FreeBSD Security Advisory FreeBSD-SA-04:02.shmat
Colin Percival
colin.percival at wadham.ox.ac.uk
Thu Feb 5 11:15:30 PST 2004
At 18:40 05/02/2004, FreeBSD Security Advisories wrote:
>=============================================================================
>FreeBSD-SA-04:02.shmat Security Advisory
>
>V. Solution
>
>Do one of the following:
>
>1) Upgrade your vulnerable system to 4-STABLE, or to the RELENG_5_2,
>RELENG_5_1, RELENG_4_9, or RELENG_4_8 security branch dated after the
>correction date.
>
>2) Patch your present system: [...]
As usual, there is a third option here: I'm building binary
security updates for the x86 platform and distributing them via
the FreeBSD Update port (security/freebsd-update in the ports
tree). For x86 systems running an official RELEASE plus security
patches, this provides an easier update method than building
from source. To use these updates:
1) Install FreeBSD Update and copy the sample configuration file
into place:
# cd /usr/ports/security/freebsd-update && make install clean
# cp /usr/local/etc/freebsd-update.conf.sample
/usr/local/etc/freebsd-update.conf
2) Fetch and install updates:
# /usr/local/sbin/freebsd-update fetch
# /usr/local/sbin/freebsd-update install
Note that if you have built your own kernel, the default
behaviour of FreeBSD Update will leave it unmodified (ie, not
updated to reflect this latest advisory). If you have the
latest version of FreeBSD Update installed (version 1.5), then
you can force any locally modified files (eg, the kernel) to
be replaced with up-to-date GENERIC versions by using the
--branch option.
For more details see http://www.daemonology.net/freebsd-update/ .
While I am a FreeBSD committer and member of the security
team, these updates are something I'm providing personally;
they are in no way endorsed by the Security Officer or the
Project as a whole.
Colin Percival
More information about the freebsd-security
mailing list