Add EN-19:01 through EN-19:05.
Approved by: so
This commit is contained in:
parent
032abc8ca4
commit
05104ff48a
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=52756
18 changed files with 143725 additions and 0 deletions
133
share/security/advisories/FreeBSD-EN-19:01.cc_cubic.asc
Normal file
133
share/security/advisories/FreeBSD-EN-19:01.cc_cubic.asc
Normal file
|
@ -0,0 +1,133 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
=============================================================================
|
||||
FreeBSD-EN-19:01.cc_cubic Errata Notice
|
||||
The FreeBSD Project
|
||||
|
||||
Topic: Connection stalls with CUBIC congestion control
|
||||
|
||||
Category: core
|
||||
Module: tcp
|
||||
Announced: 2019-01-09
|
||||
Credits: Matt Garber, Hiren Panchasara
|
||||
Affects: FreeBSD 12.0
|
||||
Corrected: 2018-12-17 21:46:42 UTC (stable/12, 12.0-STABLE)
|
||||
2019-01-09 18:38:35 UTC (releng/12.0, 12.0-RELEASE-p2)
|
||||
|
||||
For general information regarding FreeBSD Errata Notices and Security
|
||||
Advisories, including descriptions of the fields above, security
|
||||
branches, and the following sections, please visit
|
||||
<URL:https://security.FreeBSD.org/>.
|
||||
|
||||
I. Background
|
||||
|
||||
CUBIC is a modern congestion control algorithm for the Transmission Control
|
||||
Protocol (TCP), which along with its predecessor BIC TCP is specifically
|
||||
optimized for high bandwidth, high latency networks. It is widely
|
||||
implemented across a variety of operating systems, and is the default TCP
|
||||
implementation or enabled by default in recent versions of Linux and
|
||||
Microsoft Windows. CUBIC is available as an alternate congestion control
|
||||
algorithm since FreeBSD 9.0 using the cc_cubic module.
|
||||
|
||||
II. Problem Description
|
||||
|
||||
Changes to the cc_cubic module in FreeBSD 12.0 can cause network stuttering
|
||||
or connection stalls when loaded and enabled as default.
|
||||
|
||||
III. Impact
|
||||
|
||||
FreeBSD 12.0 systems loading cc_cubic and setting non-default sysctl value
|
||||
net.inet.tcp.cc.algorithm=cubic exhibit stuttering and complete stalls of
|
||||
network connections. Under certain conditions, this may cause loss of system
|
||||
availability over the network or service unreachability.
|
||||
|
||||
IV. Workaround
|
||||
|
||||
Disabling cc_cubic and selecting one of the alternate included congestion
|
||||
control algorithms (e.g., newreno, htcp) will restore normal network
|
||||
connectivity and alleviate stuttering and stalls. Note that disabling CUBIC
|
||||
may cause a reduction in expected performance based on specific, unique
|
||||
network condition characteristics and the module used as a workaround.
|
||||
|
||||
V. Solution
|
||||
|
||||
Perform one of the following:
|
||||
|
||||
1) Upgrade your system to a supported FreeBSD stable or release / security
|
||||
branch (releng) dated after the correction date, and reboot the system.
|
||||
|
||||
2) To update your system via a binary patch:
|
||||
|
||||
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
||||
platforms can be updated via the freebsd-update(8) utility:
|
||||
|
||||
# freebsd-update fetch
|
||||
# freebsd-update install
|
||||
# shutdown -r +30 "Rebooting for FreeBSD errata update"
|
||||
|
||||
3) To update your system via a source code patch:
|
||||
|
||||
The following patches have been verified to apply to the applicable
|
||||
FreeBSD release branches.
|
||||
|
||||
a) Download the relevant patch from the location below, and verify the
|
||||
detached PGP signature using your PGP utility.
|
||||
|
||||
[FreeBSD 12.0]
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:01/cc_cubic.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:01/cc_cubic.patch.asc
|
||||
# gpg --verify cc_cubic.patch.asc
|
||||
|
||||
b) Apply the patch. Execute the following commands as root:
|
||||
|
||||
# cd /usr/src
|
||||
# patch < /path/to/patch
|
||||
|
||||
c) Recompile your kernel as described in
|
||||
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
||||
system.
|
||||
|
||||
VI. Correction details
|
||||
|
||||
The following list contains the correction revision numbers for each
|
||||
affected branch.
|
||||
|
||||
Branch/path Revision
|
||||
- -------------------------------------------------------------------------
|
||||
stable/12/ r342181
|
||||
releng/12.0/ r342893
|
||||
- -------------------------------------------------------------------------
|
||||
|
||||
To see which files were modified by a particular revision, run the
|
||||
following command, replacing NNNNNN with the revision number, on a
|
||||
machine with Subversion installed:
|
||||
|
||||
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
||||
|
||||
Or visit the following URL, replacing NNNNNN with the revision number:
|
||||
|
||||
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
||||
|
||||
VII. References
|
||||
|
||||
The latest revision of this advisory is available at
|
||||
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:01.cc_cubic.asc>
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2Rb5fFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cJGyRAAnpturBqU4XIZMdvInaVHOXA5P6KemeFuJkwz/aMtIbgefm49lvZVS4q6
|
||||
RO8/GytONX1OHaoJQDdincVfRbe9x+ID+ulCJfSLuZMhjLYpxDQJo9d4NWZtvpBn
|
||||
3wJNEQEXB0AjrYUOrebiT7yd3zA4f+7zSHu0Uvq4k5Tk0Xxsqxsx3/MG5ezEmdxx
|
||||
IWub1RnYvgmUVJBKn/C5A4v17dE12VnZtLrnfhZ4K3U3mVZYc3cJxF34wSscVqYd
|
||||
iAsntF786FV+hAXBX7wHa3JIqe+uXE2uemrquNmxgup+zrbVWPWPirgku2TVcvsm
|
||||
m9aQILNc9RvJ/XkViLV8+ypqCymBFsl3VhO3dzmOnsbL72G9rqjQtgdYWT2dp69p
|
||||
VyU4EWsTULXIbIBNxyrYhinT+DAqyt8bdrtyT3AhcVJaVk5B5APWnXiwjgS4mPN9
|
||||
hf2mCjZw10tJgsqYYrBlTERomgHU/pyliu0Rt2sof5+iGArbe7ZhEorHrM7YhD9n
|
||||
Hc+3oNzA0dYDStJQpEb4rJ7dEKP/mpppwIosMhPbku6u3ViafCJVq2dIGNQpDope
|
||||
Mh00Kk7cY0o3Rukw2lGNc9vDbIyUSqT/jV4lBDhp4k5ilQynvkMZETLlynI+KQUH
|
||||
J2uOOvYzkIZLzZyXtaQfkmrkV6DxzmjxDsqwiMz5DB7o70w/M54=
|
||||
=e8Wg
|
||||
-----END PGP SIGNATURE-----
|
128
share/security/advisories/FreeBSD-EN-19:02.tcp.asc
Normal file
128
share/security/advisories/FreeBSD-EN-19:02.tcp.asc
Normal file
|
@ -0,0 +1,128 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
=============================================================================
|
||||
FreeBSD-EN-19:02.tcp Errata Notice
|
||||
The FreeBSD Project
|
||||
|
||||
Topic: TCP connections may stall and eventually fail in case of
|
||||
packet loss
|
||||
|
||||
Category: core
|
||||
Module: kernel
|
||||
Announced: 2019-01-09
|
||||
Credits: Michael Tuexen
|
||||
Affects: FreeBSD 12.0
|
||||
Corrected: 2018-12-23 09:48:36 UTC (stable/12, 12.0-STABLE)
|
||||
2019-09-09 18:42:40 UTC (releng/12.0, 12.0-RELEASE-p2)
|
||||
|
||||
For general information regarding FreeBSD Errata Notices and Security
|
||||
Advisories, including descriptions of the fields above, security
|
||||
branches, and the following sections, please visit
|
||||
<URL:https://security.FreeBSD.org/>.
