FreeBSD Security Advisory FreeBSD-SA-03:08.realpath
Colin Percival
colin.percival at wadham.ox.ac.uk
Mon Aug 4 16:01:41 PDT 2003
At 00:54 04/08/2003 -0700, I wrote:
> Once the binary updates are available, FreeBSD Update
>(security/freebsd-update in the ports tree) will be able to fetch and
>install them; I'll send another email to this list after they've been
>built, signed, and uploaded.
Binary patches can now be installed via FreeBSD Update for any systems
with a binary install of 4.7-RELEASE or 4.8-RELEASE which have not have any
system binaries rebuilt or replaced locally (except by FreeBSD Update).
With a recent copy of the ports tree:
1. cd /usr/ports/security/freebsd-update/ && make all install
2. cp /usr/local/etc/freebsd-update.conf.sample
/usr/local/etc/freebsd-update.conf
3. /usr/local/sbin/freebsd-update fetch
4. /usr/local/sbin/freebsd-update install
In FreeBSD 4.7, the following binaries were affected by this security
advisory:
/bin/mv
/bin/pwd
/bin/realpath
/sbin/kldconfig
/sbin/mount
/sbin/mount_cd9660
/sbin/mount_ext2fs
/sbin/mount_fdesc
/sbin/mount_kernfs
/sbin/mount_linprocfs
/sbin/mount_mfs
/sbin/mount_msdos
/sbin/mount_nfs
/sbin/mount_ntfs
/sbin/mount_null
/sbin/mount_nwfs
/sbin/mount_portal
/sbin/mount_procfs
/sbin/mount_smbfs
/sbin/mount_std
/sbin/mount_umap
/sbin/mount_union
/sbin/mountd
/sbin/newfs
/sbin/umount
/usr/bin/make
/usr/lib/libc.a
/usr/lib/libc.so.4
/usr/lib/libc_p.a
/usr/lib/libc_pic.a
/usr/lib/libc_r.a
/usr/lib/libc_r.so.4
/usr/lib/libc_r_p.a
/usr/libexec/lukemftpd
/usr/libexec/sftp-server
/usr/sbin/config
/usr/sbin/pkg_add
/usr/sbin/sshd
In FreeBSD 4.8, the same binaries were affected, with the exception of
/sbin/mount_kernfs (no longer installed), /usr/bin/make (no longer uses
realpath), and /usr/libexec/lukemftpd (no longer installed).
Colin Percival
More information about the freebsd-security
mailing list