Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
Kimmo Paasiala
kpaasial at gmail.com
Fri Mar 20 18:42:25 UTC 2015
On Fri, Mar 20, 2015 at 5:21 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:
> # sudo freebsd-update fetch
> Looking up update.FreeBSD.org mirrors... 5 mirrors found.
> Fetching metadata signature for 10.0-RELEASE from update6.freebsd.org... done.
> Fetching metadata index... done.
> Inspecting system... done.
> Preparing to download files... done.
>
> The following files will be added as part of updating to 10.0-RELEASE-p18:
> /usr/src/contrib/tzdata/zone1970.tab
> /usr/src/crypto/openssl/crypto/constant_time_locl.h
> /usr/src/crypto/openssl/crypto/constant_time_test.c
> /usr/src/crypto/openssl/doc/apps/c_rehash.pod
> /usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod
> /usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
> /usr/src/crypto/openssl/ssl/heartbeat_test.c
> /usr/src/crypto/openssl/ssl/ssl_utst.c
> /usr/src/crypto/openssl/util/mkbuildinf.pl
> /usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3
> /usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
> /usr/src/secure/usr.bin/openssl/man/c_rehash.1
>
> WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE.
> Any security issues discovered after Sat Feb 28 19:00:00 EST 2015
> will not have been corrected.
>
> # sudo freebsd-update install
> Installing updates...install: ///usr/src/contrib/tzdata/zone1970.tab: No such file or directory
> install: ///usr/src/crypto/openssl/crypto/constant_time_locl.h: No such file or directory
> install: ///usr/src/crypto/openssl/crypto/constant_time_test.c: No such file or directory
> install: ///usr/src/crypto/openssl/doc/apps/c_rehash.pod: No such file or directory
> install: ///usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod: No such file or directory
> install: ///usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod: No such file or directory
> install: ///usr/src/crypto/openssl/ssl/heartbeat_test.c: No such file or directory
> install: ///usr/src/crypto/openssl/ssl/ssl_utst.c: No such file or directory
> install: ///usr/src/crypto/openssl/util/mkbuildinf.pl: No such file or directory
> install: ///usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3: No such file or directory
> install: ///usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3: No such file or directory
> install: ///usr/src/secure/usr.bin/openssl/man/c_rehash.1: No such file or directory
> done.
>
> It doesn't look like OpenSSL got updated, and it looks like a bunch of the attempted updates failed. Was this advisory tested on 10.0?
>
> --Paul Hoffman
10.0-RELEASE is not a supported release anymore, upgrade to 10.1.
"WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE.
Any security issues discovered after Sat Feb 28 19:00:00 EST 2015
will not have been corrected."
https://www.freebsd.org/security/unsupported.html
-Kimmo
More information about the freebsd-security
mailing list