Date: Sat, 18 Feb 2023 18:28:50 -0800 From: Mark Millard <marklmi@yahoo.com> To: void <void@f-m.fm> Cc: freebsd-arm@freebsd.org Subject: Re: freebsd-update confusion Message-ID: <6429E063-2B5F-4426-9885-EE81493CF0FA@yahoo.com> In-Reply-To: <Y/F2yyAi4ddgHZfp@int21h> References: <Y/FI9NAuioJVU0WB@int21h> <Y/FNJkXgYgXwWTMy@mail.bsd4all.net> <Y/FZ7A1Uzd4y602A@int21h> <FF4E1AA5-ADC9-4478-A56B-297884D731FC@yahoo.com> <Y/F2yyAi4ddgHZfp@int21h>
next in thread | previous in thread | raw e-mail | index | archive | help
On Feb 18, 2023, at 17:09, void <void@f-m.fm> wrote: > On Sat, Feb 18, 2023 at 04:04:20PM -0800, Mark Millard wrote: >=20 >> Same point for 13.1-RELEASE-p7 here: >> OpenSSL 1.1.1o was patched to remove the problems. That does >> not produce 1.1.1t as a result. >=20 > ok - so I'm understanding from what you're saying is that > (in this case) 13.1R is following openssl 1.1.1o branch >=20 > ok I wasn't aware it was tied in this way. >=20 >> The output of the openssl command likely is just as upstream >> has defined it, it not being directly a FreeBSD thing. The >> patches to the openssl source were likely also from upstream. >=20 > I still find it counterintuitive though that after being patched, = openssl version still returns 3 May 2022 and not the patch date. --=20 >=20 Actually, looking at history, there is an example from the past that updated the date (for 1.1.1k) after the actual changes had been committed: = https://cgit.freebsd.org/src/commit/crypto/openssl/include/openssl/openssl= v.h?h=3Dreleng/13.1&id=3D9d31ae318711825d3a6ffa544d197708905435cf shows: Fix multiple OpenSSL vulnerabilities. Approved by: so Security: SA-21:16.openssl Security: CVE-2021-3711 = Security: CVE-2021-3712 (cherry picked from commit = be158ffe54dcc4a633652685afc5e37894e10ea0)=20 Diffstat (limited to 'crypto/openssl/include/openssl/opensslv.h') -rw-r--r-- crypto/openssl/include/openssl/opensslv.h 2 1 files changed, 1 insertions, 1 deletions diff --git a/crypto/openssl/include/openssl/opensslv.h = b/crypto/openssl/include/openssl/opensslv.h index ec4a1123f131..328d0971c414 100644 --- a/crypto/openssl/include/openssl/opensslv.h +++ b/crypto/openssl/include/openssl/opensslv.h @@ -40,7 +40,7 @@ extern "C" { * major minor fix final patch/beta) */ # define OPENSSL_VERSION_NUMBER 0x101010bfL -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k-freebsd 25 Mar 2021" +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1k-freebsd 24 Aug 2021" /*- * The macros below are to be used for shared library (.so, .dll, ...) Looking at releng/13.0 history: = https://cgit.freebsd.org/src/commit/crypto/openssl?h=3Dreleng/13.0&id=3D22= 61c814b7fa4730f308b476eff1afb0dcdf35ec also got that change as part of the commit on that branch. So, may be the date in that part of the text is considered FreeBSD specific. (My wording has ignored when FreeBSD contributes material to opensll. So, sometimes specific changes might occur in FreeBSD first.) =3D=3D=3D Mark Millard marklmi at yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6429E063-2B5F-4426-9885-EE81493CF0FA>