From owner-freebsd-security@FreeBSD.ORG  Tue Sep 16 18:59:18 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 0F9DF5A2
 for <freebsd-security@freebsd.org>; Tue, 16 Sep 2014 18:59:18 +0000 (UTC)
Received: from mproxy8.sbb.rs (mproxy8.sbb.rs [89.216.2.99])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "smtp.sbb.rs", Issuer "PositiveSSL CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 8C356C2A
 for <freebsd-security@freebsd.org>; Tue, 16 Sep 2014 18:59:17 +0000 (UTC)
Received: from faust.localdomain (cable-178-148-96-27.dynamic.sbb.rs
 [178.148.96.27])
 by mproxy8.sbb.rs (8.14.4/8.14.4) with ESMTP id s8GIx4hU006067
 for <freebsd-security@freebsd.org>; Tue, 16 Sep 2014 20:59:05 +0200
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.97.6 at SBB mail
Received: by faust.localdomain (Postfix, from userid 1001)
 id 1194EA41E6C; Tue, 16 Sep 2014 20:59:46 +0200 (CEST)
Date: Tue, 16 Sep 2014 20:59:45 +0200
From: Zoran Kolic <zkolic@sbb.rs>
To: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:19.tcp
Message-ID: <20140916185945.GA777@faust.sbb.rs>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mproxy8.sbb.rs
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Sep 2014 18:59:18 -0000

> Unfortunately, I don't think your custom kernel got the patch.

I made a mess out of this patch, that is for sure.
On laptop I previously used freebsd-update for openssl
advisory. Now I followed your advice and used patch way.
Recompiled a kernel and got p1. I expected p2. However.

On desktop, I previously did the same openssl update,
today made tcp freebsd-update and recompiled the kernel.
Now, I tried to follow the same patch step. To my big
surprize, I was asked what file I want to patch. I don't
know.

Since I do use stateful firewall, not pf, but ipfw, I
expect to be on a safe side. So far.
Best regards
     
                             Zoran