Date: Mon, 24 Feb 2003 21:45:04 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: KIMURA Yasuhiro <yasu@utahime.org> Cc: freebsd-security@FreeBSD.ORG Subject: Updated OpenSSL patches (was Re: openssl advisory) Message-ID: <20030225034504.GA92642@madman.celabo.org> In-Reply-To: <20030225022110.GA92307@madman.celabo.org> References: <m3u1etut1a.wl@kogushi.kb.cc.yamaguchi-u.ac.jp> <20030225.100021.27473189.yasu@utahime.org> <20030225022110.GA92307@madman.celabo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[If you had trouble with the OpenSSL patches that were published this morning, please read this. If you are using CVS or CVSup to follow the security branches, then this will not interest you. ] On Mon, Feb 24, 2003 at 08:21:10PM -0600, Jacques A. Vidrine wrote: > On Tue, Feb 25, 2003 at 10:00:21AM +0900, KIMURA Yasuhiro wrote: > > I applied openssl47.patch to my 4.7R source tree, but some parts of > > the patch were rejected as following. > > > > sugar# patch -s < /tmp/security-fixes/openssl47.patch > > 1 out of 1 hunks failed--saving rejects to UPDATING.rej > > 1 out of 1 hunks failed--saving rejects to crypto/openssl/apps/openssl.cnf.rej > > 1 out of 3 hunks failed--saving rejects to crypto/openssl/apps/speed.c.rej > > Reversed (or previously applied) patch detected! Assume -R? [y] ^Csugar# > > > > Does anybody suceed? > I'm afraid there's something amiss with the patch set I generated with > CVS :-( > I will have to redo them. > Meanwhile, please use CVSup. I'm sorry for the inconvenience. I've put updated patches on ftp-master -- they should reach mirrors in a few hours. I've also pushed them out to ftp2.freebsd.org, so they are available there immediately. A revised advisory with corrected URLs will be published tomorrow with new patch instructions. The excerpt is here: ---- updated patch instructions ---- 2) To patch your present system: The following patches have been verified to apply to FreeBSD 4.6.2, 4.7, and 5.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 4.7-STABLE systems after 2003/02/14 and 4.8-PRERELEASE systems] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl4s.patch.gz # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl4s.patch.gz.asc [FreeBSD 5.0 systems] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch.gz # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl50.patch.gz.asc [FreeBSD 4.7 systems] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl47.patch.gz # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl47.patch.gz.asc [FreeBSD 4.6.2 systems] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl462.patch.gz # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:02/openssl462.patch.gz.asc b) Execute the following commands as root: # cd /usr/src # gunzip -c /path/to/patch | patch -E c) Recompile the operating system as described in <URL: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html >. ---- end updated patch instructions ---- Please let me know of any trouble you encounter. Sorry for the goof. These were quite large and unwieldy patch sets. Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030225034504.GA92642>