|
||||
|
||||
I. Background
|
||||
|
||||
The TCP stack limits the resources used for TCP connections. Once a limit
|
||||
is reached, further received TCP segments for the TCP connection are dropped.
|
||||
|
||||
II. Problem Description
|
||||
|
||||
To continue delivering data to the application, accepting the TCP segment
|
||||
with the next expected sequence number is required. If this TCP segment is
|
||||
dropped due to a resource limit, no further progress can be made. Therefore
|
||||
exceptions for this particular TCP segment have to be implemented.
|
||||
|
||||
III. Impact
|
||||
|
||||
In case of lost TCP segments, TCP connections may stall and then eventually
|
||||
fail.
|
||||
|
||||
IV. Workaround
|
||||
|
||||
No workaround is available.
|
||||
|
||||
V. Solution
|
||||
|
||||
Perform one of the following:
|
||||
|
||||
1) Upgrade your system to a supported FreeBSD stable or release / security
|
||||
branch (releng) dated after the correction date.
|
||||
|
||||
Afterward, reboot the system.
|
||||
|
||||
2) To update your system via a binary patch:
|
||||
|
||||
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
||||
platforms can be updated via the freebsd-update(8) utility:
|
||||
|
||||
# freebsd-update fetch
|
||||
# freebsd-update install
|
||||
|
||||
Afterward, reboot the system.
|
||||
|
||||
3) To update your system via a source code patch:
|
||||
|
||||
The following patches have been verified to apply to the applicable
|
||||
FreeBSD release branches.
|
||||
|
||||
a) Download the relevant patch from the location below, and verify the
|
||||
detached PGP signature using your PGP utility.
|
||||
|
||||
[FreeBSD 12.0]
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:02/tcp.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:02/tcp.patch.asc
|
||||
# gpg --verify tcp.patch.asc
|
||||
|
||||
b) Apply the patch. Execute the following commands as root:
|
||||
|
||||
# cd /usr/src
|
||||
# patch < /path/to/patch
|
||||
|
||||
c) Recompile your kernel as described in
|
||||
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
||||
system.
|
||||
|
||||
VI. Correction details
|
||||
|
||||
The following list contains the correction revision numbers for each
|
||||
affected branch.
|
||||
|
||||
Branch/path Revision
|
||||
- -------------------------------------------------------------------------
|
||||
stable/12/ r342378
|
||||
releng/12.0/ r342894
|
||||
- -------------------------------------------------------------------------
|
||||
|
||||
To see which files were modified by a particular revision, run the
|
||||
following command, replacing NNNNNN with the revision number, on a
|
||||
machine with Subversion installed:
|
||||
|
||||
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
||||
|
||||
Or visit the following URL, replacing NNNNNN with the revision number:
|
||||
|
||||
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
||||
|
||||
VII. References
|
||||
|
||||
The latest revision of this advisory is available at
|
||||
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:02.tcp.asc>
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2Rc1fFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cJtnxAAgOIJjP9Dg76onxJUPJWiKTAR5VZeZ8od0RJREIeZMUpgFiVUVH82fr8z
|
||||
ajAzGZbVFhEgFvYwQRU4R/MokNqONoG1O3YPdjcMFyW5HPBoAG+9h67qD3CtLgTN
|
||||
xnXMR72ed83oY8ts1WSfYVAKF+9X6U5G6FtchBgAhap2k9tI22QKiEmTTmqzUnoy
|
||||
ddLZatOyKmig8MZKshMmleEpvU+BoYR66d2K9CYxcjHqgNNJOQwQK6yLR3oX41Z9
|
||||
n5Akkg/KC7wD02CPFjmO9008ZC4fFiQ8D4eGt9D/lPI4AzLcfkvRdzt5CjMlamXm
|
||||
Rjf2H5/2f4iYSXiEi2wkChFJHh+MQuYgcfTqRJdNB0qf3DbLwTL5wULfrMVNn7LU
|
||||
rLHd8CNRTN4+d+//p7nZ/atFbuLjJE08YFqE2ODcMa8eJFaY09/+X+NMIqO6AdTE
|
||||
hGzqDuiVmI/1MSFjD7dxUotw6Y2iRf+DiLx+JUmb0L+C0FXfl/u8x1ErYbzuLyyL
|
||||
vD1qb66fDuuSC8aNWO6Qv55bBWAhYhO668CQwfmvEgree72ShbzJPEn3vUN2dIX4
|
||||
zg0kTs30QOlizAT2lxQchiPBKkQ+IExPurTT7lW0cZ5PID8y/FSKl49yeQo/nhrD
|
||||
j/vnF7yMgc6roCyasNlREdi20yTYbp2PItfhaSXWVrtYAFN1jNc=
|
||||
=3a3w
|
||||
-----END PGP SIGNATURE-----
|
145
share/security/advisories/FreeBSD-EN-19:03.sqlite.asc
Normal file
145
share/security/advisories/FreeBSD-EN-19:03.sqlite.asc
Normal file
|
@ -0,0 +1,145 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
=============================================================================
|
||||
FreeBSD-EN-19:03.sqlite Errata Notice
|
||||
The FreeBSD Project
|
||||
|
||||
Topic: sqlite update
|
||||
|
||||
Category: contrib
|
||||
Module: sqlite3
|
||||
Announced: 2019-01-09
|
||||
Credits: Cy Schubert
|
||||
Affects: All supported versions of FreeBSD.
|
||||
Corrected: 2018-12-21 01:58:01 UTC (stable/12, 12.0-STABLE)
|
||||
2019-01-09 18:47:10 UTC (releng/12.0, 12.0-RELEASE-p2)
|
||||
2018-12-21 02:04:15 UTC (stable/11, 11.2-STABLE)
|
||||
2019-01-09 18:50:27 UTC (releng/11.2, 11.2-RELEASE-p8)
|
||||
CVE Name: CVE-2018-20346, CVE-2018-20505, CVE-2018-20506
|
||||
|
||||
For general information regarding FreeBSD Errata Notices and Security
|
||||
Advisories, including descriptions of the fields above, security
|
||||
branches, and the following sections, please visit
|
||||
<URL:https://security.FreeBSD.org/>.
|
||||
|
||||
I. Background
|
||||
|
||||
SQLite is an SQL database engine in a C library. Programs that link the
|
||||
SQLite library can have SQL database access without running a separate RDBMS
|
||||
process. The distribution comes with a standalone command-line access
|
||||
program (sqlite3) that can be used to administer an SQLite database and which
|
||||
serves as an example of how to use the SQLite library.
|
||||
|
||||
II. Problem Description
|
||||
|
||||
According to https://blade.tencent.com/magellan/index_en.html, the
|
||||
vulnerabilities known as Magellan are a group vulnerabilities that exist
|
||||
in sqlite3, documented by CVE-2018-20346, CVE-2018-20505, and CVE-2018-20506.
|
||||
|
||||
When the FTS3 extension is enabled an integer overflow resulting in a buffer
|
||||
overflow when allowing remote attackers to run arbitrary SQL statements which
|
||||
can be leveraged to execute arbitrary code.
|
||||
|
||||
III. Impact
|
||||
|
||||
The vulnerabilities were discovered by Tencent Blade Team and verified to be
|
||||
able to successfully implement remote code execution in Chromium browsers.
|
||||
|
||||
IV. Workaround
|
||||
|
||||
No workaround is available.
