From owner-freebsd-newbies@FreeBSD.ORG Mon Feb 9 12:59:38 2004 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9552F16A4CE for ; Mon, 9 Feb 2004 12:59:38 -0800 (PST) Received: from hotmail.com (sea1-f93.sea1.hotmail.com [207.68.163.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id 81D2443D1D for ; Mon, 9 Feb 2004 12:59:38 -0800 (PST) (envelope-from crollins666@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 9 Feb 2004 12:59:38 -0800 Received: from 216.19.22.118 by sea1fd.sea1.hotmail.msn.com with HTTP; Mon, 09 Feb 2004 20:59:37 GMT X-Originating-IP: [216.19.22.118] X-Originating-Email: [crollins666@hotmail.com] X-Sender: crollins666@hotmail.com From: "clayton rollins" To: freebsd-newbies@freebsd.org Date: Mon, 09 Feb 2004 20:59:37 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 09 Feb 2004 20:59:38.0072 (UTC) FILETIME=[A118D580:01C3EF4F] cc: richard@voxsant.com Subject: Re: hello - security update. X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 20:59:38 -0000 On Feb. 9, 2004 Richard Reyes wrote: > >hello guys, > >i have just installed freebsd 5.2 from a floppy boot disk. now i saw some >security announcement on the >freebsd website and decided to rebuilt my kernel ( as was instructed on the >updates ). anyway, does rebuilding the kernel captures all the necessary >updates? > >all i did was create a new kernel config file ( basically a copy of the >GENERIC ). then execute... [snipped] > >is this enough ? > >thanks > >richard Hi Richard, I'm sure you probably know this, but your email was confusing on this point: rebuilding the kernel does not "pull in" (patch/whatever) anything. You must use cvs/cvsup (or equivalent), or apply the appropriate patch(es). Assuming you have done something like that, rebuilding the kernel should fix the SysV shared memory bug, but not the mksnap_ffs bug nor many of the cumulative fixes since release. About those fixes, the advisories say: NOTE WELL: Due to release engineering in progress at the time of this writing, the RELENG_5_2 security branch (5.2-RELEASE-p1) also includes numerous other critical bug fixes, most of which are not security related. Please read src/UPDATING for details on these changes. mksnap_ffs can be rebuilt by following the advice in the advisory. If I were you, I would rebuild the whole system just to be on the safe side. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cutting-edge.html for details regarding cvsup and rebuilding the system. Regards, Clayton _________________________________________________________________ Plan your next US getaway to one of the super destinations here. http://special.msn.com/local/hotdestinations.armx