Re: FreeBSD Errata Notice FreeBSD-EN-23:09.freebsd-update [REVISED]
Date: Wed, 04 Oct 2023 02:13:51 UTC
not sure if this is related or appropriate here, but for the last 2 or 3 updates freebsd-update has been hanging on this: The following files are affected by updates. No changes have been downloaded, however, because the files have been modified locally: /etc/ssh/sshd_config a minor annoyance, but is this the new normal? this file will obviously be changed on most systems, why do I seem like the only one with this problem? as of today its still doing it: FreeBSD quartzon 13.2-RELEASE-p4 FreeBSD 13.2-RELEASE-p4 GENERIC amd64 On 10/3/23 19:03, FreeBSD Errata Notices wrote: > ============================================================================= > FreeBSD-EN-23:09.freebsd-update Errata Notice > The FreeBSD > Project > > Topic: freebsd-update incorrectly merges files on upgrade > > Category: core > Module: freebsd-update > Announced: 2023-09-06 > Affects: FreeBSD 13.2 > Corrected: 2023-05-16 21:34:10 UTC (stable/13, 13.2-STABLE) > 2023-09-06 16:56:24 UTC (releng/13.2, 13.2-RELEASE-p3) > 2023-09-28 13:42:18 UTC (stable/12, 12.4-STABLE) > 2023-10-03 22:15:35 UTC (releng/12.4, 12.4-RELEASE-p6) > > For general information regarding FreeBSD Errata Notices and Security > Advisories, including descriptions of the fields above, security > branches, and the following sections, please visit > <URL:https://security.FreeBSD.org/>. > > 2023-09-06 Initial Revision > 2023-10-03 Updated to include the patch for 12.4-RELEASE. > > I. Background > > freebsd-update provides binary updates for supported releases of > FreeBSD on > amd64, arm64, and i386. > > II. Problem Description > > freebsd-update incorrectly deleted files in /etc/ in the event the > file to be > updated matched the new release and was different than the old > release. This > has not been an issue previously because the $FreeBSD$ tag expansion from > subversion virtually guaranteed the existing file was going to be > different > from the new release. With the conversion to git in the 13.x releases, > $FreeBSD$ is no longer expanded, making it much more likely that a > file would > find this issue. > > III. Impact > > Unmodified files in /etc/ may be deleted on running freebsd-update > upgrade. > > IV. Workaround > > No workaround is available. > > V. Solution > > Upgrade your system to a supported FreeBSD stable or release / security > branch (releng) dated after the correction date. > > Perform one of the following: > > 1) To update your system via a binary patch: > > Systems running a RELEASE version of FreeBSD on the amd64, i386, or > (on FreeBSD 13 and later) arm64 platforms can be updated via the > freebsd-update(8) utility: > > # freebsd-update fetch > # freebsd-update install > > 2) To update your system via a source code patch: > > The following patches have been verified to apply to the applicable > FreeBSD release branches. > > a) Download the relevant patch from the location below, and verify the > detached PGP signature using your PGP utility. > > # fetch https://security.FreeBSD.org/patches/EN-23:09/freebsd-update.patch > # fetch > https://security.FreeBSD.org/patches/EN-23:09/freebsd-update.patch.asc > # gpg --verify freebsd-update.patch.asc > > b) Apply the patch. Execute the following commands as root: > > # cd /usr/src > # patch < /path/to/patch > > c) Recompile the operating system using buildworld and installworld as > described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. > > VI. Correction details > > This issue is corrected by the corresponding Git commit hash or Subversion > revision number in the following stable and release branches: > > Branch/path Hash Revision > ------------------------------------------------------------------------- > stable/13/ 866e5c6b3ce7 stable/13-n255386 > releng/13.2/ 0b39d9de2e71 releng/13.2-n254628 > stable/12/ r373221 > releng/12.4/ r373231 > ------------------------------------------------------------------------- > > For FreeBSD 13 and later: > > Run the following command to see which files were modified by a > particular commit: > > # git show --stat <commit hash> > > Or visit the following URL, replacing NNNNNN with the hash: > > <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> > > To determine the commit count in a working tree (for comparison against > nNNNNNN in the table above), run: > > # git rev-list --count --first-parent HEAD > > For FreeBSD 12 and earlier: > > Run the following command to see which files were modified by a particular > revision, replacing NNNNNN with the revision number: > > # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base > > Or visit the following URL, replacing NNNNNN with the revision number: > > <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> > > VII. References > > <URL:https://reviews.freebsd.org/D39973> > > The latest revision of this advisory is available at > <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-23:09.freebsd-update.asc> >