Mistake in security advisory.
From: Dan Mahoney, System Admin (danm@prime.gushi.org)
Date: 07/26/01
- Next message: Janusz Mucka (Defacto): "Re: Updating security fixes without single user mode?"
- Previous message: Nickolay A.Kritsky: "accounting with ipfw (gid, uid riles)"
- Next in thread: Kris Kennaway: "Re: Mistake in security advisory."
- Reply: Kris Kennaway: "Re: Mistake in security advisory."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Jul 2001 09:19:20 -0400 (EDT) From: "Dan Mahoney, System Admin" <danm@prime.gushi.org> To: security@freebsd.org
I'd like to point out what I think is a slight error in the security
advisory, although I may be wrong about this. Watch for my c-style
comments below:
# ls /usr/src/crypto/telnet/telnetd
A response of
ls: /usr/src/crypto/telnet/telnetd: No such file or directory
indicates you do not have the sources present and should download the
non-crypto-telnet patch.
These patches have been verified to apply to FreeBSD 4.2-RELEASE,
4.3-RELEASE and 3.5.1-STABLE dated prior to 2001-07-20 (users of
3.5.1-RELEASE must have applied the patches from FreeBSD Security
Advisory 00:69 prior to applying this patch). These patches may or
may not apply to older, unsupported releases of FreeBSD.
2a) For systems with the crypto-telnet sources installed
Download the patch and the detached PGP signature from the following
locations, and verify the signature using your PGP utility.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd-crypto.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd-crypto.patch.asc
/* This patch applies cleanly to 3.5.1-STABLE systems, and the above
directory exists. */
# cd /usr/src/
# patch -p < /path/to/patch
# cd /usr/src/secure/libexec/telnetd
# make depend && make all install
/* This directory does NOT exist, only /usr/src/libexec/telnetd exists in
3.5.1-Stable */
2b) For systems without the crypto-telnet sources installed
Download the patch and the detached PGP signature from the following
locations, and verify the signature using your PGP utility.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd.patch.asc
# cd /usr/src/
# patch -p < /path/to/patch
# cd /usr/src/libexec/telnetd
# make depend && make all install
/* Yet this command appears to build the telnet daemon with the applied
patches. Can someone confirm this for me? For what it's worth, the
above advisory confused me, so I simply re-cvsupped my entire source
tree, and then followed the instructions immediately above. */
Perchance a correction can save someone else the same trouble.
-Dan mahoney
-- "Don't be so depressed dear." "I have no endorphins, what am I supposed to do?" -DM and SK, February 10th, 1999 --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Web: http://prime.gushi.org finger danm@prime.gushi.org for pgp public key and tel# --------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Janusz Mucka (Defacto): "Re: Updating security fixes without single user mode?"
- Previous message: Nickolay A.Kritsky: "accounting with ipfw (gid, uid riles)"
- Next in thread: Kris Kennaway: "Re: Mistake in security advisory."
- Reply: Kris Kennaway: "Re: Mistake in security advisory."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
