Re: Mistake in security advisory.

From: Dan Mahoney, System Admin (danm@prime.gushi.org)
Date: 07/26/01

• Next message: John: "Have a good laugh!"
• Previous message: nathan barrick: "ssh3"
• In reply to: Kris Kennaway: "Re: Mistake in security advisory."
• Next in thread: Kris Kennaway: "Re: Mistake in security advisory."
• Reply: Kris Kennaway: "Re: Mistake in security advisory."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 26 Jul 2001 17:10:28 -0400 (EDT)
From: "Dan Mahoney, System Admin" <danm@prime.gushi.org>
To: Kris Kennaway <kris@obsecurity.org>

On Thu, 26 Jul 2001, Kris Kennaway wrote:

> On Thu, Jul 26, 2001 at 09:19:20AM -0400, Dan Mahoney, System Admin wrote:
>
> > # cd /usr/src/
> > # patch -p < /path/to/patch
> > # cd /usr/src/secure/libexec/telnetd
> > # make depend && make all install
> >
> > /* This directory does NOT exist, only /usr/src/libexec/telnetd exists in
> > 3.5.1-Stable */
>
> Sounds like you're not cvsupping the src-secure collection, then.

From the supfile:

# These are the individual collections that make up FreeBSD's crypto
# collection. They are no longer export-restricted and are a part of
# src-all
#src-crypto
#src-secure
#src-sys-crypto

Unless for some reason I should be using the stable-secure-supfile

-Dan

>
> > # cd /usr/src/
> > # patch -p < /path/to/patch
> > # cd /usr/src/libexec/telnetd
> > # make depend && make all install
> >
> > /* Yet this command appears to build the telnet daemon with the applied
> > patches. Can someone confirm this for me? For what it's worth, the
> > above advisory confused me, so I simply re-cvsupped my entire source
> > tree, and then followed the instructions immediately above. */
>
> This builds the non-crypto version; as I tried to explain in the
> advisory, there are two slightly different versions in the tree.
>
> Kris
>

--
I want to see how you see.
-SK, 6/2/99, 4:30 AM
--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Web: http://prime.gushi.org
finger danm@prime.gushi.org 
for pgp public key and tel#
---------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: John: "Have a good laugh!"
• Previous message: nathan barrick: "ssh3"
• In reply to: Kris Kennaway: "Re: Mistake in security advisory."
• Next in thread: Kris Kennaway: "Re: Mistake in security advisory."
• Reply: Kris Kennaway: "Re: Mistake in security advisory."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Mistake in security advisory. ... > On Thu, 26 Jul 2001, Kris Kennaway wrote: ... >> Sounds like you're not cvsupping the src-secure collection, ... >>From the supfile: ... (FreeBSD-Security) Re: Another glob problem ... and then cvsupping back to RELENG_4. ... Kris Kennaway wrote: ... >> production server. ... > scratch machine, then installworld via NFS on the target servers. ... (FreeBSD-Security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint