Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 322
  • Last Modified:

FreeBSD-SA-01:55 Patching has errors on 4.1-RELEASE??

guys,

Can anybody pls help me with this?
Patching this on 4.1-RELEASE has errors...!  as shown below.
 
>>1 out of 2 hunks failed--saving rejects to sys/miscfs/procfs/procfs_mem.c.rej
>>1 out of 3 hunks failed--saving rejects to sys/miscfs/procfs/procfs_vnops.c.rej
 
The security advisory says that:
This patch has been verified to apply to FreeBSD 4.3-RELEASE and
4.2-RELEASE
 
What about us on 4.1-RELEASE??
How do I get this patch to work... pls advice.
 
Thanks
 
=========================================================

FreeBSD-SA-01:55
Topic: procfs vulnerability leaks set[ug]id process memory

###########################################################
hostname# cd /usr/src
hostname# patch -p < /usr/home/sysman/procfs.patch
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/i386/linux/linprocfs/linprocfs_vnops.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/i386/linux/linprocfs/Attic/linprocfs_vnops.c,v
|retrieving revision 1.3.2.4
|retrieving revision 1.3.2.5
|diff -u -r1.3.2.4 -r1.3.2.5
|--- sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/06/25 19:46:47     1.3.2.4
|+++ sys/i386/linux/linprocfs/linprocfs_vnops.c 2001/08/12 14:29:19     1.3.2.5
--------------------------
Patching file sys/i386/linux/linprocfs/linprocfs_vnops.c using Plan A...
Hunk #1 succeeded at 62 (offset -2 lines).
Hunk #2 succeeded at 140 (offset -2 lines).
Hunk #3 succeeded at 459 (offset 6 lines).
Hunk #4 succeeded at 519 with fuzz 1 (offset -9 lines).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs.h
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs.h,v
|retrieving revision 1.32.2.1
|retrieving revision 1.32.2.2
|diff -u -r1.32.2.1 -r1.32.2.2
|--- sys/miscfs/procfs/procfs.h 2000/11/01 20:19:48     1.32.2.1
|+++ sys/miscfs/procfs/procfs.h 2001/08/12 14:29:19     1.32.2.2
--------------------------
Patching file sys/miscfs/procfs/procfs.h using Plan A...
Hunk #1 succeeded at 88.
Hunk #2 succeeded at 138 (offset -7 lines).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs_mem.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs_mem.c,v
|retrieving revision 1.46.2.1
|retrieving revision 1.46.2.2
|diff -u -r1.46.2.1 -r1.46.2.2
|--- sys/miscfs/procfs/procfs_mem.c     2000/11/01 20:19:48     1.46.2.1
|+++ sys/miscfs/procfs/procfs_mem.c     2001/08/12 14:29:19     1.46.2.2
--------------------------
Patching file sys/miscfs/procfs/procfs_mem.c using Plan A...
Hunk #1 failed at 244.
Hunk #2 succeeded at 281.
1 out of 2 hunks failed--saving rejects to sys/miscfs/procfs/procfs_mem.c.rej
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--------------------------
|Index: sys/miscfs/procfs/procfs_vnops.c
|===================================================================
|RCS file: /usr2/ncvs/src/sys/miscfs/procfs/Attic/procfs_vnops.c,v
|retrieving revision 1.76.2.4
|retrieving revision 1.76.2.5
|diff -u -r1.76.2.4 -r1.76.2.5
|--- sys/miscfs/procfs/procfs_vnops.c   2001/08/04 13:12:24     1.76.2.4
|+++ sys/miscfs/procfs/procfs_vnops.c   2001/08/12 14:29:19     1.76.2.5
--------------------------
Patching file sys/miscfs/procfs/procfs_vnops.c using Plan A...
Hunk #1 failed at 148.
Hunk #2 succeeded at 476.
Hunk #3 succeeded at 551.
1 out of 3 hunks failed--saving rejects to sys/miscfs/procfs/procfs_vnops.c.rej
done
0
thiamwah
Asked:
thiamwah
  • 2
1 Solution
 
jlevieCommented:
I suspect finxing this problem on 4.1 might be more effort than you'd want to go to. You''d need to analyze the patch to determine the intent of the changes and examine the 4.1 code to figure out how to make those changes to it. Personally, I'd upgrade the system to 4.3 and then track STABLE with cvsup. Assuming of course that you don't have some application the will only run on 4.1.
0
 
thiamwahAuthor Commented:
hi jlevie,

I am a bit paranoid about having to CVSUp the whole source and recompiling them because I tried on a
Pentium Celeron with 64 MB ram, and it tooks hours to even download the whole source. And I read comments
that it will take another 3.5 hours to recompile the sources. YIKES! :)

Compiling kernels is OK to me but compiling the whole source tree.. !

My production machines are all DELL Dual Pentium 3 CPUs with 512 MB RAM. I wonder how would they fare
? How do I minimize the chances that anything would go wrong inn your experience of cvsuping sources
on a prod machine?

Are they any links in your recommendation that I can refer to for this topic? Pls advice!

Thanks a million
0
 
jlevieCommented:
See you other question for a reply.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now