From owner-freebsd-security Mon Jul 23 15: 1:51 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.tgd.net (rand.tgd.net [64.81.67.117]) by hub.freebsd.org (Postfix) with SMTP id 6756237B408 for ; Mon, 23 Jul 2001 15:01:26 -0700 (PDT) (envelope-from sean@mailhost.tgd.net) Received: (qmail 35100 invoked by uid 1001); 23 Jul 2001 22:01:22 -0000 Date: Mon, 23 Jul 2001 15:01:22 -0700 From: Sean Chittenden To: alexus Cc: freebsd-security@FreeBSD.ORG Subject: Re: telnet exploit Message-ID: <20010723150122.E34549@rand.tgd.net> References: <03af01c113b1$1d6b6080$6c01a8c0@mpcsecurity.com> <20010723234007.A69282@student.uu.se> <001401c113c1$e43551c0$0d00a8c0@alexus> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="doKZ0ri6bHmN2Q5y" Content-Disposition: inline In-Reply-To: <001401c113c1$e43551c0$0d00a8c0@alexus>; from "ml@db.nexgen.com" on Mon, Jul 23, 2001 at = 05:53:21PM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --doKZ0ri6bHmN2Q5y Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable cvsup can be used to track -stable and -release. Check out chapter 20 of the handbook, and look through the -stable and -questions mail archives for more information on this. RELENG_2_2 was MFC'ed earlier today so I imagine that RELENG_4 has already been MFC'ed. -sc PS -questions is probably a better place to ask this than=20 -security. > what about those folks who prefer to stay running releaes instead of > current? >=20 > > [Please remember to wrap your lines at < 80 columns] > > > > On Mon, Jul 23, 2001 at 02:52:46PM -0500, Robert Herrold wrote: > > > I have never used cvsup before, and I'm a little confused about the > > > current possible patch/fix. > > > > > > First off, is there a 'patch/fix/replacement for telnetd' > > > (/usr/libexec/telnetd). If so, would that be included in the cvsup? > > > > There has been a fix committed so, yes, cvsup would get the fixed > > version. > > > > > > > > Secondly, I've read through the cvsup documentation, and I'm a little > > > unclear on whether it is basically just downloading source, or is it > > > adding the packages. (do I need to recompile?) > > > > > > > Cvsup downloads the source. You need to recompile afterwards. > > > > > Any help would be greatly appreciated. --=20 Sean Chittenden --doKZ0ri6bHmN2Q5y Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden iEYEARECAAYFAjtcnrEACgkQn09c7x7d+q1KvwCePr0bEKRA/Jrwnkhw5QFSvZIW UbAAoKbOr6bYvKNXTRf9YtfZ6AHH7TUA =L+cJ -----END PGP SIGNATURE----- --doKZ0ri6bHmN2Q5y-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message