From owner-announce-jp@jp.FreeBSD.org Wed Aug 13 17:22:11 2003
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id h7D8MBX01343;
	Wed, 13 Aug 2003 17:22:11 +0900 (JST)
	(envelope-from owner-announce-jp@jp.FreeBSD.org)
Message-Id: <20030813.163026.32096761.rushani@jp.FreeBSD.org>
To: announce-jp@jp.FreeBSD.org
From: Hideyuki KURASHINA <rushani@jp.FreeBSD.org>
In-Reply-To: <200308122237.h7CMbmjV086994@freefall.freebsd.org>
References: <200308122237.h7CMbmjV086994@freefall.freebsd.org>
X-PGP-Public-Key: http://www.bl.mmtr.or.jp/~rushani/rushani.asc
X-PGP-Fingerprint: A052 6F98 6146 6FE3 91E2  DA6B F2FA 2088 439A DC57
X-URL: http://www.bl.mmtr.or.jp/~rushani/
X-Mailer: Mew version 4.0.58 on Emacs 21.2 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
X-ML-maintainer: owner-announce-jp@jp.FreeBSD.org
Precedence: list
Date: Wed, 13 Aug 2003 16:30:26 +0900
X-Sequence: announce-jp 1163
Subject: Re: ANNOUNCE: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:09.signal [REVISED]
Sender: owner-announce-jp@jp.FreeBSD.org
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+030802



FreeBSD $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG(B
=============================================================================
FreeBSD-SA-03:09.signal (2003-08-10)
 * Insufficient range checking of signal numbers
=============================================================================

 $B$3$N%a!<%k$O(B, announce-jp $B$KN.$l$?(B

  Subject: ANNOUNCE: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-03:09.signal [REVISED]
  From: FreeBSD Security Advisories <security-advisories@freebsd.org>
  Date: Tue, 12 Aug 2003 15:37:48 -0700 (PDT)
  Message-Id: <200308122237.h7CMbmjV086994@freefall.freebsd.org>
  X-Sequence: announce-jp 1162

 $B$rF|K\8lLu$7$?$b$N$G$9!#(B

 $B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,!"$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s!#(B
 $B=$@5%Q%C%AEy$NFbMF$,2~$6$s$5$l$F$$$J$$$3$H$r8!>Z$9$k$?$a$K(B PGP $B=pL>$N(B
 $B%A%'%C%/$r9T$J$&$K$O!"86J8$r;2>H$7$F$/$@$5$$!#(B

 $BF|K\8lLu$*$h$S%_%i!<%5%$%HMxMQ$N>\:Y$K$D$$$F$O!"J8Kv$N!V(BA. FreeBSD
 $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG$K$D$$$F!W$r$4Mw$/$@$5$$!#(B


                                 [$BK]Lu<T(B: $BARIJ(B $B1Q9T(B <rushani@jp.FreeBSD.org>]
--($B$3$3$+$i(B)
=============================================================================
FreeBSD-SA-03:09.signal                                     Security Advisory
                                                          The FreeBSD Project

$B%H%T%C%/(B:       $B%7%0%J%kHV9f$NHO0O%A%'%C%/$,IT==J,$G$"$kLdBj(B
                (Insufficient range checking of signal numbers)

$BJ,N`(B:           core
$B%b%8%e!<%k(B:     sys
$B9pCNF|(B:         2003-08-10
$B1F6AHO0O(B:       5.1-RELEASE $B$*$h$S(B 4.8-RELEASE-p1 $B$r4^$`!"(B
                $B$9$Y$F$N(B FreeBSD $B%j%j!<%9(B
                $B=$@5F|0JA0$N(B FreeBSD 4-STABLE
                $BCp(B: 5.1-RELEASE $B$K4X$7$F$O2<5-$N!V1F6AHO0O!W$r$4Mw$/$@$5$$(B
$B=$@5F|(B:         2003-08-10 23:09:28 UTC (RELENG_4)
                2003-08-10 23:14:08 UTC (RELENG_5_1)
                2003-08-10 23:17:48 UTC (RELENG_5_0)
                2003-08-10 23:19:35 UTC (RELENG_4_8)
                2003-08-11 10:14:38 UTC (RELENG_4_7)
                2003-08-11 10:16:35 UTC (RELENG_4_6)
                2003-08-12 20:23:24 UTC (RELENG_4_5)
                2003-08-12 20:23:51 UTC (RELENG_4_4)
                2003-08-12 20:24:13 UTC (RELENG_4_3)
FreeBSD $B8GM-$+(B: YES

