Date: Sun, 5 Oct 2003 13:22:55 -0400 From: "Peter C. Lai" <sirmoo@cowbert.2y.net> To: D J Hawkey Jr <hawkeyd@visi.com> Cc: peter.lai@uconn.edu Subject: Re: 4.6-R (Was: Re: FreeBSD Security Advisory FreeBSD-SA-03:18.openssl) Message-ID: <20031005172255.GE399@cowbert.2y.net> In-Reply-To: <20031005171245.GA82807@sheol.localdomain> References: <200310032249.h93MnXS8047857@freefall.freebsd.org> <20031005142519.GA76750@sheol.localdomain> <20031005163252.GC399@cowbert.2y.net> <20031005171245.GA82807@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 05, 2003 at 12:12:45PM -0500, D J Hawkey Jr wrote: > On Oct 05, at 12:32 PM, Peter C. Lai wrote: > > > > recompiling the secure and crypto subsystems on the latest RELENG_4_6 (cvsup'd > > 3 Oct.) will fail with one of the ssh-pam modules not being able to link with > > libssh (unrecognized symbols). This is uncool. > > Didn't happen here on my RELENG_4_5 box. I should mention that I don't > update this box with cvsup(1); I apply the SA patches myself (there have > been times where RELENG_4_5 is not explicitly supported by an SA, but is > applicable nonetheless). > I don't keep separate branch releases; my current build boxen had 4.8 sources, so I had to get rid of them and re-cvsup the 4.6-R ones. perhaps I should keep different branches from now on. (I have production boxen which have no sources, and my devel/build boxen which do, but which also run more bleeding edge versions of things). This would require finagling with supfiles which I didn't forsee a need of doing (before now :( Thanks for the reply anyway. > > I noticed that the latest RELENG_4_6 already has the ssh patches; did someone > > backport them and upgrade something along the way? I thought 4.6 is supposed to > > be unsupported? > > According to a HEADSUP sent out by Jacques, RELENG_4_6 was supported by > SA-03:15, and the CVS tree updated. RELENG_4_6 was also supported by > SA-03:18, but I'm not certain if its CVS tree was updated (neither the > HEADSUP nor the SA explicitly says so, but I'll bet it has been). > > I'm not sure if RELENG_4_6 is EOL'd or not (though I think it is). Having > said that, the Security team does release patches for EOL'd releases as > they see fit. > > > I was expecting to be able to manually patch my 4.6 sources > > and recompile just the crypto/secure subsystems but instead I was forced to > > upgrade to 4.8 which broke a ton of other stuff (mainly ports). Maybe I should > > have moved to RELENG_4_7 instead. > > I can't guess at what happened on your end. Well, I _could_, but I'd > pro'lly be wrong. :-) > > Dave > > -- > ______________________ ______________________ > \__________________ \ D. J. HAWKEY JR. / __________________/ > \________________/\ hawkeyd@visi.com /\________________/ > http://www.visi.com/~hawkeyd/ > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Peter C. Lai University of Connecticut Dept. of Molecular and Cell Biology Yale University School of Medicine SenseLab | Research Assistant http://cowbert.2y.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031005172255.GE399>