SGI IRIX Freeware

Overview

Our Contribution

We have configured and built these packages so that, to the best of our knowledge, they run correctly on IRIX 6.5. We also repackaged these software products so that they can be easily installed using either inst or SoftwareManager (swmgr). In essence, this is merely a redistribution of software that you can download from other sources and build by yourself. The full, original, source code is included wherever possible, although it is not installed by default. To install the full source under /usr/freeware/src/, click on Customize in swmgr. The source is also available online.

Unless otherwise noted in the detailed descriptions, the software is installed into /usr/freeware to distinguish it from previous versions you may have installed directly from the authors. In some cases, system or configuration files in other locations may be affected, see the detailed descriptions in this distribution for details.

We've built these open source packages so that they run on IRIX 6.5 and upwards. Packages are compiled n32/mips3 wherever possible. In very few cases, compilation is o32/mips2.

Contacting our volunteers

If you have any questions, requests, complaints, bugs to report, please feel free to contact us at freeware@sgi.com.

If possible, please try to distinguish between SGI specific problems (e.g. in the packaging or configuration) and problems in the original source. The latter should be best handled by reporting them to the original authors or maintainers of the software.

The Future

For a variety of reasons the authors and/or SGI may decide to discontinue distributing one or more of these packages. It is more likely, however, that we will all try to bring many more packages to you in future distributions. If there's a package you would like to see as part of this distribution, please feel free to send us email.

As described in the May 2001 "Dear Valued Customer" letter, IRIX 6.2 is in legacy support mode, and will follow the same retirement and expiration schedule as IRIX 6.3 and IRIX 6.4. SGI's official policy is that we will not to build any more packages for IRIX 6.2, and that includes the freeware distribution. Beginning with the August 2001 release all updates and new packages will be built for IRIX 6.5 only. Unchanged packages will still work on IRIX 6.2 and higher. This was a tough decision to make knowing how many "hobbyist" users there are out there. But it was the right decision for the times we are facing now.

Changing your Search Path

By default the search path used by your system will not include the /usr/freeware directories. We have provided a tool called fixpath which can be used to modify the files in your local environment controlling these paths. To use the tool, open a shell window and type: /usr/freeware/bin/fixpath.

Downloading/Installing the Packages

For the freeware.sgi.com web download and install pages to work, you need to have root access. Note that the packages are also available for download via FTP. If your downloader doesn't support auto-install like Netscape Navigator does you have a couple choices:

  • Save the distribution to disk and invoke tardist manually on the downloaded file as root.
  • Save the distribution to disk, use tar to unpack the .tardist files, and run swmgr as root.
  • Download the unpacked inst images from the cd-[1234]/Dist directories an invoke swmgr as root.
See the Freeware Selections Files web page for more hints.

Latest versions

The most up-to-date version of SGI Open Source distribution is on the web at: freeware.sgi.com. If you got this distribution from a CD or elsewhere, there's probably a newer version available on freeware.sgi.com.

Naturally, there's always some package that we're missing, and often we know of someone that does a good job of maintaining various packages, so we also have a list of pointers to More Freeware. If your favorite package is still not listed, Please send us email!

Security Note

From time to time people discover security vulnerabilities in open source software. While SGI cannot be responsible for software we neither write nor support, when permitted we do distribute the full source and patches we built from for audit, review, and possible correction and improvement. We generally submit all local patches and enhancements to the package maintainers, but they are not always accepted into the official source.

At the time of this writing we are aware of vulnerabilities in previously released versions of the software listed below. This should not be interpreted as a complete list, just what we know about. If you are aware of any security problems in the current freeware distribution please let us know. Please see our Security Headquarters web site for details on IRIX (not freeware) security issues. The SANS Security Digests cover a wider range of programs.

To aid system administrators in keeping up to date with security fixes a fw_common.sw.security_fixes subsystem has been created. It contains no files (so you can remove it if you wish), but it will cause conflicts in the Software Manager if any of packages below are installed on your system.

