similar to: Heads up: End of RELENG_4_8 support

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:12.jailroute Security Advisory The FreeBSD Project Topic: Jailed processes can manipulate host routing tables Category: core Module: kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

On the advisory about the realpath problem it says that it was corrected: RELENG_4_8 src/UPDATING 1.73.2.80.2.3 src/lib/libc/stdlib/realpath.c 1.9.14.1 src/sys/conf/newvers.sh 1.44.2.29.2.2 I ran cvsup and when I look at my src/lib/libc/stdlib/realpath.c I see

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05

Hello, I am very new to FreeBSD and just installed 4.8 release. I want to upgrade this to stable. I have printed some of the pages out for makeworld and CVSUP, I am wondering what the best method for doing the updates are, downloading the individual packages and installing or using the CVSUP to do this? Currently I used mostly Red Hat Linux but have wanted to give this a try for some time

In the next month or two I've got to upgrade a number of servers that are currently on an EOL'd version of 4-STABLE. I foresee that I'll have very limited time to do full OS upgrades on these systems in the coming several years, so I want to make sure I bring them onto an extended-life branch. Right now 4.11 has the furthest projected EOL date (Jan 31 2007), and the projected EOL

Read the documentation on the meaning of the various 4.X tags, and am not sure what is meant by this: "The release branch for FreeBSD-4.6 and FreeBSD-4.6.2, used only for security advisories and other seriously critical fixes." Similar descriptions are used for the other RELENG_4_X tags. If I specify RELENG_4 will cvsup also include RELENG_4_3 to RELENG_4_8? Sorry folks - I'm

Hello Everyone, In light of the longer-than-expected window between 6.2-RELEASE and 6.2-RELEASE, the End-of-Life date for FreeBSD 6.2 has been adjusted from January 31st, 2008 to May 31st, 2008. As a result, FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 will all cease to be supported at the end of May 2008. FreeBSD users should plan on upgrading to either FreeBSD 6.3 or FreeBSD 7.0 once those have

Hello Everyone, In light of the longer-than-expected window between 6.2-RELEASE and 6.2-RELEASE, the End-of-Life date for FreeBSD 6.2 has been adjusted from January 31st, 2008 to May 31st, 2008. As a result, FreeBSD 5.5, FreeBSD 6.1, and FreeBSD 6.2 will all cease to be supported at the end of May 2008. FreeBSD users should plan on upgrading to either FreeBSD 6.3 or FreeBSD 7.0 once those have

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:01.telnet Security Advisory The FreeBSD Project Topic: telnet client buffer overflows Category: contrib Module: contrib/telnet Announced:

The FreeBSD Security Officer would normally be sending out this email, but he's a bit busy right now and it is clear from reactions to FreeBSD Security Advisory FreeBSD-SA-04:04.tcp that many people are unaware of the current status of the RELENG_5_1 branch, so I'm going to send out this reminder myself. The branches supported by the FreeBSD Security Officer have been updated to reflect

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:25.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in firewire(4) Category: core Module: sys_dev Announced:

Hi, I am missing the advisory for openssl at ftp://ftp.freebsd.org/CERT/ Background: For long time i used the the quickpatch utility at my workstation to notify me about issues and *how* to fix it. With the web based advisory this is not possible since the .asc file contains only the pgp signature (no more details). Regards, olli

Well, I *tried* to CC: freebsd-security... I'm forwarding this to get around the "posting from wrong address" filter. -------- Original Message -------- Subject: Re: FW:FreeBSD hiding security stuff Date: Fri, 04 Mar 2005 04:42:48 -0800 From: Colin Percival <cperciva@freebsd.org> To: Jonathan Weiss <tomonage2@gmx.de> CC: freebsd-security@freebsd.org, FreeBSD-Hackers

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:01.texindex Security Advisory The FreeBSD Project Topic: Texindex temporary file privilege escalation Category: contrib Module: texinfo

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:12 Security Advisory FreeBSD, Inc. Topic: OpenSSH buffer management error Category: core, ports Module: openssh, ports_openssh,

I've built RELENG_4 isos no problem, is there a trick to building the RELENG_4_8 isos? I am building the 'miniinst' disk - that is, with the release, docs, and a port tree, but no ports. This is so I can do a fresh install without having to update the world... I am using a script that looks like this... #!/bin/sh rm -rf /usr/obj cd /usr/src make -DNOCLEAN world kernel cd

CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this

Here's another project for us. We'll want to upgrade to 6.3-RELEASE in May. On Wed, Apr 2, 2008 at 7:00 AM, <freebsd-security-request@freebsd.org> wrote: > Send freebsd-security mailing list submissions to > freebsd-security@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit >

Hi guys, Does anybody know if freebsd-update is going to be available for 6.1-RELEASE before the end of Colin's "summer of FreeBSD work"? I wouldn't like to bother Colin directly via e-mail, so if anyone already asked for this or something.... Thanx, regards -- Pietro Cerutti <pietro.cerutti@gmail.com>