I have feeling that 9.0 is out...

vand777

Well-Known Member

Thanks: 38
Messages: 292

#1
Just looked at http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc and saw:
Code:
=============================================================================
FreeBSD-SA-11:10.pam                                        Security Advisory
                                                          The FreeBSD Project

Topic:          pam_start() does not validate service names

Category:       contrib
Module:         pam
Announced:      2011-12-23
Credits:        Matthias Drochner
Affects:        All supported versions of FreeBSD.
Corrected:      2011-12-13 13:03:11 UTC (RELENG_7, 7.4-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_7_4, 7.4-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_7_3, 7.3-RELEASE-p9)
                2011-12-13 13:02:52 UTC (RELENG_8, 8.2-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_8_2, 8.2-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_8_1, 8.1-RELEASE-p7)
                2011-12-13 12:59:39 UTC (RELENG_9, 9.0-STABLE)
                [color="Red"]2011-12-13 13:02:31 UTC (RELENG_9_0, 9.0-RELEASE)[/color]
CVE Name:       CVE-2011-4122
...
 

SNK

Active Member

Thanks: 31
Messages: 128

#2
But there is nothing newer than RC3 on the ftps. The revised schedule indicated December 18th, but I guess it will take a couple more days.

So after the release we can expect a flood of MFC to RELENG_9? I am not quite familiar yet with the process.
 

wblock@

Administrator
Staff member
Administrator
Moderator
Developer

Thanks: 3,628
Messages: 13,850

#3
RELENG_9 was branched on November 11. The existence of that branch doesn't mean 9.0-RELEASE is out yet.

SNK: yes, there will be some MFCs after 9.0-RELEASE. Things that were too late or too big to make it into 9.0-RELEASE.
 
OP
OP
V

vand777

Well-Known Member

Thanks: 38
Messages: 292

#4
wblock@ said:
RELENG_9 was branched on November 11. The existence of that branch doesn't mean 9.0-RELEASE is out yet.
I still have feeling that in the next 2-3 days there will be an official announcement that 9.0 is out.

I think it has been released already but has not been publically announced yet. Will see in a few days :)
 
OP
OP
V

vand777

Well-Known Member

Thanks: 38
Messages: 292

#5
SNK said:
But there is nothing newer than RC3 on the ftps.
It takes few days to update all ftps. From previous experience. This is one of the reasons why official announcement happens few days later after it is released in CVS/SVN, imho.
 
OP
OP
V

vand777

Well-Known Member

Thanks: 38
Messages: 292

#6
The reason why I'm so confident is that there was another security advisor released today:

Code:
FreeBSD-SA-11:06.bind                                       Security Advisory
                                                          The FreeBSD Project

Topic:          Remote packet Denial of Service against named(8) servers

Category:       contrib
Module:         bind
Announced:      2011-12-23
Affects:        All supported versions of FreeBSD.
Corrected:      2011-11-17 01:10:16 UTC (RELENG_7, 7.4-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_7_4, 7.4-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_7_3, 7.3-RELEASE-p9)
                2011-11-17 00:36:10 UTC (RELENG_8, 8.2-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_8_2, 8.2-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_8_1, 8.1-RELEASE-p7)
                2011-12-01 21:13:41 UTC (RELENG_9, 9.0-STABLE)
                [color="Red"]2011-12-01 21:17:59 UTC (RELENG_9_0, 9.0-RC3)[/color]
                2011-11-16 23:41:13 UTC (ports tree)
CVE Name:       CVE-2011-4313
You can see that few weeks ago (on 1st Dec) they were fixing holes in RC3, and today fixes were done in RELEASE (see the first post in the topic).
 

gkontos

Daemon

Thanks: 467
Messages: 2,138

#7
Don't bet money on it ;)

George Kontostanos
7:35 PM (2 hours ago)

to FreeBSD

To sum up this mess. Are all cvs mirror servers updated regarding these changes ?
Also, I see that FreeBSD 9.0-RELEASE is included. Has it been released ?
Regards--
 

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Thanks: 2,734
Messages: 11,261

#9
RELENG_9 is still on -PRERELEASE right now (built it an hour ago), so there is no -RELEASE (or it would have been -STABLE instead of -PRERELEASE).
 
OP
OP
V

vand777

Well-Known Member

Thanks: 38
Messages: 292

#10
DutchDaemon said:
RELENG_9 is still on -PRERELEASE right now (built it an hour ago), so there is no -RELEASE (or it would have been -STABLE instead of -PRERELEASE).
Thank you!
 

gkontos

Daemon

Thanks: 467
Messages: 2,138

#11
You are right Dutch. I think it was the following advisory that created the temporary confusion :

Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-SA-11:10.pam                                        Security Advisory
                                                          The FreeBSD Project

Topic:          pam_start() does not validate service names

Category:       contrib
Module:         pam
Announced:      2011-12-23
Credits:        Matthias Drochner
Affects:        All supported versions of FreeBSD.
Corrected:      2011-12-13 13:03:11 UTC (RELENG_7, 7.4-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_7_4, 7.4-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_7_3, 7.3-RELEASE-p9)
                2011-12-13 13:02:52 UTC (RELENG_8, 8.2-STABLE)
                2011-12-23 15:00:37 UTC (RELENG_8_2, 8.2-RELEASE-p5)
                2011-12-23 15:00:37 UTC (RELENG_8_1, 8.1-RELEASE-p7)
                2011-12-13 12:59:39 UTC (RELENG_9, 9.0-STABLE)
                2011-12-13 13:02:31 UTC (RELENG_9_0, [B]9.0-RELEASE[/B])
CVE Name:       CVE-2011-4122
 

bsus

Well-Known Member


Messages: 299

#13
When will 9.0 RELEASE come out?
How is the update process going to go?
Will it be safe for production use?

Regards
 

johnd

Member

Thanks: 14
Messages: 53

#15

gkontos

Daemon

Thanks: 467
Messages: 2,138

#18
ph0enix said:
How long does it usually take to build it? I'm not being impatient. I'm just curious.
Building is easy and it doesn't take that long. What usually takes time is for all the mirrors to be updated with the new RELEASE and the freebsd-update(8) binaries.
 

Dru

Active Member

Thanks: 14
Messages: 186

#23
freebsd-update(8)() still no.... Maybe Im just thinking stupid, but I would think upgrade solutions for existing FreeBSD users, would have been released before fresh .iso images. Not implying that's what normally happens. Just a thought.
 

alex67500

New Member


Messages: 7

#25
Dru said:
freebsd-update(8)() still no.... Maybe Im just thinking stupid, but I would think upgrade solutions for existing FreeBSD users, would have been released before fresh .iso images. Not implying that's what normally happens. Just a thought.
From what I understood earlier in the conversation, the build isn't the longest bit, but shipment to distribution points is.

Who's responsible for logistics in this mess? ;)
 
Top