From owner-freebsd-security@FreeBSD.ORG  Tue Jan 27 21:03:17 2015
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8F66F5AA
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 21:03:17 +0000 (UTC)
Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net
 [IPv6:2001:41d0:8:67d4:1:1:0:1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 578B2A72
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 21:03:17 +0000 (UTC)
Received: from mbp.fritz.box (p4FC3B655.dip0.t-ipconnect.de [79.195.182.85])
 by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3kX0lb32FFzRh4
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 22:03:07 +0100 (CET)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
From: Michael Grimm <trashcan@odo.in-berlin.de>
In-Reply-To: <201501271955.t0RJt8WC055452@freefall.freebsd.org>
Date: Tue, 27 Jan 2015 22:03:06 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <6D500B8B-DA1F-4F66-B407-1996FE7AD2EB@odo.in-berlin.de>
References: <201501271955.t0RJt8WC055452@freefall.freebsd.org>
To: freebsd-security@freebsd.org
X-Mailer: Apple Mail (2.1993)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 21:03:17 -0000

Hi --

This mail:
> FreeBSD-SA-15:02.kmem                                       Security =
Advisory

Other Mail:
| FreeBSD-SA-15:03.sctp                                       Security =
Advisory

> 3) To update your vulnerable system via a source code patch:
>=20
> The following patches have been verified to apply to the applicable
> FreeBSD release branches.
>=20
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>=20

This mail:
> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc

The other mail:
| # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
| # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc

Well, experienced admins will notice that both patches are distinct,
won't overwrite the first patch file downloaded with the second one,
and won't start compiling the kernel missing the first patch.

But, I do have the feeling that this naming scheme is error prone.

Just my 2 cents and with kind regards,
Michael=