Date: Tue, 21 Apr 2026 11:57:59 -0700 From: Mark Millard <marklmi@yahoo.com> To: freebsd-pkgbase@freebsd.org, "freebsd-stable@FreeBSD.org" <freebsd-stable@freebsd.org> Subject: Re: FreeBSD Errata Notice FreeBSD-EN-26:07.pkgbase [Some notes/reminders about pkgbase /usr/src content and such] Message-ID: <1913a8ad-b984-4496-b913-7e7d60d7dc56@yahoo.com> In-Reply-To: <20260421170210.C2E6B1FE10@freefall.freebsd.org>
index | next in thread | previous in thread | raw e-mail
Since this one is about pkgbase contexts . . . On 4/21/26 10:02, FreeBSD Errata Notices wrote: > ============================================================================= > FreeBSD-EN-26:07.pkgbase Errata Notice > The FreeBSD Project > > Topic: Base packages fail to build with newer versions of libucl > > Category: core > Module: packages > Announced: 2026-04-21 > Affects: FreeBSD 15.0 > Corrected: 2026-04-07 11:27:02 UTC (stable/15, 15.0-STABLE) > 2026-04-21 15:44:26 UTC (releng/15.0, 15.0-RELEASE-p6) > > For general information regarding FreeBSD Errata Notices and Security > Advisories, including descriptions of the fields above, security > branches, and the following sections, please visit > <URL:https://security.FreeBSD.org/>. > > I. Background > > The libucl library is used for parsing documents in the UCL markup format. > The base system private Lua (flua) exposes libucl to Lua applications via > the "ucl" module. > > II. Problem Description > > In libucl version 0.9.3, an API change was made in the Lua ucl module > to prohibit the use of certain syntax by default, specifically the > ".include" directive. This change causes the base system package build > ("make update-packages") to fail when the host system is using libucl > 0.9.3 or later. > > III. Impact > > Future versions of FreeBSD, which include libucl 0.9.3 or later, will > be unable to build FreeBSD 15.0 base system packages from source. > > IV. Workaround > > No workaround is available. > > V. Solution > > Update the base system source tree to a supported FreeBSD stable or > release / security branch (releng) dated after the correction date. > > No action is required on the host (build) system. > > To update your system via a source code patch: > > The following patches have been verified to apply to the applicable > FreeBSD release branches. > > a) Download the relevant patch from the location below, and verify the > detached PGP signature using your PGP utility. > > # fetch https://security.FreeBSD.org/patches/EN-26:07/pkgbase.patch > # fetch https://security.FreeBSD.org/patches/EN-26:07/pkgbase.patch.asc > # gpg --verify pkgbase.patch.asc > > b) Apply the patch. Execute the following commands as root: > > # cd /usr/src If /usr/src is from a pkgbase install/upgrade, it is not set up for use with git. That is relevant later below. > # patch < /path/to/patch For folks that do not build their own pkgbase, normally the technique would be to do a normal binary pkgbase update. In this case, using aarch64 as an example context, if that activity included FreeBSD-src-sys and FreeBSD-src (at or later than shown below): FreeBSD-src-sys-15.snap20260421090558.pkg FreeBSD-src-15.snap20260421100537.pkg that should have updated to have source files were based on having had the patch applied. (Snapshot date/time naming will vary across platforms.) > > VI. Correction details > > This issue is corrected as of the corresponding Git commit hash in the > following stable and release branches: > > Branch/path Hash Revision > ------------------------------------------------------------------------- > stable/15/ 976b2ebf4309 stable/15-n282865 > releng/15.0/ f3bbb238daa1 releng/15.0-n281021 > ------------------------------------------------------------------------- > > Run the following command to see which files were modified by a > particular commit: > > # git show --stat <commit hash> /usr/src supplied by pkgbase does not have normal/easy traceability to git hashes so far as I know. (For example, establish a git comparison tree and then recursive diff that and the pkgbase /usr/src --ignoring git infrastructure files that are not in /usr/src/ .) For pkgbase's base_latest distributions (so: stable/15 based in this context) the git hash that would be accurate for /usr/src/sys/ (which has its own .pkg file) might not be an exact match to what would match all of the rest of /usr/src/ (which has its own .pkg file): a commit can occur between the two separate source grabs and make the two hashes distinct. (main also has this property.) Looking at the appropriate (say, * being aarch64): https://pkg.freebsd.org/FreeBSD:15:*/base_latest/?C=M&O=D can help confirm things are in place. Similarly for looking at appropriate base_latest rows in: https://people.freebsd.org/~dbaio/pkg-master-report.html For example: For a while after the announcements went out, freebsd:14:aarch64:64 in pkg-master-report's display showed as "missing" (20 for % Synched) when I looked. (Now it shows 100.) > > Or visit the following URL, replacing NNNNNN with the hash: > > <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>; > > To determine the commit count in a working tree (for comparison against > nNNNNNN in the table above), run: > > # git rev-list --count --first-parent HEAD > > VII. References > > The latest revision of this advisory is available at > <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:07.pkgbase.asc>; > > -- === Mark Millard marklmi at yahoo.comhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1913a8ad-b984-4496-b913-7e7d60d7dc56>