From owner-freebsd-security@freebsd.org Fri Apr 29 11:24:03 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 75955B20062 for ; Fri, 29 Apr 2016 11:24:03 +0000 (UTC) (envelope-from starikarp@yandex.com) Received: from forward15h.cmail.yandex.net (forward15h.cmail.yandex.net [IPv6:2a02:6b8:0:f35::a0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 307F511E9 for ; Fri, 29 Apr 2016 11:24:02 +0000 (UTC) (envelope-from starikarp@yandex.com) Received: from smtp4h.mail.yandex.net (smtp4h.mail.yandex.net [84.201.186.21]) by forward15h.cmail.yandex.net (Yandex) with ESMTP id 72D7922175 for ; Fri, 29 Apr 2016 14:23:26 +0300 (MSK) Received: from smtp4h.mail.yandex.net (localhost [127.0.0.1]) by smtp4h.mail.yandex.net (Yandex) with ESMTP id 2D9492C1332 for ; Fri, 29 Apr 2016 14:23:26 +0300 (MSK) Received: by smtp4h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id Vk6gGLamRQ-NP94L570; Fri, 29 Apr 2016 14:23:25 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1461929005; bh=5CbrQbwsHU821wWBIfEmd24nfU+ixjNFqZSkTeu+byE=; h=Message-ID:Subject:From:To:Date:In-Reply-To:References: Content-Type:X-Mailer:Mime-Version:Content-Transfer-Encoding; b=F+kii2y3P17lSPGcqFGrv5SHU2bJftOD6TJYx9gLMU5Ari7ypWI80krYwquUuBT9x kUzblltgG4MyF0p01fkdU61aaEnxxCg0sxWhgB67mpyxpBV091C33n36bC0Bo8VTFh rM8WWRThJfSJGnrQhWoO9nvRt2SUikDPEk/9iGd4= Authentication-Results: smtp4h.mail.yandex.net; dkim=pass header.i=@yandex.com X-Yandex-ForeignMX: US X-Yandex-Suid-Status: 1 0 Message-ID: <1461929003.67736.2.camel@yandex.com> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-16:16.ntp From: Stari Karp To: freebsd-security@freebsd.org Date: Fri, 29 Apr 2016 07:23:23 -0400 In-Reply-To: <9e6342a420259fec7bd21d6222cc6e05@zahemszky.hu> References: <20160429082953.DB31D1769@freefall.freebsd.org> <9e6342a420259fec7bd21d6222cc6e05@zahemszky.hu> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Apr 2016 11:24:03 -0000 On Fri, 2016-04-29 at 13:13 +0200, gabor@zahemszky.hu wrote: > > > > 2) To update your vulnerable system via a binary patch: > > > > Systems running a RELEASE version of FreeBSD on the i386 or amd64 > > platforms can be updated via the freebsd-update(8) utility: > > > > # freebsd-update fetch > > # freebsd-update install > Both on an i386 and on an amd64 machine, I got: > > ==== > .... > Fetching metadasa signature for 10.3-RELEASE from > update5.freebsd.org...  > done > Fetching metadata index.... done > > The update metadata is correctly signed, but > failed an integrity check. > Cowardly refusing to proceed any further. > ==== > > Both machines are VM-s, upgraded from 10.2. > > (Got the same with -s update[23456].freebsd.org, and without -s > option. > > Zahy < Gabor at Zahemszky dot HU > > _______________________________________________ I have the same. I did upgrade FreeBSD 10.2 with freebsd-update to version 10.3: freebsd-version -ku 10.3-RELEASE 10.3-RELEASE FreeBSD 10.3-RELEASE #1: Sun Apr 10 13:48:11 EDT 2016     blabla@morebl a.bla.net:/usr/obj/usr/src/sys/GENERIC  amd64 freebsd-version -ku