From owner-freebsd-current@FreeBSD.ORG  Fri Oct  3 19:23:06 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 16AD116A4B3
	for <current@freebsd.org>; Fri,  3 Oct 2003 19:23:06 -0700 (PDT)
Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu
	[128.208.78.105])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 571A644001
	for <current@freebsd.org>; Fri,  3 Oct 2003 19:23:05 -0700 (PDT)
	(envelope-from sgk@troutmask.apl.washington.edu)
Received: from troutmask.apl.washington.edu (localhost [127.0.0.1])
	h942MwOH063858;	Fri, 3 Oct 2003 19:22:58 -0700 (PDT)
	(envelope-from sgk@troutmask.apl.washington.edu)
Received: (from sgk@localhost)h942MwCt063857;
	Fri, 3 Oct 2003 19:22:58 -0700 (PDT)	(envelope-from sgk)
Date: Fri, 3 Oct 2003 19:22:58 -0700
From: Steve Kargl <sgk@troutmask.apl.washington.edu>
To: Barney Wolff <barney@databus.com>
Message-ID: <20031004022258.GA63779@troutmask.apl.washington.edu>
References: <20031004014527.GB32411@pit.databus.com>
	<20031004015404.GW72999@procyon.firepipe.net>
	<20031004021041.GA33705@pit.databus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20031004021041.GA33705@pit.databus.com>
User-Agent: Mutt/1.4.1i
cc: current@freebsd.org
Subject: Re: [security-advisories@freebsd.org: [FreeBSD-Announce] FreeBSD
	Security Advisory FreeBSD-SA-03:17.procfs]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Oct 2003 02:23:06 -0000

On Fri, Oct 03, 2003 at 10:10:41PM -0400, Barney Wolff wrote:
> Does this mean that the situation can ever arise where a security bug
> is corrected in the advisory's announced releases but not in -current?

No. Well, at least not to date.

> Or, can we assume that as of the time of the security announcement
> the vulnerability has *always* been corrected in -current?

Yes.  You will need to run cvsup to update your sources and
at a minimum rebuild the vulnerable application.

-- 
Steve