From owner-freebsd-questions@FreeBSD.ORG Wed Mar 2 18:13:23 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BD3516A4CE for ; Wed, 2 Mar 2005 18:13:23 +0000 (GMT) Received: from hobbiton.shire.net (hobbiton.shire.net [166.70.252.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id 372DC43D2F for ; Wed, 2 Mar 2005 18:13:23 +0000 (GMT) (envelope-from chad@shire.net) Received: from [67.161.222.227] (helo=[192.168.99.68]) by hobbiton.shire.net with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.43) id 1D6YLY-0002U2-O2; Wed, 02 Mar 2005 11:13:20 -0700 In-Reply-To: <20050302185115.I25321@mail.rot-1.de> References: <20050302162016.W24958@mail.rot-1.de> <20050302154409.GO3678@gentoo-npk.bmp.ub> <20050302161524.GR3678@gentoo-npk.bmp.ub> <20050302174545.GT3678@gentoo-npk.bmp.ub> <20050302185115.I25321@mail.rot-1.de> Mime-Version: 1.0 (Apple Message framework v619.2) Message-Id: <53d061912c77b7bb09817f6bf60a5ed5@shire.net> From: Chad Leigh -- Shire.Net LLC Date: Wed, 2 Mar 2005 11:13:15 -0700 To: Stevan Tiefert X-Mailer: Apple Mail (2.619.2) X-SA-Exim-Connect-IP: 67.161.222.227 X-SA-Exim-Mail-From: chad@shire.net Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 3.0.0 (2004-09-13) on hobbiton.shire.net X-Spam-Status: No, score=-0.1 required=5.0 tests=AWL,BAYES_50 autolearn=disabled version=3.0.0 X-Spam-Level: X-SA-Exim-Version: 4.1+cvs (built Mon, 23 Aug 2004 08:44:05 -0700) X-SA-Exim-Scanned: Yes (on hobbiton.shire.net) cc: List Free Bsd Subject: Re: security advisories and the creating time of my system X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2005 18:13:23 -0000 Gruss On Mar 2, 2005, at 10:53 AM, Stevan Tiefert wrote: >> >> $FreeBSD: src/sbin/ifconfig/ifconfig.c,v 1.92 2003/10/26 04:36:47 >> peter Exp $ >> >> Basically, if your sources, or the particular source file in question, >> are not newer than correction date listed in the security alert then >> you >> need to follow the directions to fix or workaround the problem. >> >> Nathan >> > > Hello Nathan, > > in a security advisory in part V. is written: > > V. Solution > > Perform one of the following: > > 1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the > RELENG_5_3, RELENG_5_2, RELENG_4_10, or RELENG_4_8 security branch > dated > after the correction date. > > Can you say me how to get of a running system the date? Because if the > system is after the correction date I do not have to download via ftp. > If > not I have to... > Do you have sources (/usr/src tree) on your system? Then do what nathan said -- look at the date in the source file for the thing the security advisory was about. There are also various patch levels, though I am not sure where they are documented. That would show in the "uname -a" as for example "5.3-RELEASE-p5" Chad