Date: Tue, 30 Mar 2021 12:52:59 -0500 From: Doug McIntyre <merlyn@geeks.org> To: freebsd-stable@freebsd.org Subject: Re: possibly silly question regarding freebsd-update Message-ID: <YGNle2yVYaL3vHbZ@geeks.org> In-Reply-To: <YGNXq2DGltcwq%2Boc@cloud.zyxst.net> References: <YGMpE5uWvRy8Xdql@cloud.zyxst.net> <aad6ecc5-f6b0-92c5-1acb-e9666760e813@madpilot.net> <7e96f815-2955-cfd2-cf6d-16187bc5a233@denninger.net> <YGNLkDpHtIuaO3xp@in-addr.com> <c16bfed1-52bb-560c-c73f-1edd0c1f876e@denninger.net> <YGNXq2DGltcwq%2Boc@cloud.zyxst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Mar 30, 2021 at 05:54:03PM +0100, tech-lists wrote: > it just threw me that the thing-that-was-updated didn't update its > version information when queried. Absent sources, how can I tell it > was updated (apart from freebsd-version -u) ? Comparing what the SA patch says it is doing at https://security.freebsd.org/patches/SA-21:07/openssl-12.patch appears to be only update the libcrypto library and not the openssl wrapper itself, you can verify that after the 12.2-p5 patch was installed that the file /lib/libcrypto.so.111 has been touched and is a newer date than what was on the machine prior to the patch. Yes, this takes some knowledge of the specific patch, and what parts contribute to what it is doing. I don't know the specific decisions on when RELEASE backports security patches vs. upgrading whole source trees.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YGNle2yVYaL3vHbZ>