Date: Fri, 1 Oct 2010 14:00:16 -0700 From: Jason <jhelfman@e-e.com> To: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Updating bzip2 to remove potential security vulnerability Message-ID: <20101001210014.GD86640@eggman.experts-exchange.com> In-Reply-To: <20101001165940.5d0e73f5@scorpio> References: <20101001121332.5b04fa61@scorpio> <20101001171420.GE40148@dan.emsphone.com> <20101001165940.5d0e73f5@scorpio>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 01, 2010 at 04:59:40PM -0400, Jerry thus spake: >On Fri, 1 Oct 2010 12:14:20 -0500 >Dan Nelson <dnelson@allantgroup.com> articulated: > >> You must have missed >> http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc ; >> patches for 6, 7, and 8 are available there, and freebsd-update has >> fixed binaries if you use that. > >Never saw it. So I am assuming that simply using something like: > >csup -L2 -h cvsup.FreeBSD.org "/usr/src/share/examples/cvsup/standard-supfile" > >Then rebuild Kernel & World is not going to work. Is that correct? The update instructions are in the announcement. Here is a snippet from it: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch # fetch http://security.FreeBSD.org/patches/SA-10:08/bzip2.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/libbz2 # make obj && make depend && make && make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in <URL:http://www.FreeBSD.org/handbook/makeworld.html> 3) To update your vulnerable system via a binary patch: Systems running 6.4-RELEASE, 7.1-RELEASE, 7.3-RELEASE, 8.0-RELEASE or 8.1-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101001210014.GD86640>