-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-17:09.tzdata Errata Notice
The FreeBSD Project
Topic: Timezone database information update
Category: contrib
Module: zoneinfo
Announced: 2017-11-02
Credits: Philip Paeps
Affects: All supported versions of FreeBSD
Corrected: 2017-10-30 15:56:17 UTC (stable/11, 11.1-STABLE)
2017-11-02 15:40:19 UTC (releng/11.1, 11.1-RELEASE-p3)
2017-11-02 15:39:49 UTC (releng/11.0, 11.0-RELEASE-p14)
2017-10-30 15:57:48 UTC (stable/10, 10.4-STABLE)
2017-11-02 15:38:54 UTC (releng/10.4, 10.4-RELEASE-p2)
2017-11-02 15:38:24 UTC (releng/10.3, 10.3-RELEASE-p23)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
.
I. Background
The tzsetup(8) program allows the user to specify the default local
timezone. Based on the selected timezone, tzsetup(8) copies one of the
files from /usr/share/zoneinfo to /etc/localtime. This file actually
controls the conversion.
II. Problem Description
Several changes in Daylight Savings Time happened after previous
FreeBSD releases were released that would affect many people who
live in different countries. Because of these changes, the data in
the zoneinfo files need to be updated, and if the local timezone on
the running system is affected, tzsetup(8) needs to be run so the
/etc/localtime is updated.
III. Impact
An incorrect time will be displayed on a system configured to use one
of the affected timezones if the /usr/share/zoneinfo and /etc/localtime
files are not updated, and all applications on the system that rely on
the system time, such as cron(8) and syslog(8), will be affected.
IV. Workaround
The system administrator can install an updated timezone database from
the misc/zoneinfo port and run tzsetup(8) to get the timezone database
corrected.
Applications that store and display times in Coordinated Universal Time
(UTC) are not affected.
V. Solution
Please note that some third party software, for instance PHP, Ruby,
Java and Perl, may be using different zoneinfo data source, in such
cases these software has to be updated separately. For software
packages that is installed via package collection, they can be
upgraded by doing a `pkg upgrade'.
Following the instructions in this Errata Notice will update all of
the zoneinfo files to be the same as what was released with FreeBSD
release.
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date. Restart all the affected
applications and daemons, or reboot the system.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Restart all the affected applications and daemons, or reboot the system.
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-11.1.patch
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-11.1.patch.asc
# gpg --verify tzdata-11.1.patch.asc
[FreeBSD 11.0]
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-11.0.patch
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-11.0.patch.asc
# gpg --verify tzdata-11.0.patch.asc
[FreeBSD 10.4]
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-10.4.patch
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-10.4.patch.asc
# gpg --verify tzdata-10.4.patch.asc
[FreeBSD 10.3]
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-10.3.patch
# fetch https://security.FreeBSD.org/patches/EN-17:09/tzdata-10.3.patch.asc
# gpg --verify tzdata-10.3.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in .
Restart all the affected applications and daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r325160
releng/10.3/ r325322
releng/10.4/ r325323
stable/11/ r325159
releng/11.0/ r325324
releng/11.1/ r325325
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
VII. References
The latest revision of this advisory is available at
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAln7PU1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
aueuIBAA3RuatfFdMtCSZNQ4Dnzis2V7fNQxXDtBz6yKs71TBuNBTlN7I2HjhwSz
/Xi81FZib24J9u95/dk3u5GsMy1YlMh7AX3ktwVkwU1PdbjkCsCSKyIg5VPmvKkP
BS73ksLc82CoEMH74EUoSd0Bp8HRhzXugoO1K8cgtcuXiuOiEfAhrQ6/V8LHwxaX
ISoQfZ2e7Nni0NmevF/18ftQm9xa8dW0957UGBd+W+mg3xsNWlpQa04pSBxoms5N
OVuW5iii7bbtD8rH3jcsqYyeXWyJhd04WoW921EcSspel9tbXByZDqzepkz09skO
xfCKoE7CoJY7DhJcvPjNnu8rTODofXZ8ac3mf60rgkMOwnupo/uR5JrXAry6PZHI
VEv8SyJ2j/hAJ7A1L3Rgd6A9GJ2zbXBRKvDmcz8aodmQBZ34dxwqGpAEudMDX8tK
rbTachnq5WNXKypm3XYql4wNbBvO0f5ooV962HKwflCFG/v5Lm3Zqx+FbpvIoSBq
AwoEvssX4krcBF0buNd3TjKVKJ+6O3G4SKjWlrgGMqUEKFWDbuC41z7N5Cse6dWs
3JVnPsP0EfucAPybiFOrSmJ29mfR9rtQjJeTm498Z3VeQ67pQt+VztKCIA1FU/NO
8elPk05f+cbjRhQgSiFTPuE0M2/0qE9Bj70x2kN7wDOCynEnIek=
=Ri9G
-----END PGP SIGNATURE-----