From owner-freebsd-announce@FreeBSD.ORG Sun Aug 10 21:17:09 2003 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C6D9037B726; Sun, 10 Aug 2003 21:16:21 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 62D8044B55; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7B2v6Up061272; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7B2v6hv061270; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) Date: Sun, 10 Aug 2003 19:57:06 -0700 (PDT) Message-Id: <200308110257.h7B2v6hv061270@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Project Announcements [moderated] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 04:17:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:09.signal Security Advisory The FreeBSD Project Topic: Insufficient range checking of signal numbers Category: core Module: sys Announced: 2003-08-10 Affects: All releases of FreeBSD up to and including 4.8-RELEASE-p1, 5.1-RELEASE (but see `Problem Description' below) FreeBSD 4-STABLE prior to the correction date Corrected: 2003-08-10 23:09:28 UTC (RELENG_4) 2003-08-10 23:14:08 UTC (RELENG_5_1) 2003-08-10 23:17:48 UTC (RELENG_5_0) 2003-08-10 23:19:35 UTC (RELENG_4_8) 2003-08-10 23:20:30 UTC (RELENG_4_7) 2003-08-10 23:21:18 UTC (RELENG_4_6) 2003-08-10 23:22:19 UTC (RELENG_4_5) 2003-08-10 23:23:05 UTC (RELENG_4_4) 2003-08-10 23:23:56 UTC (RELENG_4_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Signals are a UNIX mechanism for handling asynchronous events such as pressing the terminal interrupt key (e.g. Ctrl-C), job control, memory access violations, I/O completion, and many others. Each signal is assigned a positive number. There are a number of mechanisms by which a process may cause a signal to be sent, including using the kill(2) system call or registering with certain device drivers. II. Problem Description Some mechanisms for causing a signal to be sent did not properly validate the signal number, in some cases allowing the kernel to attempt to deliver a negative or out-of-range signal number. Such errors were present in the ptrace(2) system call and the `spigot' video capture device driver. The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE (4-STABLE dated Oct 26 04:34:41 2000 UTC). The `spigot' device driver (including the error) was introduced in FreeBSD 2.0.5. It has never been included in the kernel installed by default, nor in the GENERIC kernel configuration. Only systems with `device spigot' added to the kernel configuration are affected by this instance of the error. III. Impact In most cases, attempted delivery of a negative or out-of-range signal number will trigger an assertion failure and panic, thereby crashing the system. A malicious local user could use this vulnerability as a local denial-of-service attack. However, in FreeBSD 5.x, the assertion code is not present if the `INVARIANTS' kernel option is not used. In FreeBSD 5.0-RELEASE and 5.1-RELEASE, `INVARIANTS' is not enabled by default. In this configuration, a malicious local user could use this vulnerability to modify kernel memory, potentially leading to complete system compromise. (FreeBSD 4.x is not vulnerable in this way.) IV. Workaround There is no workaround for the local denial-of-service attack. The more severe impact, present only in FreeBSD 5.x systems, can be avoided by uncommenting or adding the `INVARIANTS' line to your kernel configuration: options INVARIANTS #Enable calls of extra sanity checking Recompile your kernel as described in and reboot the system. NOTE WELL: This workaround is only for FreeBSD 5.x systems. This workaround does not eliminate the possibility of a local denial-of-service attack. