Re: FreeBSD Errata Notice FreeBSD-EN-23:01.tzdata

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Martin Glazer <mglazer2014_at_gmail.com>
Date: Wed, 08 Feb 2023 20:11:58 UTC
unsubscribe

On Wed, Feb 8, 2023 at 11:08 AM FreeBSD Errata Notices <
errata-notices@freebsd.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
>
> =============================================================================
> FreeBSD-EN-23:01.tzdata                                         Errata
> Notice
>                                                           The FreeBSD
> Project
>
> Topic:          Timezone database information update
>
> Category:       contrib
> Module:         zoneinfo
> Announced:      2022-02-08
> Affects:        All supported versions of FreeBSD.
> Corrected:      2022-12-01 01:36:29 UTC (stable/13, 13.1-STABLE)
>                 2023-02-08 16:08:28 UTC (releng/13.1, 13.1-RELEASE-p6)
>                 2022-12-01 01:40:23 UTC (stable/12, 12.4-STABLE)
>                 2023-02-08 18:30:20 UTC (releng/12.4, 12.4-RELEASE-p1)
>                 2023-02-08 18:28:25 UTC (releng/12.3, 12.3-RELEASE-p11)
>
> For general information regarding FreeBSD Errata Notices and Security
> Advisories, including descriptions of the fields above, security
> branches, and the following sections, please visit
> <URL:https://security.FreeBSD.org/>.
>
> I.   Background
>
> The IANA Time Zone Database (often called tz or zoneinfo) contains code and
> data that represent the history of local time for many representative
> locations around the globe.  It is updated periodically to reflect changes
> made by political bodies to time zone boundaries, UTC offsets, and
> daylight-saving rules.
>
> FreeBSD releases install the IANA Time Zone Database in
> /usr/share/zoneinfo.
> The tzsetup(8) utility allows the user to specify the default local time
> zone.  Based on the selected time zone, tzsetup(8) copies one of the files
> from /usr/share/zoneinfo to /etc/localtime.  A time zone may also be
> selected
> for an individual process by setting its TZ environment variable to a
> desired
> time zone name.
>
> II.  Problem Description
>
> Several changes to future and past timestamps have been recorded in the
> IANA
> Time Zone Database after previous FreeBSD releases were released.  This
> affects many users in different parts of the world.  Because of these
> changes, the data in the zoneinfo files need to be updated.  If the local
> timezone on the running system is affected, tzsetup(8) needs to be run to
> update /etc/localtime.
>
> III. Impact
>
> An incorrect time will be displayed on a system configured to use one of
> the
> affected time zones if the /usr/share/zoneinfo and /etc/localtime files are
> not updated, and all applications on the system that rely on the system
> time,
> such as cron(8) and syslog(8), will be affected.
>
> IV.  Workaround
>
> The system administrator can install an updated version of the IANA Time
> Zone
> Database from the misc/zoneinfo port and run tzsetup(8).
>
> Applications that store and display times in Coordinated Universal Time
> (UTC)
> are not affected.
>
> V.   Solution
>
> Upgrade your system to a supported FreeBSD stable or release / security
> branch (releng) dated after the correction date.
>
> Please note that some third party software, for instance PHP, Ruby, Java,
> Perl and Python, may be using different zoneinfo data sources, in such
> cases
> this software must be updated separately.  Software packages that are
> installed via binary packages can be upgraded by executing 'pkg upgrade'.
>
> Following the instructions in this Errata Notice will only update the IANA
> Time Zone Database installed in /usr/share/zoneinfo.
>
> Perform one of the following:
>
> 1) To update your system via a binary patch:
>
> Systems running a RELEASE version of FreeBSD on the amd64, i386, or
> (on FreeBSD 13 and later) arm64 platforms can be updated via the
> freebsd-update(8) utility:
>
> # freebsd-update fetch
> # freebsd-update install
>
> Restart all the affected applications and daemons, or reboot the system.
