PRERELEASE?

Pietro Cerutti pietro.cerutti at gmail.com
Tue Apr 5 15:05:42 PDT 2005 

On Apr 5, 2005 5:26 PM, Kevin Kinsey <kdk at daleco.biz> wrote:
> John Hall wrote:
> 
> >We currently have 5.4-PRERELEASE installed on our web box:
> >
> >outpost# uname -a
> >FreeBSD outpost.blacklotus.net 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #0: Wed
> >Mar 30 13:38:38 MST 2005
> >hallj at outpost.blacklotus.net:/usr/obj/usr/src/sys/OUTPOST  i386
> >
> >I need to know if we need to update the server to 5.4-RELEASE with this
> >version of 5.4 in order to protect against the sendfile kernel memory
> >problem in the security notice at:
> >
> >ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:02.sendfile.
> >asc
> >
> >Thanks!
> >
> >John Hall [jhall at lotuscom.net]
> >Manager of Operations
> >Black Lotus Communications
> >[http://www.blacklotus.net]
> >
> >
> 
> I don't think it's possible to update to 5.4-RELEASE, as it
> doesn't exist yet AFAICT from the web site.  I've not checked
> the CVS repo or mirrors, so I guess it's possible that it has
> been tagged in the last couple of days, though.

Yes it's on the CVSs repositories now....

> 
> Updating to any codebase from today or following the
> patch method outlined in the announcement should
> make you safe from this vulnerability.
> 
> See the Handbook chapter on "the Cutting Edge".
> The RELEASE tag you'd want would be "RELENG_5",
> I expect.
> 
> Whoops, OK:  now I see that apparently 5.4 has
> been tagged.  As mentioned in the advisory, you
> can either patch your system and recompile the
> kernel or update to one of seven different code
> paths to get the new code.  If you server was built
> just a week ago, then 5.4-RELEASE sounds great
> for this purpose, and the only viable choices for you
> are RELENG_5, RELENG_5_4, or RELENG_5_3.
> However, the recommended procedure for the
> entire world reinstall includes some time (not
> much, probably) spent in single-user mode, so if this
> is a busy box that needs 99.99 percent uptime, maybe
> the kernel rebuild would be better, as a simple reboot
> on the new kernel would be the only thing required....
> I'm sure that this statement might be open to debate....
> 
> Kevin Kinsey
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 


-- 
Pietro Cerutti
<pietro.cerutti at gmail.com>
<http://www.gahr.ch/pgp-key>

Beansidhe - SwiSS Death / Thrash Metal
<www.beansidhe.ch>

Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming or what?"

More information about the freebsd-questions mailing list