From owner-freebsd-questions@FreeBSD.ORG Thu Sep 18 04:38:14 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6166516A4B3 for ; Thu, 18 Sep 2003 04:38:14 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8FAB143FB1 for ; Thu, 18 Sep 2003 04:38:12 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h8IBareC019021 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 18 Sep 2003 12:37:51 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h8IBarc3019015; Thu, 18 Sep 2003 12:36:53 +0100 (BST) (envelope-from matthew) Date: Thu, 18 Sep 2003 12:36:53 +0100 From: Matthew Seaman To: Jon Reynolds Message-ID: <20030918113652.GB59821@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Jon Reynolds , FreeBSD List References: <1063843300.4701.38.camel@localhost.localdomain> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="E39vaYmALEf/7YXx" Content-Disposition: inline In-Reply-To: <1063843300.4701.38.camel@localhost.localdomain> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-11.4 required=5.0 tests=AWL,BAYES_00,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT autolearn=ham version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: FreeBSD List Subject: Re: Patching SSH X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Sep 2003 11:38:14 -0000 --E39vaYmALEf/7YXx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 17, 2003 at 04:01:40PM -0800, Jon Reynolds wrote: > I have SSH installed with the base install of 4.7. I downloaded the > patch and followed the directions: cd /usr/src - patch < /path/to/patch. > when I issue that command it asks me which file I would like to patch I > type in buffer.c and it tells me this file cannot be found. What file do > I need to patch if not buffer.c? If that is an otherwise unpatched 4.7-RELEASE system, then there are more security patches to apply than just the latest fun'n'games with openssh. The simplest way to get a fully patched source tree is to use cvsup(1) with a sup-file like this (should be substantially the same as /usr/share/examples/cvsup/standard-supfile): *default host=3Dcvsup7.us.FreeBSD.org *default base=3D/usr *default prefix=3D/usr *default release=3Dcvs tag=3DRELENG_4_7 *default delete use-rel-suffix *default compress =20 src-all Then either do a complete build,install world+kernel or just rebuild the selected parts of the source tree as intructed in the security advisories. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --E39vaYmALEf/7YXx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/aZjUdtESqEQa7a0RAqhGAKCK0Jk6NIhdILFlbtv3og8c9TMw8gCfeuzV W6VxHRvrN38xb/PHy5jel0g= =JSGM -----END PGP SIGNATURE----- --E39vaYmALEf/7YXx--