$B>e5-$N3F9`L\!"%;%-%e%j%F%#%V%i%s%A!"2<5-$N3F@a$K4X$9$k>\:Y$J$I!"(B
FreeBSD $B%;%-%e%j%F%#4+9p$K$D$$$F$N0lHLE*$J>pJs$O!"(B
<URL:http://www.freebsd.org/security/> $B$r$4Mw$/$@$5$$!#(B

0.   $B2~D{MzNr(B - Revision History

v1.0  2003-08-10  $B=iHG8x3+(B
v1.1  2003-08-11  RELENG_4_7, RELENG_4_6, RELENG_4_5, RELENG_4_4,
                  RELENG_4_3 $B%V%i%s%A$N>pJs$r99?7!#(B
                  $B@a$NFbIt;2>H$ND{@5$H!"%=!<%9%U%!%$%k$N%Q%9L>$ND{@5!#(B

I.   $BGX7J(B - Background

$B%7%0%J%k$O!"C<Kv$+$i$N3d$j9~$_%-!<(B ($B$?$H$($P(B Ctrl-C) $B$NF~NO!"%8%g%V@)8f!"(B
$B%a%b%j%"%/%;%90cH?!"(BI/O $B40N;DLCN$J$I$NHsF14|%$%Y%s%H$r07$&(B UNIX $B%7%9%F%`$N(B
$B5!9=$G$9!#3F%7%0%J%k$K$O@5$NHV9f$,3d$jEv$F$i$l$F$$$^$9!#%W%m%;%9$+$i(B
$BAw=P%7%0%J%k$rH/@8$9$k$?$a$N5!9=$K$O!"(Bkill(2) $B%7%9%F%`%3!<%k$N;HMQ$d!"(B
$BFCDj$N%G%P%$%9%I%i%$%P$NEPO?$J$I!"$5$^$6$^$J$b$N$,$"$j$^$9!#(B

II.  $BLdBj$N>\:Y(B - Problem Description

$BAw=P$9$k%7%0%J%k$rH/@8$9$k5!9=$K$O!"E,@Z$K%7%0%J%kHV9f$r8!>Z$7$F$$$J$$(B
$B$b$N$,$"$j$^$9!#$=$N$?$a!"$"$k>r7o2<$G$O!"%+!<%M%k$,Ii!"$^$?$OHO0O30$N(B
$BHV9f$r;}$C$?%7%0%J%k$rG[Aw$7$F$7$^$$$^$9!#$3$N$h$&$J8m$j$,H/8+$5$l$?$N$O!"(B
ptrace(2) $B%7%9%F%`%3!<%k$*$h$S!"(Bspigot $B%S%G%*%-%c%W%A%c%G%P%$%9%I%i%$%P$G$9!#(B

ptrace(2) $B%7%9%F%`%3!<%k$N8m$j$,F3F~$5$l$?$N$O!"(BFreeBSD 4.2-RELEASE
(Oct 26 04:34:41 2000 UTC $B;~E@$N(B 4-STABLE) $B$G$9!#(B

($B8m$j$,4^$^$l$F$$$k(B) spigot $B%G%P%$%9%I%i%$%P$O(B FreeBSD 2.0.5 $B$G(B
$BF3F~$5$l$^$7$?!#$3$N%I%i%$%P$O%G%U%)%k%H$G%$%s%9%H!<%k$5$l$k%+!<%M%k$K(B
$B4^$^$l$?$3$H$O0lEY$b$J$/!"(BGENERIC $B%+!<%M%k%3%s%U%#%0%U%!%$%k$K$b(B
$B4^$^$l$F$$$^$;$s!#$7$?$,$C$F!"(B`device spigot' $B$rL@<(E*$K%+!<%M%k$KDI2C$7$?(B
$B%7%9%F%`$K8B$j!"1F6A$,$"$j$^$9!#(B

III. $B1F6AHO0O(B - Impact

$BIi$^$?$OHO0O30$N%7%0%J%kHV9f$rG[Aw$7$h$&$H$9$k$H!"$[$H$s$I$N>l9g$O(B
$B6-3&%A%'%C%/$N=hM}$K<:GT$7$F%Q%K%C%/$,H/@8$7!"%7%9%F%`$,(B
$B%/%i%C%7%e$7$^$9!#0-0U$N$"$k%m!<%+%k%f!<%6$,$3$N$<$$<e@-$r(B
$B0-MQ$7$F%m!<%+%k$+$i$N%5!<%S%9K832967b$r$7$+$1$k$3$H$,2DG=$G$9!#(B

