Date: Thu, 26 Jul 2001 13:03:48 -0700 From: Kris Kennaway <kris@obsecurity.org> To: "Dan Mahoney, System Admin" <danm@prime.gushi.org> Cc: security@freebsd.org, security-officer@freebsd.org Subject: Re: Mistake in security advisory. Message-ID: <20010726130347.A49735@xor.obsecurity.org> In-Reply-To: <Pine.BSF.4.21.0107260904190.9240-100000@prime.gushi.org>; from danm@prime.gushi.org on Thu, Jul 26, 2001 at 09:19:20AM -0400 References: <Pine.BSF.4.21.0107260904190.9240-100000@prime.gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thu, Jul 26, 2001 at 09:19:20AM -0400, Dan Mahoney, System Admin wrote: > # cd /usr/src/ > # patch -p < /path/to/patch > # cd /usr/src/secure/libexec/telnetd > # make depend && make all install > > /* This directory does NOT exist, only /usr/src/libexec/telnetd exists in > 3.5.1-Stable */ Sounds like you're not cvsupping the src-secure collection, then. > # cd /usr/src/ > # patch -p < /path/to/patch > # cd /usr/src/libexec/telnetd > # make depend && make all install > > /* Yet this command appears to build the telnet daemon with the applied > patches. Can someone confirm this for me? For what it's worth, the > above advisory confused me, so I simply re-cvsupped my entire source > tree, and then followed the instructions immediately above. */ This builds the non-crypto version; as I tried to explain in the advisory, there are two slightly different versions in the tree. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7YHejWry0BWjoQKURAlFCAJ0S7/VlqXmLxFzPzhZT/qkMO3dqRACfeyMh iWUTOzU2MO6Hs49Qa91+e1I= =pxrm -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010726130347.A49735>