From owner-freebsd-security Thu May 16 10:46: 6 2002 Delivered-To: freebsd-security@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id F096937B40A for ; Thu, 16 May 2002 10:45:58 -0700 (PDT) Received: by gw.nectar.cc (Postfix, from userid 1001) id 7A04268; Thu, 16 May 2002 12:45:58 -0500 (CDT) Date: Thu, 16 May 2002 12:45:58 -0500 From: "Jacques A. Vidrine" To: Matt Piechota Cc: Brett Glass , security@FreeBSD.ORG Subject: Re: Patch/Announcement for DHCPD remote root hole? Message-ID: <20020516174558.GA92757@hellblazer.nectar.cc> References: <4.3.2.7.2.20020515145747.03240a90@nospam.lariat.org> <20020516004110.R5989-100000@cithaeron.argolis.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020516004110.R5989-100000@cithaeron.argolis.org> User-Agent: Mutt/1.3.27i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, May 16, 2002 at 12:49:11AM -0400, Matt Piechota wrote: > That's why they're not required to cvsup to get patches. Do you even read > the Security Notices? They include links to get individual patches. You > can click on them even, at least I assume you can in Eudora. There are also some very new, experimental `cumulative patches' here: 4.5-RELEASE-p4 http://people.freebsd.org/~nectar/secupd-4.5-bin-4.tgz http://people.freebsd.org/~nectar/secupd-4.5-sys-4.tgz http://people.freebsd.org/~nectar/secupd-4.5-src-4.tgz 4.5-RELEASE-p5 http://people.freebsd.org/~nectar/secupd-4.5-bin-5.tgz http://people.freebsd.org/~nectar/secupd-4.5-sys-5.tgz http://people.freebsd.org/~nectar/secupd-4.5-src-5.tgz These are experimental, not signed, may blow up your system, install trojan horses, cause hair loss, and so on. We do need some feedback on them, however. Some notes: You need only apply the latest patch. You can skip patches. Each patch contains all previous patches. This is to make it possible to update from one patch level to another using portupgrade and other such tools. If you want to see what happens when installing `over' another patch, or deinstalling an old one, or using portupgrade, then you'll want both the p4 and p5 patches. Otherwise, you just want p5. These only apply to 4.5-RELEASE* systems. The `bin' packages are the actual binaries. The `sys' packages are updated sources for src/sys -- they are supplied to allow you to recompile your kernel. The `src' packages include all updated sources not in src/sys. Have fun, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message