Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 05 Feb 2004 19:13:37 +0000
From:      Colin Percival <colin.percival@wadham.ox.ac.uk>
To:        security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-04:02.shmat
Message-ID:  <6.0.1.1.1.20040205190938.0326cad0@imap.sfu.ca>
In-Reply-To: <200402051840.i15IeZZM041253@freefall.freebsd.org>
References:  <200402051840.i15IeZZM041253@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 18:40 05/02/2004, FreeBSD Security Advisories wrote:
>=============================================================================
>FreeBSD-SA-04:02.shmat                                      Security Advisory
>
>V.   Solution
>
>Do one of the following:
>
>1) Upgrade your vulnerable system to 4-STABLE, or to the RELENG_5_2,
>RELENG_5_1, RELENG_4_9, or RELENG_4_8 security branch dated after the
>correction date.
>
>2) Patch your present system: [...]

   As usual, there is a third option here: I'm building binary
security updates for the x86 platform and distributing them via
the FreeBSD Update port (security/freebsd-update in the ports
tree). For x86 systems running an official RELEASE plus security
patches, this provides an easier update method than building
from source.  To use these updates:

1) Install FreeBSD Update and copy the sample configuration file
into place:

# cd /usr/ports/security/freebsd-update && make install clean
# cp /usr/local/etc/freebsd-update.conf.sample 
/usr/local/etc/freebsd-update.conf

2) Fetch and install updates:

# /usr/local/sbin/freebsd-update fetch
# /usr/local/sbin/freebsd-update install

   Note that if you have built your own kernel, the default
behaviour of FreeBSD Update will leave it unmodified (ie, not
updated to reflect this latest advisory).  If you have the
latest version of FreeBSD Update installed (version 1.5), then
you can force any locally modified files (eg, the kernel) to
be replaced with up-to-date GENERIC versions by using the
--branch option.
   For more details see http://www.daemonology.net/freebsd-update/ .

   While I am a FreeBSD committer and member of the security
team, these updates are something I'm providing personally;
they are in no way endorsed by the Security Officer or the
Project as a whole.

Colin Percival

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.1.1.1.20040205190938.0326cad0>