FreeBSD libedit ".editrc" from Current Directory Vulnerability

FreeBSD libedit ".editrc" from Current Directory Vulnerability

Solution:
One of the following:

1) Upgrade your vulnerable system to a version dated after the correction date.

2) Download the patch:

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

Apply the patch and rebuild as follows:

# cd /usr/src/lib/libedit
# patch -p < libedit.patch

and rebuild your system as described in http://www.freebsd.org/handbook/makeworld.html

FreeBSD FreeBSD 3.0

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

FreeBSD FreeBSD 3.1

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

FreeBSD FreeBSD 3.2

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

FreeBSD FreeBSD 3.3

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

FreeBSD FreeBSD 3.4

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch

FreeBSD FreeBSD 4.0

FreeBSD SA-00:24 libedit patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-00:24/libedit.patch