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p2), RELENG_4_7 (4.7-RELEASE-p12), or RELENG_5_1 (5.1-RELEASE-p1) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 5.1-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch.asc [FreeBSD 5.0-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch.asc [FreeBSD 4.8-RELEASE, 4.8-STABLE, 4.7-STABLE dated Jan 2 20:39:13 2003 UTC or later] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch.asc [FreeBSD 4.3-RELEASE through 4.7-RELEASE, 4.7-STABLE dated before Jan 2 20:39:13 2003 UTC] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- src/sys/UPDATING RELENG_5_1 1.251.2.2 RELENG_5_0 1.229.2.15 RELENG_4_8 1.73.2.80.2.4 RELENG_4_7 1.73.2.74.2.15 RELENG_4_6 1.73.2.68.2.43 RELENG_4_5 1.73.2.50.2.45 RELENG_4_4 1.73.2.43.2.46 RELENG_4_3 1.73.2.28.2.33 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.3 RELENG_5_0 1.48.2.10 RELENG_4_8 1.44.2.29.2.3 RELENG_4_7 1.44.2.26.2.14 RELENG_4_6 1.44.2.23.2.32 RELENG_4_5 1.44.2.20.2.29 RELENG_4_4 1.44.2.17.2.37 RELENG_4_3 1.44.2.14.2.23 src/sys/i386/isa/spigot.c RELENG_4 1.44.2.1 RELENG_5_1 1.58.2.1 RELENG_5_0 1.55.2.1 RELENG_4_8 1.44.14.1 RELENG_4_7 1.44.12.1 RELENG_4_6 1.44.10.1 RELENG_4_5 1.44.8.1 RELENG_4_4 1.44.6.1 RELENG_4_3 1.44.4.1 src/sys/kern/sys_process.c RELENG_4 1.51.2.7 RELENG_5_1 1.108.2.1 RELENG_5_0 1.104.2.1 RELENG_4_8 1.51.2.6.2.1 RELENG_4_7 1.51.2.4.2.1 RELENG_4_6 1.51.2.3.4.1 RELENG_4_5 1.51.2.3.2.1 RELENG_4_4 1.51.2.1.4.2 RELENG_4_3 1.51.2.1.2.2 src/sys/kern_sig.c RELENG_5_1 1.239.2.1 RELENG_5_0 1.197.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Nt6VFdaIBMps37IRAs/0AJ9qtj0Cv+y3QjUZXrFDQx00oTv+AwCgnys1 p3OHIN16XjGz8OhmjF1nWKM= =tnsF -----END PGP SIGNATURE----- From owner-freebsd-announce@FreeBSD.ORG Sun Aug 10 21:18:32 2003 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23F8A37B754; Sun, 10 Aug 2003 21:17:50 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8020B44B62; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7B2vDUp061314; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7B2vDxk061311; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) Date: Sun, 10 Aug 2003 19:57:13 -0700 (PDT) Message-Id: <200308110257.h7B2vDxk061311@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2 X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Project Announcements [moderated] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 04:18:35 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:10.ibcs2 Security Advisory The FreeBSD Project Topic: Kernel memory disclosure via ibcs2 Category: core Module: sys Announced: 2003-08-10 Credits: David Rhodus Affects: All FreeBSD releases up to and including 4.8-RELEASE-p2, 5.1-RELEASE-p1 Corrected: 2003-08-10 23:30:18 UTC (RELENG_4) 2003-08-10 23:28:16 UTC (RELENG_5_1) 2003-08-10 23:29:10 UTC (RELENG_5_0) 2003-08-10 23:31:11 UTC (RELENG_4_8) 2003-08-10 23:31:51 UTC (RELENG_4_7) 2003-08-10 23:32:22 UTC (RELENG_4_6) 2003-08-10 23:32:44 UTC (RELENG_4_5) 2003-08-10 23:33:18 UTC (RELENG_4_4) 2003-08-10 23:33:50 UTC (RELENG_4_3) 2003-08-10 23:35:21 UTC (RELENG_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD contains a kernel option (IBCS2) and kernel loadable module (ibcs2.ko) that provide system call translation for running Intel Binary Compatibility Specification 2 (iBCS2) compliant programs. It is not enabled in FreeBSD by default. II. Problem Description The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than required, then instead of copying only the statfs-related data