FreeBSD 2.1.6 replaced with point release (220.127.116.11)
Jordan K. Hubbard
jkh at time.cdrom.com
Mon Nov 25 22:58:33 PST 1996
Following Murphy's law to the letter, a significant security hole in
sendmail 8.8.3 was found just one day after 2.1.6 was rolled and put
up on ftp.freebsd.org, requiring some sort of response before putting
2.1.6 onto CDROM.
While investigating this, it was also decided to integrate a fairly
simple fix for the SYN attack problem (less sophisticated than the one
in FreeBSD 2.2-ALPHA) which provided effective protection without
introducing any potential instabilities which would violate 2.1.6's
Several other more minor changes were made to make(1) and the
bsd.port.mk file in order to more effectively support the 2.2.x ports
collection on 2.1.x machines, should people desire this, but that's
about it for 2.1.6 -> 18.104.22.168 changes.
In order to prevent the mirror sites from murdering us in our sleep
for wasting space (not to mention Walnut Creek CDROM, who has already
printed up the covers saying "2.1.6" on them), the 22.214.171.124 release was
also simply overlayed on top of the 2.1.6 release on ftp.freebsd.org
and will be released on CD as 2.1.6 - if it makes it easier to
understand, just pretend that the 2.1.6 I announced before was really
If you look at our timeline, we're still ahead of our December
deadline for 2.1.6 in either case.
Please read the RELNOTES.TXT file in the 2.1.6-RELEASE directory for
more details on what you should upgrade if you're already running
2.1.6 and don't want to reinstall. The 126.96.36.199 README.TXT file also
reads "RELEASE Version +1" at the top for easy identification, and the
uname(1) command prints out 188.8.131.52 as well, so you'll know if you're
running the security patched version on an installed system.
Apologies in advance for any confusion this causes, but I believe we
chose the lesser of several possible evils, and at least now 2.1.6
will be going out without any clearly obvious security holes.
More information about the freebsd-announce