$B$7$+$7$J$,$i!"(BFreeBSD 5.x $B%7%9%F%`$G$O!"(BINVARIANTS $B%+!<%M%k%*%W%7%g%s$,(B
$B;XDj$5$l$F$$$J$$$H6-3&%A%'%C%/%3!<%I$,B8:_$7$^$;$s!#(BFreeBSD 5.0-RELEASE
$B$*$h$S(B 5.1-RELEASE $B$N%G%U%)%k%H$G$O!"(BINVARIANTS $B%*%W%7%g%s$,L58z$K(B
$B$J$C$F$$$^$9!#$3$N@_Dj$G$O!"0-0U$N$"$k%m!<%+%k%f!<%6$,$3$N$<$$<e@-$r0-MQ$7$F(B
$B%+!<%M%k%a%b%j$r2~JQ$7!"%7%9%F%`$NIT@5;HMQ$K$D$J$,$k2DG=@-$,(B
$B$"$j$^$9(B (FreeBSD 4.x $B$K$O!"$3$N<j8}$K$h$k4m81@-$O$"$j$^$;$s(B)$B!#(B

IV.  $B2sHrJ}K!(B - Workaround

$B%m!<%+%k$+$i$N%5!<%S%9K832967b$r2sHr$9$kJ}K!$O$"$j$^$;$s!#(B

FreeBSD 5.x $B%7%9%F%`$N$_$KB8:_$9$k?<9o$J1F6A$K$D$$$F$O!"%+!<%M%k(B
$B%3%s%U%#%0%U%!%$%k$K(B

  options       INVARIANTS              #Enable calls of extra sanity checking

$B$H$$$&9T$rDI2C$9$k$+!"%3%a%s%H%"%&%H$5$l$F$$$k>l9g$O%3%a%s%H5-9f$r(B
$B:o=|$9$k$3$H$G!"LdBj$r2sHr$9$k$3$H$,2DG=$G$9!#(B

<URL:http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html>
$B$K5-:\$5$l$F$$$k<j=g$G%+!<%M%k$r:F9=C[$7!"%7%9%F%`$r:F5/F0$7$^$9!#(B

$BCp(B: $B$3$N2sHrJ}K!$O(B FreeBSD 5.x $B%7%9%F%`$G$N$_M-8z$G$9!#$?$@$7(B
    $B$3$NJ}K!$G$b!"%m!<%+%k$+$i$N%5!<%S%9K832967b$rIT2DG=$K$9$k$3$H$O(B
    $B$G$-$^$;$s!#(B

V.   $B2r7h:v(B - Solution

($BLuCm(B: $B<!$N$$$:$l$+0l$D$K=>$C$F$/$@$5$$!#(B)

1) $B<eE@$r;}$C$?(B FreeBSD $B%7%9%F%`$r!":G?7$N(B 4.8-STABLE $B$+!"(B
   $B$b$7$/$O=$@5F|0J9_$N(B RELENG_5_1 (5.1-RELEASE-p1), RELENG_4_8
   (4.8-RELEASE-p2), RELENG_4_7 (4.7-RELEASE-p12)
   $B%;%-%e%j%F%#%V%i%s%A$N$$$:$l$+$K%"%C%W%0%l!<%I$9$k!#(B

2) $B8=:_$N%7%9%F%`$K=$@5%Q%C%A$rE,MQ$9$k!#(B

a) $B0J2<$N>l=j$+$i=$@5%Q%C%A$r%@%&%s%m!<%I$7!"(BPGP $B%f!<%F%#%j%F%#$r;H$C$F(B
   PGP $B=pL>$r8!>Z$7$^$9!#(B

[FreeBSD 5.1-RELEASE]

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch.asc

[FreeBSD 5.0-RELEASE]

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch.asc

[FreeBSD 4.8-RELEASE, 4.8-STABLE,
 Jan 2 20:39:13 2003 UTC $B0J9_$N(B 4.7-STABLE]

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch.asc

[FreeBSD 4.3-RELEASE $B$+$i(B 4.7-RELEASE,
 Jan 2 20:39:13 2003 UTC $B0JA0$N(B 4.7-STABLE]

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch.asc

b) $B=$@5%Q%C%A$rE,MQ$7$^$9!#(B

# cd /usr/src
# patch < /path/to/patch

($BLuCm(B: /path/to/patch $B$NItJ,$O=$@5%Q%C%A$N%Q%9L>$KCV$-49$($F$/$@$5$$(B)

c) <URL:http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html>
   $B$K5-:\$5$l$F$$$k<j=g$G%+!<%M%k$r:F9=C[$7!"%7%9%F%`$r:F5/F0$7$^$9!#(B

VI.  $B=$@5$N>\:Y(B - Correction details

FreeBSD $B$K$*$$$F:#2s=$@5$5$l$?3F%U%!%$%k$N%j%S%8%g%sHV9f$O!"0J2<$N$H$*$j$G$9!#(B

