From owner-freebsd-security@FreeBSD.ORG  Tue Dec  1 11:48:13 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CC9711065672
	for <freebsd-security@freebsd.org>;
	Tue,  1 Dec 2009 11:48:13 +0000 (UTC) (envelope-from a.huth@tmr.net)
Received: from bo-uwka-srv01.de.tmr.net (bo-uwka-srv01.de.tmr.net
	[212.23.146.2]) by mx1.freebsd.org (Postfix) with ESMTP id 8782A8FC13
	for <freebsd-security@freebsd.org>;
	Tue,  1 Dec 2009 11:48:13 +0000 (UTC)
Received: from localhost (localhost.de.tmr.net [127.0.0.1])
	by bo-uwka-srv01.de.tmr.net (Postfix) with ESMTP id 24C6D1DEEFB
	for <freebsd-security@freebsd.org>;
	Tue,  1 Dec 2009 12:16:28 +0100 (CET)
Received: from bo-uwka-srv01.de.tmr.net ([127.0.0.1])
	by localhost (bo-uwka-srv01.de.tmr.net [127.0.0.1]) (amavisd-new,
	port 10024)
	with LMTP id 24297-01-57 for <freebsd-security@freebsd.org>;
	Tue,  1 Dec 2009 12:16:28 +0100 (CET)
Received: from localhost (bo-stwhv-fw02.de.tmr.net [212.23.140.253])
	by bo-uwka-srv01.de.tmr.net (Postfix) with ESMTP id E56641DEEF7
	for <freebsd-security@freebsd.org>;
	Tue,  1 Dec 2009 12:16:27 +0100 (CET)
Date: Tue, 1 Dec 2009 12:16:27 +0100
From: Alex Huth <a.huth@tmr.net>
To: freebsd-security@freebsd.org
Message-ID: <20091201111627.GC4920@borusse.borussiapark>
References: <200912010120.nB11Kjm9087476@freefall.freebsd.org>
	<ov3Jq1IJ/c8KAXGQ501G8Os9xr8@Ll2tHa60cb+hiG8R4R8/VS21128>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <ov3Jq1IJ/c8KAXGQ501G8Os9xr8@Ll2tHa60cb+hiG8R4R8/VS21128>
Predence: first-class
Priority: normal
X-Editor: VIM - Vi IMproved 7.1 (2007 May 12, compiled Oct 17 2008 18:11:28)
X-Operating-System: Linux 2.6.26-2-686 i686 GNU/Linux
X-Mailer: Mutt 1.5.18 (2008-05-17)
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: Upcoming FreeBSD Security Advisory
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2009 11:48:13 -0000

* Eygene Ryabinkin schrieb:
> Colin, *, good day.
> 
> Tue, Dec 01, 2009 at 01:20:45AM +0000, FreeBSD Security Officer wrote:
> > A short time ago a "local root" exploit was posted to the full-disclosure
> > mailing list; as the name suggests, this allows a local user to execute
> > arbitrary code as root.

I am new to patching systems, so forgive "stupid" questions. We have some 6.1
systems. Are or will there be a patch for them or are they not involved in
this problem?

I am new to patching systems, so forgive me any stupid questions. We have some
6.1 and 6.3 systems. Are or will there be patches fro them or are they not
involved in this problem?

How do i apply such a patch? With freebsd-update? As far as i know is this
tool only for systems >= 6.3 or?

Thx

Alex