Solved freebsd-update to freebsd12.2p2

[Ofloo]

Earlier today i noticed that some systems still where running 12.2p1 so I wanted to update those systems to 12.2p2

# uname -a
FreeBSD loki.ofloo.net 12.2-RELEASE-p1 FreeBSD 12.2-RELEASE-p1 GENERIC  amd64
root@loki:/home/ofloo # freebsd-update fetch
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 12.2-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 12.2-RELEASE-p2.

And this seems to be the case with all generic update I did.

 

[zirias@]

uname only gives you the kernel version. There were no changes to the kernel, only to openssl. Use freebsd-version(1) to check your installed version.

 

[Lamia]

Try this: freebsd-version -kur

 

[SirDice]

Last security update didn't involve the kernel, so the kernel wasn't updated and it kept it's 'old' version. As others have noted used freebsd-version(1).

 

[Ofloo]

I understand nothing changed in the kernel. But don't you think it's confusing to register as p2 in updating.
/usr/src/UPDATING

20201208:       p2      FreeBSD-SA-20:33.openssl
        Fix OpenSSL NULL pointer de-reference. [SA-20:33.openssl]

 

[SirDice]

But don't you think it's confusing to register as p2 in updating.

No.

root@armitage:~ # freebsd-version -u
12.2-RELEASE-p2

 

[zirias@]

But don't you think it's confusing to register as p2 in updating.

No. The new version is -p2. If you build a kernel from that source, the kernel's version will also be 12.2-RELEASE-p2. There's just no need to build a new kernel if it didn't change, so it's not included with binary updates either.

Just use freebsd-version(1). Without arguments (or with -u), it shows userland version.

Nevertheless, this is a real FAQ. Every time there's a new patchlevel with unchanged kernel, someone will ask exactly this, cause there are obviously a lot of people only looking at uname(1). So maybe this should be documented somewhere prominently.

 

[Ofloo]

Ok now it kinda makes sense to me. So when a binary update doesn't involve recompiling the kernel it doesn't update the version, now my next question.

FreeBSD Security Advisory FreeBSD-SA-20:33.openssl [REVISED] don't you think this causes confusion. In the past they provided a proper way to update the affected binary by cd to path .. make ...

Now it says:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

That makes me think the kernel is affected by it. It used to specify in the past which binaries to update an how to do so.

EDIT: nevermind it seems like 10 years ago FreeBSD security when from specifying which binaries to compile to saying rebuild world when it affects something in world and buildkernel when it affects the kernel. Just looking through some old mail

 

[zirias@]

That makes me think the kernel is affected by it.

Then you're missing the fact that buildworld and installworld targets don't touch the kernel. This is documented in the FreeBSD handbook.

So, really, all information you need to "get" it is available. But I still agree, as this IS a FAQ, it might be a good idea to put this info somewhere prominently…