On Fri, Sep 26, 2003 at 12:28:07PM -0400, Bill Moran wrote: > Hey, > > I'm a bit confused, and it may just be a typo. > > I recently updated a bunch of servers to patch the arp problem recently > announced: > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03%3A14.arp.asc > > Now, with the chaos in my life, plus getting physically ill during the last > few days, I've not been 100% sure I finished the upgrade on all these > machines, > so I went around checking uname -a to make sure. > > Every single machine I upgraded says 4.8-RELEASE-p5 > > Now, the security advisory claims the problem is fixed in 4.8-RELEASE-p10. > > I know that I completely updated at least _some_ of these machines ;) > > Anyway. Is there a typo somewhere? Or am I misunderstanding the > bulliten?
It depends on how you obtained the updated source code. If you used cvsup(1) to track the RELENG_4_8 branch, then you would have received inter-alia patches to sys/conf/newvers.sh and other files that control what the system says it's version number is. If you downloaded patches as detailed in the various security advisories, or if you compiled the patched code areas in detail, rather than running a general build and install, then you will generally have solved the security holes addressed by the advisories but you probably won't have updated the system version numbers. That's basically because the patch files supplied with security advisories address nothing but the problem at hand, in order that they can be applied to as many different system versions as possible. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgp00000.pgp
Description: PGP signature