From owner-freebsd-questions Wed Aug 13 15:44:52 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA04309 for questions-outgoing; Wed, 13 Aug 1997 15:44:52 -0700 (PDT) Received: from implode.root.com (implode.root.com [198.145.90.17]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA04303 for ; Wed, 13 Aug 1997 15:44:48 -0700 (PDT) Received: from implode.root.com (localhost [127.0.0.1]) by implode.root.com (8.8.5/8.8.5) with ESMTP id PAA18774; Wed, 13 Aug 1997 15:46:37 -0700 (PDT) Message-Id: <199708132246.PAA18774@implode.root.com> To: spork cc: questions@FreeBSD.ORG Subject: Re: Security Fixes In-reply-to: Your message of "Wed, 13 Aug 1997 10:37:55 EDT." From: David Greenman Reply-To: dg@root.com Date: Wed, 13 Aug 1997 15:46:37 -0700 Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >What is the best way to determine whether a security fix has been >committed to the -stable source tree? > >I specifically am curious about the rfork and procfs bugs and whether I >should continue using local patches from this and other mailing lists or >whether the cvsup I just completed took care of all this for me... The patches that were finally committed are somewhat different than the ones that were on the mailing lists. In at least one case, the posted fix had logic and grammer errors. ...so you probably do want to get the official fixes. >Actually, digging through the cvsweb, I was able to see the procfs change >committed yesterday, but I'm stumped on where to look for the rfork >problem, as the patch I have is an LKM... The rfork hole was fixed in kern_exec.c by unsharing the file descriptor table (the file descriptors themselves remain shared, however). -DG David Greenman Core-team/Principal Architect, The FreeBSD Project