From owner-FreeBSD-users-jp@jp.freebsd.org Wed Nov 27 06:52:46 1996 Received: from sramhc.sra.co.jp (root@sramhc [133.137.20.31]) by sran230.sra.co.jp (8.6.12+2.4W3/3.4W-SRA-local) with ESMTP id GAA29448 for ; Wed, 27 Nov 1996 06:52:45 +0900 Received: from sranha.sra.co.jp (sranha.sra.co.jp [133.137.8.8]) by sramhc.sra.co.jp (8.6.12/3.4W-SRA-local) with ESMTP id GAA04190; Wed, 27 Nov 1996 06:55:35 +0900 Received: from sraigw.sra.co.jp (sraigw-hub [133.137.8.14]) by sranha.sra.co.jp (8.6.13/3.4W-sranha) with ESMTP id GAA11390; Wed, 27 Nov 1996 06:53:29 +0900 Received: from tora.eccosys.com by sraigw.sra.co.jp (8.6.13/3.4W-sraigw) id GAA21200; Wed, 27 Nov 1996 06:55:19 +0900 Received: from jaz.jp.freebsd.org (jaz.jp.freebsd.org [133.11.70.162]) by tora.eccosys.com (8.7.5/8.6.9) with ESMTP id GAA12252; Wed, 27 Nov 1996 06:55:14 +0900 (JST) Received: by jaz.jp.freebsd.org (8.8.3+2.6Wbeta9/8.7.3) id GAA04670 Wed, 27 Nov 1996 06:53:22 +0900 (JST) Received: by jaz.jp.freebsd.org (8.8.3+2.6Wbeta9/8.7.3) with SMTP id GAA04665 for ; Wed, 27 Nov 1996 06:53:20 +0900 (JST) Received: from ccs02.sfc.keio.ac.jp by mail0.sfc.keio.ac.jp (5.67+1.6W/2.7W) id AA03434; Wed, 27 Nov 96 06:53:18 +0900 Received: by ccs02.sfc.keio.ac.jp (5.67+1.6W/6.4J.6-sfc0) id AA15490; Wed, 27 Nov 96 04:40:02 +0900 Message-Id: <9611261940.AA15490@ccs02.sfc.keio.ac.jp> To: freebsd-users-jp@jp.freebsd.org Date: Wed, 27 Nov 1996 04:38:31 +0900 From: Takaaki Nomura Reply-To: FreeBSD-users-jp@jp.freebsd.org X-Distribute: distribute [version 2.1 (Alpha) patchlevel=19] X-Sequence: FreeBSD-users-jp 6832 Subject: [FreeBSD-users-jp 6832] ["Jordan K. Hubbard": FreeBSD 2.1.6 replaced with point release (2.1.6.1)] Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org Sender: owner-FreeBSD-users-jp@jp.freebsd.org Status: R 野村@慶大です。 sendmail 8.8.3 に重大なセキュリティホールが見つかって、2.1.6.1 が出た ようです。:-( ------- Forwarded Message Received: from tora.eccosys.com by mail0.sfc.keio.ac.jp (5.67+1.6W/2.7W) id AA29021; Tue, 26 Nov 96 17:47:49 +0900 Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.18]) by tora.eccosys.com (8.7.5/8.6.9) with ESMTP id RAA09648; Tue, 26 Nov 1996 17:46:12 +0900 (JST) Received: from localhost (daemon@localhost) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id XAA18347; Mon, 25 Nov 1996 23:35:32 -0800 (PST) Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id WAA15692 for freebsd-announce-outgoing; Mon, 25 Nov 1996 22:58:33 -0800 (PST) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id WAA15687 for ; Mon, 25 Nov 1996 22:58:29 -0800 (PST) Received: from time.cdrom.com (localhost [127.0.0.1]) by time.cdrom.com (8.8.3/8.6.9) with ESMTP id WAA11173 for ; Mon, 25 Nov 1996 22:58:42 -0800 (PST) To: announce@FreeBSD.org Subject: FreeBSD 2.1.6 replaced with point release (2.1.6.1) Date: Mon, 25 Nov 1996 22:58:42 -0800 Message-Id: <11168.848991522@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-announce@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Following Murphy's law to the letter, a significant security hole in sendmail 8.8.3 was found just one day after 2.1.6 was rolled and put up on ftp.freebsd.org, requiring some sort of response before putting 2.1.6 onto CDROM. While investigating this, it was also decided to integrate a fairly simple fix for the SYN attack problem (less sophisticated than the one in FreeBSD 2.2-ALPHA) which provided effective protection without introducing any potential instabilities which would violate 2.1.6's stability charter. Several other more minor changes were made to make(1) and the bsd.port.mk file in order to more effectively support the 2.2.x ports collection on 2.1.x machines, should people desire this, but that's about it for 2.1.6 -> 2.1.6.1 changes. In order to prevent the mirror sites from murdering us in our sleep for wasting space (not to mention Walnut Creek CDROM, who has already printed up the covers saying "2.1.6" on them), the 2.1.6.1 release was also simply overlayed on top of the 2.1.6 release on ftp.freebsd.org and will be released on CD as 2.1.6 - if it makes it easier to understand, just pretend that the 2.1.6 I announced before was really 2.1.6-BETA. :-) If you look at our timeline, we're still ahead of our December deadline for 2.1.6 in either case. Please read the RELNOTES.TXT file in the 2.1.6-RELEASE directory for more details on what you should upgrade if you're already running 2.1.6 and don't want to reinstall. The 2.1.6.1 README.TXT file also reads "RELEASE Version +1" at the top for easy identification, and the uname(1) command prints out 2.1.6.1 as well, so you'll know if you're running the security patched version on an installed system. Apologies in advance for any confusion this causes, but I believe we chose the lesser of several possible evils, and at least now 2.1.6 will be going out without any clearly obvious security holes. Thanks! Jordan ------- End of Forwarded Message