From owner-freebsd-security@FreeBSD.ORG Wed Dec 17 20:47:13 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 94142EB2; Wed, 17 Dec 2014 20:47:13 +0000 (UTC) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 552A71A21; Wed, 17 Dec 2014 20:47:13 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id 7DA019323; Wed, 17 Dec 2014 20:47:12 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 5ECA442C8; Wed, 17 Dec 2014 21:47:00 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: olli hauer Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:30.unbound References: <20141217083643.E0059421C@nine.des.no> <5491488E.4020405@gmx.de> Date: Wed, 17 Dec 2014 21:47:00 +0100 In-Reply-To: <5491488E.4020405@gmx.de> (olli hauer's message of "Wed, 17 Dec 2014 10:10:38 +0100") Message-ID: <86k31qovgb.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: FreeBSD Security Advisories , freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Dec 2014 20:47:13 -0000 olli hauer writes: > Is there an issue with freebsd-update or an special reason the update > wants to install lib32? Yes. The freebsd-update distribution for 10.1 was incorrectly built without lib32; as a result, freebsd-update deletes lib32 when upgrading from older releases (see https://bugs.freebsd.org/195302). The only way to fix that was to reintroduce lib32 in the next patch release. Unfortunately, freebsd-update is not able to tell that a newly created file belongs to a distribution which is not installed or disabled in freebsd-update.conf. We decided that this was the lesser of two evils. I will make an announcement later regarding this and the "rm /" issue. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no