From owner-freebsd-security@FreeBSD.ORG  Fri Jan  2 17:46:41 2015
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 345B7B95
 for <freebsd-security@freebsd.org>; Fri,  2 Jan 2015 17:46:41 +0000 (UTC)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id E858666509
 for <freebsd-security@freebsd.org>; Fri,  2 Jan 2015 17:46:40 +0000 (UTC)
Received: from nine.des.no (smtp.des.no [194.63.250.102])
 by smtp-int.des.no (Postfix) with ESMTP id E79619DBF;
 Fri,  2 Jan 2015 17:46:39 +0000 (UTC)
Received: by nine.des.no (Postfix, from userid 1001)
 id 46C9C5B59; Fri,  2 Jan 2015 18:46:37 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Roger Marquis <marquis@roble.com>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:31.ntp
References: <20141223233310.098C54BB6@nine.des.no>
 <86h9wln9nw.fsf@nine.des.no> <549A5492.6000503@grosbein.net>
 <868uhx43i5.fsf@nine.des.no> <20141226200838.DE83DACE@hub.freebsd.org>
 <8661cy9jim.fsf@nine.des.no> <20141231195427.AECE022B@hub.freebsd.org>
Date: Fri, 02 Jan 2015 18:46:37 +0100
In-Reply-To: <20141231195427.AECE022B@hub.freebsd.org> (Roger Marquis's
 message of "Wed, 31 Dec 2014 11:54:18 -0800 (PST)")
Message-ID: <86y4plgjnm.fsf@nine.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2015 17:46:41 -0000

Roger Marquis <marquis@roble.com> writes:
> Problem with freebsd-update is that it has some of the same scope issues
> as installworld.  We've also had problems defining "-r" (in a jail) when
> the booted kernel is not the revision we want to build to.  Doesn't help
> that "-r" doesn't parse patch levels.

I do it all the time:

$ sudo env UNAME_r=3DX.Y-RELEASE freebsd-update fetch install

Patch levels don't matter to freebsd-update, it will look at what's
actually installed and not what the kernel says (which is not
necessarily correct anyway, because some updates don't touch the
kernel).  It just needs to know the correct release.

Not sure what you mean by scope issues.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no