From owner-freebsd-security@FreeBSD.ORG  Mon Aug  4 03:11:37 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 91D7537B401
	for <FreeBSD-Security@freebsd.org>;
	Mon,  4 Aug 2003 03:11:37 -0700 (PDT)
Received: from cirb503493.alcatel.com.au
	(c211-28-27-130.belrs2.nsw.optusnet.com.au [211.28.27.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 832C543F75
	for <FreeBSD-Security@freebsd.org>;
	Mon,  4 Aug 2003 03:11:34 -0700 (PDT)
	(envelope-from PeterJeremy@optushome.com.au)
Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au
	[127.0.0.1])h74ABWgh052109	for <FreeBSD-Security@freebsd.org>;
	Mon, 4 Aug 2003 20:11:32 +1000 (EST)
	(envelope-from jeremyp@cirb503493.alcatel.com.au)
Received: (from jeremyp@localhost)
	by cirb503493.alcatel.com.au (8.12.8/8.12.8/Submit) id h74ABVF5052108
	for FreeBSD-Security@freebsd.org; Mon, 4 Aug 2003 20:11:31 +1000 (EST)
Date: Mon, 4 Aug 2003 20:11:30 +1000
From: Peter Jeremy <PeterJeremy@optushome.com.au>
To: FreeBSD Security <FreeBSD-Security@freebsd.org>
Message-ID: <20030804101130.GA51954@cirb503493.alcatel.com.au>
References: <200308040004.h7404VVL030671@freefall.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200308040004.h7404VVL030671@freefall.freebsd.org>
User-Agent: Mutt/1.4.1i
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Aug 2003 10:11:37 -0000

On Sun, Aug 03, 2003 at 05:04:31PM -0700, FreeBSD Security Advisories wrote:
>Affects:        All releases of FreeBSD up to and including 4.8-RELEASE
>                and 5.0-RELEASE
>                FreeBSD 4-STABLE prior to May 22 17:11:44 2003 UTC
...
>V.   Solution
>
>1) Upgrade your vulnerable system to 4.8-STABLE
>or to any of the RELENG_5_1 (5.1-RELEASE), RELENG_4_8
>(4.8-RELEASE-p1), or RELENG_4_7 (4.7-RELEASE-p11) security branches
>dated after the respective correction dates.

I found the reference to RELENG_5_1 in the "Solutions" section but no
reference to 5.1-RELEASE in the "Affects" section somewhat confusing.
This is compounded by the failure to mention RELENG_5_0 in the
"Solutions" section.  I gather that 5.1-RELEASE is not vulnerable due
to the realpath() rewrite in 1.14.

May I suggest that in future, when a release is not vulnerable due to
code rewrites or similar, this fact be explicitly mentioned.  IMHO,
it's far better to err on the side of caution when dealing with
security issues.

Peter