  • analog (builds through 1277895720, May 2002 are vulnerable)
  • apache (builds through 1278325120, November 2002 are vulnerable)
  • apache2 (builds through 1278987120, May 2003 are vulnerable)
  • balsa (builds through 1278325420, May 2003 are vulnerable)
  • bind (the current build, 1237252320, is vulnerable)
  • bind9 (builds through 1237252320, May 2002 are vulnerable)
  • cvs (builds through 1277897520, February 2003 are vulnerable)
  • cdrtools (builds through 1278985420, May 2003 are vulnerable)
  • cups (builds through 1278985420, May 2003 are vulnerable)
  • diffutils (builds through 1234713120, May 2002 are vulnerable)
  • elm (builds through 1236141820, November 2001 are vulnerable)
  • enlightenment (builds through 1236612820, August 2001 are vulnerable)
  • enscript (builds through 1234900820, February 2002 are vulnerable)
  • ethereal (the current build, 1279203720, is vulnerable)
  • evolution (the current build, 1278772620, is vulnerable)
  • exim (builds through 1235311220, February 2002 are vulnerable)
  • exmh (builds through 1235291420, May 2002 are vulnerable)
  • expect (the current build, 1235284320, is vulnerable)
  • fetchmail (builds through 1278325520, November 2002 are vulnerable)
  • ggv (the current build, 1277691120, is vulnerable)
  • ghostscript (the current build, 1278773620, is vulnerable)
  • gnuplot (builds through 1236805620, November 2001 are vulnerable)
  • groff (builds through 1277897820, February 2002 are vulnerable)
  • htdig (builds through 1237252520, February 2002 are vulnerable)
  • html2ps (builds through 1235275220, November 2002 are vulnerable)
  • hylafax (builds through 1236330720, May 2002 are vulnerable)
  • imap/pop (builds through 1237034120, November 2001 are vulnerable)
  • joe (the current build, 1235308920, is vulnerable)
  • kdebase (the current build, 1235320620, is vulnerable)
  • kdelibs (the current build, 1235310620, is vulnerable)
  • libpng (builds through 1278554220, February 2003 are vulnerable)
  • libz (the current build, 1278119120, is vulnerable)
  • licq (builds through 1237252620, February 2002 are vulnerable)
  • lynx (builds through 1277685020, February 2003 are vulnerable)
  • mm (builds through 1278327120, November 2002 are vulnerable)
  • mod_ssl (the current build, 1278774120, is vulnerable)
  • mozilla (builds through 1278327220, August 2002 are vulnerable)
  • mutt (builds through 1278119020, May 2003 are vulnerable)
  • mysql (builds through 1278774220, May 2003 are vulnerable)
  • ncurses (builds through 1236163220, February 2002 are vulnerable)
  • nedit (builds through 1237252620, November 2002 are vulnerable)
  • nmh (builds through 1235673420, February 2001 are vulnerable)
  • ntop (builds through 1235673420, February 2002 are vulnerable)
  • ntp (builds through 1235308920, May 2001 are vulnerable)
  • openssl (builds through 1278555020, February 2003 are vulnerable)
  • openssh (builds through 1278119020, May 2002 are vulnerable)
  • PAM (the current build, 1278984820, is vulnerable)
  • perl (the current build, 1278327420, is vulnerable)
  • php (the current build, 1278984820, is vulnerable)
  • pine (builds through 1278118920, November 2002 are vulnerable)
  • proftpd (builds through 1277458520, November 2001 are vulnerable)
  • python (the current build, 1236150620, is vulnerable)
  • python2 (the current build, 1278119420, is vulnerable)
  • qpopper (discontinued package; please use the fw_imap)
  • rsync (builds through 1236805720, February 2002 are vulnerable)
  • rxvt (the current build, 1278118820, is vulnerable)
  • samba (the current build, 202080101, is vulnerable)
  • screen (builds through 1236112120, August 2000 are vulnerable)
  • setiathome (builds through 1237257220, May 2003 are vulnerable)
  • seyon (no requests for update have been submitted; no fix planned)
  • snort (the current build, 1278982920, is vulnerable)
  • socks5 (builds through 1235493620, November 2001 are vulnerable)
  • squid (builds through 1236328820, May 2002 are vulnerable)
  • sudo (builds through 1278118720, May 2002 are vulnerable)
  • tar (builds through 1278327420, August 2002 are vulnerable)
  • tcpdump (builds through 1278118720, May 2003 are vulnerable)
  • tcsh (builds through 1237034220, February 2002 are vulnerable)
  • tightvnc (builds through 1278327620, February 2003 are vulnerable)
  • tripwire (the current build, 1235493520, is vulnerable)
  • unzip (the current build, 1279205420, is vulnerable)
  • vim (builds through 1278118720, February 2003 are vulnerable)
  • windowmaker (builds through 1277686520, February 2003 are vulnerable)
  • wu-ftpd (the current build, 1277900420, is vulnerable)
  • xchat (builds through 1277686620, August 2002 are vulnerable)
  • xemacs (builds through 1236615220, May 2001 are vulnerable)
  • xpdf (builds through 1278982620, May 2003 are vulnerable)

This list was last updated on July 1, 2003.

Disclaimers

This is free software with open source. Absolutely no warranties.

Feedback to freeware@sgi.com is welcome.