|
||||
|
||||
V. Solution
|
||||
|
||||
Perform one of the following:
|
||||
|
||||
1) Upgrade your system to a supported FreeBSD stable or release / security
|
||||
branch (releng) dated after the correction date.
|
||||
|
||||
2) To update your system via a binary patch:
|
||||
|
||||
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
||||
platforms can be updated via the freebsd-update(8) utility:
|
||||
|
||||
# freebsd-update fetch
|
||||
# freebsd-update install
|
||||
|
||||
3) To update your system via a source code patch:
|
||||
|
||||
The following patches have been verified to apply to the applicable
|
||||
FreeBSD release branches.
|
||||
|
||||
a) Download the relevant patch from the location below, and verify the
|
||||
detached PGP signature using your PGP utility.
|
||||
|
||||
[FreeBSD 11.2]
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:03/sqlite-11.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:03/sqlite-11.patch.asc
|
||||
# gpg --verify sqlite-11.patch.asc
|
||||
|
||||
[FreeBSD 12.0]
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:03/sqlite-12.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:03/sqlite-12.patch.asc
|
||||
# gpg --verify sqlite-12.patch.asc
|
||||
|
||||
|
||||
b) Apply the patch. Execute the following commands as root:
|
||||
|
||||
# cd /usr/src
|
||||
# patch < /path/to/patch
|
||||
|
||||
c) Recompile the operating system using buildworld and installworld as
|
||||
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
|
||||
|
||||
Restart all daemons that use the library, or reboot the system.
|
||||
|
||||
VI. Correction details
|
||||
|
||||
The following list contains the correction revision numbers for each
|
||||
affected branch.
|
||||
|
||||
Branch/path Revision
|
||||
- -------------------------------------------------------------------------
|
||||
stable/12/ r342291
|
||||
releng/12.0/ r342895
|
||||
stable/11/ r342292
|
||||
releng/11.2/ r342896
|
||||
- -------------------------------------------------------------------------
|
||||
|
||||
To see which files were modified by a particular revision, run the
|
||||
following command, replacing NNNNNN with the revision number, on a
|
||||
machine with Subversion installed:
|
||||
|
||||
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
||||
|
||||
Or visit the following URL, replacing NNNNNN with the revision number:
|
||||
|
||||
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
||||
|
||||
VII. References
|
||||
|
||||
<URL:https://blade.tencent.com/magellan/index_en.html>
|
||||
|
||||
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234113>
|
||||
|
||||
The latest revision of this advisory is available at
|
||||
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:03.sqlite.asc>
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RdFfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cLtJg/9EM0jQbTBrSgVy5X1AyQ2rcFz9KbjtA0L48wOuOLiAh7eeYxh4Wxuz9k1
|
||||
QnEJavMbpVr71yhmt6maEAbRzyGUvemDh4vlu0wjcYSlEzcvk7xaRzfXimippxky
|
||||
GumFBCvs7UKDIiGRr62ukmxu3FgfEaTM/Cc4bNcuV5k4za+DWIGTu+97i0+B2ieX
|
||||
/IZ5hQq42w1YIUY5QOy2vj87rnQf2t+uShcBjRg8HsnPsG9BfQfI8vfuWjjtaKMI
|
||||
iva++F5UJWcsykjZo5J3aaZFxnHsW2hs3buQN+AhoEt7oKdGquOHdweSw8xtSlp9
|
||||
3Y+qj+veD7u4Mt95OtnYrJOg8Kynlrzg5uMDbNGbyqktbxfpi2gqBbPEVmx2+nGj
|
||||
Aj9PDSHMliBZsVKvr1opExfYp4HL0LB9Kqhato08lFxs05TUxiT6LRcel/iXiIfl
|
||||
vCqfWhKJYVZ+alAW+Kjic6iWw7AtmVLbV64dDu03jxS/14RtRp1Hbk1BRCrnJeLn
|
||||
sLSdFj6bi2mQx6OXAd9G9jhReoxylyZwRXyhPSsPG1E4mzX6ZRbJfnkriSazW4hq
|
||||
F+PjTyXidn3uhS6z6CZB08Ltw2NBd3baRl/TQBEiFHd6SSGByqX6gMguK/tQV92U
|
||||
uM/Q4Ak4H/Q+nEN8/LdXioW0P7ZEC6X/9GXKWv+bUs6LjcZXftA=
|
||||
=TG5W
|
||||
-----END PGP SIGNATURE-----
|
147
share/security/advisories/FreeBSD-EN-19:04.tzdata.asc
Normal file
147
share/security/advisories/FreeBSD-EN-19:04.tzdata.asc
Normal file
|
@ -0,0 +1,147 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
=============================================================================
|
||||
FreeBSD-EN-19:04.tzdata Errata Notice
|
||||
The FreeBSD Project
|
||||
|
||||
Topic: Timezone database information update
|
||||
|
||||
Category: contrib
|
||||
Module: zoneinfo
|
||||
Announced: 2019-01-09
|
||||
Credits: Philip Paeps
|
||||
Affects: All supported versions of FreeBSD.
|
||||
Corrected: 2019-01-01 10:04:49 UTC (stable/12, 12.0-STABLE)
|
||||
2019-01-09 18:53:35 UTC (releng/12.0, 12.0-RELEASE-p2)
|
||||
2019-01-01 10:05:12 UTC (stable/11, 11.2-STABLE)
|
||||
2019-01-09 18:54:42 UTC (releng/11.2, 11.2-RELEASE-p8)
|
||||
|
||||
For general information regarding FreeBSD Errata Notices and Security
|
||||
Advisories, including descriptions of the fields above, security
|
||||
branches, and the following sections, please visit
|
||||
<URL:https://security.FreeBSD.org/>.
|
||||
|
||||
I. Background
|
||||
|
||||
The tzsetup(8) program allows the user to specify the default local timezone.
|
||||
Based on the selected timezone, tzsetup(8) copies one of the files from
|
||||
/usr/share/zoneinfo to /etc/localtime. This file actually controls the
|
||||
conversion.
|
||||
|
||||
II. Problem Description
|
||||
|
||||
Several changes in Daylight Savings Time happened after previous FreeBSD
|
||||
releases were released that would affect many people who live in different
|
||||
countries. Because of these changes, the data in the zoneinfo files need to
|
||||
be updated, and if the local timezone on the running system is affected,
|
||||
tzsetup(8) needs to be run so the /etc/localtime is updated.
|
||||
|
||||
III. Impact
|
||||
|
||||
An incorrect time will be displayed on a system configured to use one of the
|
||||
affected timezones if the /usr/share/zoneinfo and /etc/localtime files are
|
||||
not updated, and all applications on the system that rely on the system time,
|
||||
such as cron(8) and syslog(8), will be affected.
|
||||
|
||||
IV. Workaround
|
||||
|
||||
The system administrator can install an updated timezone database from the
|
||||
misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected.
|
||||
|
||||
Applications that store and display times in Coordinated Universal Time (UTC)
|
||||
are not affected.
|
||||
|
||||
V. Solution
|
||||
|
||||
Please note that some third party software, for instance PHP, Ruby, Java and
|
||||
Perl, may be using different zoneinfo data source, in such cases this
|
||||
software must be updated separately. For software packages that is installed
|
||||
via binary packages, they can be upgraded by executing `pkg upgrade'.
|
||||
|
||||
Following the instructions in this Errata Notice will update all of the
|
||||
zoneinfo files to be the same as what was released with FreeBSD release.
|
||||
|
||||
Perform one of the following:
|
||||
|
||||
1) Upgrade your system to a supported FreeBSD stable or release / security
|
||||
branch (releng) dated after the correction date. Restart all the affected
|
||||
applications and daemons, or reboot the system.
