> On Apr 7, 2020, at 21:52, Daniel Jakots <danj@chown.me> wrote:
>
>> Hello all. I am running a OpenBSD 6.6 that I installed late last
>> year. I was recently trying to make sure I'd updated my smtpd to
>> 6.6.4, based on earlier security announcement.
>> But, I find that
>> OPENBSD_6_6 only has smtpd 6.6.0 in it. I was of the impression
>> that was the stable branch, and as such it should get updates,
>> especially including security updates.
>>
>
> The syspatch creation process includes committing to the
> (old)stable branch. AFAIK, what happened here is that the fixes were
> backported but the version wasn't bumped.
> But if you want to be sure, check the code you're going to compile.
I updated usr.sbin/smtpd to HEAD, and now get 6.6.4. If I diff that dir
against the same in OPENBSD_6_6, there are a few thousand lines of
unified diffs, clearly showing many changes. I don't know for sure that
it means what's in OPENBSD_6_6 is the same smtpd 6.6.0 that shipped
with OpenBSD 6.6.0, but it's clearly not the smtpd 6.6.4 that's in HEAD.
I'm not sure how the syspatch creation process is involved, but I saw the
note from Gilles a month and a half ago[1] suggesting using syspatch to
update the system. It looks like that didn't update the stable branch.
- Chris
[1] https://www.mail-archive.com/misc@opensmtpd.org/msg04888.html
No comments:
Post a Comment