Re: libz patch?

[patrick ~ <sidsrr@yahoo.com>]

Ahh!

I didn't even think about static-only archs.  In which
case the list seems to be longer than what you
proposed.  I'd imagine the complete list would be
every source-directory that shows up with the
following:

  cd /usr/src && find . -name Makefile | xargs grep
'\-lz'

eeek :-)

Thanks for the replies!
--patrick


--- Brad <brad@comstyle.com> wrote:

> On Wed, Sep 01, 2004 at 07:52:36AM +0200, Otto
> Moerbeek wrote:
> > On Tue, 31 Aug 2004, patrick ~ wrote:
> > 
> > > Greetings,
> > > 
> > > Just curious, I noticed the recent security
> > > announcement about libz patch:
> > > 
> > >
>
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/017_libz.patch
> > > 
> > > 
> > > The instructions say to do the following after
> > > applying the patch: ( cd /usr/src/lib/libz &&
> make obj
> > > depend && make && make install )
> > > 
> > > 
> > > This will (i imagine) build the libz.{a,so} and
> > > install them along with the header file(s) on
> the
> > > system.
> > > 
> > > But what about any other binaries/programs
> already
> > > built and linked (statically) with the faulty
> libz.a
> > > (read: libz prior to this patch)?
> > 
> > There are no programs in base  that are statically
> linked to 
> > libz.
> 
> Unless you happen to be stuck with a
> vax/mvme88k/hppa (static only) then
> recompile these base programs.
> 
> gnu/usr.bin/cvs
> libexec/spamd-setup
> usr.bin/compress
> usr.bin/grep
> usr.bin/ssh
> usr.sbin/ppp
> 
> // Brad
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com