From owner-freebsd-security@FreeBSD.ORG Thu Jun 5 20:41:22 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C23001A0 for ; Thu, 5 Jun 2014 20:41:22 +0000 (UTC) Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5ACB12751 for ; Thu, 5 Jun 2014 20:41:22 +0000 (UTC) Received: by mail-wg0-f41.google.com with SMTP id z12so1804701wgg.12 for ; Thu, 05 Jun 2014 13:41:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=ckh9JOygdazbZ9o9Sa9FwlmKGZWbkzGed54vAxtCWjg=; b=f/+Azltd/suBzUFgojMzCwFhBBqiZzNt2mJfGshXpZSjp+ciGtVdGlsJq141NuPLBe RcMCQb94SKZY1qFjJ8Vo/5qmVWA/TFjaeMfPda96HsytWjY0jGdbZxSsw7OBo+fZOs2n EjuzbPKcz81QRcgOnLP/1JZnYd4giU7m8PvJpnUQhDTGZVwckqwZ8PJC5LJwSnEn22Gh SB3JsmpfTmhgXGMBRg/aEkfuF+/HG4JbPZJmQ8tyJrxz2kp22d2fsUiXp8CVp04jpE+X Xib9WhR5jat1S7eiKmPEhkq/9zpB3nmxJTvbmzdeqdsAXV35oCSbHvFLxubyOa7KY6Kw gjQw== X-Received: by 10.180.12.238 with SMTP id b14mr1745575wic.16.1402000880647; Thu, 05 Jun 2014 13:41:20 -0700 (PDT) Received: from gumby.homeunix.com (4e5670b2.skybroadband.com. [78.86.112.178]) by mx.google.com with ESMTPSA id cz8sm9451687wjc.11.2014.06.05.13.41.19 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Thu, 05 Jun 2014 13:41:20 -0700 (PDT) Date: Thu, 5 Jun 2014 21:41:15 +0100 From: RW To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:14.openssl Message-ID: <20140605214115.3797b3ee@gumby.homeunix.com> In-Reply-To: <5390CF26.2050401@rsle.net> References: <201406051316.s55DGtwI041948@freefall.freebsd.org> <5390BA3F.5060202@rsle.net> <44ha3zfb36.fsf@lowell-desk.lan> <5390CF26.2050401@rsle.net> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.22; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2014 20:41:22 -0000 On Thu, 05 Jun 2014 16:12:22 -0400 R. Scott Evans wrote: > On 06/05/14 14:46, Lowell Gilbert wrote: > > "R. Scott Evans" writes: > > > >> After updating via the binary patch method with freebsd-update, > >> uname still reports 9.2-RELEASE-p7 even after reboot. An > >> additional freebsd-update after this initial update however does > >> not report anything new to update (aside from the ongoing > >> persistent /boot/kernel/linker.hints). > > > > Makes sense. The kernel doesn't use SSL internally. > > I would agree except the advisory says this problem is corrected in > 9.2-RELEASE-p8. Likewise, the freebsd-update explicitly says "The > following files will be updated as part of updating to > 9.2-RELEASE-p8". The version is recorded in the kernel; freebsd-update doesn't update the kernel just to update the version.