structure, additional kernel memory would also be made available to the user. III. Impact If iBCS2 support were enabled, a malicious user could call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. For example, a terminal buffer might include a user-entered password. iBCS2 support is only present if the system administrator has enabled it by including `option IBCS2' in the kernel configuration file, or loaded it dynamically using kldload(8) or by setting `ibcs2_enable' in rc.conf(5). IV. Workaround Disable iBCS2 support if it is enabled. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p3), RELENG_4_7 (4.7-RELEASE-p13), or RELENG_5_1 (5.1-RELEASE-p2) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. The following patch has been tested to apply to all FreeBSD 3.x, 4.x, and 5.x releases. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:10/ibcs2.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:10/ibcs2.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- src/UPDATING RELENG_5_1 1.251.2.3 RELENG_5_0 1.229.2.16 RELENG_4_8 1.73.2.80.2.5 RELENG_4_7 1.73.2.74.2.16 RELENG_4_6 1.73.2.68.2.44 RELENG_4_5 1.73.2.50.2.46 RELENG_4_4 1.73.2.43.2.47 RELENG_4_3 1.73.2.28.2.34 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.4 RELENG_5_0 1.48.2.11 RELENG_4_8 1.44.2.29.2.4 RELENG_4_7 1.44.2.26.2.15 RELENG_4_6 1.44.2.23.2.33 RELENG_4_5 1.44.2.20.2.30 RELENG_4_4 1.44.2.17.2.38 RELENG_4_3 1.44.2.14.2.24 src/sys/i386/ibcs2/ibcs2_stat.c RELENG_4 1.10.2.1 RELENG_5_1 1.21.2.1 RELENG_5_0 1.16.2.2 RELENG_4_8 1.10.14.1 RELENG_4_7 1.10.12.1 RELENG_4_6 1.10.10.1 RELENG_4_5 1.10.8.1 RELENG_4_4 1.10.6.1 RELENG_4_3 1.10.4.1 RELENG_3 1.8.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Nt6YFdaIBMps37IRAtuMAJ4r2aUyHWiYDuUvrVyRlh0n7mF6FQCgmDiw GOMr9asJmVzpRozE11KvtaE= =cLnc -----END PGP SIGNATURE----- From owner-freebsd-announce@FreeBSD.ORG Tue Aug 12 10:42:39 2003 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 06EE837B401 for ; Tue, 12 Aug 2003 10:42:39 -0700 (PDT) Received: from beastie.mckusick.com (beastie.mckusick.com [209.31.233.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B0E643FB1 for ; Tue, 12 Aug 2003 10:42:38 -0700 (PDT) (envelope-from mckusick@beastie.mckusick.com) Received: from beastie.mckusick.com (localhost [127.0.0.1]) by beastie.mckusick.com (8.12.8/8.12.3) with ESMTP id h7CHgbol024684 for ; Tue, 12 Aug 2003 10:42:37 -0700 (PDT) (envelope-from mckusick@beastie.mckusick.com) Message-Id: <200308121742.h7CHgbol024684@beastie.mckusick.com> To: freebsd-announce@freebsd.org X-URL: http://WWW.McKusick.COM/ Date: Tue, 12 Aug 2003 10:42:37 -0700 From: Kirk McKusick X-Mailman-Approved-At: Tue, 12 Aug 2003 14:00:09 -0700 Subject: [FreeBSD-Announce] BSDCon Early Registration Deadline Aug 15th X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Kirk McKusick List-Id: Project Announcements [moderated] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 17:42:39 -0000 The August 15th early registration discount deadline for BSDCon is rapidly approaching. If the BSD community wants to continue having our own event, we need to support it by showing up. So, please go to http://www.usenix.org/events/bsdcon03/ and register. Kirk McKusick From owner-freebsd-announce@FreeBSD.ORG Tue Aug 12 15:37:50 2003 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F3B837B401; Tue, 12 Aug 2003 15:37:50 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A18843F93; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7CMbmUp086996; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7CMbmjV086994; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) Date: