-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-13:04.freebsd-update Errata Notice
The FreeBSD Project
Topic: Multiple freebsd-update bugs break upgrading to FreeBSD 10.0
Category: base
Module: freebsd-update
Announced: 2013-10-24
Credits: Colin Percival
Affects: All supported FreeBSD releases
Corrected: 2013-10-26 08:34:35 UTC (stable/10, 10.0-STABLE)
2013-10-26 08:34:35 UTC (stable/10, 10.0-BETA1-p1)
2013-10-26 19:54:28 UTC (stable/9, 9.2-STABLE)
2013-10-26 20:01:00 UTC (releng/9.2, 9.2-RELEASE-p1)
2013-10-26 20:01:00 UTC (releng/9.2, 9.2-RC4-p1)
2013-10-26 20:01:00 UTC (releng/9.2, 9.2-RC3-p2)
2013-10-26 20:01:00 UTC (releng/9.1, 9.1-RELEASE-p8)
2013-10-26 19:54:28 UTC (stable/8, 8.4-STABLE)
2013-10-26 20:01:00 UTC (releng/8.4, 8.4-RELEASE-p5)
2013-10-26 20:01:00 UTC (releng/8.3, 8.3-RELEASE-p12)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.
I. Background
The freebsd-update(8) utility is used to download and apply binary diffs
for security and errata patches on systems installed from official FreeBSD
release CDs and DVDs. It can also be used to upgrade such systems to new
FreeBSD releases.
II. Problem Description
The freebsd-update(8) utility always updates shared libraries first, so
new or updated libraries will be available when binaries that use them are
installed or updated. If shared libraries appear in a directory which
does not already exist on the target system, freebsd-update(8) will
attempt to install them before creating the directory.
At the end of the updating process, freebsd-update(8) removes old shared
libraries which should no longer exist. An error in filtering the list
of filesystem objects results in symlinks to shared libraries being
incorrectly included in the lists of shared libraries.
Additionally, freebsd-update(8) rejects updates which include files with
the tilde character ('~') in their names. Such files sometimes occur in
third-party software and may be included in the src distribution.
III. Impact
It is not possible to use freebsd-update(8) to upgrade an existing
installation to FreeBSD 10.0-BETA1, because 10.0 introduces two new shared
library directories, the /usr/lib/libc.so symlink is replaced by a regular
file, and the source distribution includes a file with a tilde in its name.
It is not possible to use freebsd-update(8) to update 10.0-BETA1, as its
source distribution includes a file with a tilde in its name.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
2) To update your present system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/EN-13:04/freebsd-update.patch
# fetch http://security.FreeBSD.org/patches/EN-13:04/freebsd-update.patch.asc
# gpg --verify freebsd-update.patch.asc
b) Apply the patch.
# cd /usr/src
# patch < /path/to/patch
c) Reinstall freebsd-update.
# cd /usr/src/usr.sbin/freebsd-update
# make install -DWITHOUT_MAN
3) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
On systems running 10.0-BETA1 (and ONLY systems running 10.0-BETA1), run
the following command before using freebsd-update in order to fix it
enough that it can update itself:
# sed -i '' -e 's/%@/%~@/' /usr/sbin/freebsd-update
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r257192
releng/8.3/ r257194
releng/8.4/ r257194
stable/9/ r257192
releng/9.1/ r257194
releng/9.2/ r257194
stable/10/ r257153
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-13:04.freebsd-update.asc
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJSbCdaAAoJEO1n7NZdz2rnRvAQAOsb3lZIaiLEsQgynVaIgH/I
ZzvkR1ZwKbfRBzb5QQnQ/3ZHL30m9MCV+Z/dh/g2CKsf5D1K5uAv8a0SIqy0yW8g
E8Oi4+136VPCTcs5uGC8PuBVEMq87hBhWycKasVL+ukdYA3AHM10JRuVLhV81M87
Xe/vJqH7qPzvEtNIZdDqvDWhuHhPjlCI6SqMHI5ufxl3M7q+ylNgi5+yTwRbLqtH
0E109rMlVpnVzRELl28wmgIx9u/lmsa3LHCO6HBRlUjWQlV7CBlRfgGjrlcGhcq+
wFfmtT1jgbCOtJjakGOzEZhDuD5SlQTbIf4NCMfwgEIZE8PIUkWJcX8dPW4XiIo/
72IoF8eyvgR8VoGhA+l2gtFwlGWI2AZEpyi0zbk4pZJBmU5O1qVzMLlFRGufD8kx
1UZDT6yIsdWNCFF/R4YdrgyoySQoUlvpCV38cuKR6asOpyBFY/U9O3Ndu9VlTOBi
GI2eX1XyFsTAzcp6PuXBIIUFlsRzrHFXxGyagF0NaLIAlB1amwcPHx5yxiRYcquM
7VFaHUyMqWwRTTq+gtZlPcGI1t16tWmH9O9N+Cip9nUqL37s2Zb0zr+LttnYYod4
kxMi2jTQLdGkxZvIR+iTGJD3SqKD321n6iWrHuGmyrRKmf3e6P2BTxjerBvI2Jkf
nPk49938gAirwh9ucDbF
=VqIo
-----END PGP SIGNATURE-----