Date: Mon, 01 Jul 2002 10:30:44 -0600 From: Brett Glass <brett@lariat.org> To: David Pick <d.m.pick@qmul.ac.uk>, security@FreeBSD.ORG Subject: Re: security risk: ktrace(2) in FreeBSD prior to -current. Message-ID: <4.3.2.7.2.20020701102105.022a44f0@localhost> In-Reply-To: <E17P2Ol-0002Jf-00@xi.css.qmw.ac.uk> References: <Your message of "01 Jul 2002 16:01:34 %2B0200." <xzpelenim2p.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:43 AM 7/1/2002, David Pick wrote: >At least we can build a binary update "package" >for the "ports" version using a simple "make package"; it's >harder for the version integrated into the base. You can make a binary updater using the currently available port. Just do cd /usr/ports/security/openssh-portable && make -DOPENSSH_OVERWRITE_BASE package Beware, though, that you'll also want to install the latest OpenSSL "engine". I believe that you can make this into a binary package as well. >Please note that I have *not* asked for a binary update. >I don't want to get flamed the way Brett does... ...for asking something reasonable? ;-) Seriously: Please do ask. If we do not have up-to-date binary packages, a large percentage of the new installs of FreeBSD (both network installs and those from CD-ROM) will be vulnerable from the start, even though the holes have long been identified. This is not only unethical but also terrible for FreeBSD's reputation. Already, the Apache/FreeBSD worm is making the rounds. Why allow new installs to be vulnerable? --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020701102105.022a44f0>