From owner-freebsd-security  Wed Jun 26 16:30:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from router.drapple.com (12-225-0-33.client.attbi.com [12.225.0.33])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7E70537B9B3; Wed, 26 Jun 2002 16:05:11 -0700 (PDT)
Received: from work.drapple.com (work [192.168.1.10])
	by router.drapple.com (8.9.3/8.9.3) with ESMTP id PAA00906;
	Wed, 26 Jun 2002 15:14:38 -0700 (PDT)
	(envelope-from mark@work.drapple.com)
Message-ID: <XFMail.020626151359.mark@work.drapple.com>
X-Mailer: XFMail 1.4.0 on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <Pine.NEB.3.96L.1020626162041.16603B-100000@fledge.watson.org>
Date: Wed, 26 Jun 2002 15:13:59 -0700 (PDT)
From: Mark Hartley <mark@work.drapple.com>
To: Robert Watson <rwatson@FreeBSD.ORG>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv
Cc: freebsd-security@FreeBSD.ORG,
	"H. Wade Minter" <minter@lunenburg.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


On 26-Jun-02 Robert Watson wrote:
> 
> On Wed, 26 Jun 2002, H. Wade Minter wrote:
> 
>> So am I correct in assuming that this fix requires a complete system
>> rebuild (make buildworld) as opposed to just rebuilding a particular
>> module? 
> 
> You will catch most applications simply by rebuilding libc and
> reinstalling.  Unfortunately, some applications are statically linked, and
> they must be individually relinked against the new libc and reinstalled. 
> Since there are a moderate number of statically linked applications that
> use DNS, the easiest directions simply involved rebuilding the entire
> system (especially given modern system speed).  Once the binary updates
> are available, there will be a list of the affect binaries if you want to
> take a more selective approach.
> 
> Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
> robert@fledge.watson.org      Network Associates Laboratories
> 
> 

Are there other common applications (not rebuilt by the world) that many of us
are likely to be running which are going to need to be rebuilt (i.e. Apache,
pop3 servers, db servers, etc)?

I'm not really sure how to even know if an application would be statically
linked against libc.  Maybe someone with a clue could post some instructions on
how to check out if an app is statically linked against libc, then we could
test our own apps and rebuild as needed.  Anyone have an easy way that we can
tell?

Thanks.

Mark.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message