From owner-freebsd-security Thu Mar 13 9:16:52 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8626A37B404 for ; Thu, 13 Mar 2003 09:16:49 -0800 (PST) Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5C0A843FBD for ; Thu, 13 Mar 2003 09:16:48 -0800 (PST) (envelope-from bmah@employees.org) Received: from bmah.dyndns.org (12-240-204-110.client.attbi.com[12.240.204.110]) by rwcrmhc51.attbi.com (rwcrmhc51) with ESMTP id <2003031317164705100djh1le>; Thu, 13 Mar 2003 17:16:47 +0000 Received: from intruder.bmah.org (localhost [127.0.0.1]) by bmah.dyndns.org (8.12.8/8.12.8) with ESMTP id h2DHGlWp019504; Thu, 13 Mar 2003 09:16:47 -0800 (PST) (envelope-from bmah@intruder.bmah.org) Received: (from bmah@localhost) by intruder.bmah.org (8.12.8/8.12.8/Submit) id h2DHGlYa019503; Thu, 13 Mar 2003 09:16:47 -0800 (PST) Date: Thu, 13 Mar 2003 09:16:47 -0800 From: "Bruce A. Mah" To: D J Hawkey Jr Cc: security at FreeBSD Subject: Re: SA-03:02.openssl for RELENG_4_6_2 vs. RELENG_4_5 Message-ID: <20030313171647.GA19381@intruder.bmah.org> References: <20030313080852.A30434@sheol.localdomain> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N" Content-Disposition: inline In-Reply-To: <20030313080852.A30434@sheol.localdomain> User-Agent: Mutt/1.4i X-Image-Url: http://www.employees.org/~bmah/Images/bmah-cisco-small.gif X-url: http://www.employees.org/~bmah/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --fUYQa+Pmc3FrFX/N Content-Type: text/plain; charset=us-ascii Content-Disposition: inline If memory serves me right, D J Hawkey Jr wrote: > OK. So as I go about cvsup'ing along the RELENG_4_5 tree, at p13, the > source is upgraded to OpenSSL 0.9.6e. At p18, it got an ASN.1 patch. So > did RELENG_4_6, at p10. Both RELENGs continued to get the same patches > until RELENG_4_5 support was dropped. So, up through RELENG_4_6_2 p7 > (p8 is SA-03:02), the two RELENGs had the same OpenSSL trees, right? Probably. In theory, just because the version numbers are the same doesn't mean that there weren't minor tweaks. I think this is pretty unlikely, however. [1] Any reason you can't just check out copies of src/contrib/openssl for the RELENG_4_5 and RELENG_4_6 branches and diff them? If the only deltas are version numbers, you're probably safe. Bruce. [1] This statement is based only on my own recollections of OpenSSL imports and upgrades around this time. You could look to see if I documented any changes in the release notes or errata, but I don't remember doing anything like this. --fUYQa+Pmc3FrFX/N Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+cLz+2MoxcVugUsMRAjGQAKD39yn7UPzwwAXHbCkPNcqRP8UHJACdEy6b f1R2gjMQhVJFTg2vDXSO/JU= =UE8Q -----END PGP SIGNATURE----- --fUYQa+Pmc3FrFX/N-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message