Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 30 Sep 2006 20:39:36 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        Pascal Bleyler <pas.ble@gmx.de>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: [FreeBSD-Announce] FreeBSD Security	AdvisoryFreeBSD-SA-06:23.openssl [REVISED]
Message-ID:  <451EC7F8.3040005@infracaninophile.co.uk>
In-Reply-To: <003a01c6e4c4$60fffd30$0500a8c0@voodoo5>
References:  <003a01c6e4c4$60fffd30$0500a8c0@voodoo5>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig9CDB52AEBD407294567CC1B3
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable

Pascal Bleyler wrote:
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>> FreeBSD-SA-06:23.openssl                                   =20
>> Security Advisory

[snip]

> I have done these 3 steps already:
> # make buildworld
> # make buildkernel
> # make installkernel
>=20
> Do i need to do these steps too?
> # mergemaster -p
> # make installworld
> # mergemaster
>=20
> I have FreeBSD 6.1 Release

Yes, you absolutely do need to do those steps.  The OpenSSL
vulnerabilities were in various shared libraries installed as part of
the base system.  Just replacing the kernel won't do a thing to fix
those shlibs.  'make installworld' will, and you need to run mergemaster
to keep your /etc files in sync with the rest of the world.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW


--------------enig9CDB52AEBD407294567CC1B3
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFHsf+8Mjk52CukIwRCJG5AJ42D104Exkhn3M9aJvRU0STij19cgCcD6Pw
RDaFM0DOrHSc+6Ffbwptv6E=
=sUSo
-----END PGP SIGNATURE-----

--------------enig9CDB52AEBD407294567CC1B3--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?451EC7F8.3040005>