|
||||
|
||||
2) To update your system via a binary patch:
|
||||
|
||||
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
||||
platforms can be updated via the freebsd-update(8) utility:
|
||||
|
||||
# freebsd-update fetch
|
||||
# freebsd-update install
|
||||
|
||||
Restart all the affected applications and daemons, or reboot the system.
|
||||
|
||||
3) To update your system via a source code patch:
|
||||
|
||||
The following patches have been verified to apply to the applicable
|
||||
FreeBSD release branches.
|
||||
|
||||
a) Download the relevant patch from the location below, and verify the
|
||||
detached PGP signature using your PGP utility.
|
||||
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:04/tzdata-2018i.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:04/tzdata-2018i.patch.asc
|
||||
# gpg --verify tzdata-2018i.patch.asc
|
||||
|
||||
b) Apply the patch. Execute the following commands as root:
|
||||
|
||||
# cd /usr/src
|
||||
# patch < /path/to/patch
|
||||
|
||||
c) Recompile the operating system using buildworld and installworld as
|
||||
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
|
||||
|
||||
Restart all the affected applications and daemons, or reboot the system.
|
||||
|
||||
VI. Correction details
|
||||
|
||||
The following list contains the correction revision numbers for each
|
||||
affected branch.
|
||||
|
||||
Branch/path Revision
|
||||
- -------------------------------------------------------------------------
|
||||
stable/12/ r342667
|
||||
releng/12.0/ r342897
|
||||
stable/11/ r342668
|
||||
releng/11.2/ r342898
|
||||
- -------------------------------------------------------------------------
|
||||
|
||||
To see which files were modified by a particular revision, run the
|
||||
following command, replacing NNNNNN with the revision number, on a
|
||||
machine with Subversion installed:
|
||||
|
||||
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
||||
|
||||
Or visit the following URL, replacing NNNNNN with the revision number:
|
||||
|
||||
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
||||
|
||||
VII. References
|
||||
|
||||
The latest revision of this advisory is available at
|
||||
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:04.tzdata.asc>
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RdRfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cKd+Q//QYBUcMdBnW6URT8bWCrIOTPP84aGpMKmU4ZZYidUfI6CJiiWVaGQHJgD
|
||||
tmdQjaHemSRfxQ+yAZ5XR8oUIBxrzBhA51cM5QMNnJMXBkpqz9yCbHefH3Fxfr6n
|
||||
Dg+Vt2cZ745MHPK9uhjtUTmLYRF2iztUqlATr3R1NxBbJ6QQzQuVEyeAvTSY9Jdw
|
||||
/+cQM72m28iHPP+ff5v9n2MLqoTg74HbchwJthtDvgK9elfQFuC1F07i8I6F4krT
|
||||
FHnPRISpg4EEOKYG/Jjedk9FQBUpKiOhsDz+siGtjQoivz8TemaH5nTMI7P/WP/7
|
||||
jFJ6+jQirc2vCvcUzmiPGrBXRx3OptYcIiLOeKfgc+wCtgEHap4Nrl4Damt1QC13
|
||||
T4kpaOi3TcqtDtKxZyxwR8tOtJGEayqXFHA5FL1Fgr63JcvbZTXlBg0BT4oAd7mX
|
||||
DuvDkap5hXh6jlQ2BM4L9J+I+GNMfrpULsM4drsqd7GVBcLrnu06po3M8jgja44T
|
||||
rVzNB62FuOX19Q2W8kZ7LOfAwW+ho02GNzwuYWiLCpP4JSTaxtHrd1LexpCzO4Lg
|
||||
zsttA2bkNjmzHxfcbAPbS5IMX539iJdTgZiDlBNzUi+QqiCG83/fRcVvgD7qH1iM
|
||||
kF7DipZUURjlV/RbtCZFU/fsKVzR7rF5MSQl9q7llwe5uMto6lQ=
|
||||
=1NIG
|
||||
-----END PGP SIGNATURE-----
|
126
share/security/advisories/FreeBSD-EN-19:05.kqueue.asc
Normal file
126
share/security/advisories/FreeBSD-EN-19:05.kqueue.asc
Normal file
|
@ -0,0 +1,126 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA512
|
||||
|
||||
=============================================================================
|
||||
FreeBSD-EN-19:05.kqueue Errata Notice
|
||||
The FreeBSD Project
|
||||
|
||||
Topic: kqueue race condition and kernel panic
|
||||
|
||||
Category: core
|
||||
Module: kqueue
|
||||
Announced: 2019-01-09
|
||||
Credits: Mark Johnston
|
||||
Affects: FreeBSD 11.2
|
||||
Corrected: 2019-11-24 17:11:47 UTC (stable/11, 11.2-STABLE)
|
||||
2019-01-09 18:57:38 UTC (releng/11.2, 11.2-RELEASE-p8)
|
||||
|
||||
For general information regarding FreeBSD Errata Notices and Security
|
||||
Advisories, including descriptions of the fields above, security
|
||||
branches, and the following sections, please visit
|
||||
<URL:https://security.FreeBSD.org/>.
|
||||
|
||||
I. Background
|
||||
|
||||
kevent(2) is a system call which provides a generic method of notifying the
|
||||
caller when a caller-specified event happens or a condition holds. One use
|
||||
for kevent(2) is to wait for a specified timeout to elapse.
|
||||
|
||||
II. Problem Description
|
||||
|
||||
The kevent(2) implementation in the kernel contains a race condition which
|
||||
can be triggered when an event is added and fires shortly after. Most event
|
||||
types are not affected, but timer events can trigger the race if the timeout
|
||||
duration is very short.
|
||||
|
||||
III. Impact
|
||||
|
||||
The race condition can cause corruption of a queue structure, leading to
|
||||
a kernel panic when it is later accessed. Applications using kevent(2) may
|
||||
trigger the panic if their usage causes the race condition to occur.
|
||||
|
||||
IV. Workaround
|
||||
|
||||
No workaround is available.
|
||||
|
||||
V. Solution
|
||||
|
||||
Perform one of the following:
|
||||
|
||||
1) Upgrade your system to a supported FreeBSD stable or release / security
|
||||
branch (releng) dated after the correction date, and reboot.
|
||||
|
||||
2) To update your system via a binary patch:
|
||||
|
||||
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
||||
platforms can be updated via the freebsd-update(8) utility:
|
||||
|
||||
# freebsd-update fetch
|
||||
# freebsd-update install
|
||||
# shutdown -r +30 "Rebooting for errata update"
|
||||
|
||||
3) To update your system via a source code patch:
|
||||
|
||||
The following patches have been verified to apply to the applicable
|
||||
FreeBSD release branches.
|
||||
|
||||
a) Download the relevant patch from the location below, and verify the
|
||||
detached PGP signature using your PGP utility.
|
||||
|
||||
[FreeBSD 11.2]
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:05/kqueue.patch
|
||||
# fetch https://security.FreeBSD.org/patches/EN-19:05/kqueue.patch.asc
|
||||
# gpg --verify kqueue.patch.asc
|
||||
|
||||
b) Apply the patch. Execute the following commands as root:
|
||||
|
||||
# cd /usr/src
|
||||
# patch < /path/to/patch
|
||||
|
||||
c) Recompile your kernel as described in
|
||||
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
|
||||
system.
|
||||
|
||||
VI. Correction details
|
||||
|
||||
The following list contains the correction revision numbers for each
|
||||
affected branch.
