Network Flight Recorder announces the release of the following patch: Patch Number Applies to Product ------------ ------------------ 2.0-p3 NFR Version 2.0.2 Research The REAMDE for the patch is included below. The patch is available as a patch file which can be applied to NFR Version 2.0.2 Research, and as a complete distribution. Both versions are available from http://www.nfr.net/downloads/ If you have questions about this or other patches, send e-mail to feedbackat_private -------- NFR Version 2.0 Patch 3 (nfr-2.0-p3-research.tar) Apply to: NFR Version 2.0.2 Research Recommended Uses: This security patch is recommended for all users of NFR Version 2.0.2. Applying This Patch: 1. Download the patch and place it in the following directory: ~nfr/nfr-2.0.2-research/nfr 2. Untar and apply the patch: % cd ~nfr/nfr-2.0.2-research/nfr % tar -xvf nfr-2.0-p3-research.tar % patch -p0 < patch2.0.3 3. Recompile NFR, using fixmake, make, and make install, as described in the "Getting Started Guide." The patch program on some versions of Solaris sometimes fails silently when applying patches. If the patch process does not work on your Solaris machine, download and install the complete distribution (nfr-2.0.2-research-src.tar.Z). Contents: This patch is distributed as a tar file, which contains these files: README.PATCH this file patch2.0.3 the patch file Fixes: - webd: Buffer overruns in the Web server have been fixed. This fix addresses a problem recently discussed on the NFR users mailing list. Because buffer overruns can be used to bypass the security of software systems, NFR recommends installing this patch to improve the security of your NFR system. - webd: The Web server now does a better job at reading all input. This fix addresses a problem, discussed on the NFR users mailing list, in which certain browsers on certain operating systems did not receive all of the data from the Web server. - alertd: The alert system no longer creates a storm of forked process when a remote NFR system has lots of alerts queued and cannot contact the central NFR system. While this code is not exercised in the research version of the NFR software, the fix is included in this patch to the research version to maintain consistency in common sections of the code base. Deborah -- Deborah Greenberg Lidl Network Flight Recorder Director of Communications and Product Management dglat_private Phone: 1.301.765.7945 http://www.nfr.net Fax: 1.301.765.7946
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:12 PDT