Date: Fri, 26 Aug 2016 18:24:18 +0100 From: Martin Simmons <martin@lispworks.com> To: freebsd-security@freebsd.org Subject: Re: Unexplained update to /boot/boot1.efi and 2 others by freebsd-update Message-ID: <201608261724.u7QHOIIh001228@higson.cam.lispworks.com> In-Reply-To: <20160823002821.GJ1069@FreeBSD.org> (message from Gleb Smirnoff on Mon, 22 Aug 2016 17:28:21 -0700) References: <201608221415.u7MEFl8d009158@higson.cam.lispworks.com> <20160823002821.GJ1069@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Mon, 22 Aug 2016 17:28:21 -0700, Gleb Smirnoff said: > > Martin, > > On Mon, Aug 22, 2016 at 03:15:47PM +0100, Martin Simmons wrote: > M> Running freebsd-update to convert 10.1-RELEASE-p36 to -p37 updates 3 efi files > M> in /boot, but they are not mentioned in any security advisory or errata notice > M> that I can find and no corresponding source files are updated. This is > M> repeatable on several unrelated systems so I don't think my files have been > M> corrupted. > M> > M> Is this expected? > > The freebsd-update build code attempts to extract and ignore timestamps in order > to determine whether files are 'really' changing between builds; unfortunately these > particular files contain a build artifact which the freebsd-update code was not > able to handle, thus resulting in them being incorrectly identified as needing to be > distributed. > > So, this shouldn't have happened. But don't worry the files aren't forged and they > do originate from the official freebsd-update server. Thanks, that's good to know. __Martin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608261724.u7QHOIIh001228>