Paul Hoffman
2015-Mar-20 15:21 UTC
Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
# sudo freebsd-update fetch Looking up update.FreeBSD.org mirrors... 5 mirrors found. Fetching metadata signature for 10.0-RELEASE from update6.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. The following files will be added as part of updating to 10.0-RELEASE-p18: /usr/src/contrib/tzdata/zone1970.tab /usr/src/crypto/openssl/crypto/constant_time_locl.h /usr/src/crypto/openssl/crypto/constant_time_test.c /usr/src/crypto/openssl/doc/apps/c_rehash.pod /usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod /usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod /usr/src/crypto/openssl/ssl/heartbeat_test.c /usr/src/crypto/openssl/ssl/ssl_utst.c /usr/src/crypto/openssl/util/mkbuildinf.pl /usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3 /usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 /usr/src/secure/usr.bin/openssl/man/c_rehash.1 WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. Any security issues discovered after Sat Feb 28 19:00:00 EST 2015 will not have been corrected. # sudo freebsd-update install Installing updates...install: ///usr/src/contrib/tzdata/zone1970.tab: No such file or directory install: ///usr/src/crypto/openssl/crypto/constant_time_locl.h: No such file or directory install: ///usr/src/crypto/openssl/crypto/constant_time_test.c: No such file or directory install: ///usr/src/crypto/openssl/doc/apps/c_rehash.pod: No such file or directory install: ///usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod: No such file or directory install: ///usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod: No such file or directory install: ///usr/src/crypto/openssl/ssl/heartbeat_test.c: No such file or directory install: ///usr/src/crypto/openssl/ssl/ssl_utst.c: No such file or directory install: ///usr/src/crypto/openssl/util/mkbuildinf.pl: No such file or directory install: ///usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3: No such file or directory install: ///usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3: No such file or directory install: ///usr/src/secure/usr.bin/openssl/man/c_rehash.1: No such file or directory done. It doesn't look like OpenSSL got updated, and it looks like a bunch of the attempted updates failed. Was this advisory tested on 10.0? --Paul Hoffman -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 455 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150320/e0cb79f0/attachment.sig>
Gareth de Vaux
2015-Mar-20 18:14 UTC
Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
On Fri 2015-03-20 (08:21), Paul Hoffman wrote:> It doesn't look like OpenSSL got updated, and it looks like a bunch of the attempted updates failed. Was this advisory tested on 10.0?I'm guessing this is pertinent: WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. Need to run: freebsd-update -r 10.1-RELEASE upgrade
Kimmo Paasiala
2015-Mar-20 18:42 UTC
Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
On Fri, Mar 20, 2015 at 5:21 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:> # sudo freebsd-update fetch > Looking up update.FreeBSD.org mirrors... 5 mirrors found. > Fetching metadata signature for 10.0-RELEASE from update6.freebsd.org... done. > Fetching metadata index... done. > Inspecting system... done. > Preparing to download files... done. > > The following files will be added as part of updating to 10.0-RELEASE-p18: > /usr/src/contrib/tzdata/zone1970.tab > /usr/src/crypto/openssl/crypto/constant_time_locl.h > /usr/src/crypto/openssl/crypto/constant_time_test.c > /usr/src/crypto/openssl/doc/apps/c_rehash.pod > /usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod > /usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod > /usr/src/crypto/openssl/ssl/heartbeat_test.c > /usr/src/crypto/openssl/ssl/ssl_utst.c > /usr/src/crypto/openssl/util/mkbuildinf.pl > /usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3 > /usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 > /usr/src/secure/usr.bin/openssl/man/c_rehash.1 > > WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. > Any security issues discovered after Sat Feb 28 19:00:00 EST 2015 > will not have been corrected. > > # sudo freebsd-update install > Installing updates...install: ///usr/src/contrib/tzdata/zone1970.tab: No such file or directory > install: ///usr/src/crypto/openssl/crypto/constant_time_locl.h: No such file or directory > install: ///usr/src/crypto/openssl/crypto/constant_time_test.c: No such file or directory > install: ///usr/src/crypto/openssl/doc/apps/c_rehash.pod: No such file or directory > install: ///usr/src/crypto/openssl/doc/crypto/CMS_add1_signer.pod: No such file or directory > install: ///usr/src/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod: No such file or directory > install: ///usr/src/crypto/openssl/ssl/heartbeat_test.c: No such file or directory > install: ///usr/src/crypto/openssl/ssl/ssl_utst.c: No such file or directory > install: ///usr/src/crypto/openssl/util/mkbuildinf.pl: No such file or directory > install: ///usr/src/secure/lib/libcrypto/man/CMS_add1_signer.3: No such file or directory > install: ///usr/src/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3: No such file or directory > install: ///usr/src/secure/usr.bin/openssl/man/c_rehash.1: No such file or directory > done. > > It doesn't look like OpenSSL got updated, and it looks like a bunch of the attempted updates failed. Was this advisory tested on 10.0? > > --Paul Hoffman10.0-RELEASE is not a supported release anymore, upgrade to 10.1. "WARNING: FreeBSD 10.0-RELEASE-p18 HAS PASSED ITS END-OF-LIFE DATE. Any security issues discovered after Sat Feb 28 19:00:00 EST 2015 will not have been corrected." https://www.freebsd.org/security/unsupported.html -Kimmo
Mark Felder
2015-Mar-21 15:53 UTC
Failure on 10.0? Re: FreeBSD Security Advisory FreeBSD-SA-15:06.openssl [REVISED]
On Fri, Mar 20, 2015, at 10:21, Paul Hoffman wrote:> > It doesn't look like OpenSSL got updated, and it looks like a bunch of > the attempted updates failed. Was this advisory tested on 10.0? >Those failures are for files in /usr/src. If you don't have the source code in /usr/src the updates to those files will fail. It is harmless. But as others have stated -- 10.0-RELEASE is End of Life.