Hi! The recent NetBSD Security Advisory SA2014-006
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-006.txt.asc gives instructions on how to patch (which is really unacceptably complicated, but that's a different story ...) for OpenSSL vulnerabilities. One is instructed to download files from daily builds on nyftp.netbsd.org. Solutions and Workarounds ... - From tarballs: ... To obtain fixed binaries, fetch the appropriate base.tgz and comp.tgz from a daily build later than the fix dates, from http://nyftp.netbsd.org/pub/NetBSD-daily/<rel>/<date>/<arch>/binary/sets/ with a date 20140607* or larger, and your release version and architecture (e.g. http://nyftp.netbsd.org/pub/NetBSD-daily/netbsd-6-1/201406070100Z/amd64/binary/sets/), and then extract the files: ... ... It's just that I cannot find any builds for stable branches (e.g., netbsd-6-1) any more. They were there past Monday (Jun 30), but now I only find binaries for HEAD. Does anyone have any information on a) Where to find said tarballs? b) What happened to the existing ones? c) How to get the SA-instructions adjusted to avoid that more people run into this problem? Best regards, /Liman (Using my old autonomica.se address. Autonomica has been merged with Netnod. I need to change my subscriptions.) #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: li...@netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #----------------------------------------------------------------------