$B%V%i%s%A(B                                                         $B%j%S%8%g%s(B
  $B%Q%9L>(B
- -------------------------------------------------------------------------
src/sys/UPDATING
  RELENG_5_1                                                    1.251.2.2
  RELENG_5_0                                                   1.229.2.15
  RELENG_4_8                                                1.73.2.80.2.4
  RELENG_4_7                                               1.73.2.74.2.15
  RELENG_4_6                                               1.73.2.68.2.43
  RELENG_4_5                                               1.73.2.50.2.45
  RELENG_4_4                                               1.73.2.43.2.46
  RELENG_4_3                                               1.73.2.28.2.33
src/sys/conf/newvers.sh
  RELENG_5_1                                                     1.50.2.3
  RELENG_5_0                                                    1.48.2.10
  RELENG_4_8                                                1.44.2.29.2.3
  RELENG_4_7                                               1.44.2.26.2.14
  RELENG_4_6                                               1.44.2.23.2.32
  RELENG_4_5                                               1.44.2.20.2.29
  RELENG_4_4                                               1.44.2.17.2.37
  RELENG_4_3                                               1.44.2.14.2.23
src/sys/i386/isa/spigot.c
  RELENG_4                                                       1.44.2.1
  RELENG_5_1                                                     1.58.2.1
  RELENG_5_0                                                     1.55.2.1
  RELENG_4_8                                                    1.44.14.1
  RELENG_4_7                                                    1.44.12.1
  RELENG_4_6                                                    1.44.10.1
  RELENG_4_5                                                     1.44.8.1
  RELENG_4_4                                                     1.44.6.1
  RELENG_4_3                                                     1.44.4.1
src/sys/kern/sys_process.c
  RELENG_4                                                       1.51.2.7
  RELENG_5_1                                                    1.108.2.1
  RELENG_5_0                                                    1.104.2.1
  RELENG_4_8                                                 1.51.2.6.2.1
  RELENG_4_7                                                 1.51.2.4.2.2
  RELENG_4_6                                                 1.51.2.3.4.2
  RELENG_4_5                                                 1.51.2.3.2.2
  RELENG_4_4                                                 1.51.2.1.4.3
  RELENG_4_3                                                 1.51.2.1.2.3
src/sys/kern/kern_sig.c
  RELENG_5_1                                                    1.239.2.1
  RELENG_5_0                                                    1.197.2.1
- -------------------------------------------------------------------------

A.   FreeBSD $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG$K$D$$$F(B

$BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B (doc-jp) $B$,(B
$B;29M$N$?$a$KDs6!$9$k$b$N$G$9!#2a5n$NF|K\8lHG%;%-%e%j%F%#4+9p$O(B

 http://www.FreeBSD.org/ja/security/

$B$K$^$H$a$i$l$F$$$^$9!#(B

$B$?$@$7K]Lu<T$*$h$S(B doc-jp $B$O!"$=$NFbMF$K$D$$$F$$$+$J$kJ]>Z$b(B
$B$$$?$7$^$;$s$N$G$4Cm0U$/$@$5$$!#F|K\8lLu$K$D$$$F$N$40U8+!"$4MWK>!"(B
$B$*Ld$$9g$o$;Ey$O(B doc-jp@jp.FreeBSD.org $B$^$G$*4j$$$7$^$9!#(B

$B$3$N4+9p$NCf$G>R2p$5$l$F$$$k(B WWW $B%5%$%H(B http://www.FreeBSD.org/ $B$*$h$S(B
FTP $B%5%$%H(B ftp://ftp.FreeBSD.org/ $B$K$O(B, $BF|K\$N%_%i!<%5%$%H$,B8:_$7$^$9!#(B
$B%M%C%H%o!<%/$N:.;($r4KOB$9$k$?$a!"$^$:$O%_%i!<%5%$%H$NMxMQ$r(B
$B9MN8$9$k$h$&$*4j$$$7$^$9!#(B

$BF|K\$N%_%i!<%5%$%H$rMxMQ$9$k$K$O!"(B
http://www.FreeBSD.org/ $B$r(B http://www.jp.FreeBSD.org/www.FreeBSD.org/ $B$K!"(B
ftp://ftp.FreeBSD.org/ $B$r(B ftp://ftp.jp.FreeBSD.org/ $B$K!"(B
$B$=$l$>$lCV$-49$($F$/$@$5$$!#(B

$BB>$NCO0h$r4^$`%_%i!<%5%$%H$K4X$9$k>\:Y$O(B

 http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html ($B1QJ8(B)
 http://www.FreeBSD.org/doc/ja_JP.eucJP/books/handbook/mirrors.html ($BF|K\8lLu(B)

$B$K$^$H$a$i$l$F$$$^$9!#(B
