Date: Mon, 22 Apr 2002 15:19:56 -0500 From: D J Hawkey Jr <hawkeyd@visi.com> To: security at FreeBSD <freebsd-security@freebsd.org> Subject: Q about FreeBSD-SA-02:23.stdio Message-ID: <20020422151956.A919@sheol.localdomain>
next in thread | raw e-mail | index | archive | help
Hello All.
Received this SA today, and I have but four questions:
- Is this really only a kernel re-build and install thang?
- Shouldn't filedesc.h be copied to /usr/include/sys?
- libc (and therefore userland) really isn't involved at all?
- 'keyinit' was used as an example, but the hole is
just in the kernel?
TIA,
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
----- Forwarded message from FreeBSD Security Advisories -----
=============================================================================
FreeBSD-SA-02:23.stdio Security Advisory
The FreeBSD Project
Topic: insecure handling of stdio file descriptors
Category: core
Module: kernel
Announced: 2002-04-22
Credits: Joost Pol <joost@pine.nl>
Affects: All releases of FreeBSD up to and including 4.5-RELEASE
4.5-STABLE prior to the correction date
Corrected: 2002-04-21 13:06:45 UTC (RELENG_4)
2002-04-21 13:08:57 UTC (RELENG_4_5)
2002-04-21 13:10:51 UTC (RELENG_4_4)
FreeBSD only: NO
[SNIP]
V. Solution
1) Upgrade your vulnerable system to 4.5-STABLE; or to either of the
RELENG_4_5 (4.5-RELEASE-p4) or RELENG_4_4 (4.4-RELEASE-p11) security
branches dated after the respective correction dates.
2) To patch your present system:
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:23/stdio.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:23/stdio.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
http://www.freebsd.org/handbook/kernelconfig.html and reboot the
system.
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Path Revision
Branch
- -------------------------------------------------------------------------
sys/sys/filedesc.h
RELENG_4 1.19.2.4
RELENG_4_5 1.19.2.3.6.1
RELENG_4_4 1.19.2.3.4.1
sys/kern/kern_exec.c
RELENG_4 1.107.2.14
RELENG_4_5 1.107.2.13.2.1
RELENG_4_4 1.107.2.8.2.2
sys/kern/kern_descrip.c
RELENG_4 1.81.2.11
RELENG_4_5 1.81.2.9.2.1
RELENG_4_4 1.81.2.8.2.1
sys/conf/newvers.sh
RELENG_4_5 1.44.2.20.2.5
RELENG_4_4 1.44.2.17.2.10
- -------------------------------------------------------------------------
----- End forwarded message -----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020422151956.A919>