From owner-freebsd-security@FreeBSD.ORG Mon Mar 28 21:39:47 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C16EF16A4CE for ; Mon, 28 Mar 2005 21:39:47 +0000 (GMT) Received: from pd3mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 80F9943D31 for ; Mon, 28 Mar 2005 21:39:47 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd2mr4so.prod.shaw.ca (pd2mr4so-qfe3.prod.shaw.ca [10.0.141.107]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IE300BPK063AGBC@l-daemon> for freebsd-security@freebsd.org; Mon, 28 Mar 2005 14:39:39 -0700 (MST) Received: from pn2ml5so.prod.shaw.ca ([10.0.121.149]) by pd2mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IE3001D6063UU10@pd2mr4so.prod.shaw.ca> for freebsd-security@freebsd.org; Mon, 28 Mar 2005 14:39:39 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) freebsd-security@freebsd.org; Mon, 28 Mar 2005 14:39:39 -0700 (MST) Date: Mon, 28 Mar 2005 13:39:29 -0800 From: Colin Percival In-reply-to: <20050328212408.GC12478@mitch.veggiechinese.net> To: Will Yardley Message-id: <42487991.3080409@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.90.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <20050328212408.GC12478@mitch.veggiechinese.net> User-Agent: Mozilla Thunderbird 1.0 (X11/20050314) cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:01.telnet X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Mar 2005 21:39:47 -0000 Will Yardley wrote: >>b) Execute the following commands as root: >> >># cd /usr/src >># patch < /path/to/patch > > On my home machine (5.3-RELEASE) this failed - I had to go to > /usr/src/contrib/telnet/telnet for the patch to apply. Somehow the patch wasn't generated correctly for FreeBSD 5.x. It should be fixed soon; but what you've done works for now. >>c) Rebuild the operating system as described in >>. > > Just curious... why is it necessary to rebuild the whole operating > system? Normally, the security advisories just have you rebuild the > program in question - wouldn't that have sufficed here? For historical reasons, the telnet build is rather messy: Depending upon which options you have set in /etc/make.conf, telnet might need to be rebuilt from one of four different directories. We decided that having everybody run "make buildworld" was far less prone to error than trying to explain which particular version of telnet each system would need to have rebuilt. Colin Percival