Date: Fri, 19 Sep 2003 16:16:36 +0300 From: Alexandr Kovalenko <never@nevermind.kiev.ua> To: "Jacques A. Vidrine" <nectar@FreeBSD.org>, James Raftery <james@kerna.ie>, freebsd-security@FreeBSD.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:12.openssh [REVISED] Message-ID: <20030919131636.GB63736@nevermind.kiev.ua> In-Reply-To: <20030918145005.GB32994@madman.celabo.org> References: <200309172237.h8HMbuvK078935@freefall.freebsd.org> <20030918100907.GA85007@bender.kerna.ie> <20030918145005.GB32994@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Jacques A. Vidrine! On Thu, Sep 18, 2003 at 09:50:06AM -0500, you wrote: > On Thu, Sep 18, 2003 at 11:09:07AM +0100, James Raftery wrote: > > On Wed, Sep 17, 2003 at 03:37:56PM -0700, FreeBSD Security Advisories wrote: > > > # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:12/buffer46.patch > > [snip] > > > > The patch above doesn't appear to modify src/crypto/openssh/version.h > > > > > Branch Version string > > > - ------------------------------------------------------------------------- > > > RELENG_4_7 OpenSSH_3.4p1 FreeBSD-20030917 > > > > After patching (on the 4.7 security branch), my version string still > > says: > > > > sshd version OpenSSH_3.4p1 FreeBSD-20020702 > > > > Would the Security Team mind publishing a version of the patch that > > modifies the version string? > > The patch is crafted specifically to apply to the widest range of > FreeBSD versions as possible. In this way we have three patches to > distribute instead of 1 per release. (Likewise, there is a single > sendmail patch instead of 1 per release.) > > Use CVSup if you want to actually track the security branches. Use > the patch if you just want a quick fix. You can also pull down the > ancilliary patches (version.h, newvers.sh, UPDATING, etc) via other > mechanisms (e.g. anon CVS, cvsweb) if you like. I've used cvsup to update my sources but I see the same picture in RELENG_4_7. -- NEVE-RIPE, will build world for food Ukrainian FreeBSD User Group http://uafug.org.ua/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030919131636.GB63736>