Darren Pilgrim list_free...@bluerosetech.com writes:
Is that to say
`env UNAME_r=A.B-RELEASE freebsd-update -b /jail/path -r C.D-RELEASE upgrade`
is the correct command?
Precisely.
DES
--
Dag-Erling Smørgrav - d...@des.no
___
Leif Pedersen bi...@hobbiton.org writes:
It seems like -b doesn't work for upgrades though,
Yes, it does.
# env UNAME_r=10.1-RELEASE freebsd-update -b /j/test upgrade
freebsd-update: Release target must be specified via -r option.
This doesn't work because you didn't specify the
On 1/7/2015 10:50 AM, Dag-Erling Smørgrav wrote:
Leif Pedersen bi...@hobbiton.org writes:
It seems like -b doesn't work for upgrades though,
Yes, it does.
# env UNAME_r=10.1-RELEASE freebsd-update -b /j/test upgrade
freebsd-update: Release target must be specified via -r option.
On Wed, Jan 7, 2015 at 12:50 PM, Dag-Erling Smørgrav d...@des.no wrote:
Leif Pedersen bi...@hobbiton.org writes:
# env UNAME_r=10.1-RELEASE freebsd-update -b /j/test upgrade
freebsd-update: Release target must be specified via -r option.
This doesn't work because you didn't specify
On Fri, Jan 2, 2015 at 11:59 AM, Dag-Erling Smørgrav d...@des.no wrote:
$ sudo env UNAME_r=X.Y-RELEASE freebsd-update -b /path/to/jail fetch
install
I use freebsd-update enthusiastically, but I hadn't noticed the -b option
before. I'm glad you mentioned it. I've always run freebsd-update
DES wrote:
I do it all the time:
$ sudo env UNAME_r=X.Y-RELEASE freebsd-update fetch install
Not sure if using a jail to test is relevant but this never updates (my)
binaries to the specified RELEASE/RELENG, only to the current kernel's patch
level.
Then there's the issue of specifying
Roger Marquis marq...@roble.com writes:
Dag-Erling Smørgrav d...@des.no writes:
I do it all the time:
$ sudo env UNAME_r=X.Y-RELEASE freebsd-update fetch install
Not sure if using a jail to test is relevant but this never updates (my)
binaries to the specified RELEASE/RELENG, only to the
Roger Marquis marq...@roble.com writes:
Problem with freebsd-update is that it has some of the same scope issues
as installworld. We've also had problems defining -r (in a jail) when
the booted kernel is not the revision we want to build to. Doesn't help
that -r doesn't parse patch levels.
Dag-Erling Smørgrav d...@des.no writes:
$ sudo env UNAME_r=X.Y-RELEASE freebsd-update fetch install
Actually, you want to do this from *outside* the jail, partly out of
healthy paranoia and partly so freebsd-update will re-use previously
downloaded indexes and patches:
$ sudo env
Dag-Erling Sm?rgrav wrote:
Roger Marquis marq...@roble.com writes:
... or those with constrained resources are never going to be able
to make/build/installworld for something as simple as a single binary
update.
These sites would be better served using freebsd-update to download and
apply
Dag-Erling Sm?rgrav wrote:
Eugene Grosbein wrote:
Why does it say Recompile the operating system using buildworld and
installworld?
Because that's what the template says, and we rarely change it to
something more specific (in large part because that requires careful
testing of the exact
Roger Marquis marq...@roble.com writes:
This is most unfortunate as it creates a high bar for base security
patches at many FreeBSD shops. Sites with a significant number of
production hosts, jails and/or filesystem fingerprinting (integrit,
tripwire) or those with constrained resources are
On 12/25/2014 11:36 AM, Remko Lodder wrote:
On 25 Dec 2014, at 18:46, Darren Pilgrim
list_free...@bluerosetech.com wrote:
On 12/23/2014 3:33 PM, FreeBSD Security Advisories wrote:
IV. Workaround
No workaround is available,
This was fixed in ports/net/ntp on Dec 20, so a workaround exists
On 12/26/14 23:35, Darren Pilgrim:
IV. Workaround
No workaround is available,
We talk explicitly about the base system, not about ports. We never
mentioned them and I do not see a reason to start doing so.
I don't understand why you wouldn't.
Hm ...
We can turn off vulnerable service.
On 12/23/2014 3:33 PM, FreeBSD Security Advisories wrote:
IV. Workaround
No workaround is available,
This was fixed in ports/net/ntp on Dec 20, so a workaround exists in the
form of disabling the in-base version and installing the port. In the
future, it would be helpful to mention such.
On 25 Dec 2014, at 18:46, Darren Pilgrim list_free...@bluerosetech.com
wrote:
On 12/23/2014 3:33 PM, FreeBSD Security Advisories wrote:
IV. Workaround
No workaround is available,
This was fixed in ports/net/ntp on Dec 20, so a workaround exists in the form
of disabling the in-base
Kevin Oberman rkober...@gmail.com writes:
What month is 2014-14-22? I assume tgat you meant 2014-12-22.
Yes. The online version has been corrected.
DES
--
Dag-Erling Smørgrav - d...@des.no
___
freebsd-security@freebsd.org mailing list
On Wed, 24 Dec 2014 00:33:09 +0100 (CET)
FreeBSD Security Advisories security-advisor...@freebsd.org wrote:
No workaround is available, but systems not running ntpd(8) are not
affected. Because the issue may lead to remote root compromise, the
FreeBSD Security Team recommends system
On Wed, Dec 24, 2014 at 05:42:16PM +0100, Andrei wrote:
On Wed, 24 Dec 2014 00:33:09 +0100 (CET)
FreeBSD Security Advisories security-advisor...@freebsd.org wrote:
No workaround is available, but systems not running ntpd(8) are not
affected. Because the issue may lead to remote root
On Wed, 24 Dec 2014 17:12:04 +, Glen Barber g...@freebsd.org said:
On Wed, Dec 24, 2014 at 05:42:16PM +0100, Andrei wrote:
On Wed, 24 Dec 2014 00:33:09 +0100 (CET)
FreeBSD Security Advisories security-advisor...@freebsd.org wrote:
ports, namely tcp/123 and udp/123 when it is not clear
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-14:31.ntpSecurity Advisory
The FreeBSD Project
Topic:
FreeBSD Security Advisories security-advisor...@freebsd.org writes:
Corrected: 2014-14-22 19:07:16 UTC (stable/10, 10.1-STABLE)
2014-14-22 19:08:09 UTC (stable/9, 9.3-STABLE)
2014-14-22 19:08:09 UTC (stable/8, 8.4-STABLE)
Sorry about the bogus correction
What month is 2014-14-22? I assume tgat you meant 2014-12-22.
On Dec 23, 2014 3:35 PM, FreeBSD Security Advisories
security-advisor...@freebsd.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
On 24.12.2014 08:01, Dag-Erling Smørgrav wrote:
FreeBSD Security Advisories security-advisor...@freebsd.org writes:
Corrected: 2014-14-22 19:07:16 UTC (stable/10, 10.1-STABLE)
2014-14-22 19:08:09 UTC (stable/9, 9.3-STABLE)
2014-14-22 19:08:09 UTC (stable/8,
24 matches
Mail list logo