From owner-freebsd-security@FreeBSD.ORG  Mon Aug  4 00:54:08 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9635F37B401
	for <freebsd-security@freebsd.org>;
	Mon,  4 Aug 2003 00:54:08 -0700 (PDT)
Received: from pd2mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10])	by mx1.FreeBSD.org (Postfix) with ESMTP id 7BE7543FBD
	for <freebsd-security@freebsd.org>;
	Mon,  4 Aug 2003 00:54:07 -0700 (PDT)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from pd6mr1so.prod.shaw.ca
	(pd6mr1so-qfe3.prod.shaw.ca [10.0.141.216]) by l-daemon
	(iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003))
	freebsd-security@freebsd.org; Mon, 04 Aug 2003 01:54:06 -0600 (MDT)
Received: from pn2ml9so.prod.shaw.ca (pn2ml9so-qfe0.prod.shaw.ca [10.0.121.7])
	2003))freebsd-security@freebsd.org; Mon,
	04 Aug 2003 01:54:06 -0600 (MDT)
Received: from piii600.wadham.ox.ac.uk
	(h24-87-233-42.vc.shawcable.net [24.87.233.42])2003))
	freebsd-security@freebsd.org; Mon, 04 Aug 2003 01:54:06 -0600 (MDT)
Date: Mon, 04 Aug 2003 00:54:00 -0700
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
In-reply-to: <200308040004.h7404VVL030671@freefall.freebsd.org>
X-Sender: cperciva@popserver.sfu.ca
To: freebsd-security@freebsd.org
Message-id: <5.0.2.1.1.20030804004417.02bcc920@popserver.sfu.ca>
MIME-version: 1.0
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7BIT
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Aug 2003 07:54:08 -0000

At 17:04 03/08/2003 -0700, you wrote:
>V.   Solution
>2) To patch your present system:
>a) Download the relevant patch...
>b) Apply the patch...
>c) Recompile your operating system...

   I hesitate to suggest that people leave their systems unpatched for 
longer than absolutely necessary, but there *will* be binary patches 
available for 4.7-RELEASE and 4.8-RELEASE -- as soon as I finish building 
them (ETA about 17 hours).  This only applies to people who performed a 
binary install of FreeBSD 4.7 or 4.8 ***and have not recompiled the world 
locally***.
   Affected applications which were statically linked to the vulnerable 
code would still need to be recompiled.

   Once the binary updates are available, FreeBSD Update 
(security/freebsd-update in the ports tree) will be able to fetch and 
install them; I'll send another email to this list after they've been 
built, signed, and uploaded.

Colin Percival