Date: Mon, 04 Aug 2003 16:01:34 -0700 From: Colin Percival <colin.percival@wadham.ox.ac.uk> To: freebsd-security@freebsd.org Cc: "Jacques A. Vidrine" <nectar@freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath Message-ID: <5.0.2.1.1.20030804044235.02bce1f0@popserver.sfu.ca> In-Reply-To: <5.0.2.1.1.20030804004417.02bcc920@popserver.sfu.ca> References: <200308040004.h7404VVL030671@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 00:54 04/08/2003 -0700, I wrote: > Once the binary updates are available, FreeBSD Update >(security/freebsd-update in the ports tree) will be able to fetch and >install them; I'll send another email to this list after they've been >built, signed, and uploaded. Binary patches can now be installed via FreeBSD Update for any systems with a binary install of 4.7-RELEASE or 4.8-RELEASE which have not have any system binaries rebuilt or replaced locally (except by FreeBSD Update). With a recent copy of the ports tree: 1. cd /usr/ports/security/freebsd-update/ && make all install 2. cp /usr/local/etc/freebsd-update.conf.sample /usr/local/etc/freebsd-update.conf 3. /usr/local/sbin/freebsd-update fetch 4. /usr/local/sbin/freebsd-update install In FreeBSD 4.7, the following binaries were affected by this security advisory: /bin/mv /bin/pwd /bin/realpath /sbin/kldconfig /sbin/mount /sbin/mount_cd9660 /sbin/mount_ext2fs /sbin/mount_fdesc /sbin/mount_kernfs /sbin/mount_linprocfs /sbin/mount_mfs /sbin/mount_msdos /sbin/mount_nfs /sbin/mount_ntfs /sbin/mount_null /sbin/mount_nwfs /sbin/mount_portal /sbin/mount_procfs /sbin/mount_smbfs /sbin/mount_std /sbin/mount_umap /sbin/mount_union /sbin/mountd /sbin/newfs /sbin/umount /usr/bin/make /usr/lib/libc.a /usr/lib/libc.so.4 /usr/lib/libc_p.a /usr/lib/libc_pic.a /usr/lib/libc_r.a /usr/lib/libc_r.so.4 /usr/lib/libc_r_p.a /usr/libexec/lukemftpd /usr/libexec/sftp-server /usr/sbin/config /usr/sbin/pkg_add /usr/sbin/sshd In FreeBSD 4.8, the same binaries were affected, with the exception of /sbin/mount_kernfs (no longer installed), /usr/bin/make (no longer uses realpath), and /usr/libexec/lukemftpd (no longer installed). Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.1.20030804044235.02bce1f0>