|
||||
|
||||
Branch/path Revision
|
||||
- -------------------------------------------------------------------------
|
||||
stable/11/ r340904
|
||||
releng/11.2/ r342899
|
||||
- -------------------------------------------------------------------------
|
||||
|
||||
To see which files were modified by a particular revision, run the
|
||||
following command, replacing NNNNNN with the revision number, on a
|
||||
machine with Subversion installed:
|
||||
|
||||
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
||||
|
||||
Or visit the following URL, replacing NNNNNN with the revision number:
|
||||
|
||||
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
||||
|
||||
VII. References
|
||||
|
||||
The latest revision of this advisory is available at
|
||||
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:05.kqueue.asc>
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RdZfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cK0nRAAgPsdkc/TyBTqpvJrvvNaVd0xgNC2lxnYK3HxOPbo5kqj6XHZxb3KvrrN
|
||||
He6TyGvwGCPHNzlFwHILH+FtFkgrvGVBoPu/U0e/NKRrkhyxPHJMz0bZPu7yqQoG
|
||||
GDFRIsw5D3JKZW38yMD9Menh3mag81OVZii1LfzkcDLLKfwX/zcx1vV7MSwMzoNs
|
||||
5L7Fm8lg0uIxrrlKvvmrPxfWoZENhCr9CAAdg8moL3thl64NaVVmPo7tXDXosNGo
|
||||
EQYT19SY0FBSboUcpVaChgyZaCFzOeCPuXuJPoUYppIWNiv2S8ZTjuq9d1g4R4SD
|
||||
7GBMozz8EG1rN0pzhx8mVEECZBzdt5rjggiWKjkOVxH/sy5LQjppONK3VVOygoCz
|
||||
dve2wGq6S1ke/b2NDRpAinmIr8I3x3b7JLNkE5OvNJ6bTLk3ZmpIRYQNYT+eu8Fx
|
||||
GNe/oTU9DRbB4yv0kcKsypHqQ0cKdn6+duYzKGZ4+c86B7IHJgsYoG/NTKYfFzQx
|
||||
BHWuI/P/9pakHESNiDidKRz+z5w679+jIfZDcbBIXaw+PCqzg5a1GFN8Bub2mGLw
|
||||
2wmVQJV1nbdE+6UbWvaV2seV/bo+N/L8k4QS6OPIDUefLPGgCdRFr/MlLoiTaJ43
|
||||
p+L3iVlVbiOTCfsCGI/QVQq+IOngKzqSUXN3Ys7PXvvAzSyaTFg=
|
||||
=fD2U
|
||||
-----END PGP SIGNATURE-----
|
194
share/security/patches/EN-19:01/cc_cubic.patch
Normal file
194
share/security/patches/EN-19:01/cc_cubic.patch
Normal file
|
@ -0,0 +1,194 @@
|
|||
--- sys/netinet/cc/cc.h.orig
|
||||
+++ sys/netinet/cc/cc.h
|
||||
@@ -102,8 +102,6 @@
|
||||
#define CCF_ACKNOW 0x0008 /* Will this ack be sent now? */
|
||||
#define CCF_IPHDR_CE 0x0010 /* Does this packet set CE bit? */
|
||||
#define CCF_TCPHDR_CWR 0x0020 /* Does this packet set CWR bit? */
|
||||
-#define CCF_MAX_CWND 0x0040 /* Have we reached maximum cwnd? */
|
||||
-#define CCF_CHG_MAX_CWND 0x0080 /* Cubic max_cwnd changed, for K */
|
||||
|
||||
/* ACK types passed to the ack_received() hook. */
|
||||
#define CC_ACK 0x0001 /* Regular in sequence ACK. */
|
||||
--- sys/netinet/cc/cc_cubic.c.orig
|
||||
+++ sys/netinet/cc/cc_cubic.c
|
||||
@@ -88,8 +88,6 @@
|
||||
unsigned long max_cwnd;
|
||||
/* cwnd at the previous congestion event. */
|
||||
unsigned long prev_max_cwnd;
|
||||
- /* Cached value for t_maxseg when K was computed */
|
||||
- uint32_t k_maxseg;
|
||||
/* Number of congestion events. */
|
||||
uint32_t num_cong_events;
|
||||
/* Minimum observed rtt in ticks. */
|
||||
@@ -126,9 +124,6 @@
|
||||
cubic_data = ccv->cc_data;
|
||||
cubic_record_rtt(ccv);
|
||||
|
||||
- if (ccv->flags & CCF_MAX_CWND)
|
||||
- return;
|
||||
-
|
||||
/*
|
||||
* Regular ACK and we're not in cong/fast recovery and we're cwnd
|
||||
* limited and we're either not doing ABC or are slow starting or are
|
||||
@@ -156,12 +151,6 @@
|
||||
cubic_data->mean_rtt_ticks, cubic_data->max_cwnd,
|
||||
CCV(ccv, t_maxseg));
|
||||
|
||||
- if (ccv->flags & CCF_CHG_MAX_CWND || cubic_data->k_maxseg != CCV(ccv, t_maxseg)) {
|
||||
- cubic_data->K = cubic_k(cubic_data->max_cwnd / CCV(ccv, t_maxseg));
|
||||
- cubic_data->k_maxseg = CCV(ccv, t_maxseg);
|
||||
- ccv->flags &= ~(CCF_MAX_CWND|CCF_CHG_MAX_CWND);
|
||||
- }
|
||||
-
|
||||
w_cubic_next = cubic_cwnd(ticks_since_cong +
|
||||
cubic_data->mean_rtt_ticks, cubic_data->max_cwnd,
|
||||
CCV(ccv, t_maxseg), cubic_data->K);
|
||||
@@ -173,18 +162,13 @@
|
||||
* TCP-friendly region, follow tf
|
||||
* cwnd growth.
|
||||
*/
|
||||
- CCV(ccv, snd_cwnd) = ulmin(w_tf, TCP_MAXWIN << CCV(ccv, snd_scale));
|
||||
+ CCV(ccv, snd_cwnd) = w_tf;
|
||||
|
||||
else if (CCV(ccv, snd_cwnd) < w_cubic_next) {
|
||||
/*
|
||||
* Concave or convex region, follow CUBIC
|
||||
* cwnd growth.
|
||||
*/
|
||||
- if (w_cubic_next >= TCP_MAXWIN << CCV(ccv, snd_scale)) {
|
||||
- w_cubic_next = TCP_MAXWIN << CCV(ccv, snd_scale);
|
||||
- ccv->flags |= CCF_MAX_CWND;
|
||||
- }
|
||||
- w_cubic_next = ulmin(w_cubic_next, TCP_MAXWIN << CCV(ccv, snd_scale));
|
||||
if (V_tcp_do_rfc3465)
|
||||
CCV(ccv, snd_cwnd) = w_cubic_next;
|
||||
else
|
||||
@@ -202,10 +186,8 @@
|
||||
* max_cwnd.
|
||||
*/
|
||||
if (cubic_data->num_cong_events == 0 &&
|
||||
- cubic_data->max_cwnd < CCV(ccv, snd_cwnd)) {
|
||||
+ cubic_data->max_cwnd < CCV(ccv, snd_cwnd))
|
||||
cubic_data->max_cwnd = CCV(ccv, snd_cwnd);
|
||||
- ccv->flags |= CCF_CHG_MAX_CWND;
|
||||
- }
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -254,7 +236,6 @@
|
||||
cubic_data->num_cong_events++;
|
||||
cubic_data->prev_max_cwnd = cubic_data->max_cwnd;
|
||||
cubic_data->max_cwnd = CCV(ccv, snd_cwnd);
|
||||
- ccv->flags |= CCF_CHG_MAX_CWND;
|
||||
}
|
||||
ENTER_RECOVERY(CCV(ccv, t_flags));
|
||||
}
|
||||
@@ -267,8 +248,6 @@
|
||||
cubic_data->prev_max_cwnd = cubic_data->max_cwnd;
|
||||
cubic_data->max_cwnd = CCV(ccv, snd_cwnd);
|
||||
cubic_data->t_last_cong = ticks;
|
||||
- ccv->flags |= CCF_CHG_MAX_CWND;
|
||||
- ccv->flags &= ~CCF_MAX_CWND;
|
||||
CCV(ccv, snd_cwnd) = CCV(ccv, snd_ssthresh);
|
||||
ENTER_CONGRECOVERY(CCV(ccv, t_flags));
|
||||
}
|
||||
@@ -285,7 +264,6 @@
|
||||
if (CCV(ccv, t_rxtshift) >= 2) {
|
||||
cubic_data->num_cong_events++;
|
||||
cubic_data->t_last_cong = ticks;
|
||||
- ccv->flags &= ~CCF_MAX_CWND;
|
||||
}
|
||||
break;
|
||||
}
|
||||
@@ -304,7 +282,6 @@
|
||||
* get used.
