Date: Fri, 19 Apr 2002 09:59:14 -0500 (CDT) From: hawkeyd@visi.com (D J Hawkey Jr) To: searle@unt.edu, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: Older releases? was Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <200204191459.g3JExEh08010@sheol.localdomain> In-Reply-To: <3CC02BB3.1030209_unt.edu@ns.sol.net> References: <20020419220844.D190_IPAustralia.Gov.AU@ns.sol.net> <3CC02BB3.1030209_unt.edu@ns.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Terribly sorry for this cross-post, but it seems relevant, if not appropriate, this time. In article <3CC02BB3.1030209_unt.edu@ns.sol.net>, searle@unt.edu writes: > The patch described in the advisory talks about 4.5-RELEASE. > I'm running two systems on 4.3-RELEASE-p28; I am guessing they are > vulnerable. If so, what steps do I follow to patch the system? > > Upgrading is not an option since the fxp (QLogic fibre-channel HAB) > driver is very flaky since 4.4 and above. > > The patches seem to make relavent changes; I just want to be sure. I was going to ask the same thing today, to try to provide backported patches. I assume you're writing of source patches, not binary patches? Let's stay in contact with one another on this. If 4.4 and earlier are vulnerable and patchable (that is, no make world required), I'll create patchfiles and make them available. It may take me a day or two, though. Developers: Userland is affected here - /usr/lib/libz. Would a "make && make install" (sic) in /usr/src/lib/libz before building the kernel suffice for a solid upgrade? > Thanks! Ditto, Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204191459.g3JExEh08010>