netbsd-help: Re: CVS Question

Subject: Re: CVS Question
To: Jeff Flowers <jeffrey@jeffreyf.net>
From: Jeremy C. Reed <reed@reedmedia.net>
List: netbsd-help
Date: 05/13/2002 12:01:02

On Sun, 12 May 2002, Jeff Flowers wrote:

> I want to download the entire source for NetBSD 1.5.2, so that I can
> apply the five security fixes that are available for that version.

That can be a lot of work for what should be an easy process.

I have built a few binary security patches for 1.5.2.
I built patches to update lpd, sshd, and gzip.

Basically, my patch is a sh script that untars the binary files included
in it. It can back out changes and logs each install.

 # sh binary-update.NetBSD-1.5.2-i386-SA2001-018-lpd
 This is a binary update for NetBSD-1.5.2-i386-SA2001-018-lpd.
  NetBSD Security Advisory 2001-018
  Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon
  http://msgs.securepoint.com/cgi-bin/get/bugtraq0108/259.html
 usage: binary-update [-ifrvlw]
   -i   install (extract archive)
   -r   reverse changes
   -l   list files in archive
   -w   why? (reference information)

Jeff, let me know if you are interested in reviewing or testing these.

I sort of based this on BSD/OS mods. BSD/OS provides binary updates that
work pretty easily. Have a look at
http://www.bsdtoday.com/2001/February/Features422.html

   Jeremy C. Reed
   http://www.reedmedia.net/