|
||||
*/
|
||||
cubic_data->max_cwnd = CCV(ccv, snd_cwnd);
|
||||
- ccv->flags |= CCF_CHG_MAX_CWND;
|
||||
}
|
||||
|
||||
static int
|
||||
@@ -329,11 +306,9 @@
|
||||
pipe = 0;
|
||||
|
||||
/* Fast convergence heuristic. */
|
||||
- if (cubic_data->max_cwnd < cubic_data->prev_max_cwnd) {
|
||||
+ if (cubic_data->max_cwnd < cubic_data->prev_max_cwnd)
|
||||
cubic_data->max_cwnd = (cubic_data->max_cwnd * CUBIC_FC_FACTOR)
|
||||
>> CUBIC_SHIFT;
|
||||
- ccv->flags |= CCF_CHG_MAX_CWND;
|
||||
- }
|
||||
|
||||
if (IN_FASTRECOVERY(CCV(ccv, t_flags))) {
|
||||
/*
|
||||
@@ -356,7 +331,6 @@
|
||||
cubic_data->max_cwnd) >> CUBIC_SHIFT));
|
||||
}
|
||||
cubic_data->t_last_cong = ticks;
|
||||
- ccv->flags &= ~CCF_MAX_CWND;
|
||||
|
||||
/* Calculate the average RTT between congestion epochs. */
|
||||
if (cubic_data->epoch_ack_count > 0 &&
|
||||
@@ -367,6 +341,7 @@
|
||||
|
||||
cubic_data->epoch_ack_count = 0;
|
||||
cubic_data->sum_rtt_ticks = 0;
|
||||
+ cubic_data->K = cubic_k(cubic_data->max_cwnd / CCV(ccv, t_maxseg));
|
||||
}
|
||||
|
||||
/*
|
||||
--- sys/netinet/cc/cc_cubic.h.orig
|
||||
+++ sys/netinet/cc/cc_cubic.h
|
||||
@@ -41,8 +41,6 @@
|
||||
#ifndef _NETINET_CC_CUBIC_H_
|
||||
#define _NETINET_CC_CUBIC_H_
|
||||
|
||||
-#include <sys/limits.h>
|
||||
-
|
||||
/* Number of bits of precision for fixed point math calcs. */
|
||||
#define CUBIC_SHIFT 8
|
||||
|
||||
@@ -163,6 +161,8 @@
|
||||
/*
|
||||
* Compute the new cwnd value using an implementation of eqn 1 from the I-D.
|
||||
* Thanks to Kip Macy for help debugging this function.
|
||||
+ *
|
||||
+ * XXXLAS: Characterise bounds for overflow.
|
||||
*/
|
||||
static __inline unsigned long
|
||||
cubic_cwnd(int ticks_since_cong, unsigned long wmax, uint32_t smss, int64_t K)
|
||||
@@ -174,15 +174,6 @@
|
||||
/* t - K, with CUBIC_SHIFT worth of precision. */
|
||||
cwnd = ((int64_t)(ticks_since_cong << CUBIC_SHIFT) - (K * hz)) / hz;
|
||||
|
||||
- /* moved this calculation up because it cannot overflow or underflow */
|
||||
- cwnd *= CUBIC_C_FACTOR * smss;
|
||||
-
|
||||
- if (cwnd > 2097151) /* 2^21 cubed is long max */
|
||||
- return INT_MAX;
|
||||
-
|
||||
- if (cwnd < -2097152) /* -2^21 cubed is long min */
|
||||
- return smss;
|
||||
-
|
||||
/* (t - K)^3, with CUBIC_SHIFT^3 worth of precision. */
|
||||
cwnd *= (cwnd * cwnd);
|
||||
|
||||
@@ -191,17 +182,8 @@
|
||||
* The down shift by CUBIC_SHIFT_4 is because cwnd has 4 lots of
|
||||
* CUBIC_SHIFT included in the value. 3 from the cubing of cwnd above,
|
||||
* and an extra from multiplying through by CUBIC_C_FACTOR.
|
||||
- *
|
||||
- * The original formula was this:
|
||||
- * cwnd = ((cwnd * CUBIC_C_FACTOR * smss) >> CUBIC_SHIFT_4) + wmax;
|
||||
- *
|
||||
- * CUBIC_C_FACTOR and smss factors were moved up to an earlier
|
||||
- * calculation to simplify overflow and underflow detection.
|
||||
*/
|
||||
- cwnd = (cwnd >> CUBIC_SHIFT_4) + wmax;
|
||||
-
|
||||
- if (cwnd < 0)
|
||||
- return 1;
|
||||
+ cwnd = ((cwnd * CUBIC_C_FACTOR * smss) >> CUBIC_SHIFT_4) + wmax;
|
||||
|
||||
return ((unsigned long)cwnd);
|
||||
}
|
18
share/security/patches/EN-19:01/cc_cubic.patch.asc
Normal file
18
share/security/patches/EN-19:01/cc_cubic.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RhZfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cK6Bw/+NJXfzNxz2c9hS4RgZSeDZxtqPEC6ZG5aKN2vc7RzwYsGgv5f4VzuU40A
|
||||
MsRNRmbDjoQYj9zkBKOYUWaIX6ZffOjUwc7DZ1Us4ykXRxlB2Ys4R98z5lY6mQDA
|
||||
hcTnCPvKTMChcXO3hQ77W3bUPk+p5+XvcDhks8K8N5/Xixj1xoy5J8dmbGvQ9i/R
|
||||
JZa2loacsPab/c2Fr/6L7DyHU3bbXIh+27HknCUOyK0dekbZ8g0oP+u/qb4VX/7s
|
||||
BkSbIkLUNq3dBkb0vOAoTry/M2kKpU8Dz/SITuW4bSJqfvNWN2hiT7YTQaNg+E0J
|
||||
VaaKHhpGO5TrYDnYRfmJyrAiobROEbpoGXg9TvfZ9VLk0sGOPcBN598DNJLkiZCa
|
||||
dzMrimOOcgeeyPhvG0Mq4ZGBkYgqj88jb29bwJbkCLvjTfaL3kPeKxky1bylgEmR
|
||||
Vevzqlp9IhrnSW21u0Kd8ZWuXka8ni+uKe2B24FyOZntziODWOi/rFAE7DV21y1V
|
||||
gZsX2v9kwr/M2ApFpAhtEnF3JHX0sl5J8mF9Wnv0CdJP3fTpC9M0byZsCc2qy84g
|
||||
5f6KPu57CgvuHG/YRKLDxG7tt1jXYi/LFsR7iGbbCCbthx5pImQrYfKMOdSR81s+
|
||||
Iwa8j657nxF+YjM+aq8l7E3g1uonJ2aWT95WFssUnv2ww+O14fw=
|
||||
=4RIV
|
||||
-----END PGP SIGNATURE-----
|
56
share/security/patches/EN-19:02/tcp.patch
Normal file
56
share/security/patches/EN-19:02/tcp.patch
Normal file
|
@ -0,0 +1,56 @@
|
|||
--- sys/netinet/tcp_reass.c.orig
|
||||
+++ sys/netinet/tcp_reass.c
|
||||
@@ -579,7 +579,8 @@
|
||||
*/
|
||||
lenofoh = tcp_reass_overhead_of_chain(m, &mlast);
|
||||
sb = &tp->t_inpcb->inp_socket->so_rcv;
|
||||
- if ((sb->sb_mbcnt + tp->t_segqmbuflen + lenofoh) > sb->sb_mbmax) {
|
||||
+ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) &&
|
||||
+ (sb->sb_mbcnt + tp->t_segqmbuflen + lenofoh) > sb->sb_mbmax) {
|
||||
/* No room */
|
||||
TCPSTAT_INC(tcps_rcvreassfull);
|
||||
#ifdef TCP_REASS_COUNTERS
|
||||
@@ -588,6 +589,11 @@
|
||||
#ifdef TCP_REASS_LOGGING
|
||||
tcp_log_reassm(tp, NULL, NULL, th->th_seq, lenofoh, TCP_R_LOG_LIMIT_REACHED, 0);
|
||||
#endif
|
||||
+ if ((s = tcp_log_addrs(&tp->t_inpcb->inp_inc, th, NULL, NULL))) {
|
||||
+ log(LOG_DEBUG, "%s; %s: mbuf count limit reached, "
|
||||
+ "segment dropped\n", s, __func__);
|
||||
+ free(s, M_TCPLOG);
|
||||
+ }
|
||||
m_freem(m);
|
||||
*tlenp = 0;
|
||||
#ifdef TCP_REASS_LOGGING
|
||||
@@ -936,6 +942,20 @@
|
||||
* is understood.
