From owner-freebsd-security@FreeBSD.ORG Mon Mar 28 22:00:50 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 08D4E16A4CE; Mon, 28 Mar 2005 22:00:50 +0000 (GMT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id A20AB43D46; Mon, 28 Mar 2005 22:00:49 +0000 (GMT) (envelope-from nectar@FreeBSD.org) Received: from gw.celabo.org (localhost [127.0.0.1]) by internal.gw.celabo.org (Postfix) with ESMTP id CB5833E2C28; Mon, 28 Mar 2005 16:00:44 -0600 (CST) Received: from lum.celabo.org (lum.celabo.org [10.0.1.107]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "lum.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id BC05C3E2C26; Mon, 28 Mar 2005 16:00:44 -0600 (CST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by lum.celabo.org (Postfix) with ESMTP id EEA666AAEDE; Mon, 28 Mar 2005 16:00:43 -0600 (CST) Message-ID: <42487E8B.9030604@FreeBSD.org> Date: Mon, 28 Mar 2005 16:00:43 -0600 From: Jacques Vidrine Organization: The FreeBSD Project User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.5) Gecko/20041206 Thunderbird/1.0 Mnenhy/0.7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Simon L. Nielsen" References: <20050328212408.GC12478@mitch.veggiechinese.net> <20050328214011.GB7306@zaphod.nitro.dk> In-Reply-To: <20050328214011.GB7306@zaphod.nitro.dk> X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on hellblazer.celabo.org X-Spam-Level: X-Spam-Status: No, score=-5.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.2 cc: freebsd-security@freebsd.org cc: Will Yardley Subject: Re: FreeBSD Security Advisory FreeBSD-SA-05:01.telnet X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Mar 2005 22:00:50 -0000 On 3/28/05 3:40 PM, Simon L. Nielsen wrote: > Indeed, looks like the FreeBSD 5 patch is an "old" version since that > should have been fixed. I just CC'ed nectar so this can be fixed > ASAP. Oops, sorry folks. I've re-uploaded the patch to the master FTP server, and it should propagate to others soon. > Due to multiple telnet versions (especially in FreeBSD 4) it was > judged that including more specific build instructions for all the > possible combinations of telnet and build options gave to high a risk > for errors possibly resulting in users not actually getting telnet > rebuild correctly. That's right. For 5.x, it is fairly straightforward: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/libtelnet # make obj && make depend && make # cd /usr/src/usr.bin/telnet # make obj && make depend && make && make install But 4.x has no less than four possible telnet clients that might be installed depending upon local settings of NOCRYPT, MAKE_KERBEROS4, MAKE_KERBEROS5, and probably others :-/ Cheers, -- Jacques A Vidrine / NTT/Verio nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org