Date: Wed, 2 Mar 2005 23:32:12 +0100 (CET) From: Stevan Tiefert <stevan@rot-1.de> To: Nathan Kinkade <nkinkade@ub.edu.bz> Cc: freebsd-questions@freebsd.org Subject: Re: security advisories and the creating time of my system Message-ID: <20050302233024.D26188@mail.rot-1.de> In-Reply-To: <20050302202835.GU3678@gentoo-npk.bmp.ub> References: <20050302162016.W24958@mail.rot-1.de> <20050302154409.GO3678@gentoo-npk.bmp.ub> <20050302161524.GR3678@gentoo-npk.bmp.ub> <20050302174545.GT3678@gentoo-npk.bmp.ub> <20050302202835.GU3678@gentoo-npk.bmp.ub>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Mar 2005, Nathan Kinkade wrote: > On Wed, Mar 02, 2005 at 06:53:21PM +0100, Stevan Tiefert wrote: > > <snip> > > > > > Hello Nathan, > > > > > > > > I need the date/time to decide if I need to download a version from the > > > > ftp-server in belief I would not need to patch my system anymore. But you > > > > are writing there is a better method to decide when a download is > > > > necessary or not? Which one? > > > > > > No, I don't mean to imply that there is a better method. It just > > > depends on what you are trying to determine. If you regularly use cvsup > > > to update your sources and you have cvsup'd since the correction date of > > > the security warning then you don't need to download the patch, as you > > > would already have merged the corrections into the source tree on your > > > local machine. In that case, you could just recompile the utility, or > > > the kernel, as they case may be. If you have no idea whether you have > > > sync'd your sources since the correction date of the security date, then > > > you can alway look at the CVS version string in the file in question. > > > It will look something like: > > > > > > $FreeBSD: src/sbin/ifconfig/ifconfig.c,v 1.92 2003/10/26 04:36:47 peter Exp $ > > > > > > Basically, if your sources, or the particular source file in question, > > > are not newer than correction date listed in the security alert then you > > > need to follow the directions to fix or workaround the problem. > > > > > > Nathan > > > > Hello Nathan, > > > > in a security advisory in part V. is written: > > > > V. Solution > > > > Perform one of the following: > > > > 1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the > > RELENG_5_3, RELENG_5_2, RELENG_4_10, or RELENG_4_8 security branch dated > > after the correction date. > > > > Can you say me how to get of a running system the date? Because if the > > system is after the correction date I do not have to download via ftp. If > > not I have to... > > It sounds like you might want to take a look at the FreeBSD handbook > regarding keeping your system up to date. You might start here: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html > > In short, if the date that `uname -v` reveals is older than the > corrections date listed in the security alert, AND you haven't already > specifically taken any measures to fix the problem yourself, then your > system probably is still affected by the problem detailed in the > security alert. In this case you may want to do one of the two > following things (depending on whether the alert even applies to you): > > 1) Follow the directions in the alert for patching your system, or > 2) Syncronize your source tree and rebuild the kernel and/or system. > > Nathan > Hello Nathan, thanks for your advise. It helped me a lot understanding the system. Thanks also for your patience! With regards Stevan Tiefert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050302233024.D26188>