From nobody Sat Feb 18 15:05:42 2023
X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PJsSs3WYRz3scBj
	for <freebsd-security@mlmmj.nyi.freebsd.org>; Sat, 18 Feb 2023 15:06:05 +0000 (UTC)
	(envelope-from void@f-m.fm)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4PJsSr6CB5z3np5
	for <freebsd-security@freebsd.org>; Sat, 18 Feb 2023 15:06:04 +0000 (UTC)
	(envelope-from void@f-m.fm)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=f-m.fm header.s=fm1 header.b="I oZKRkR";
	dkim=pass header.d=messagingengine.com header.s=fm1 header.b=Oe6U9y7p;
	spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 66.111.4.28 as permitted sender) smtp.mailfrom=void@f-m.fm;
	dmarc=pass (policy=none) header.from=f-m.fm
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47])
	by mailout.nyi.internal (Postfix) with ESMTP id 6E18E5C00EB
	for <freebsd-security@freebsd.org>; Sat, 18 Feb 2023 10:06:04 -0500 (EST)
Received: from imap46 ([10.202.2.96])
  by compute6.internal (MEProxy); Sat, 18 Feb 2023 10:06:04 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc
	:content-transfer-encoding:content-type:date:date:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:sender:subject:subject:to:to; s=fm1; t=1676732764; x=
	1676819164; bh=eRiAjgizi2oxVC6EnBIRfEJEDw4J23lBQy7nnO0Di5c=; b=I
	oZKRkRo0c49pxVrEK5txkmr+o6rYAs8DZLJyZozPumXy94quret60jgASCB25jYp
	MO8OcGSaeHI2SgJPR92o91M3XjripdJ5yVPZUtgG5HK4OvhI/gm2T2qQOFPZoB6G
	/HPlIcen4ThBgSJrOjlBgQ1beQwshVqJEyqZXpoBm7WWRxKhLpo7cMzpCWdVUpDD
	Yk0+kfc60UjOelyv/vOCxFx479A/E5NGyMp0kqfCopSBjvpmB4vT2EMivGO31KUF
	TAB5AqdilrO/leIRjvRwwioj2pfyFoWHsgX7T/ROGbxM2YwYWYbnKZKMct9Hs5KX
	QY8+brDiUoVAWwQbh4Svw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:date:date:feedback-id:feedback-id:from:from:in-reply-to
	:in-reply-to:message-id:mime-version:references:reply-to:sender
	:subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm1; t=1676732764; x=1676819164; bh=e
	RiAjgizi2oxVC6EnBIRfEJEDw4J23lBQy7nnO0Di5c=; b=Oe6U9y7p6skFJUUug
	p8ospRJGLfqLVqNpdSDTVzMDZfdJblqREVGWmZNU3CAxo7+tNYpENHxIzswvCxqV
	fQUDehezLvJ8r4RxpK/fJoGs0sV+13R5uo1hy4cbhlZQ8YL8vF8JjxzrMxnWqTuK
	Q4zeygTb7pQ/8FxNCHgTkM26R7jrhclml96yhOGRSXYvdF7/T4pBrlt3PPorJYV3
	F9hDoaVQ4ZLAoY/H5R2UF8nGexpp7Xpj68CPb3kQlq6a4VwK5kKLmZ73X6OW5ZPT
	ooH116Thx4pCHypqKuxl+Cx7tel1Mv6m+kBaJ1uL1qZj43urxEppGkB/+UcqDTQI
	WMvbA==
X-ME-Sender: <xms:XOnwY9sPenB8XoV2MnPsWTGWDt9LqMDw06NIWJX0y0q73pq6RT74JA>
    <xme:XOnwY2eeEV4wWpKFCPsoVrHRxe3fZkJB1TAarx6V1drfNWEBdJkbTqRbN6FVAzCJS
    laCrDMWyonPraL5Rg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudejuddgjedtucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtgfesth
    hqredtreerjeenucfhrhhomhepvhhoihguuceovhhoihgusehfqdhmrdhfmheqnecuggft
    rfgrthhtvghrnhepgeeuieduueeluedugeeiuedvtdettedvgfffueektdefjeeiueehje
    fhhedvledtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhho
    mhepvhhoihgusehfqdhmrdhfmh
X-ME-Proxy: <xmx:XOnwYwxUJTJPXx5oZ3lXOtwLFxjSw_3q2NWEsjUUhQDDiCLGFFGawA>
    <xmx:XOnwY0P9WgvJWMCAMFxqK6BnDg8YLCiVrtbL2McEv58hASDKcEbrHA>
    <xmx:XOnwY9_LT2VOTgVQ6Z-DNo1IMa0plKurUs_whMS5mk8NZJQWWYB1Sw>
    <xmx:XOnwYwJ7jCtyqKKtK75c2_VwQCQcReOH00R7Ho73QU26XIDf1_Ry_w>
Feedback-ID: i2541463c:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501)
	id 19AEF2A20080; Sat, 18 Feb 2023 10:06:03 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-156-g081acc5ed5-fm-20230206.001-g081acc5e
List-Id: Security issues <freebsd-security.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-security
List-Help: <mailto:freebsd-security+help@freebsd.org>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Subscribe: <mailto:freebsd-security+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-security+unsubscribe@freebsd.org>
Sender: owner-freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
Mime-Version: 1.0
Message-Id: <d5105588-22f8-49c8-a236-bdc1af8b58fc@app.fastmail.com>
In-Reply-To: <869c674a-206c-9f63-d5c2-ac2a3bca721a@ximalas.info>
References: <20230216182355.CC7834800@freefall.freebsd.org>
 <E0ACA2F3-FAEB-4370-9125-B26C3D3DB06A@ellael.org>
 <869c674a-206c-9f63-d5c2-ac2a3bca721a@ximalas.info>
Date: Sat, 18 Feb 2023 15:05:42 +0000
From: void <void@f-m.fm>
To: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-23:02.openssh
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spamd-Result: default: False [-2.72 / 15.00];
	DWL_DNSWL_LOW(-1.00)[messagingengine.com:dkim];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_LONG(-1.00)[-0.996];
	NEURAL_SPAM_SHORT(0.97)[0.969];
	MV_CASE(0.50)[];
	DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none];
	R_SPF_ALLOW(-0.20)[+ip4:66.111.4.28:c];
	R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm1,messagingengine.com:s=fm1];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.28:from];
	RWL_MAILSPIKE_GOOD(-0.10)[66.111.4.28:from];
	XM_UA_NO_VERSION(0.01)[];
	RCPT_COUNT_ONE(0.00)[1];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_HAS_DN(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org];
	RCVD_TLS_LAST(0.00)[];
	ASN(0.00)[asn:19151, ipnet:66.111.4.0/24, country:US];
	RCVD_COUNT_THREE(0.00)[4];
	TO_DN_NONE(0.00)[];
	FREEMAIL_FROM(0.00)[f-m.fm];
	ARC_NA(0.00)[];
	DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+];
	MIME_TRACE(0.00)[0:+];
	FROM_EQ_ENVFROM(0.00)[];
	FREEMAIL_ENVFROM(0.00)[f-m.fm];
	MLMMJ_DEST(0.00)[freebsd-security@freebsd.org]
X-Rspamd-Queue-Id: 4PJsSr6CB5z3np5
X-Spamd-Bar: --
X-ThisMailContainsUnwantedMimeParts: N

