Date: Fri, 20 Mar 2015 20:42:22 +0200 From: Kimmo Paasiala <kpaasial@gmail.com> To: Paul Hoffman <paul.hoffman@vpnc.org> Cc: freebsd-security <freebsd-security@freebsd.org> Subject: Re: Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED] Message-ID: <CA%2B7WWSeVimWe7AH%2BDeos%2BXYE-dwbJuW=BiMcWWYQm-MZw3d%2BOQ@mail.gmail.com> In-Reply-To: <29606747-8C51-4EF3-B507-46A75661E738@vpnc.org> References: <201503200729.t2K7TipS023432@freefall.freebsd.org> <29606747-8C51-4EF3-B507-46A75661E738@vpnc.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Mar 20, 2015 at 5:21 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > # sudo freebsd-update fetch > Looking up update.FreeBSD.org mirrors... 5 mirrors found. > Fetching metadata signature for 10.0-RELEASE from update6.freebsd.org... done. > Fetching metadata index... done. > Inspecting system... done. > Preparing to download files... done. > > The following files will be added as part of updating to 10.0-RELEASE-p18: > /usr/src/contrib/tzdata/zone1970.tab > /usr/src/crypto/openssl/crypto/constant_time_locl.h > /usr/src/crypto/openssl/crypto/constant_time_test.c > /usr/src/crypto/openssl/doc/apps/c_rehash.pod > /usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod > /usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod > /usr/src/crypto/openssl/ssl/heartbeat_test.c > /usr/src/crypto/openssl/ssl/ssl_utst.c > /usr/src/crypto/openssl/util/mkbuildinf.pl > /usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3 > /usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 > /usr/src/secure/usr.bin/openssl/man/c_rehash.1 > > WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. > Any security issues discovered after Sat Feb 28 19:00:00 EST 2015 > will not have been corrected. > > # sudo freebsd-update install > Installing updates...install: ///usr/src/contrib/tzdata/zone1970.tab: No such file or directory > install: ///usr/src/crypto/openssl/crypto/constant_time_locl.h: No such file or directory > install: ///usr/src/crypto/openssl/crypto/constant_time_test.c: No such file or directory > install: ///usr/src/crypto/openssl/doc/apps/c_rehash.pod: No such file or directory > install: ///usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod: No such file or directory > install: ///usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod: No such file or directory > install: ///usr/src/crypto/openssl/ssl/heartbeat_test.c: No such file or directory > install: ///usr/src/crypto/openssl/ssl/ssl_utst.c: No such file or directory > install: ///usr/src/crypto/openssl/util/mkbuildinf.pl: No such file or directory > install: ///usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3: No such file or directory > install: ///usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3: No such file or directory > install: ///usr/src/secure/usr.bin/openssl/man/c_rehash.1: No such file or directory > done. > > It doesn't look like OpenSSL got updated, and it looks like a bunch of the attempted updates failed. Was this advisory tested on 10.0? > > --Paul Hoffman 10.0-RELEASE is not a supported release anymore, upgrade to 10.1. "WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. Any security issues discovered after Sat Feb 28 19:00:00 EST 2015 will not have been corrected." https://www.freebsd.org/security/unsupported.html -Kimmo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B7WWSeVimWe7AH%2BDeos%2BXYE-dwbJuW=BiMcWWYQm-MZw3d%2BOQ>