From owner-freebsd-security@FreeBSD.ORG Thu Feb 5 11:15:30 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3338116A4CE for ; Thu, 5 Feb 2004 11:15:30 -0800 (PST) Received: from tx3.oucs.ox.ac.uk (tx3.oucs.ox.ac.uk [163.1.2.167]) by mx1.FreeBSD.org (Postfix) with ESMTP id E404543D4C for ; Thu, 5 Feb 2004 11:15:15 -0800 (PST) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan3.oucs.ox.ac.uk ([163.1.2.166] helo=localhost) by tx3.oucs.ox.ac.uk with esmtp (Exim 4.24) id 1AoowW-0003q5-Pa for security@freebsd.org; Thu, 05 Feb 2004 19:13:40 +0000 Received: from rx3.oucs.ox.ac.uk ([163.1.2.165]) by localhost (scan3.oucs.ox.ac.uk [163.1.2.166]) (amavisd-new, port 25) with ESMTP id 14453-09 for ; Thu, 5 Feb 2004 19:13:40 +0000 (GMT) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx3.oucs.ox.ac.uk with smtp (Exim 4.24) id 1AoowW-0003q0-CE for security@freebsd.org; Thu, 05 Feb 2004 19:13:40 +0000 Received: (qmail 24713 invoked by uid 0); 5 Feb 2004 19:13:40 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.16 (sweep: 2.14/3.71. spamassassin: 2.53. Clear:. Processed in 1.37758 secs); 05 Feb 2004 19:13:40 -0000 X-Qmail-Scanner-Mail-From: colin.percival@wadham.ox.ac.uk via gateway X-Qmail-Scanner: 1.16 (Clear:. Processed in 1.37758 secs) Received: from dhcp1131.wadham.ox.ac.uk (HELO piii600.wadham.ox.ac.uk) (163.1.161.131) by gateway.wadham.ox.ac.uk with SMTP; 5 Feb 2004 19:13:39 -0000 Message-Id: <6.0.1.1.1.20040205190938.0326cad0@imap.sfu.ca> X-Sender: cperciva@imap.sfu.ca (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.1.1 Date: Thu, 05 Feb 2004 19:13:37 +0000 To: security@freebsd.org From: Colin Percival In-Reply-To: <200402051840.i15IeZZM041253@freefall.freebsd.org> References: <200402051840.i15IeZZM041253@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: FreeBSD Security Advisory FreeBSD-SA-04:02.shmat X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2004 19:15:30 -0000 At 18:40 05/02/2004, FreeBSD Security Advisories wrote: >============================================================================= >FreeBSD-SA-04:02.shmat Security Advisory > >V. Solution > >Do one of the following: > >1) Upgrade your vulnerable system to 4-STABLE, or to the RELENG_5_2, >RELENG_5_1, RELENG_4_9, or RELENG_4_8 security branch dated after the >correction date. > >2) Patch your present system: [...] As usual, there is a third option here: I'm building binary security updates for the x86 platform and distributing them via the FreeBSD Update port (security/freebsd-update in the ports tree). For x86 systems running an official RELEASE plus security patches, this provides an easier update method than building from source. To use these updates: 1) Install FreeBSD Update and copy the sample configuration file into place: # cd /usr/ports/security/freebsd-update && make install clean # cp /usr/local/etc/freebsd-update.conf.sample /usr/local/etc/freebsd-update.conf 2) Fetch and install updates: # /usr/local/sbin/freebsd-update fetch # /usr/local/sbin/freebsd-update install Note that if you have built your own kernel, the default behaviour of FreeBSD Update will leave it unmodified (ie, not updated to reflect this latest advisory). If you have the latest version of FreeBSD Update installed (version 1.5), then you can force any locally modified files (eg, the kernel) to be replaced with up-to-date GENERIC versions by using the --branch option. For more details see http://www.daemonology.net/freebsd-update/ . While I am a FreeBSD committer and member of the security team, these updates are something I'm providing personally; they are in no way endorsed by the Security Officer or the Project as a whole. Colin Percival