Tue, 12 Aug 2003 15:37:48 -0700 (PDT) Message-Id: <200308122237.h7CMbmjV086994@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:09.signal [REVISED] X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Project Announcements [moderated] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:37:51 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:09.signal Security Advisory The FreeBSD Project Topic: Insufficient range checking of signal numbers Category: core Module: sys Announced: 2003-08-10 Affects: All releases of FreeBSD up to and including 4.8-RELEASE-p1, 5.1-RELEASE (but see `Impact' below) FreeBSD 4-STABLE prior to the correction date Corrected: 2003-08-10 23:09:28 UTC (RELENG_4) 2003-08-10 23:14:08 UTC (RELENG_5_1) 2003-08-10 23:17:48 UTC (RELENG_5_0) 2003-08-10 23:19:35 UTC (RELENG_4_8) 2003-08-11 10:14:38 UTC (RELENG_4_7) 2003-08-11 10:16:35 UTC (RELENG_4_6) 2003-08-12 20:23:24 UTC (RELENG_4_5) 2003-08-12 20:23:51 UTC (RELENG_4_4) 2003-08-12 20:24:13 UTC (RELENG_4_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . 0. Revision History v1.0 2003-08-10 Initial release v1.1 2003-08-11 Updated correction details for RELENG_4_7, RELENG_4_6, RELENG_4_5, RELENG_4_4, RELENG_4_3 branches. Corrected an internal section reference. Corrected a source file path name. I. Background Signals are a UNIX mechanism for handling asynchronous events such as pressing the terminal interrupt key (e.g. Ctrl-C), job control, memory access violations, I/O completion, and many others. Each signal is assigned a positive number. There are a number of mechanisms by which a process may cause a signal to be sent, including using the kill(2) system call or registering with certain device drivers. II. Problem Description Some mechanisms for causing a signal to be sent did not properly validate the signal number, in some cases allowing the kernel to attempt to deliver a negative or out-of-range signal number. Such errors were present in the ptrace(2) system call and the `spigot' video capture device driver. The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE (4-STABLE dated Oct 26 04:34:41 2000 UTC). The `spigot' device driver (including the error) was introduced in FreeBSD 2.0.5. It has never been included in the kernel installed by default, nor in the GENERIC kernel configuration. Only systems with `device spigot' added to the kernel configuration are affected by this instance of the error. III. Impact In most cases, attempted delivery of a negative or out-of-range signal number will trigger an assertion failure and panic, thereby crashing the system. A malicious local user could use this vulnerability as a local denial-of-service attack. However, in FreeBSD 5.x, the assertion code is not present if the `INVARIANTS' kernel option is not used. In FreeBSD 5.0-RELEASE and 5.1-RELEASE, `INVARIANTS' is not enabled by default. In this configuration, a malicious local user could use this vulnerability to modify kernel memory, potentially leading to complete system compromise. (FreeBSD 4.x is not vulnerable in this way.) IV. Workaround There is no workaround for the local denial-of-service attack. The more severe impact, present only in FreeBSD 5.x systems, can be avoided by uncommenting or adding the `INVARIANTS' line to your kernel configuration: options INVARIANTS #Enable calls of extra sanity checking Recompile your kernel as described in and reboot the system. NOTE WELL: This workaround is only for FreeBSD 5.x systems. This workaround does not eliminate the possibility of a local denial-of-service attack. