-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-EN-12:01.freebsd-update Errata Notice The FreeBSD Project Topic: freebsd-update support for FreeBSD 9.0-RELEASE Category: core Module: freebsd-update Announced: 2012-01-04 Affects: All versions of FreeBSD prior to 9.0-RC2. Corrected: 2011-10-26 20:07:58 UTC (RELENG_7, 7.4-STABLE) 2012-01-04 23:47:20 UTC (RELENG_7_4, 7.4-RELEASE-p6) 2012-01-04 23:47:20 UTC (RELENG_7_3, 7.3-RELEASE-p10) 2011-10-26 20:06:27 UTC (RELENG_8, 8.2-STABLE) 2012-01-04 23:47:20 UTC (RELENG_8_2, 8.2-RELEASE-p6) 2012-01-04 23:47:20 UTC (RELENG_8_1, 8.1-RELEASE-p8) 2011-10-26 20:01:43 UTC (RELENG_9, 9.0-RC2) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background freebsd-update(8) allows system administrators to install binary updates to the base FreeBSD install, as distributed by the FreeBSD Project. II. Problem Description freebsd-update in affected releases is unable to perform an automated upgrade to FreeBSD 9.0 due to unsupported characters in FreeBSD 9.0 filenames. When this bug is triggered, updates fail with the following error message: The update metadata is correctly signed, but failed an integrity check. Cowardly refusing to proceed any further. III. Impact Affected systems are unable to update from affected releases to FreeBSD 9.0 using freebsd-update. IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) For FreeBSD 7.x, upgrade your system to 7-STABLE, or to the RELENG_7_4 or RELENG_7_3 security branch dated after the correction date. For FreeBSD 8.x, upgrade your system to 8-STABLE, or to the RELENG_8_1 or RELENG_8_2 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 7.3, 7.4, 8.1, and 8.2 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/EN-12:01/freebsd-update.patch # fetch http://security.FreeBSD.org/patches/EN-12:01/freebsd-update.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch # cd /usr/src/usr.sbin/freebsd-update # make obj && make && make install 3) To update your affected system via a binary patch: Systems running 7.3-RELEASE, 7.4-RELEASE, 8.1-RELEASE, or 8.2-RELEASE on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_7 src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.7 RELENG_7_4 src/UPDATING 1.507.2.36.2.8 src/sys/conf/newvers.sh 1.72.2.18.2.11 src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.5.4.2 RELENG_7_3 src/UPDATING 1.507.2.34.2.12 src/sys/conf/newvers.sh 1.72.2.16.2.14 src/usr.sbin/freebsd-update/freebsd-update.sh 1.8.2.5.2.2 RELENG_8 src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.6 RELENG_8_2 src/UPDATING 1.632.2.19.2.8 src/sys/conf/newvers.sh 1.83.2.12.2.11 src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.4.2.2 RELENG_8_1 src/UPDATING 1.632.2.14.2.11 src/sys/conf/newvers.sh 1.83.2.10.2.12 src/usr.sbin/freebsd-update/freebsd-update.sh 1.16.2.3.2.2 RELENG_9 src/usr.sbin/freebsd-update/freebsd-update.sh 1.25.2.2 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/7/ r226813 releng/7.4/ r229539 releng/7.3/ r229539 stable/8/ r226812 releng/8.2/ r229539 releng/8.1/ r229539 stable/9/ r226811 - ------------------------------------------------------------------------- VII. References The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-EN-12:01.freebsd-update.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk8E5YQACgkQFdaIBMps37LeTACeKYRkY5s+Iy+JCf/Zc3yvKSLD 2RsAnRsmN3gCPYglNjwkhJctdkLdGULh =6LzH -----END PGP SIGNATURE-----