From owner-freebsd-questions@freebsd.org Thu Apr 6 08:42:34 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E1F24D31C28 for ; Thu, 6 Apr 2017 08:42:34 +0000 (UTC) (envelope-from zhaghzhagh@openmailbox.org) Received: from mail.openmailbox.org (lb1.openmailbox.org [5.79.108.160]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A4AFD659 for ; Thu, 6 Apr 2017 08:42:34 +0000 (UTC) (envelope-from zhaghzhagh@openmailbox.org) Received: by mail.openmailbox.org (Postfix, from userid 20002) id 613AE517906; Thu, 6 Apr 2017 10:35:06 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1491467706; bh=+3andN/qvBCboGUrjyjGuIJJ6Nypmwq0lQV3u2Txhzs=; h=Date:From:To:Subject:From; b=c3t/QuWHnGwCnFMBDTmdUHjyoRtg3iOOfQO+cxzfyeWHeVsF+oBYI3Un5JHGR2zks gS2agJNJ2gR26cuz7EQEIaWpHskHRJNWH0QjtX876pr44e7uVAhVFmkNhl1T5IAiyZ MkPYbSug1d6cXIZmIPbn9CAWqiKhFAJZgA9XPCsc= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ZDZR003 X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=3.4.0 Received: from www.openmailbox.org (unknown [10.0.0.4]) by mail.openmailbox.org (Postfix) with ESMTP id B61DC517906 for ; Thu, 6 Apr 2017 10:35:01 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 06 Apr 2017 08:35:01 +0000 From: zhaghzhagh@openmailbox.org To: freebsd-questions@freebsd.org Subject: Security Advisory - release version, user or kernel patch =?UTF-8?Q?level=3F?= Message-ID: X-Sender: zhaghzhagh@openmailbox.org User-Agent: Roundcube Webmail/1.0.6 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2017 08:42:35 -0000 Good morning Every now and then I get confused by the version number of security patches. For example: https://www.freebsd.org/security/advisories/FreeBSD-SA-17:02.openssl.asc: ... Corrected: 2017-01-26 19:14:14 UTC (stable/11, 11.0-STABLE) 2017-02-23 07:11:48 UTC (releng/11.0, 11.0-RELEASE-p8) 2017-01-27 07:45:06 UTC (stable/10, 10.3-STABLE) 2017-02-23 07:12:18 UTC (releng/10.3, 10.3-RELEASE-p17) ... [user@domain ~]$ uname -a FreeBSD domain.tld 10.3-RELEASE-p11 FreeBSD 10.3-RELEASE-p11 #0: Mon Oct 24 18:47:18 UTC 2016 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 Guesses: 1. 'uname' - 'p11' = kernel patch level (?) 2. '10.3-RELEASE-p17' - 'p17' = user patch level (?) What if there is a security patch that affects only kernel? Is it safe in all times to use 'freebsd-version -u' to decide whether my host needs to be updated, upon a security notification is issued? (Don't want to run 'freebsd-update' unnecessarily.) Thanks!