security advisories and the creating time of my system

Wed Mar 2 14:32:22 PST 2005

On Wed, 2 Mar 2005, Nathan Kinkade wrote:

> On Wed, Mar 02, 2005 at 06:53:21PM +0100, Stevan Tiefert wrote:
>
> <snip>
>
> > > > Hello Nathan,
> > > >
> > > > I need the date/time to decide if I need to download a version from the
> > > > ftp-server in belief I would not need to patch my system anymore. But you
> > > > are writing there is a better method to decide when a download is
> > > > necessary or not? Which one?
> > >
> > > No, I don't mean to imply that there is a better method.  It just
> > > depends on what you are trying to determine.  If you regularly use cvsup
> > > to update your sources and you have cvsup'd since the correction date of
> > > the security warning then you don't need to download the patch, as you
> > > would already have merged the corrections into the source tree on your
> > > local machine.  In that case, you could just recompile the utility, or
> > > the kernel, as they case may be.  If you have no idea whether you have
> > > sync'd your sources since the correction date of the security date, then
> > > you can alway look at the CVS version string in the file in question.
> > > It will look something like:
> > >
> > > $FreeBSD: src/sbin/ifconfig/ifconfig.c,v 1.92 2003/10/26 04:36:47 peter Exp $
> > >
> > > Basically, if your sources, or the particular source file in question,
> > > are not newer than correction date listed in the security alert then you
> > > need to follow the directions to fix or workaround the problem.
> > >
> > > Nathan
> >
> > Hello Nathan,
> >
> > in a security advisory in part V. is written:
> >
> > V.   Solution
> >
> > Perform one of the following:
> >
> > 1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the
> > RELENG_5_3, RELENG_5_2, RELENG_4_10, or RELENG_4_8 security branch dated
> > after the correction date.
> >
> > Can you say me how to get of a running system the date? Because if the
> > system is after the correction date I do not have to download via ftp. If
> > not I have to...
>
> It sounds like you might want to take a look at the FreeBSD handbook
> regarding keeping your system up to date.  You might start here:
>
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html
>
> In short, if the date that `uname -v` reveals is older than the
> corrections date listed in the security alert, AND you haven't already
> specifically taken any measures to fix the problem yourself, then your
> system probably is still affected by the problem detailed in the
> security alert.  In this case you may want to do one of the two
> following things (depending on whether the alert even applies to you):
>
> 1) Follow the directions in the alert for patching your system, or
> 2) Syncronize your source tree and rebuild the kernel and/or system.
>
> Nathan
>

Hello Nathan,

thanks for your advise. It helped me a lot understanding the system.
Thanks also for your patience!

With regards
Stevan Tiefert