From owner-freebsd-security Fri Apr 19 8:48: 2 2002 Delivered-To: freebsd-security@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id DA30437B41B for ; Fri, 19 Apr 2002 08:47:55 -0700 (PDT) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 426B338; Fri, 19 Apr 2002 10:47:55 -0500 (CDT) Received: from madman.nectar.cc (localhost [IPv6:::1]) by madman.nectar.cc (8.12.2/8.11.6) with ESMTP id g3JFltVw053260; Fri, 19 Apr 2002 10:47:55 -0500 (CDT) (envelope-from nectar@madman.nectar.cc) Received: (from nectar@localhost) by madman.nectar.cc (8.12.2/8.12.2/Submit) id g3JFlsVm053256; Fri, 19 Apr 2002 10:47:54 -0500 (CDT) Date: Fri, 19 Apr 2002 10:47:54 -0500 From: "Jacques A. Vidrine" To: Curry Searle Cc: freebsd-security@freebsd.org Subject: Re: Older releases? was Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020419154754.GF31829@madman.nectar.cc> Mail-Followup-To: "Jacques A. Vidrine" , Curry Searle , freebsd-security@freebsd.org References: <20020418181744.45846.qmail@web14201.mail.yahoo.com> <4.3.2.7.2.20020418135706.02192c60@nospam.lariat.org> <3CBFCF67.3119.3C78042@localhost> <20020419220844.D190@IPAustralia.Gov.AU> <3CC02BB3.1030209@unt.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3CC02BB3.1030209@unt.edu> User-Agent: Mutt/1.3.28i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Apr 19, 2002 at 09:37:39AM -0500, Curry Searle wrote: > The patch described in the advisory talks about 4.5-RELEASE. > I'm running two systems on 4.3-RELEASE-p28; I am guessing they are > vulnerable. If so, what steps do I follow to patch the system? For this PARTICULAR advisory, the bug was introduced after 4.4-RELEASE, so there is no need for you to patch your system. The answer for other issues in general are: You are officially on your own. The releases which are currently supported by the Security Officer are 4.4 and 4.5 (as always, the current release and the previous release). > Upgrading is not an option since the fxp (QLogic fibre-channel HAB) > driver is very flaky since 4.4 and above. The `fxp' driver is not the `QLogic fibre-channel HAB' driver. > The patches seem to make relavent changes; I just want to be sure. You may certainly back port patches to 4.3. Maybe someone here will be generous and backport the fix, test it, and post it to the list. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message