From owner-freebsd-security@FreeBSD.ORG  Thu Mar 31 14:54:23 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8487216A4CE
	for <freebsd-security@freebsd.org>;
	Thu, 31 Mar 2005 14:54:23 +0000 (GMT)
Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0CA0843D2D
	for <freebsd-security@freebsd.org>;
	Thu, 31 Mar 2005 14:54:21 +0000 (GMT)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231])
	j2VEsB7F005494	for <freebsd-security@freebsd.org>;
	Thu, 31 Mar 2005 17:54:11 +0300 (EEST)
	(envelope-from dmitry@atlantis.dp.ua)
Date: Thu, 31 Mar 2005 17:54:11 +0300 (EEST)
From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
To: freebsd-security@freebsd.org
Message-ID: <20050331173634.K96091@atlantis.atlantis.dp.ua>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Mailman-Approved-At: Fri, 01 Apr 2005 13:14:14 +0000
Subject: Re[2]: FreeBSD Security Advisory FreeBSD-SA-05:01.telnet
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2005 14:54:23 -0000


Hello!

> Date:      Mon, 28 Mar 2005 23:39:30 +0200
> From:      Daniel Gerzo <danger@rulez.sk>
>> Just curious... why is it necessary to rebuild the whole operating
>> system? Normally, the security advisories just have you rebuild the
>> program in question - wouldn't that have sufficed here?
>
>  I think, this might be enought:
>
>  cd /usr/src/usr.bin/telnet ; make clean && make all install
>
>  but I don't exactly know, if this is really correct way how to do
>  it..

  This way is incorrect in two aspects. First, you'll have to compile libtelnet
first:

cd /usr/src/lib/libtelnet
make obj && make depend && make
cd /usr/src/usr.bin/telnet
make obj && make depend && make && make install

But second is that you'll get telnet w/o data encryption support, which isn't
what you want (unless you have NOCRYPT=true in your /etc/make.conf).
You can recompile telnet properly (in the typical case: no NOCRYPT and
no MAKE_KERBEROS[45] either) using the following commands:

cd /usr/src/secure/lib/libtelnet
make obj && make depend && make
cd /usr/src/secure/usr.bin/telnet
make obj && make depend && make && make install

However, I can overlook something more, so I'm giving no warranties at all...

Sincerely, Dmitry
-- 
Atlantis ISP, System Administrator
e-mail:  dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE