From owner-freebsd-security Fri Jun 28 17:48:25 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 54DE237B400; Fri, 28 Jun 2002 17:48:17 -0700 (PDT) Received: from blue.gerhardt-it.com (gw.gerhardt-it.com [204.83.38.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6A9FF43E06; Fri, 28 Jun 2002 17:48:16 -0700 (PDT) (envelope-from scott@gerhardt-it.com) Received: from [192.168.100.111] (gw.gerhardt-it.com [204.83.38.103]) by blue.gerhardt-it.com (Postfix) with ESMTP id 0C06710024; Fri, 28 Jun 2002 18:48:15 -0600 (CST) User-Agent: Microsoft-Entourage/10.1.0.2006 Date: Fri, 28 Jun 2002 18:48:01 -0600 Subject: Patching sshd From: Scott Gerhardt To: FreeBSD , Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Trying to patch my system for fix this apparent sshd vulnerability. I tried patching my 4.5-Release box as outlined in #2 below with no luck. I keep getting the following error when executing the following command: # cd /usr/src/secure/usr.sbin/sshd # make depend && make all install make: don't know how to make login_access.c. Stop I don't want to rebuild the whole system. Suggestions welcome. _______________________________ Do one of the following: [For OpenSSH included in the base system] 1) Upgrade the vulnerable system to 4.4-RELEASEp9, 4.5-RELEASEp2, or 4.5-STABLE after the correction date and rebuild. 2) FreeBSD 4.x systems prior to the correction date: The following patch has been verified to apply to FreeBSD 4.4-RELEASE, 4.5-RELEASE, and 4.5-STABLE dated prior to the correction date. It may or may not apply to older, unsupported versions of FreeBSD. Download the patch and the detached PGP signature from the following locations, and verify the signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch.asc Execute the following commands as root: # cd /usr/src # patch < /path/to/sshd.patch # cd /usr/src/secure/lib/libssh # make depend && make all # cd /usr/src/secure/usr.sbin/sshd # make depend && make all install # cd /usr/src/secure/usr.bin/ssh # make depend && make all install __________________________________ -- Scott Gerhardt, P.Geo. Gerhardt Information Technologies [G-IT] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message