Unexplained update to /boot/boot1.efi and 2 others by freebsd-update
Martin Simmons
martin at lispworks.com
Fri Aug 26 17:24:29 UTC 2016
>>>>> On Mon, 22 Aug 2016 17:28:21 -0700, Gleb Smirnoff said:
>
> Martin,
>
> On Mon, Aug 22, 2016 at 03:15:47PM +0100, Martin Simmons wrote:
> M> Running freebsd-update to convert 10.1-RELEASE-p36 to -p37 updates 3 efi files
> M> in /boot, but they are not mentioned in any security advisory or errata notice
> M> that I can find and no corresponding source files are updated. This is
> M> repeatable on several unrelated systems so I don't think my files have been
> M> corrupted.
> M>
> M> Is this expected?
>
> The freebsd-update build code attempts to extract and ignore timestamps in order
> to determine whether files are 'really' changing between builds; unfortunately these
> particular files contain a build artifact which the freebsd-update code was not
> able to handle, thus resulting in them being incorrectly identified as needing to be
> distributed.
>
> So, this shouldn't have happened. But don't worry the files aren't forged and they
> do originate from the official freebsd-update server.
Thanks, that's good to know.
__Martin
More information about the freebsd-security
mailing list