Date: Sun, 17 Dec 2000 09:26:56 -0800 (PST) From: Roger Marquis <marquis@roble.com> To: security@FreeBSD.ORG Subject: Re: Security Update Tool.. Message-ID: <Pine.BSF.4.21.0012170918520.16618-100000@roble.com> In-Reply-To: <Pine.BSF.4.21.0012162228020.12522-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Before reinventing the wheel interested developers might check the > reference implementation, Sun's Patchdiag: > > http://sunsolve.Sun.COM/private-cgi/show.pl?target=resources/patchdiag > > (NOTE: this URL does require a SunSolve account) The version id for FreeBSD ports would probably come from something like: grep "@name" /var/db/pkg/*/+CONTENTS | awk '{print $NF}' OS sources could be derived from the RCS/CVS version headers under /usr/src. A good example report might also look like Sunsolve's: >====================================================================================== >System Name: sunserver SunOS Vers: 5.7 Arch: sparc >Cross Reference File Date: Dec/14/00 > >PatchDiag Version: 1.0.4 >====================================================================================== >Report Note: > >Recommended patches are considered the most important and highly >recommended patches that avoid the most critical system, user, or >security related bugs which have been reported and fixed to date. >A patch not listed on the recommended list does not imply that it >should not be used if needed. Some patches listed in this report >may have certain platform specific or application specific dependencies >and thus may not be applicable to your system. It is important to >carefully review the README file of each patch to fully determine >the applicability of any patch with your system. >====================================================================================== >INSTALLED PATCHES >Patch Installed Latest Synopsis > ID Revision Revision >------ --------- -------- ------------------------------------------------------------ >106327 08 CURRENT SunOS 5.7: Shared library patch for C++ >106541 12 CURRENT SunOS 5.7: Kernel update patch >106725 02 CURRENT OpenWindows 3.6.1: mailtool vacation security patch >106793 05 CURRENT SunOS 5.7: ufsdump and ufsrestore patch >106934 03 CURRENT CDE 1.3: libDtSvc Patch >106938 04 CURRENT SunOS 5.7: libresolv patch >106942 07 CURRENT SunOS 5.7: libnsl, rpc.nisd and nis_cachemgr patch >106944 03 CURRENT SunOS 5.7: /kernel/fs/fifofs and /kernel/fs/sparcv9/fifofs patch >106950 13 CURRENT SunOS 5.7: Linker patch >106960 01 CURRENT SunOS 5.7: Manual Pages for patchadd.1m and patchrm.1m >106978 10 CURRENT SunOS 5.7: sysid patch >107018 02 CURRENT SunOS 5.7: /usr/sbin/in.named patch >107022 06 CURRENT CDE 1.3: Calendar Manager patch >107038 01 CURRENT SunOS 5.7: apropos/catman/man/whatis patch >107115 05 CURRENT SunOS 5.7: LP patch >107171 06 CURRENT SunOS 5.7: Fixes for patchadd and patchrm >107200 12 CURRENT CDE 1.3: dtmail patch >107259 01 CURRENT SunOS 5.7: /usr/sbin/vold patch >107337 01 CURRENT OpenWindows 3.6.1: KCMS configure tool has a security vulnerabilit >107359 02 CURRENT SunOS 5.7: Patch for SPARCompiler Binary Compatibility Libraries >107443 12 CURRENT SunOS 5.7: packaging utilities patch >107451 05 CURRENT SunOS 5.7: /usr/sbin/cron patch >107454 05 CURRENT SunOS 5.7: /usr/bin/ftp patch >107456 01 CURRENT SunOS 5.7: /etc/nsswitch.dns patch >107544 03 CURRENT SunOS 5.7: /usr/lib/fs/ufs/fsck patch >107587 01 CURRENT SunOS 5.7: /usr/lib/acct/lastlogin patch >107636 05 CURRENT SunOS 5.7: X Input & Output Method patch >107650 08 CURRENT OpenWindows 3.6.1 X11R6.4 Xprint Extension Patch >107684 01 CURRENT SunOS 5.7: Sendmail patch >107709 07 CURRENT SunOS 5.7: libssasnmp/libssagent/snmpdx/mibiisa patch >107792 02 CURRENT SunOS 5.7: /usr/bin/pax patch >107794 01 CURRENT SunOS 5.7: ASET patch >107885 06 CURRENT CDE 1.3: dtprintinfo Patch >107887 10 CURRENT CDE 1.3: Actions Patch >107893 09 CURRENT OpenWindows 3.6.1: Tooltalk patch >107972 01 CURRENT SunOS 5.7: /usr/sbin/static/rcp patch >108219 01 CURRENT CDE 1.3: dtaction Patch >108221 01 CURRENT CDE 1.3: dtspcd Patch >108301 02 CURRENT SunOS 5.7: /usr/sbin/in.tftpd patch >108374 04 CURRENT CDE 1.3: libDtWidget Patch >108376 16 CURRENT OpenWindows 3.6.1: Xsun Patch >108482 02 CURRENT SunOS 5.7: /usr/sbin/snoop patch >108484 01 CURRENT SunOS 5.7: aset patch >108662 01 CURRENT SunOS 5.7: Patch for sadmind >108721 01 CURRENT SunOS 5.7: admintool patch >108838 02 CURRENT SunOS 5.7: allocate/mkdevmaps/mkdevalloc patch >109104 04 CURRENT SunOS 5.7: /kernel/fs/sockfs patch >109253 01 CURRENT SunOS 5.7: /usr/bin/mail patch >109404 01 CURRENT SunOS 5.7: /usr/vmsys/bin/chkperm patch >109744 01 CURRENT SunOS 5.7: /usr/lib/nfs/nfsd patch >====================================================================================== > >UNINSTALLED RECOMMENDED PATCHES > >Patch Ins Lat Age Require Incomp Synopsis > ID Rev Rev ID ID >------ --- --- --- --------- --------- ----------------------------------------- >106952 N/A 01 713 SunOS 5.7: /usr/bin/uux patch >108327 N/A 01 262 SunOS 5.7: /usr/bin/cu patch >108331 N/A 01 262 SunOS 5.7: /usr/bin/uustat patch >108798 N/A 01 195 SunOS 5.7: /usr/bin/tip patch >109949 N/A 01 122 SunOS 5.7: jserver buffer overflow >====================================================================================== > >UNINSTALLED SECURITY PATCHES > >NOTE: This list includes the Security patches that are also Recommended > >Patch Ins Lat Age Require Incomp Synopsis > ID Rev Rev ID ID >------ --- --- --- --------- --------- ----------------------------------------- >106952 N/A 01 713 SunOS 5.7: /usr/bin/uux patch >108327 N/A 01 262 SunOS 5.7: /usr/bin/cu patch >108331 N/A 01 262 SunOS 5.7: /usr/bin/uustat patch >108798 N/A 01 195 SunOS 5.7: /usr/bin/tip patch >109949 N/A 01 122 SunOS 5.7: jserver buffer overflow >====================================================================================== > >UNINSTALLED Y2K PATCHES > >NOTE: This list includes the Y2K patches that are also Recommended > >Patch Ins Lat Age Require Incomp Synopsis > ID Rev Rev ID ID >------ --- --- --- --------- --------- ----------------------------------------- >108343 N/A 04 110 108374-01 CDE 1.3: sdtperfmeter patch >108815 N/A 02 159 OpenWindows 3.6.1: Calendar Manager patch >====================================================================================== -- Roger Marquis Roble Systems Consulting http://www.roble.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0012170918520.16618-100000>