Hi,

On Fri, 17 Feb 2023, at 13:28, Trond Endrest=C3=B8l wrote:
> On Thu, 16 Feb 2023 19:47+0100, Michael Grimm wrote:
>
>> > On 16. Feb 2023, at 19:23, FreeBSD Security Advisories <security-ad=
visories@freebsd.org> wrote:
>>=20
>> [=E2=80=A6]
>>=20
>> > Branch/path                             Hash                     Re=
vision
>> > - -----------------------------------------------------------------=
--------
>> > stable/13/                              296ec8eae0c8    stable/13-n=
260933
>>=20
>> [=E2=80=A6]
>>=20
>> > # git rev-list --count --first-parent HEAD
>>=20
>> 254579
>>=20
>> Typo or am I getting something wrong?

I thought so too.

> If you rebase your own local branch on the tip of the official branch,=20
> then each occurance of rebasing counts as only one commit.

Not sure what you mean by this, or how it's relevant, or what it would i=
mply.

> Searching for the commit hash is the better option.

Is the advice given in the security notice incorrect with respect to the=
 revision number? Or is the method of checking incorrect? Both? A fresh =
clone of src a few minutes ago gives 254619 in response to 'git rev-list=
 --count --first-parent HEAD'

# date
Sat Feb 18 14:46:15 GMT 2023
# pwd
/tmp
# git clone -q ssh://anongit@git.freebsd.org/src.git src
# cd src
# git checkout stable/13
Updating files: 100% (29235/29235), done.
branch 'stable/13' set up to track 'origin/stable/13'.
Switched to a new branch 'stable/13'
git rev-list --count --first-parent HEAD
254619

--=20