Question: PkgBase base_latest handling for Errata-Notice updates and Security-Advisory updates?

Reply: Gordon Tetlow : "Re: Question: PkgBase base_latest handling for Errata-Notice updates and Security-Advisory updates?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Mark Millard <marklmi_at_yahoo.com>
Date: Thu, 03 Jul 2025 04:57:54 UTC

Context for question: For the likes of (for base_latest, i.e., a stable/14 context example at this point):

https://pkg.freebsd.org/FreeBSD:14:aarch64/base_latest/FreeBSD-src-14.snap20250702183129.pkg
vs.:
https://pkg.freebsd.org/FreeBSD:14:aarch64/base_latest/FreeBSD-src-sys-14.snap20250702183129.pkg

may not have to be from the exact same git commit vintage (last I knew/tested): it used to be from two distinct checkouts at different times was possible. The snapshot date/time encoded need not match, though it happens to above. It could be that an update has changes to only one of the 2, for example.

Note: I assume here that the pair are always accurate to what was actually built and distributed via PkgBase for base_latest. I've not (even partially) validated any examples for that in some time.

There is a similar point about, for example, armv7 vs. aarch64 vs. amd64 possibly not needing to always match. For example:

https://pkg.freebsd.org/FreeBSD:14:armv7/base_latest/FreeBSD-src-14.snap20250702182324.pkg
vs:
https://pkg.freebsd.org/FreeBSD:14:aarch64/base_latest/FreeBSD-src-14.snap20250702183129.pkg
vs.:
https://pkg.freebsd.org/FreeBSD:14:amd64/base_latest/FreeBSD-src-14.snap20250702234800.pkg

So for /usr/src/ ( without sys/ ):
2025-07-02-18:23:24 (armv7)
2025-07-02-18:31:29 (aarch64)
2025-07-02-23:48:00 (amd64)

The questions, for the example contexts: (1) FreeBSD-EN-25:09.libc . . .

It lists:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/14/ c43ae65b4b89 stable/14-n271080

Note: That description is trying to document both the kernel (/usr/src/sys/) and the world (/usr/src/ other than sys/) vintage. It turns out here that the errata is a world libc patch, not a kernel patch. By contrast (2) FreeBSD-EN-25:11.ena has:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/14/ 3f4a674a8ee4 stable/14-n271320

Which is a kernel patch, not a world patch. One could imagine some patches that involve both.

How are PkgBase users to know the status relative to such a description that is based on a git Hash and Revision?

Another possibility is that specific FreeBSD-*-14.snap*.pkg names might instead be listed for PkgBase identification. A PkgBase build can be made up with a mix of .snap*.pkg suffixes across the various *.pkg files involved. And there are hundreds of *.pkg files. So comparisons could be messy to deal with.

Has the technique for this subject area been decided yet? If yes, what is the intended technique?

===
Mark Millard
marklmi at yahoo.com