From owner-freebsd-security Sat Mar 1 04:48:52 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA03540 for security-outgoing; Sat, 1 Mar 1997 04:48:52 -0800 (PST) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id EAA03531 for ; Sat, 1 Mar 1997 04:48:44 -0800 (PST) Received: (from guido@localhost) by gvr.win.tue.nl (8.8.5/8.8.2) id NAA18698; Sat, 1 Mar 1997 13:48:34 +0100 (MET) From: Guido van Rooij Message-Id: <199703011248.NAA18698@gvr.win.tue.nl> Subject: Re: 2.1.7 requires a rebuild of /usr/local binaries? In-Reply-To: <199702211734.KAA03840@elara.frii.com> from "gnat@frii.com" at "Feb 21, 97 10:34:25 am" To: gnat@frii.com Date: Sat, 1 Mar 1997 13:48:34 +0100 (MET) Cc: freebsd-security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk gnat@frii.com wrote: > I've just installed 2.1.7 (upgrading from 2.1.5) on my own machine, > prior to upgrading all our servers. The advisory re: the setlocale > bug said to rebuild all statically linked binaries and probably all > dynamically linked ones too. > > Going to the 2.1.7-RELEASE/packages directory, however, I see it's > just a link to the 2.1.6 packages directory. Does this mean that I > don't have to rebuild all my binaries after all? Indeed. A scan through all ports revealed apparently no suid binaries taht are statically linked. The only problems would arise with these kind of binaries. -Guido