Hi, On Tue, Mar 30, 2021 at 12:52:59PM -0500, Doug McIntyre wrote:
On Tue, Mar 30, 2021 at 05:54:03PM +0100, tech-lists wrote:it just threw me that the thing-that-was-updated didn't update its version information when queried. Absent sources, how can I tell it was updated (apart from freebsd-version -u) ?Comparing what the SA patch says it is doing at https://security.freebsd.org/patches/SA-21:07/openssl-12.patch appears to be only update the libcrypto library and not the openssl wrapper itself, you can verify that after the 12.2-p5 patch was installed that the file /lib/libcrypto.so.111 has been touched and is a newer date than what was on the machine prior to the patch. Yes, this takes some knowledge of the specific patch, and what parts contribute to what it is doing. I don't know the specific decisions on when RELEASE backports security patches vs. upgrading whole source trees.
Thanks for the clear explanation.
-- J.
signature.asc
Description: PGP signature