Where to get 7.1-RELEASE-p2?

[honk]

Never found patched versions of FreeBSD releases on a ftp-server, for example 7.1-RELEASE-p2. Am I right that they can't be downloaded to use it for a fresh install? It's just the name of an updated 7.1-RELEASE?

 

[ale]

They don't exists.
Use freebsd-update or update /usr/src with csup using RELENG_7_1 as tag in your supfile and rebuild world.
Both method are described in the Handbook
A full rebuild is not always necessary, read the security/advisories for more info.

 

[hydra]

Once a release engineering team put out a new release (7.1 for example), it's handed over to the security team. They do not release new version, they fix the holes in the release versions (FreeBSD 7.1-RELEASE). Only security related issues are fixed in these releases and as ale mentioned, you just csup your sources and act accordingly to the advisories. You may alternatively fetch the patches and apply in the source directory, but csup is fine also. Once you rebuild your kernel, `uname -a` will show something like 7.1-RELEASE-p1. Always follow the procedures listed along with the security advisories.

 

[tangram]

They are called errata branches. Either use the freebsd-update or pull the source code with csup and rebuild world.

 

[ale]

You may alternatively fetch the patches and apply in the source directory

Obviously (and to be clear), applying the patch is not the only thing you have to do.
Anyway the correct procedure is always described for any advisory.

 

[Mel_Flynn]

Once you rebuild your kernel, `uname -a` will show something like 7.1-RELEASE-p1.

Once you rebuild and reinstall your kernel and reboot, the change will be seen.

Specifically:
kern.version is a read-only sysctl node, which is populated when the kernel is loaded.

If the security update does not require a reboot (mentioned in the advisory), then you can set UNAME_v environment variable to remind yourself that you upgraded.

This will not affect kern.version.