le/ From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 07:01:46 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8FB5A16A4CE for ; Thu, 4 Dec 2003 07:01:46 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-234.dsl.lsan03.pacbell.net [63.207.60.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id A250143FE1 for ; Thu, 4 Dec 2003 07:01:45 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 1690F66C8E; Thu, 4 Dec 2003 07:01:45 -0800 (PST) Date: Thu, 4 Dec 2003 07:01:45 -0800 From: Kris Kennaway To: hubs@FreeBSD.org Message-ID: <20031204150144.GG79714@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="uc35eWnScqDcQrv5" Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: [kris@FreeBSD.org: cvs commit: ports/net/rsync Makefile distinfo] X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 15:01:46 -0000 --uc35eWnScqDcQrv5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Mirror operators, please update your rsyncd immeiately. Also, the rsync developers suggest not using "use chroot=3Dno" for security reasons. I don't know whether this is viable for mirror operation. ----- Forwarded message from Kris Kennaway ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org Delivered-To: kris@freebsd.org Delivered-To: ports-committers@freebsd.org From: Kris Kennaway Date: Thu, 4 Dec 2003 06:45:06 -0800 (PST) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/net/rsync Makefile distinfo X-FreeBSD-CVS-Branch: HEAD Precedence: bulk X-Loop: FreeBSD.ORG X-UIDL: 84774d27af464bbb0b42f7d4a64327a2 kris 2003/12/04 06:45:06 PST FreeBSD ports repository Modified files: net/rsync Makefile distinfo=20 Log: Security update to rsync 2.5.7. This fixes a remotely-exploitable heap overflow, see http://rsync.samba.org/ for the details. =20 Revision Changes Path 1.87 +1 -2 ports/net/rsync/Makefile http://cvsweb.FreeBSD.org/ports/net/rsync/Makefile.diff?r1=3D1.86&r2=3D1.87 1.34 +1 -1 ports/net/rsync/distinfo http://cvsweb.FreeBSD.org/ports/net/rsync/distinfo.diff?r1=3D1.33&r2=3D1.34 ----- End forwarded message ----- --uc35eWnScqDcQrv5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z0xWWry0BWjoQKURAqXEAJ4ut34q2UShR9F+BcrMBaE8GUZIGwCgrDwW tqQ9WmL+TEwH3rE/uukjDHU= =jzOH -----END PGP SIGNATURE----- --uc35eWnScqDcQrv5-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 07:10:16 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 35A9416A542; Thu, 4 Dec 2003 07:10:16 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-234.dsl.lsan03.pacbell.net [63.207.60.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7289C43F75; Thu, 4 Dec 2003 07:10:14 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 6189366C55; Thu, 4 Dec 2003 07:10:13 -0800 (PST) Date: Thu, 4 Dec 2003 07:10:13 -0800 From: Kris Kennaway To: Lukas Ertl , Peter Wemm , ports@freebsd.org, hubs@freebsd.org Message-ID: <20031204151013.GA80231@xor.obsecurity.org> References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> <20031204132303.GB347@straylight.m.ringlet.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="xHFwDpU9dbj6ez1V" Content-Disposition: inline In-Reply-To: <20031204132303.GB347@straylight.m.ringlet.net> User-Agent: Mutt/1.4.1i Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 15:10:16 -0000 --xHFwDpU9dbj6ez1V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 04, 2003 at 03:23:03PM +0200, Peter Pentchev wrote: > On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote: > > On Wed, 3 Dec 2003, Peter Wemm wrote: > >=20 > > > Please take EXTRA care to watch your mirrors for 'funny stuff' and ma= ke damn > > > sure that you're fully up todate with patches. > > > > > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanned = and > > > probed. Especially now. > >=20 > > (I'm cc'ing ports@ on this.) > >=20 > > Since the gentoo hack was obviously made through a vunerable version of > > rsync, I ask if it's possible to update the rsync port to the new versi= on. >=20 > I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port > maintainer, earlier today. Because of the severity of this, I put on my portmgr hat and updated it myself a few minutes ago. It should be retagged for 5.2. Kris --xHFwDpU9dbj6ez1V Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z05VWry0BWjoQKURAlxtAJ0bO+fBnquzK/7S0X0lN8T6IvPa7QCgozuR cP2z1e1Y8jdo85qawby8Qvc= =FDBo -----END PGP SIGNATURE----- --xHFwDpU9dbj6ez1V-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 07:20:23 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 644BE16A4CE for ; Thu, 4 Dec 2003 07:20:23 -0800 (PST) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 6E93043F75 for ; Thu, 4 Dec 2003 07:20:19 -0800 (PST) (envelope-from roam@ringlet.net) Received: (qmail 11020 invoked from network); 4 Dec 2003 15:18:24 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 4 Dec 2003 15:18:23 -0000 Received: (qmail 8036 invoked by uid 1000); 4 Dec 2003 15:20:15 -0000 Date: Thu, 4 Dec 2003 17:20:15 +0200 From: Peter Pentchev To: Kris Kennaway Message-ID: <20031204152015.GF347@straylight.m.ringlet.net> Mail-Followup-To: Kris Kennaway , Lukas Ertl , Peter Wemm , ports@freebsd.org, hubs@freebsd.org References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> <20031204132303.GB347@straylight.m.ringlet.net> <20031204151013.GA80231@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="j2AXaZ4YhVcLc+PQ" Content-Disposition: inline In-Reply-To: <20031204151013.GA80231@xor.obsecurity.org> User-Agent: