Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 2 Mar 2005 18:53:21 +0100 (CET)
From:      Stevan Tiefert <stevan@rot-1.de>
To:        Nathan Kinkade <nkinkade@ub.edu.bz>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: security advisories and the creating time of my system
Message-ID:  <20050302185115.I25321@mail.rot-1.de>
In-Reply-To: <20050302174545.GT3678@gentoo-npk.bmp.ub>
References:  <20050302162016.W24958@mail.rot-1.de> <20050302154409.GO3678@gentoo-npk.bmp.ub> <20050302161524.GR3678@gentoo-npk.bmp.ub> <20050302174545.GT3678@gentoo-npk.bmp.ub>

next in thread | previous in thread | raw e-mail | index | archive | help


On Wed, 2 Mar 2005, Nathan Kinkade wrote:

> On Wed, Mar 02, 2005 at 06:25:48PM +0100, Stevan Tiefert wrote:
> > On Wed, 2 Mar 2005, Nathan Kinkade wrote:
> >
> > > On Wed, Mar 02, 2005 at 05:03:35PM +0100, Erik Norgaard wrote:
> > > > Nathan Kinkade wrote:
> > > > >>The security advisory give me the possibility to patch my system or to
> > > > >>download the "patched" FreeBSD via ftp. How can I recognize which creation
> > > > >>time the running system has?
> > > > >
> > > > >Try the command `uname -v`.
> > > >
> > > > AFAIK this command tells you the build time, but now how fresh the
> > > > source was.
> > > >
> > > > Erik
> > >
> > > Yes, you are correct, but he mentions that he wants to know the
> > > "creation" (build?) time of the "running system," so I figured that the
> > > date/time provided by uname was what he was looking for.  Maybe you are
> > > right, though.  Perhaps more important is whether his sources are newer
> > > than the fix date.
> > >
> > > Nathan
> >
> > Hello Nathan,
> >
> > I need the date/time to decide if I need to download a version from the
> > ftp-server in belief I would not need to patch my system anymore. But you
> > are writing there is a better method to decide when a download is
> > necessary or not? Which one?
>
> No, I don't mean to imply that there is a better method.  It just
> depends on what you are trying to determine.  If you regularly use cvsup
> to update your sources and you have cvsup'd since the correction date of
> the security warning then you don't need to download the patch, as you
> would already have merged the corrections into the source tree on your
> local machine.  In that case, you could just recompile the utility, or
> the kernel, as they case may be.  If you have no idea whether you have
> sync'd your sources since the correction date of the security date, then
> you can alway look at the CVS version string in the file in question.
> It will look something like:
>
> $FreeBSD: src/sbin/ifconfig/ifconfig.c,v 1.92 2003/10/26 04:36:47 peter Exp $
>
> Basically, if your sources, or the particular source file in question,
> are not newer than correction date listed in the security alert then you
> need to follow the directions to fix or workaround the problem.
>
> Nathan
>

Hello Nathan,

in a security advisory in part V. is written:

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to 4-STABLE or 5-STABLE, or to the
RELENG_5_3, RELENG_5_2, RELENG_4_10, or RELENG_4_8 security branch dated
after the correction date.

Can you say me how to get of a running system the date? Because if the
system is after the correction date I do not have to download via ftp. If
not I have to...

With regards
Stevan Tiefert



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050302185115.I25321>