From owner-freebsd-announce@FreeBSD.ORG Wed May 14 00:00:02 2014 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A006C252; Wed, 14 May 2014 00:00:02 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 829942C70; Wed, 14 May 2014 00:00:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.8/8.14.8) with ESMTP id s4E002fs029935; Wed, 14 May 2014 00:00:02 GMT (envelope-from security-advisories@freebsd.org) Received: (from delphij@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s4E002J0029933; Wed, 14 May 2014 00:00:02 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 14 May 2014 00:00:02 GMT Message-Id: <201405140000.s4E002J0029933@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: delphij set sender to security-advisories@freebsd.org using -f From: FreeBSD Errata Notices To: FreeBSD Errata Notices Reply-To: freebsd-stable@freebsd.org Precedence: bulk Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:04.kldxref X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.18 List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 00:00:02 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-14:04.kldxref Errata Notice The FreeBSD Project Topic: Build repeatability for kldxref(8) Category: core Module: kldxref Announced: 2014-05-13 Credits: Jilles Tjoelker Affects: All versions of FreeBSD prior to 10.0-RELEASE. Corrected: 2014-05-13 23:35:29 UTC (stable/8, 8.4-STABLE) 2014-05-13 23:24:32 UTC (releng/8.4, 8.4-RELEASE-p10) 2013-12-23 22:38:41 UTC (stable/9, 9.2-STABLE) 2014-05-13 23:24:14 UTC (releng/9.2, 9.2-RELEASE-p6) 2014-05-13 23:24:14 UTC (releng/9.1, 9.1-RELEASE-p13) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The kldxref utility is used to generate hint files which list modules, their version numbers, and the files that contain them. These hints are used by the kernel loader to determine where to find a particular KLD module. II. Problem Description Previous versions of kldxref(8) do not use an ordered list of files when generating the hints file. The result of kldxref(8) is equivalent but not the same if file system layout have been changed. III. Impact The generated hint files can be different across different builds, making unnecessary downloads for binary patch files. IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your present system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/EN-14:04/kldxref.patch # fetch http://security.FreeBSD.org/patches/EN-14:04/kldxref.patch.asc # gpg --verify kldxref.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . 3) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r265990 releng/8.4/ r265989 stable/9/ r259799 releng/9.1/ r265988 releng/9.2/ r265988 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this Errata Notice is available at http://security.FreeBSD.org/advisories/FreeBSD-EN-14:04.kldxref.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTcq5IAAoJEO1n7NZdz2rnmPgP/iPAKX2lIGwRXkrYFbNPEBSz +Tehkgw/ReNG0iaAJql/p0LrxyGUoCwE2rpTJxxC8KB9X8Eq74DhjSNpdYaE12E2 YFMyIyAb1b6wqU34Q7DsR9oPhqIcb9yET2dEg+s5NVSWfC7AMWdvvaJjjxtLgG4L M9yksDAKs3AJOHEVEtluy7Do8A5W/6b5SHXENbG+AUUBtwnDBKcs9riXic/TQ1WB vJzHwAJVznQ03bnxqjuG+gZoej6xUHusX+ih87ioKiJrcZ/5szq2C6LIUnRnAA66 6b/szBJ3gRBweOKeopESIcZfwaLCd53EX9/r9vqAfXK6+3uqoIXzkZCyzo+cgSwa +88SmZ3/4dao24JPoLbVupIyU0CJjmoLsV9jVCrC/fbkUFTxq7Cgbxeai3rmrpXC p11FXPJd4cOgwuQYUw3rowtoq8z8Wn3PI073SzwT2OZg4SgXRUn+FzGpMWwqbWoa 1idQ9KSM/pFkoa7bdK5S7mYtp7jU9HQeiTXZYYF1S3URr2XpE1vyUFVOuDJpGkkW KIT/hdy02wGzPPGjQoFkSR2KpUmJr2zHhVSUdt7a8vvYhbZBR21sBIUNKSoWkYtC 2CQXF4pFBHO/i79RiEU+2E1CKWpsqoHnvnKNRq3Bp54aaU9xa4YcRwRJ7lj9RALm +igNrZJMo3yw3gs89uGp =W4to -----END PGP SIGNATURE-----