From owner-freebsd-security Thu Jul 26 15:55:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from prime.gushi.org (prime.gushi.org [208.23.118.172]) by hub.freebsd.org (Postfix) with ESMTP id 3425F37B401; Thu, 26 Jul 2001 15:55:10 -0700 (PDT) (envelope-from danm@prime.gushi.org) Received: from localhost (danm@localhost) by prime.gushi.org (8.11.3/8.11.3) with ESMTP id f6QMpnt18940; Thu, 26 Jul 2001 18:51:54 -0400 (EDT) Date: Thu, 26 Jul 2001 18:51:49 -0400 (EDT) From: "Dan Mahoney, System Admin" To: Kris Kennaway Cc: security@freebsd.org, security-officer@freebsd.org Subject: Re: Mistake in security advisory. In-Reply-To: <20010726150104.A79340@xor.obsecurity.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001, Kris Kennaway wrote: > On Thu, Jul 26, 2001 at 05:10:28PM -0400, Dan Mahoney, System Admin wrote: > > On Thu, 26 Jul 2001, Kris Kennaway wrote: > > > > > On Thu, Jul 26, 2001 at 09:19:20AM -0400, Dan Mahoney, System Admin wrote: > > > > > > > # cd /usr/src/ > > > > # patch -p < /path/to/patch > > > > # cd /usr/src/secure/libexec/telnetd > > > > # make depend && make all install > > > > > > > > /* This directory does NOT exist, only /usr/src/libexec/telnetd exists in > > > > 3.5.1-Stable */ > > > > > > Sounds like you're not cvsupping the src-secure collection, then. > > > > >From the supfile: > > > > # These are the individual collections that make up FreeBSD's crypto > > # collection. They are no longer export-restricted and are a part of > > # src-all > > #src-crypto > > #src-secure > > #src-sys-crypto > > Um, these are all commented out. Yes they are, because as the comments say, they are included if you grab src-all (which I do, and is the default). Enclosing the full supfile. # $FreeBSD: src/share/examples/cvsup/stable-supfile,v 1.12.2.7 2000/07/09 16:25:03 markm Exp $ # # This file contains all of the "CVSup collections" that make up the # FreeBSD-stable source tree. # # CVSup (CVS Update Protocol) allows you to download the latest CVS # tree (or any branch of development therefrom) to your system easily # and efficiently (far more so than with sup, which CVSup is aimed # at replacing). If you're running CVSup interactively, and are # currently using an X display server, you should run CVSup as follows # to keep your CVS tree up-to-date: # # cvsup stable-supfile # # If not running X, or invoking cvsup from a non-interactive script, then # run it as follows: # # cvsup -g -L 2 stable-supfile # # You may wish to change some of the settings in this file to better # suit your system: # # host=CHANGE_THIS.FreeBSD.org # This specifies the server host which will supply the # file updates. You must change it to one of the CVSup # mirror sites listed in the FreeBSD Handbook at # http://www.freebsd.org/handbook/mirrors.html. # You can override this setting on the command line # with cvsup's "-h host" option. # # base=/usr # This specifies the root where CVSup will store information # about the collections you have transferred to your system. # A setting of "/usr" will generate this information in # /usr/sup. Even if you are CVSupping a large number of # collections, you will be hard pressed to generate more than # ~1MB of data in this directory. You can override the # "base" setting on the command line with cvsup's "-b base" # option. This directory must exist in order to run CVSup. # # prefix=/usr # This specifies where to place the requested files. A # setting of "/usr" will place all of the files requested # in "/usr/src" (e.g., "/usr/src/bin", "/usr/src/lib"). # The prefix directory must exist in order to run CVSup. # ############################################################################### # # DANGER! WARNING! LOOK OUT! VORSICHT! # # If you add any of the ports collections to this file, be sure to # specify them like this: # # ports-all tag=. # # If you leave out the "tag=." portion, CVSup will delete all of # the files in your ports tree. That is because the ports collections # do not use the same tags as the main part of the FreeBSD source tree. # ############################################################################### # Defaults that apply to all the collections # # IMPORTANT: Change the next line to use one of the CVSup mirror sites # listed at http://www.freebsd.org/handbook/mirrors.html. *default host=CHANGE_THIS.FreeBSD.org *default base=/usr *default prefix=/usr # The following line is for 3-stable. If you want 2.2-stable, change # "RELENG_3" to "RELENG_2_2". *default release=cvs tag=RELENG_3 *default delete use-rel-suffix # If your network link is a T1 or faster, comment out the following line. *default compress ## Main Source Tree. # # The easiest way to get the main source tree is to use the "src-all" # mega-collection. It includes all of the individual "src-*" collections, # except the export-restricted collections. src-all # These are the individual collections that make up "src-all". If you # use these, be sure to comment out "src-all" above. #src-base #src-bin #src-contrib #src-etc #src-games #src-gnu #src-include #src-kerberos5 #src-kerberosIV #src-lib #src-libexec #src-release #src-sbin #src-share #src-sys #src-tools #src-usrbin #src-usrsbin # These are the individual collections that make up FreeBSD's crypto # collection. They are no longer export-restricted and are a part of # src-all #src-crypto #src-secure #src-sys-crypto -- "Goodbye my peoples. I'll miss each one of you. Sniff-Sniff I now know the true meaning of love. Thank you Sniff-Sniff. You are all in my heart." -Chris D. --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Web: http://prime.gushi.org finger danm@prime.gushi.org for pgp public key and tel# --------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message