4.6-R (Was: Re: FreeBSD Security Advisory
FreeBSD-SA-03:18.openssl)
D J Hawkey Jr
hawkeyd at visi.com
Sun Oct 5 10:12:47 PDT 2003
On Oct 05, at 12:32 PM, Peter C. Lai wrote:
>
> recompiling the secure and crypto subsystems on the latest RELENG_4_6 (cvsup'd
> 3 Oct.) will fail with one of the ssh-pam modules not being able to link with
> libssh (unrecognized symbols). This is uncool.
Didn't happen here on my RELENG_4_5 box. I should mention that I don't
update this box with cvsup(1); I apply the SA patches myself (there have
been times where RELENG_4_5 is not explicitly supported by an SA, but is
applicable nonetheless).
> I noticed that the latest RELENG_4_6 already has the ssh patches; did someone
> backport them and upgrade something along the way? I thought 4.6 is supposed to
> be unsupported?
According to a HEADSUP sent out by Jacques, RELENG_4_6 was supported by
SA-03:15, and the CVS tree updated. RELENG_4_6 was also supported by
SA-03:18, but I'm not certain if its CVS tree was updated (neither the
HEADSUP nor the SA explicitly says so, but I'll bet it has been).
I'm not sure if RELENG_4_6 is EOL'd or not (though I think it is). Having
said that, the Security team does release patches for EOL'd releases as
they see fit.
> I was expecting to be able to manually patch my 4.6 sources
> and recompile just the crypto/secure subsystems but instead I was forced to
> upgrade to 4.8 which broke a ton of other stuff (mainly ports). Maybe I should
> have moved to RELENG_4_7 instead.
I can't guess at what happened on your end. Well, I _could_, but I'd
pro'lly be wrong. :-)
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd at visi.com /\________________/
http://www.visi.com/~hawkeyd/
More information about the freebsd-security
mailing list