FreeBSD Security Advisory FreeBSD-SA-14:19.tcp
R. Scott Evans
freebsd-security at rsle.net
Tue Sep 16 17:25:36 UTC 2014
On 09/16/14 12:42, Zoran Kolic wrote:
>> The advisory solution offers 3 options... freebsd-update is the binary
>> approach (option #3) that provides you a new updated generic kernel
>> already compiled. If you aren't using a generic kernel or want to patch
>> and recompile your own, then you would use the option #2.
>
> Hm! I use custom kernel. Here is what I did using
> freebsd-update:
> I fetched and installed. Then I recompiled the kernel.
> Did I miss the security patch doing this?
>
> Zoran
Unfortunately, I don't think your custom kernel got the patch.
In your case you will want to follow option 2 with:
"
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch
# fetch http://security.FreeBSD.org/patches/SA-14:19/tcp.patch.asc
# gpg --verify tcp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
http://www.FreeBSD.org/handbook/kernelconfig.html and reboot the
system.
"
-scott
More information about the freebsd-security
mailing list