FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
Michael Grimm
trashcan at odo.in-berlin.de
Tue Jan 27 21:06:53 UTC 2015
> On 27.01.2015, at 22:03, Michael Grimm <trashcan at odo.in-berlin.de> wrote:
>
> This mail:
>> FreeBSD-SA-15:02.kmem Security Advisory
>
> Other Mail:
> | FreeBSD-SA-15:03.sctp Security Advisory
>
>> 3) To update your vulnerable system via a source code patch:
>>
>> The following patches have been verified to apply to the applicable
>> FreeBSD release branches.
>>
>> a) Download the relevant patch from the location below, and verify the
>> detached PGP signature using your PGP utility.
>>
>
> This mail:
>> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
>> # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc
>
> The other mail:
> | # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
> | # fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc
Grrr:
| # fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch
| # fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch.asc
>
> Well, experienced admins will notice that both patches are distinct,
> won't overwrite the first patch file downloaded with the second one,
> and won't start compiling the kernel missing the first patch.
>
> But, I do have the feeling that this naming scheme is error prone.
>
> Just my 2 cents and with kind regards,
> Michael
More information about the freebsd-security
mailing list