From owner-freebsd-security@FreeBSD.ORG  Tue Jan 27 21:06:52 2015
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id ECA288ED
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 21:06:52 +0000 (UTC)
Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [87.98.149.189])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id B49DAAC4
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 21:06:52 +0000 (UTC)
Received: from mbp.fritz.box (p4FC3B655.dip0.t-ipconnect.de [79.195.182.85])
 by mx1.enfer-du-nord.net (Postfix) with ESMTPSA id 3kX0qt2NsMzRhj
 for <freebsd-security@freebsd.org>; Tue, 27 Jan 2015 22:06:50 +0100 (CET)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
From: Michael Grimm <trashcan@odo.in-berlin.de>
In-Reply-To: <6D500B8B-DA1F-4F66-B407-1996FE7AD2EB@odo.in-berlin.de>
Date: Tue, 27 Jan 2015 22:06:49 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <8F83D101-093B-4C32-9D45-572237869768@odo.in-berlin.de>
References: <201501271955.t0RJt8WC055452@freefall.freebsd.org>
 <6D500B8B-DA1F-4F66-B407-1996FE7AD2EB@odo.in-berlin.de>
To: freebsd-security@freebsd.org
X-Mailer: Apple Mail (2.1993)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 21:06:53 -0000


> On 27.01.2015, at 22:03, Michael Grimm <trashcan@odo.in-berlin.de> =
wrote:
>=20
> This mail:
>> FreeBSD-SA-15:02.kmem                                       Security =
Advisory
>=20
> Other Mail:
> | FreeBSD-SA-15:03.sctp                                       Security =
Advisory
>=20
>> 3) To update your vulnerable system via a source code patch:
>>=20
>> The following patches have been verified to apply to the applicable
>> FreeBSD release branches.
>>=20
>> a) Download the relevant patch from the location below, and verify =
the
>> detached PGP signature using your PGP utility.
>>=20
>=20
> This mail:
>> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
>> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc
>=20
> The other mail:
> | # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
> | # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc

Grrr:
| # fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch
| # fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch.asc

>=20
> Well, experienced admins will notice that both patches are distinct,
> won't overwrite the first patch file downloaded with the second one,
> and won't start compiling the kernel missing the first patch.
>=20
> But, I do have the feeling that this naming scheme is error prone.
>=20
> Just my 2 cents and with kind regards,
> Michael