Date: Tue, 30 Mar 2021 07:25:08 -0700 From: Brian <brian@brianwhalen.net> To: freebsd-stable@freebsd.org Subject: Re: possibly silly question regarding freebsd-update Message-ID: <5537a65a-fbf6-1355-394f-0f1ac4f19895@brianwhalen.net> In-Reply-To: <087d6a71-ad83-0769-4b8e-2514416f35b0@denninger.net> References: <YGMpE5uWvRy8Xdql@cloud.zyxst.net> <6c3da6ff-d102-b2d9-5433-4dac4116d27f@osfux.nl> <YGMyYHETm0FPCyZs@geeks.org> <087d6a71-ad83-0769-4b8e-2514416f35b0@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
freebsd-update fetch and freebsd-update install?? Brian On 3/30/2021 7:18 AM, Karl Denninger wrote: > > On 3/30/2021 10:14, Doug McIntyre wrote: >> Like the patch referenced in the SA. >> https://security.FreeBSD.org/patches/SA-21:07/openssl-12.patch >> >> Again, it seems like confusion over what happens in RELEASE, STABLE and > CURRENT.. >> >> >> >> On Tue, Mar 30, 2021 at 04:05:32PM +0200, Ruben via freebsd-stable >> wrote: >>> Hi, >>> >>> Did you mean 12.1-p5 or 12.2-p5 ? I'm asking because you refer to both >>> 12.1-p5 and 12.2-p5 (typo?). >>> >>> If you meant 12.2-p5: Perhaps the FreeBSD security team did not bump >>> the >>> version, but "only" backported the patches to version 1.1.1h ? >>> >>> Regards, >>> >>> Ruben >>> >>> >>> On 3/30/21 3:35 PM, tech-lists wrote: >>>> Hi, >>>> >>>> Recently there was >>>> https://lists.freebsd.org/pipermail/freebsd-security/2021-March/010380.html >>>> >>>> about openssl. Upgraded to 12.2-p5 with freebsd-update and rebooted. >>>> >>>> What I'm unsure about is the openssl version. >>>> Up-to-date 12.1-p5 instances report OpenSSL 1.1.1h-freebsd 22 Sep 2020 >>>> >>>> Up-to-date stable/13-n245043-7590d7800c4 reports OpenSSL >>>> 1.1.1k-freebsd >>>> 25 Mar 2021 >>>> >>>> shouldn't the 12.2-p5 be reporting openssl 1.1.1k-freebsd as well? >>>> >>>> thanks, >>> _ > > Ok, except.... > > # uname -v > FreeBSD 12.2-RELEASE-p4 GENERIC > > # openssl version > OpenSSL 1.1.1h-freebsdĀ 22 Sep 2020 > # freebsd-update fetch > Looking up update.FreeBSD.org mirrors... 3 mirrors found. > Fetching metadata signature for 12.2-RELEASE from > update4.freebsd.org... done. > Fetching metadata index... done. > Fetching 2 metadata patches.. done. > Applying metadata patches... done. > Fetching 2 metadata files... done. > Inspecting system... done. > Preparing to download files... done. > > No updates needed to update system to 12.2-RELEASE-p5. > > So if you're running RELEASE then /security patches /don't get > backported? > > And you CAN'T upgrade to 12.2-STABLE via freebsd-update: > > # freebsd-update -r 12.2-STABLE upgrade > Looking up update.FreeBSD.org mirrors... 3 mirrors found. > Fetching metadata signature for 12.2-RELEASE from > update1.freebsd.org... done. > Fetching metadata index... done. > Inspecting system... done. > > The following components of FreeBSD seem to be installed: > kernel/generic src/src world/base world/doc world/lib32 > > The following components of FreeBSD do not seem to be installed: > kernel/generic-dbg world/base-dbg world/lib32-dbg > > Does this look reasonable (y/n)? y > > Fetching metadata signature for 12.2-STABLE from > update1.freebsd.org... failed. > Fetching metadata signature for 12.2-STABLE from > update2.freebsd.org... failed. > Fetching metadata signature for 12.2-STABLE from > update4.freebsd.org... failed. > No mirrors remaining, giving up. > > This may be because upgrading from this platform (amd64) > or release (12.2-STABLE) is unsupported by freebsd-update. Only > platforms with Tier 1 support can be upgraded by freebsd-update. > See https://www.freebsd.org/platforms/index.html for more info. > > If unsupported, FreeBSD must be upgraded by source. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5537a65a-fbf6-1355-394f-0f1ac4f19895>