Me too! My sshd_config is also customized and everytime there is a new patch I 
need to run freebsd-update manually and get rid of the attempt to trash the 
sshd config that could make my server unreachable over the network.

Why does the freebsd-update need a vanilla sshd_config?
Why not give a message and put the new freebsd vanillia sshd_config file in 
Does this behaviour mean that the /etc/ssh/sshd_config is uncustomizable? and 
if you need custom sshd configuration you should use the port provided 

> 4 okt. 2023 kl. 04:13 skrev monochrome <>:
> not sure if this is related or appropriate here, but for the last 2 or 3 
> updates freebsd-update has been hanging on this:
> The following files are affected by updates. No changes have
> been downloaded, however, because the files have been modified
> locally:
> /etc/ssh/sshd_config
> a minor annoyance, but is this the new normal?<ecRV9YIelkR0MQGe.png> this 
> file will obviously be changed on most systems, why do I seem like the only 
> one with this problem?
> <cDK2pd07H0DkdvFY.png>
> as of today its still doing it: FreeBSD quartzon 13.2-RELEASE-p4 FreeBSD 
> 13.2-RELEASE-p4 GENERIC amd64
> On 10/3/23 19:03, FreeBSD Errata Notices wrote:
>> =============================================================================
>> FreeBSD-EN-23:09.freebsd-update                                 Errata Notice
>>                                                           The FreeBSD Project
>> Topic:          freebsd-update incorrectly merges files on upgrade
>> Category:       core
>> Module:         freebsd-update
>> Announced:      2023-09-06
>> Affects:        FreeBSD 13.2
>> Corrected:      2023-05-16 21:34:10 UTC (stable/13, 13.2-STABLE)
>>                 2023-09-06 16:56:24 UTC (releng/13.2, 13.2-RELEASE-p3)
>>                 2023-09-28 13:42:18 UTC (stable/12, 12.4-STABLE)
>>                 2023-10-03 22:15:35 UTC (releng/12.4, 12.4-RELEASE-p6)
>> For general information regarding FreeBSD Errata Notices and Security
>> Advisories, including descriptions of the fields above, security
>> branches, and the following sections, please visit
>> <URL:> <>.
>> 2023-09-06      Initial Revision
>> 2023-10-03      Updated to include the patch for 12.4-RELEASE.
>> I.   Background
>> freebsd-update provides binary updates for supported releases of FreeBSD on
>> amd64, arm64, and i386.
>> II.  Problem Description
>> freebsd-update incorrectly deleted files in /etc/ in the event the file to be
>> updated matched the new release and was different than the old release.  This
>> has not been an issue previously because the $FreeBSD$ tag expansion from
>> subversion virtually guaranteed the existing file was going to be different
>> from the new release. With the conversion to git in the 13.x releases,
>> $FreeBSD$ is no longer expanded, making it much more likely that a file would
>> find this issue.
>> III. Impact
>> Unmodified files in /etc/ may be deleted on running freebsd-update upgrade.
>> IV.  Workaround
>> No workaround is available.
>> V.   Solution
>> Upgrade your system to a supported FreeBSD stable or release / security
>> branch (releng) dated after the correction date.
>> Perform one of the following:
>> 1) To update your system via a binary patch:
>> Systems running a RELEASE version of FreeBSD on the amd64, i386, or
>> (on FreeBSD 13 and later) arm64 platforms can be updated via the
>> freebsd-update(8) utility:
>> # freebsd-update fetch
>> # freebsd-update install
>> 2) To update your system via a source code patch:
>> The following patches have been verified to apply to the applicable
>> FreeBSD release branches.
>> a) Download the relevant patch from the location below, and verify the
>> detached PGP signature using your PGP utility.
>> # fetch 
>> <>
>> # fetch 
>> <>
>> # gpg --verify freebsd-update.patch.asc
>> b) Apply the patch.  Execute the following commands as root:
>> # cd /usr/src
>> # patch < /path/to/patch
>> c) Recompile the operating system using buildworld and installworld as
>> described in <URL:> 
>> <>.
>> VI.  Correction details
>> This issue is corrected by the corresponding Git commit hash or Subversion
>> revision number in the following stable and release branches:
>> Branch/path                             Hash                     Revision
>> -------------------------------------------------------------------------
>> stable/13/                              866e5c6b3ce7    stable/13-n255386
>> releng/13.2/                            0b39d9de2e71  releng/13.2-n254628
>> stable/12/                                                        r373221
>> releng/12.4/                                                      r373231
>> -------------------------------------------------------------------------
>> For FreeBSD 13 and later:
>> Run the following command to see which files were modified by a
>> particular commit:
>> # git show --stat <commit hash>
>> Or visit the following URL, replacing NNNNNN with the hash:
>> <URL:> 
>> <>
>> To determine the commit count in a working tree (for comparison against
>> nNNNNNN in the table above), run:
>> # git rev-list --count --first-parent HEAD
>> For FreeBSD 12 and earlier:
>> Run the following command to see which files were modified by a particular
>> revision, replacing NNNNNN with the revision number:
>> # svn diff -cNNNNNN --summarize svn://
>> Or visit the following URL, replacing NNNNNN with the revision number:
>> <URL:> 
>> <>
>> VII. References
>> <URL:> <>
>> The latest revision of this advisory is available at
>> <URL:>
>> <>
> >

Reply via email to