In the svn days, I could just look at my svn revision to check on whether a security patch was required. Now I have a git hash. I have no idea how to tell if my system running 13-STABLE of a few days ago has the patch. Branch/path Revision - ------------------------------------------------------------------------- stable/13/ 894360bacd42f021551f76518edd445f6d299f2e releng/13.0/ 9f00cb5fa8a438e7b9efb2158f2e2edc730badd1 stable/12/ r369312 releng/12.2/ r369353 Is there a git command that can confirm whether a given hash is covered in my system? -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkoberman at gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
Hi,
In your base git repository, type:
git rev-list <uname_hash> | grep -lF <searched_hash>
This outputs something ("(standard input)") iff you have it in.
In order to limit the search time in case of a false result, you'd better
pass
the --since=<oldest_date> to git rev-list.
There is an alternative if you have a branch pointing to your uname hash:
git branch --contains <searched_hash> | grep -lF <your_branch>
Regards.
--
Olivier Certner
On Wed, 24 Feb 2021 at 12:35, Kevin Oberman <rkoberman at gmail.com> wrote:> > In the svn days, I could just look at my svn revision to check on whether a > security patch was required. Now I have a git hash. I have no idea how to > tell if my system running 13-STABLE of a few days ago has the patch.Thanks for posting this question. I see some useful information in other replies to this thread and we'll want to make sure that makes its way to appropriate documentation. For future advisories we should also report the commit count associated with the fix; this is a monotonically-increasing number and is reported in the uname. If you build stable/13 right now you would get "stable/13-n244668-4664afc05402", and the fix in 894360bacd42f021551f76518edd445f6d299f2e corresponds to n244572. 244668 being larger than 244572 indicates that the fix is included. These counts are not unique across different branches; you can only compare counts for the same branch.