Date: Tue, 14 Aug 2001 01:28:15 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: William Nunn <yorkie123@hotmail.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Remotely Exploitable telnetd bug Message-ID: <Pine.BSF.4.21.0108140120340.24670-100000@ren.sasknow.com> In-Reply-To: <OE20Sx9x7BEH3PaydnL0000c0db@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
William Nunn wrote to freebsd-questions@FreeBSD.ORG: > I'm planning on buying freebsd, but I saw the news about the bug on > the site. As of today Aug 14th, If I buy a new jewel case or boxed > distribution, will it include that security flaw. I know there is a > patch for it, but I'm interested to know if i'm spared of it. As Kris has already pointed out, the current (4.3-RELEASE) CDs still contain the vulnerability. In your shoes, you have three options to squash the bug: 1) Wait for the new CDs to ship (a small ways away yet) 2) Get the current 4.3-RELEASE CDs, and install FreeBSD. Then patch your system with the posted fixes. 3) Get 4.3 (on CD, downloaded, etc), and use cvsup to bring your system to the latest -STABLE version (which, right now, I think, is a 4.4 prerealease, meaning the latest stability and security issues are already in place). If it were me, I'd go with door #3, but, then again, if you are relatively new to FreeBSD (and especially if you are new to UNIX in general), you might find the steps to upgrading with cvsup more complex than you'd like. #1 is the easiest, but involves a delay. #2 is relatively easy if you follow the instructions, but not all bugfixes or enhancements are available as patches. > regards, > > William > -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108140120340.24670-100000>