>
> 2) To update your system via a source code patch:
>
> The following patches have been verified to apply to the applicable
> FreeBSD release branches.
>
> a) Download the relevant patch from the location below, and verify the
> detached PGP signature using your PGP utility.
>
> # fetch https://security.FreeBSD.org/patches/EN-23:01/tzdata-2022g.patch
> # fetch
> https://security.FreeBSD.org/patches/EN-23:01/tzdata-2022g.patch.asc
> # gpg --verify tzdata-2022g.patch.asc
>
> b) Apply the patch.  Execute the following commands as root:
>
> # cd /usr/src
> # patch -E < /path/to/patch
>
> c) Recompile the operating system using buildworld and installworld as
> described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
> Restart all the affected applications and daemons, or reboot the system.
>
> VI.  Correction details
>
> This issue is corrected by the corresponding Git commit hash or Subversion
> revision number in the following stable and release branches:
>
> Branch/path                             Hash                     Revision
> - -------------------------------------------------------------------------
> stable/13/                              e851e0aabdff    stable/13-n253192
> releng/13.1/                            9e3b86743c4b  releng/13.1-n250175
> stable/12/                                                        r372783
> releng/12.4/                                                      r372915
> releng/12.3/                                                      r372911
> - -------------------------------------------------------------------------
>
> For FreeBSD 13 and later:
>
> Run the following command to see which files were modified by a
> particular commit:
>
> # git show --stat <commit hash>
>
> Or visit the following URL, replacing NNNNNN with the hash:
>
> <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
>
> To determine the commit count in a working tree (for comparison against
> nNNNNNN in the table above), run:
>
> # git rev-list --count --first-parent HEAD
>
> For FreeBSD 12 and earlier:
>
> Run the following command to see which files were modified by a particular
> revision, replacing NNNNNN with the revision number:
>
> # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
>
> Or visit the following URL, replacing NNNNNN with the revision number:
>
> <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
>
> VII. References
>
> <URL:https://github.com/eggert/tz/blob/2022g/NEWS>
>
> The latest revision of this advisory is available at
> <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-23:01.tzdata.asc>
> -----BEGIN PGP SIGNATURE-----
>
> iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmPj7/8ACgkQbljekB8A
> Gu/xNg/9EgSCULshR9xN3vYa4sTdsMVLpz24zuRMxPqYAAFckJ2GDOwDuvIA78r+
> U8u/efb0pE3xJvbAH0vFMUqt7mxsJeO4TVurEpAMrsuQRfjru0FLzNlXhJUnTDF9
> mSveNDs1QeihpaOfG8b8v8onk1Nr6SMuVO37s5FdFNrGxc+WHpmXJiQqHy71r0AG
> 4CtdgZ+TxjRmvKeU2ue/+xjDVhhTUEFoOjwaeq54dgVP9u3aFENFejcOjPZYVWJt
> aNaMAiWvarER1HIhqKppVbui/U7J73lWC0ocBwCAA/NDhC5C0IEw3tPx5KLOmw5c
> M4TX4bliFNLWnokPEdTd9OLU0OJzDhPn00awm9NH0c6F3y/dznHoYtKXVirj7GpW
> FbKxsrsJf8xFxAHyFApLan7i7I1Y3R+mnRimYMUonfv08tVcCMlSu9QMXNmC+0+r
> phCU6mwtrv/RwoRk0QGYyg9z4sfX+eKX2zhHiEigvbD6IHnIpcIRgu6yuZL/eETg
> AwG2WUX3WSvi6C6hcQKPYw0mhxp4WnIFz6FmFYWBESDTSDjWRhmHCLU2VV7JvuPn
> zRpY1dYJSbulAvWEXbKTh5oALuYfVSeL9qnbL2cmcxFCHJcyMm/yB9VOG9nMBFQD
> drCXwK/KGV1jvD0OxHaemLs7hxTJwOaI4RKl9OWIS6J195YdPIc=
> =z60r
> -----END PGP SIGNATURE-----
>
>