Mutt/1.5.5.1i cc: ports@freebsd.org cc: hubs@freebsd.org Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 15:20:23 -0000 --j2AXaZ4YhVcLc+PQ Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 04, 2003 at 07:10:13AM -0800, Kris Kennaway wrote: > On Thu, Dec 04, 2003 at 03:23:03PM +0200, Peter Pentchev wrote: > > On Thu, Dec 04, 2003 at 01:37:20PM +0100, Lukas Ertl wrote: > > > On Wed, 3 Dec 2003, Peter Wemm wrote: > > >=20 > > > > Please take EXTRA care to watch your mirrors for 'funny stuff' and = make damn > > > > sure that you're fully up todate with patches. > > > > > > > > Being a cvsup*/ftp*/etc mirror means that you're going to be scanne= d and > > > > probed. Especially now. > > >=20 > > > (I'm cc'ing ports@ on this.) > > >=20 > > > Since the gentoo hack was obviously made through a vunerable version = of > > > rsync, I ask if it's possible to update the rsync port to the new ver= sion. > >=20 > > I sent a patch to update rsync to 2.5.7 to Oliver Eikemeier, the port > > maintainer, earlier today. >=20 > Because of the severity of this, I put on my portmgr hat and updated > it myself a few minutes ago. It should be retagged for 5.2. It would be nice to also include the files/patch-util.c from my update patch: rsync-2.5.7 artificially limits the size of a malloc'ed block to 1G, which is fine on 32-bit machines, but might turn out to be just that - an artificial limitation - on 64-bit ones. I don't think it is strictly needed though - allocating more than 1G at a time strikes me as more than a little scary, even for a FreeBSD mirror server :) Thanks for taking care of this, though! G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If you think this sentence is confusing, then change one pig. --j2AXaZ4YhVcLc+PQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z1Cv7Ri2jRYZRVMRApZtAKC5q1zsCQFhRBdivT18SlioyV5OvACghPlG FBHr5NFRPxMh21FlbKSAYkA= =teWI -----END PGP SIGNATURE----- --j2AXaZ4YhVcLc+PQ-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 07:24:39 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B70C16A4CF; Thu, 4 Dec 2003 07:24:39 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-234.dsl.lsan03.pacbell.net [63.207.60.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id 68FC043FB1; Thu, 4 Dec 2003 07:24:38 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 055C366C55; Thu, 4 Dec 2003 07:24:37 -0800 (PST) Date: Thu, 4 Dec 2003 07:24:37 -0800 From: Kris Kennaway To: Kris Kennaway , Lukas Ertl , Peter Wemm , ports@freebsd.org, hubs@freebsd.org Message-ID: <20031204152437.GA84858@xor.obsecurity.org> References: <20031203234849.7238C2A7EA@canning.wemm.org> <20031204133520.A748@korben.in.tern> <20031204132303.GB347@straylight.m.ringlet.net> <20031204151013.GA80231@xor.obsecurity.org> <20031204152015.GF347@straylight.m.ringlet.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OgqxwSJOaUobr8KG" Content-Disposition: inline In-Reply-To: <20031204152015.GF347@straylight.m.ringlet.net> User-Agent: Mutt/1.4.1i Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 15:24:39 -0000 --OgqxwSJOaUobr8KG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 04, 2003 at 05:20:15PM +0200, Peter Pentchev wrote: > It would be nice to also include the files/patch-util.c from my update > patch: rsync-2.5.7 artificially limits the size of a malloc'ed block > to 1G, which is fine on 32-bit machines, but might turn out to be > just that - an artificial limitation - on 64-bit ones. I don't think > it is strictly needed though - allocating more than 1G at a time strikes > me as more than a little scary, even for a FreeBSD mirror server :) >=20 > Thanks for taking care of this, though! Sorry, I didn't see your patch before I did the upgrade myself. I think I'll leave this to the maintainer to decide, since it's not relevant to the security patch. You already gave the fairly convincing argument of why this might be considered a feature anyway :-) Kris --OgqxwSJOaUobr8KG Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z1G1Wry0BWjoQKURAslAAKC4O0tDJXjofrJhT07zWbm/pefGxACeP1aj K5obBmyMcjET/0jtNsnF754= =ukR5 -----END PGP SIGNATURE----- --OgqxwSJOaUobr8KG-- From owner-freebsd-hubs@FreeBSD.ORG Thu Dec 4 08:41:34 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B166716A4CE for ; Thu, 4 Dec 2003 08:41:34 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-63-207-60-234.dsl.lsan03.pacbell.net [63.207.60.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0BD6043F85 for ; Thu, 4 Dec 2003 08:41:34 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id AE54F66C55; Thu, 4 Dec 2003 08:41:33 -0800 (PST) Date: Thu, 4 Dec 2003 08:41:33 -0800 From: Kris Kennaway To: hubs@FreeBSD.org Message-ID: <20031204164133.GA86066@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="LZvS9be/3tNcYl/X" Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: Port scanning from bento X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 16:41:34 -0000 --LZvS9be/3tNcYl/X Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Folks, Don't freak out if you notice some port scans coming from bento.freebsd.org - this is just me checking whether you're doing your jobs keeping your machines up to date :-) Kris --LZvS9be/3tNcYl/X Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/z2O9Wry0BWjoQKURAkfBAJ9Pu9iWWTasrMvoGQx7x968vGVSPQCdHDNB U7H9PTRfQaP+WLkOw6XBs3A= =e035 -----END PGP SIGNATURE----- --LZvS9be/3tNcYl/X--