Date: Wed, 31 Mar 2021 05:21:10 +1100 From: Dewayne Geraghty <dewayne@heuristicsystems.com.au> To: freebsd-stable@freebsd.org Subject: Re: possibly silly question regarding freebsd-update Message-ID: <124b5ec0-96c5-cbd9-0eaa-4bcdb6ddc6ae@heuristicsystems.com.au> In-Reply-To: <YGMpE5uWvRy8Xdql@cloud.zyxst.net> References: <YGMpE5uWvRy8Xdql@cloud.zyxst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 31/03/2021 12:35 am, tech-lists wrote: > Hi, > > Recently there was > https://lists.freebsd.org/pipermail/freebsd-security/2021-March/010380.html > about openssl. Upgraded to 12.2-p5 with freebsd-update and rebooted. > > What I'm unsure about is the openssl version. > Up-to-date 12.1-p5 instances report OpenSSL 1.1.1h-freebsd 22 Sep 2020 > > Up-to-date stable/13-n245043-7590d7800c4 reports OpenSSL 1.1.1k-freebsd > 25 Mar 2021 > > shouldn't the 12.2-p5 be reporting openssl 1.1.1k-freebsd as well? > > thanks, I think you'll find your answer by comparing the changes between release 12.2-p5 and stable 12.2 below: https://cgit.freebsd.org/src/commit/?h=releng/12.2&id=af61348d61f51a88b438d41c3c91b56b2b65ed9b with https://cgit.freebsd.org/src/commit/?h=stable/12&id=18d07050e60ecc738556f0de56e34817303371a4 stable 12.2 has the full upgrade to openssl 1.1.1k, while release 12.2-p5 addresses the specific vulnerability(s). Regards, Dewayne PS cgit I'm told is the source of truth :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?124b5ec0-96c5-cbd9-0eaa-4bcdb6ddc6ae>