Wednesday, January 4, 2012

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-12:01.freebsd-update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-EN-12:01.freebsd-update Errata Notice
The FreeBSD Project

Topic: freebsd-update support for FreeBSD 9.0-RELEASE

Category: core
Module: freebsd-update
Announced: 2012-01-04
Affects: All versions of FreeBSD prior to 9.0-RC2.
Corrected: 2011-10-26 20:07:58 UTC (RELENG_7, 7.4-STABLE)
2012-01-04 23:47:20 UTC (RELENG_7_4, 7.4-RELEASE-p6)
2012-01-04 23:47:20 UTC (RELENG_7_3, 7.3-RELEASE-p10)
2011-10-26 20:06:27 UTC (RELENG_8, 8.2-STABLE)
2012-01-04 23:47:20 UTC (RELENG_8_2, 8.2-RELEASE-p6)
2012-01-04 23:47:20 UTC (RELENG_8_1, 8.1-RELEASE-p8)
2011-10-26 20:01:43 UTC (RELENG_9, 9.0-RC2)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
http://security.freebsd.org/>.

I. Background

freebsd-update(8) allows system administrators to install binary updates to
the base FreeBSD install, as distributed by the FreeBSD Project.

II. Problem Description

freebsd-update in affected releases is unable to perform an automated upgrade
to FreeBSD 9.0 due to unsupported characters in FreeBSD 9.0 filenames. When
this bug is triggered, updates fail with the following error message:

The update metadata is correctly signed, but
failed an integrity check.
Cowardly refusing to proceed any further.

III. Impact

Affected systems are unable to update from affected releases to FreeBSD 9.0
using freebsd-update.

IV. Workaround

No workaround is available.

V. Solution

Perform one of the following:

1) For FreeBSD 7.x, upgrade your system to 7-STABLE, or to the RELENG_7_4 or
RELENG_7_3 security branch dated after the correction date. For FreeBSD
8.x, upgrade your system to 8-STABLE, or to the RELENG_8_1 or RELENG_8_2
security branch dated after the correction date.

2) To patch your present system:

The following patches have been verified to apply to FreeBSD 7.3, 7.4, 8.1,
and 8.2 systems.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/EN-12:01/freebsd-update.patch
# fetch http://security.FreeBSD.org/patches/EN-12:01/freebsd-update.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/usr.sbin/freebsd-update
# make obj && make && make install

3) To update your affected system via a binary patch:

Systems running 7.3-RELEASE, 7.4-RELEASE, 8.1-RELEASE, or 8.2-RELEASE on the
i386 or amd64 platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

VI. Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

CVS:

Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_7
src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.7
RELENG_7_4
src/UPDATING 1.507.2.36.2.8
src/sys/conf/newvers.sh 1.72.2.18.2.11
src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.5.4.2
RELENG_7_3
src/UPDATING 1.507.2.34.2.12
src/sys/conf/newvers.sh 1.72.2.16.2.14
src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.5.2.2
RELENG_8
src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.6
RELENG_8_2
src/UPDATING 1.632.2.19.2.8
src/sys/conf/newvers.sh 1.83.2.12.2.11
src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.4.2.2
RELENG_8_1
src/UPDATING 1.632.2.14.2.11
src/sys/conf/newvers.sh 1.83.2.10.2.12
src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.3.2.2
RELENG_9
src/usr.sbin/freebsd-update/freebsd-update.sh 1.25.2.2
- -------------------------------------------------------------------------

Subversion:

Branch/path Revision
- -------------------------------------------------------------------------
stable/7/ r226813
releng/7.4/ r229539
releng/7.3/ r229539
stable/8/ r226812
releng/8.2/ r229539
releng/8.1/ r229539
stable/9/ r226811
- -------------------------------------------------------------------------

VII. References

The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk8E5YQACgkQFdaIBMps37LeTACeKYRkY5s+Iy+JCf/Zc3yvKSLD
2RsAnRsmN3gCPYglNjwkhJctdkLdGULh
=6LzH
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)