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p2), RELENG_4_7 (4.7-RELEASE-p12), or RELENG_5_1 (5.1-RELEASE-p1) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 5.1-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch.asc [FreeBSD 5.0-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch.asc [FreeBSD 4.8-RELEASE, 4.8-STABLE, 4.7-STABLE dated Jan 2 20:39:13 2003 UTC or later] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch.asc [FreeBSD 4.3-RELEASE through 4.7-RELEASE, 4.7-STABLE dated before Jan 2 20:39:13 2003 UTC] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- src/sys/UPDATING RELENG_5_1 1.251.2.2 RELENG_5_0 1.229.2.15 RELENG_4_8 1.73.2.80.2.4 RELENG_4_7 1.73.2.74.2.15 RELENG_4_6 1.73.2.68.2.43 RELENG_4_5 1.73.2.50.2.45 RELENG_4_4 1.73.2.43.2.46 RELENG_4_3 1.73.2.28.2.33 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.3 RELENG_5_0 1.48.2.10 RELENG_4_8 1.44.2.29.2.3 RELENG_4_7 1.44.2.26.2.14 RELENG_4_6 1.44.2.23.2.32 RELENG_4_5 1.44.2.20.2.29 RELENG_4_4 1.44.2.17.2.37 RELENG_4_3 1.44.2.14.2.23 src/sys/i386/isa/spigot.c RELENG_4 1.44.2.1 RELENG_5_1 1.58.2.1 RELENG_5_0 1.55.2.1 RELENG_4_8 1.44.14.1 RELENG_4_7 1.44.12.1 RELENG_4_6 1.44.10.1 RELENG_4_5 1.44.8.1 RELENG_4_4 1.44.6.1 RELENG_4_3 1.44.4.1 src/sys/kern/sys_process.c RELENG_4 1.51.2.7 RELENG_5_1 1.108.2.1 RELENG_5_0 1.104.2.1 RELENG_4_8 1.51.2.6.2.1 RELENG_4_7 1.51.2.4.2.2 RELENG_4_6 1.51.2.3.4.2 RELENG_4_5 1.51.2.3.2.2 RELENG_4_4 1.51.2.1.4.3 RELENG_4_3 1.51.2.1.2.3 src/sys/kern/kern_sig.c RELENG_5_1 1.239.2.1 RELENG_5_0 1.197.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OVDMFdaIBMps37IRAsaBAJ4zAzw4sDcu2oc/M7iiXfLQzg8WogCeNqeF Di+jeJfFrpGAh+/JxUAW/60= =qXMR -----END PGP SIGNATURE----- From owner-freebsd-announce@FreeBSD.ORG Sat Aug 16 02:46:24 2003 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6D73937B401 for ; Sat, 16 Aug 2003 02:46:24 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-107-97.dsl.lsan03.pacbell.net [64.169.107.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7F80A43FCB for ; Sat, 16 Aug 2003 02:46:21 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 87CBC66D7A for ; Sat, 16 Aug 2003 02:46:19 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 9B3F5807; Sat, 16 Aug 2003 02:46:19 -0700 (PDT) Date: Sat, 16 Aug 2003 02:46:19 -0700 From: Kris Kennaway To: announce@FreeBSD.org Message-ID: <20030816094619.GA35274@rot13.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="r5Pyd7+fXNt84Ff3" Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Mailman-Approved-At: Sat, 16 Aug 2003 02:55:57 -0700 Subject: [FreeBSD-Announce] Ports scheduled for removal on Nov 7 X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Project Announcements [moderated] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Aug 2003 09:46:24 -0000 --r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Dear FreeBSD users, The following ports are scheduled for removal on November 7 if they are still broken at that time and no PRs have been submitted to fix them. If you are interested in saving these ports, please send your patches to the maintainer. If the maintainer is unresponsive or the port has no maintainer, then please submit them via send-pr. As usual, the build error logs can be obtained from http://bento.freebsd.org Kris #-*- mode: makefile; tab-width: 32; -*- # ex:ts=32 # astro/sscalc sscalc-1.0 kew@icehouse.net audio/csound-manual csound-manual-4.10 trevor@FreeBSD.org audio/net-rhythmbox net-rhythmbox-0.4.8_2 hendrik@scholz.net audio/spiralsynthbaby spiralsynthbaby-0.0.2 trevor@FreeBSD.org benchmarks/iozone