4.6-R (Was: Re: FreeBSD Security Advisory FreeBSD-SA-03:18.openssl)

Peter C. Lai sirmoo at cowbert.2y.net
Sun Oct 5 10:26:06 PDT 2003 

On Sun, Oct 05, 2003 at 12:12:45PM -0500, D J Hawkey Jr wrote:
> On Oct 05, at 12:32 PM, Peter C. Lai wrote:
> > 
> > recompiling the secure and crypto subsystems on the latest RELENG_4_6 (cvsup'd
> > 3 Oct.) will fail with one of the ssh-pam modules not being able to link with
> > libssh (unrecognized symbols). This is uncool. 
> 
> Didn't happen here on my RELENG_4_5 box. I should mention that I don't
> update this box with cvsup(1); I apply the SA patches myself (there have
> been times where RELENG_4_5 is not explicitly supported by an SA, but is
> applicable nonetheless).
> 

I don't keep separate branch releases; my current build boxen had 4.8 sources, 
so I had to get rid of them and re-cvsup the 4.6-R ones. perhaps I should keep
different branches from now on. (I have production boxen which have no sources,
and my devel/build boxen which do, but which also run more bleeding edge
versions of things). This would require finagling with supfiles which I didn't
forsee a need of doing (before now :(

Thanks for the reply anyway.

> > I noticed that the latest RELENG_4_6 already has the ssh patches; did someone 
> > backport them and upgrade something along the way? I thought 4.6 is supposed to
> > be unsupported? 
> 
> According to a HEADSUP sent out by Jacques, RELENG_4_6 was supported by
> SA-03:15, and the CVS tree updated. RELENG_4_6 was also supported by
> SA-03:18, but I'm not certain if its CVS tree was updated (neither the
> HEADSUP nor the SA explicitly says so, but I'll bet it has been).
> 
> I'm not sure if RELENG_4_6 is EOL'd or not (though I think it is). Having
> said that, the Security team does release patches for EOL'd releases as
> they see fit.
> 
> > I was expecting to be able to manually patch my 4.6 sources 
> > and recompile just the crypto/secure subsystems but instead I was forced to 
> > upgrade to 4.8 which broke a ton of other stuff (mainly ports). Maybe I should
> > have moved to RELENG_4_7 instead. 
> 
> I can't guess at what happened on your end. Well, I _could_, but I'd
> pro'lly be wrong.  :-)
> 
> Dave
> 
> -- 
>   ______________________                         ______________________
>   \__________________   \    D. J. HAWKEY JR.   /   __________________/
>      \________________/\     hawkeyd at visi.com    /\________________/
>                       http://www.visi.com/~hawkeyd/
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"

-- 
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/

More information about the freebsd-security mailing list