|
||||
*/
|
||||
new_entry:
|
||||
+ if (th->th_seq == tp->rcv_nxt && TCPS_HAVEESTABLISHED(tp->t_state)) {
|
||||
+ tp->rcv_nxt += *tlenp;
|
||||
+ flags = th->th_flags & TH_FIN;
|
||||
+ TCPSTAT_INC(tcps_rcvoopack);
|
||||
+ TCPSTAT_ADD(tcps_rcvoobyte, *tlenp);
|
||||
+ SOCKBUF_LOCK(&so->so_rcv);
|
||||
+ if (so->so_rcv.sb_state & SBS_CANTRCVMORE) {
|
||||
+ m_freem(m);
|
||||
+ } else {
|
||||
+ sbappendstream_locked(&so->so_rcv, m, 0);
|
||||
+ }
|
||||
+ sorwakeup_locked(so);
|
||||
+ return (flags);
|
||||
+ }
|
||||
if (tcp_new_limits) {
|
||||
if ((tp->t_segqlen > tcp_reass_queue_guard) &&
|
||||
(*tlenp < MSIZE)) {
|
||||
@@ -960,9 +980,7 @@
|
||||
return (0);
|
||||
}
|
||||
} else {
|
||||
-
|
||||
- if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) &&
|
||||
- tp->t_segqlen >= min((so->so_rcv.sb_hiwat / tp->t_maxseg) + 1,
|
||||
+ if (tp->t_segqlen >= min((so->so_rcv.sb_hiwat / tp->t_maxseg) + 1,
|
||||
tcp_reass_maxqueuelen)) {
|
||||
TCPSTAT_INC(tcps_rcvreassfull);
|
||||
*tlenp = 0;
|
18
share/security/patches/EN-19:02/tcp.patch.asc
Normal file
18
share/security/patches/EN-19:02/tcp.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RhxfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cIsjBAAiM9K9Y/ci+sVsH0HrunEbdJT5dI4oabI6Z7zV7X2F5OZobC0neXYCpqH
|
||||
sknU/phwdWTmSdLlqxI37At2rQPRFnnAF0sfyByJEmnrNq3CPg/cFabvuNWfetPh
|
||||
wpHQc7XUJAz58Lk5o382Dn4POZP+aBmo1e6ULHIXCcgR8xHvGAtQoCLJFh9VXKZx
|
||||
tSP+PiwCfHXjIF1J+bEPhv6IO3H59COb5daj1qhTbUnkCmacPBDCFzrSqqbUPOru
|
||||
MAvXxcUP3mhPDrIx5eDUNo5C1t54PF6fPzBj8Pq+SUKXrHI1PYHxw2yL+y0vn7vT
|
||||
TImWde+rRdDwzab2mt/IP2WaRnC5wVNS+QHZc9M+QB+ujAx8e278uK/eiJwKkm59
|
||||
MShtZ46YB96aoZuLYibk+i53jW7OOJbCH9xwFXvZb2n3ObBfJcqig4aXtvug7BOr
|
||||
v/90s6Q72jKpJUopgzFut6E2XtJ6ImAvq8qDxo0qLix5vASu57tst/5vyfj4dt79
|
||||
AJ05x20KKKKhaNzpnwyOWW4/egeElJPLHg8WsWzwtsRW1ZMWBRIqAzS+dLlDNod9
|
||||
ywSbOYb0FMmYe0rtv1gbm5wWjAQ8QYEe/8JoD7y5O04mUVmxmubeYYQ2vAxtxDPs
|
||||
ODiJtLdALWkPidb8ynn4r5LBYDjQRvni1+3j2E+nCh9Z08nHzzs=
|
||||
=KVpY
|
||||
-----END PGP SIGNATURE-----
|
76146
share/security/patches/EN-19:03/sqlite-11.patch
Normal file
76146
share/security/patches/EN-19:03/sqlite-11.patch
Normal file
File diff suppressed because it is too large
Load diff
18
share/security/patches/EN-19:03/sqlite-11.patch.asc
Normal file
18
share/security/patches/EN-19:03/sqlite-11.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RiJfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cJUcA//Sbp6kYL6InxUHPlQYO+MSTT+vc8bnzo7pW2sGs9VP+mnseZUQLO8pp29
|
||||
cCYNOC+4W2aIRP236IgeyPWSWUFSQ2MY+TSBxwa2kbIQW6Dts3ZvJNGT2MrMFqfx
|
||||
4mXMf8bgrsgGHymJ7qTgudeQzgsl0OPSzXSVzp/KVT+VQb9gIok3Dx7gGzTj/u2O
|
||||
5NIok6oBxUUcuoFfMV5z1fVS3Ny/gK80BVQy0f8ZlutkVZ2H09zu1pnHSLUCnUYT
|
||||
psE5QlJZ/baCkPBioComDJsy8YqEf9E4W4rm/Ds/tzV+IA5s7RzH/HvfHp3j7t8l
|
||||
ODNBr13lAlV6hQ71CwAPJEH5R8tmzRTKBQInAIS3xKiNBWqhshWf//ZSobHCPqJT
|
||||
BDEnE/9XF1GHaa4vb5RTZRIEhTU0zJ+o1CQOR6McdJ4IxOc1P23hOvRwkylQB84S
|
||||
E/3Yy42bde5RLnDYdQuxCW/c6S3PRo1jSMYjS7DnQ2PS8k+wAeAzHgj575UpcpDl
|
||||
5pSuzejvobSd0qyqwmBjKVWqAhkrRcUw/Yy/wt62RyHepEtpLat6U9deq481eart
|
||||
IC3eDJAaPW06mnmT9nfAqSh2CKvFUxTQ1XwZh0R+ZltdtjWFVWsU1XMc5fsfiQKU
|
||||
aD3o/huTvc2MhYTexvqYQcWZYndMgnXgWQt2LqLoe0YZAgMX5ZU=
|
||||
=I2kE
|
||||
-----END PGP SIGNATURE-----
|
65012
share/security/patches/EN-19:03/sqlite-12.patch
Normal file
65012
share/security/patches/EN-19:03/sqlite-12.patch
Normal file
File diff suppressed because it is too large
Load diff
18
share/security/patches/EN-19:03/sqlite-12.patch.asc
Normal file
18
share/security/patches/EN-19:03/sqlite-12.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RiZfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cJ1DxAAnbAtjFeY6WfYrVaBB1GHJGdIKQrgq3yzHxd3ycQYguOqjHYkagR7TLM4
|
||||
Eo7/hUjTos7yvgw7A7IOVg6HqpcTuQNRHu6T5MjnHoNiB5pNgjN/OYlJ1v1nDSRR
|
||||
PiNoBX1NhrUiZc8eMblZESdq2COuph9wdLJGiZeA69uTDzLTvnhIvmaFwLBM0ewl
|
||||
wqK0ND3Z+bVLxuxdeRI7n616HCkQ9EgP2S8uPONZEmMaI1J00018bGOZTmBYaE9x
|
||||
3/LYfR5F1ggBq5J7Vxa62z0s0vVUu8AAIE422MmqpNONgSqRQ7c2tlYi4x8NLLbs
|
||||
