From owner-freebsd-questions@FreeBSD.ORG Tue Apr 5 22:05:42 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2418B16A4CF for ; Tue, 5 Apr 2005 22:05:42 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4594C43D1F for ; Tue, 5 Apr 2005 22:05:41 +0000 (GMT) (envelope-from pietro.cerutti@gmail.com) Received: by rproxy.gmail.com with SMTP id a41so15925rng for ; Tue, 05 Apr 2005 15:05:40 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=M0FzKTagMdWTPyT695AGccOqaVALVXaSsBnWzgAPS9l0WgT6WsGtQAtsb5YQUhdBZ8RkzAiE0UuzdlGpn3Ja4G3nxzF+/WMEdYBfrDjjls6RBStWt8oBxPB1n3enK4ymy22SgB1RGgL+CMt/u/gJji8asIgO6J4psqkFlx57wWs= Received: by 10.38.155.3 with SMTP id c3mr124089rne; Tue, 05 Apr 2005 15:05:40 -0700 (PDT) Received: by 10.38.13.78 with HTTP; Tue, 5 Apr 2005 15:05:40 -0700 (PDT) Message-ID: Date: Tue, 5 Apr 2005 22:05:40 +0000 From: Pietro Cerutti To: Kevin Kinsey In-Reply-To: <4252CA5C.9040706@daleco.biz> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <3rr04b$oie03j@mxip02a.cluster1.charter.net> <4252CA5C.9040706@daleco.biz> cc: John Hall cc: questions@freebsd.org Subject: Re: PRERELEASE? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Pietro Cerutti List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2005 22:05:42 -0000 On Apr 5, 2005 5:26 PM, Kevin Kinsey wrote: > John Hall wrote: > > >We currently have 5.4-PRERELEASE installed on our web box: > > > >outpost# uname -a > >FreeBSD outpost.blacklotus.net 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #0: Wed > >Mar 30 13:38:38 MST 2005 > >hallj@outpost.blacklotus.net:/usr/obj/usr/src/sys/OUTPOST i386 > > > >I need to know if we need to update the server to 5.4-RELEASE with this > >version of 5.4 in order to protect against the sendfile kernel memory > >problem in the security notice at: > > > >ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile. > >asc > > > >Thanks! > > > >John Hall [jhall@lotuscom.net] > >Manager of Operations > >Black Lotus Communications > >[http://www.blacklotus.net] > > > > > > I don't think it's possible to update to 5.4-RELEASE, as it > doesn't exist yet AFAICT from the web site. I've not checked > the CVS repo or mirrors, so I guess it's possible that it has > been tagged in the last couple of days, though. Yes it's on the CVSs repositories now.... > > Updating to any codebase from today or following the > patch method outlined in the announcement should > make you safe from this vulnerability. > > See the Handbook chapter on "the Cutting Edge". > The RELEASE tag you'd want would be "RELENG_5", > I expect. > > Whoops, OK: now I see that apparently 5.4 has > been tagged. As mentioned in the advisory, you > can either patch your system and recompile the > kernel or update to one of seven different code > paths to get the new code. If you server was built > just a week ago, then 5.4-RELEASE sounds great > for this purpose, and the only viable choices for you > are RELENG_5, RELENG_5_4, or RELENG_5_3. > However, the recommended procedure for the > entire world reinstall includes some time (not > much, probably) spent in single-user mode, so if this > is a busy box that needs 99.99 percent uptime, maybe > the kernel rebuild would be better, as a simple reboot > on the new kernel would be the only thing required.... > I'm sure that this statement might be open to debate.... > > Kevin Kinsey > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Pietro Cerutti Beansidhe - SwiSS Death / Thrash Metal Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming or what?"