iozone-3.172 jmz@FreeBSD.org biology/emboss emboss-2.4.1_1 wjv@FreeBSD.org cad/gwave gwave-20020122 dmlb@dmlb.org chinese/chitex zh-chitex-6.1.2p7.8_1 statue@freebsd.sinica.edu.tw chinese/dictd zh-tw-dictd-1.8.0_1 ports@FreeBSD.org chinese/dictd-database zh-dictd-database-1.4 statue@freebsd.sinica.edu.tw comms/bayonne bayonne-0.5.3_1 ports@FreeBSD.org comms/vpb2 vpb2-2.0.3 dyfet@gnu.org databases/firebird firebird-1.0.2 chris@aims.com.au databases/firebird-devel firebird-1.0.r2 chris@aims.com.au databases/grass grass-5.0.0_1,1 reg@FreeBSD.org devel/asis asis-3.14p thomas@cuivre.fr.eu.org devel/doxygen doxygen-1.3.1 kde@freebsd.org devel/veepee veepee-1.0_2 ports@FreeBSD.org devel/whups whups-0.0.1.020303 thierry@pompo.net devel/yacl yacl-1.7b ports@freebsd.org emulators/its its-1.0 kstailey@yahoo.com emulators/linux_base-6 linux_base-6.1_5 ports@FreeBSD.org emulators/xpinmame xpinmame-sdl-0.37b14.2+0.99b3 stijn@win.tue.nl french/spip fr-SPIP-1.5 gioria@FreeBSD.org ftp/moxftp moxftp-2.2 ports@FreeBSD.org games/myth2_demo linux-myth2_demo-1.3 trevor@FreeBSD.org games/pythoong pythoong-0.99 ports@FreeBSD.org games/rollemup rollemup-1.0 sanpei@FreeBSD.org games/xpuyo xpuyo-0.1 nakai@FreeBSD.org graphics/imlib3d imlib3d-0.8.0_1 ports@FreeBSD.org graphics/opendx-samples opendx-samples-4.2.0 ports@FreeBSD.org graphics/vterrain-sdk vterrain-sdk-010829 ports@FreeBSD.org korean/hlatex-mffonts-wansung ko-HLaTeX-mffonts-wansung-0.98 cjh@FreeBSD.org korean/imhangul_status_applet ko-imhangul_status_applet-0.2 cjh@FreeBSD.org lang/ETHOberonV4 ETHOberonV4-0.9 jhicks@glenatl.glenayre.com lang/cli cli-20021101 sobomax@FreeBSD.org lang/cyclone cyclone-0.2 ports@FreeBSD.org lang/dylan dylan-2.3.10 housel@acm.org lang/gcl gcl-2.4.0 twp@unchi.org lang/sr sr-2.3.1 ports@FreeBSD.org lang/visualworks visualworks-5i.4 js@jeannot.org mail/courier courier-0.39.3 yds@CoolRat.org mail/youbin youbin-3.4 max@FreeBSD.org math/rascal rascal-0.3.2_1 ports@FreeBSD.org math/ruby-math3d ruby-math3d-0.03 knu@FreeBSD.org misc/heyu heyu-1.33 plambert@plambert.net misc/libh libh-0.2.2 anarcat@anarcat.dyndns.org multimedia/xine_d4d_plugin xine_d4d_plugin-0.3.2 gibbon@cocoa.freemail.ne.jp multimedia/xine_d5d_plugin xine_d5d_plugin-0.2.7_1 nobutaka@FreeBSD.org net/linphone linphone-0.11.0_2 ports@FreeBSD.org net/pixilate pixilate-0.4 bvi-ports@moria.org net/v6eval v6eval-2.1.1 Yukiyo.Akisada@jp.yokogawa.com net/xbone XBone-2.0 yushunwa@isi.edu print/pdflib4 pdflib-4.0.3_1 sysadmin@alexdupre.com russian/pgp.language ru-pgp-2.6.3ia ache@FreeBSD.org security/hashish hashish-0.4b ports@FreeBSD.org textproc/latte latte-1.1 nc-rotherdo@netcologne.de textproc/p5-XML-Sablotron p5-XML-Sablotron-0.98 skv@FreeBSD.org textproc/tei-xsl-fo tei-xsl-fo-1.0_1 henrik.motakef@web.de textproc/tei-xsl-html tei-xsl-html-1.0_2 henrik.motakef@web.de vietnamese/vnterm vi-vnterm-3.4 obrien@FreeBSD.org www/beonex beonex-0.8.1 trevor@FreeBSD.org www/cgihtml cgihtml-1.69_1 roam@FreeBSD.org www/cl-lml cl-lml-2.3.4 henrik.motakef@web.de www/gn gn-2.24 ports@FreeBSD.org www/http-analyze http-analyze-2.01_2 todd@thisisa.com www/p5-Apache-Filter p5-Apache-Filter-1.022 ports@freebsd.org www/rt2 rt2-2.0.15 ports@FreeBSD.org www/sarg sarg-1.4.1 mt@primats.org.ua x11-toolkits/fox-xunicode fox-0.99.174_1 ports@FreeBSD.org x11-toolkits/geramik geramik-0.24 haesu@TowardEX.com x11/twin twin-0.4.6 samy@kerneled.com --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Pf1qWry0BWjoQKURAmxCAKCNNYpIeKV5g6mdiIjWHBBB5ZuS5wCbBWU5 9Y0PXfgfXCsGONb1GI8/iUY= =SmKc -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3--