From owner-freebsd-security@FreeBSD.ORG Tue Sep 16 16:42:19 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E33C6145 for ; Tue, 16 Sep 2014 16:42:19 +0000 (UTC) Received: from mproxy19.sbb.rs (mproxy19.sbb.rs [89.216.2.104]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.sbb.rs", Issuer "PositiveSSL CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 57DBDA06 for ; Tue, 16 Sep 2014 16:42:18 +0000 (UTC) Received: from faust.localdomain (cable-178-148-96-27.dynamic.sbb.rs [178.148.96.27]) by mproxy19.sbb.rs (8.14.4/8.14.4) with ESMTP id s8GGgG1r014970 for ; Tue, 16 Sep 2014 18:42:16 +0200 X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.97.6 at SBB mail Received: by faust.localdomain (Postfix, from userid 1001) id 1A708A41F9F; Tue, 16 Sep 2014 18:42:58 +0200 (CEST) Date: Tue, 16 Sep 2014 18:42:58 +0200 From: Zoran Kolic To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:19.tcp Message-ID: <20140916164257.GA1277@faust.sbb.rs> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mproxy19.sbb.rs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2014 16:42:20 -0000 > The advisory solution offers 3 options... freebsd-update is the binary > approach (option #3) that provides you a new updated generic kernel > already compiled. If you aren't using a generic kernel or want to patch > and recompile your own, then you would use the option #2. Hm! I use custom kernel. Here is what I did using freebsd-update: I fetched and installed. Then I recompiled the kernel. Did I miss the security patch doing this? Zoran