From owner-freebsd-security Mon Feb 24 17: 0:40 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4940837B401 for ; Mon, 24 Feb 2003 17:00:37 -0800 (PST) Received: from utahime.as.wakwak.ne.jp (utahime.as.wakwak.ne.jp [61.205.238.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5A78643F85 for ; Mon, 24 Feb 2003 17:00:36 -0800 (PST) (envelope-from yasu@home.utahime.org) Received: from eastasia.home.utahime.org (eastasia.home.utahime.org [192.168.174.1]) by utahime.as.wakwak.ne.jp (Postfix) with ESMTP id F0911C for ; Tue, 25 Feb 2003 10:00:34 +0900 (JST) Received: from 127.0.0.1 (localhost.home.utahime.org [127.0.0.1]) by eastasia.home.utahime.org (Postfix) with SMTP id CD70F54EF; Tue, 25 Feb 2003 10:00:34 +0900 (JST) Received: from localhost (sugar.home.utahime.org [192.168.174.2]) by eastasia.home.utahime.org (Postfix) with ESMTP id A6B8054EE; Tue, 25 Feb 2003 10:00:34 +0900 (JST) Date: Tue, 25 Feb 2003 10:00:21 +0900 (JST) Message-Id: <20030225.100021.27473189.yasu@utahime.org> To: freebsd-security@FreeBSD.ORG Subject: Re: openssl advisory From: KIMURA Yasuhiro In-Reply-To: References: Organization: Utahime no Mori X-Mailer: Mew version 3.1.53 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> Kosaku Nagasaka wrote: > The advisory SA-03:02 has the following instruction: >> a) Download the relevant patch from the location below, and verify the >> detached PGP signature using your PGP utility. >> >> [FreeBSD 4.7 systems] >> # fetch >> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch >> # fetch >> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch.asc >> [FreeBSD 4.6 systems] >> # fetch >> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch >> # fetch >> ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch.asc > I think that openssl50 should be openssl47 and openssl46, respectively. I applied openssl47.patch to my 4.7R source tree, but some parts of the patch were rejected as following. sugar# patch -s < /tmp/security-fixes/openssl47.patch 1 out of 1 hunks failed--saving rejects to UPDATING.rej 1 out of 1 hunks failed--saving rejects to crypto/openssl/apps/openssl.cnf.rej 1 out of 3 hunks failed--saving rejects to crypto/openssl/apps/speed.c.rej Reversed (or previously applied) patch detected! Assume -R? [y] ^Csugar# Does anybody suceed? --- KIMURA Yasuhiro Mail: yasu@utahime.org WWW: http://www.utahime.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message