feKuS6l181m7gN0Jc6OJZfnuEkFC1P8y3Klg9ruERX5kNKGc0cJQ5tTEzGLRxflV
|
||||
eHHczHFHe6h45W9LDrkhQgOWF/ofATOIjkch0G3i5aoegBMuf0ISFZaqHm11fxnO
|
||||
AAc8HY1pn6qSgMaJH33xAjCdWvGJHv8Dln08Bag9L80qW+7JoGADVTpDqJ9jqENR
|
||||
2w/dQH+1AQTH3TVI7GaOYVD2f73o+YJ/SJjJQ6SrvhKaQ0MIzKRwqhsD3DgfG6ux
|
||||
FYc6/5mv/yljxBPR/K7FNbd+XIz5SyicoXe7Xkk/GxChtjfKrYwK/LyWIHZfrX9N
|
||||
nBNecHd8XRnpEDqdQ2qStNkWdkaX8KixcBhX18SkHDchhjJF7BY=
|
||||
=M+mD
|
||||
-----END PGP SIGNATURE-----
|
1448
share/security/patches/EN-19:04/tzdata-2018i.patch
Normal file
1448
share/security/patches/EN-19:04/tzdata-2018i.patch
Normal file
File diff suppressed because it is too large
Load diff
18
share/security/patches/EN-19:04/tzdata-2018i.patch.asc
Normal file
18
share/security/patches/EN-19:04/tzdata-2018i.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2Ri1fFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cJtHA/+JOl78JntS1QrQn11yftlRvHgwMHbp8tOpQ9TWNsuw0uBpeIbf8ZqGRaK
|
||||
BGMW+Ph77x2dMD8tt8sGYDWy1xsUUVfy7EGF7zEFjCx69hGFxno652/MrGvCYNgo
|
||||
tWfbjYJhJsHaplkNFZPdIvtWfQ1IGGHKEUMnTEoCr75NeXscuUCpBtpZFnJdYry+
|
||||
EHCHd2/If/49YF0PPs7zctM02KPAb52h+wwdbv19HyBD1UWuqGb3YZEPsH1btSs6
|
||||
iAdEut+nrFBt5iL+fJE+CRTFXWyZoU5WD95+fmb4p4dPtisCey5QE0iSN/MCw5xB
|
||||
Kj6+MuRJ+jAmWufNE+DIJYbSqosIH9zvDt0NXpgWUOlsdE87jdMGl0DgNK7eaScQ
|
||||
5AqeUFFXgv63kHXl90vln/m+rIYI3xjkrAij6mkjDHAIFpE9rKVtQAezbxZ/6p7v
|
||||
ZoIY4d8mb8oZhRfwd8/mAvzqTQWFnyw0OImzk7NMLj9a4idq0eTyXq1qbceuc1pt
|
||||
QUJtbWfKDptN9GDNPE37FulsiLufaeNPleA54U4XRLyBYMnZfc4yPfdcy8b10GCf
|
||||
zwy6bn+mZaFsOkMoLHd2pRV3erdXF8H42qUGAAW9I9Zqy2+hN87IDZ2ZUPHEYdxF
|
||||
5+jD/4HsHgFgMjakP/7CJPdcVrf/pyY2PGP1Qf5dS8C4wqvbl/k=
|
||||
=9pQl
|
||||
-----END PGP SIGNATURE-----
|
49
share/security/patches/EN-19:05/kqueue.patch
Normal file
49
share/security/patches/EN-19:05/kqueue.patch
Normal file
|
@ -0,0 +1,49 @@
|
|||
--- sys/kern/kern_event.c.orig
|
||||
+++ sys/kern/kern_event.c
|
||||
@@ -1296,6 +1296,8 @@
|
||||
kn->kn_kevent.flags &= ~(EV_ADD | EV_DELETE |
|
||||
EV_ENABLE | EV_DISABLE | EV_FORCEONESHOT);
|
||||
kn->kn_status = KN_INFLUX|KN_DETACHED;
|
||||
+ if ((kev->flags & EV_DISABLE) != 0)
|
||||
+ kn->kn_status |= KN_DISABLED;
|
||||
|
||||
error = knote_attach(kn, kq);
|
||||
KQ_UNLOCK(kq);
|
||||
@@ -1332,6 +1334,11 @@
|
||||
KNOTE_ACTIVATE(kn, 1);
|
||||
}
|
||||
|
||||
+ if ((kev->flags & EV_ENABLE) != 0)
|
||||
+ kn->kn_status &= ~KN_DISABLED;
|
||||
+ else if ((kev->flags & EV_DISABLE) != 0)
|
||||
+ kn->kn_status |= KN_DISABLED;
|
||||
+
|
||||
/*
|
||||
* The user may change some filter values after the initial EV_ADD,
|
||||
* but doing so will not reset any filter which has already been
|
||||
@@ -1348,19 +1355,17 @@
|
||||
kn->kn_sdata = kev->data;
|
||||
}
|
||||
|
||||
+done_ev_add:
|
||||
/*
|
||||
* We can get here with kn->kn_knlist == NULL. This can happen when
|
||||
* the initial attach event decides that the event is "completed"
|
||||
- * already. i.e. filt_procattach is called on a zombie process. It
|
||||
- * will call filt_proc which will remove it from the list, and NULL
|
||||
+ * already, e.g., filt_procattach() is called on a zombie process. It
|
||||
+ * will call filt_proc() which will remove it from the list, and NULL
|
||||
* kn_knlist.
|
||||
+ *
|
||||
+ * KN_DISABLED will be stable while the knote is in flux, so the
|
||||
+ * unlocked read will not race with an update.
|
||||
*/
|
||||
-done_ev_add:
|
||||
- if ((kev->flags & EV_ENABLE) != 0)
|
||||
- kn->kn_status &= ~KN_DISABLED;
|
||||
- else if ((kev->flags & EV_DISABLE) != 0)
|
||||
- kn->kn_status |= KN_DISABLED;
|
||||
-
|
||||
if ((kn->kn_status & KN_DISABLED) == 0)
|
||||
event = kn->kn_fop->f_event(kn, 0);
|
||||
else
|
18
share/security/patches/EN-19:05/kqueue.patch.asc
Normal file
18
share/security/patches/EN-19:05/kqueue.patch.asc
Normal file
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlw2RjRfFIAAAAAALgAo
|
||||
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
|
||||
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
|
||||
5cLrQRAAlMBtUSxbiSdLI8KfeKYj2Xe2cAvVfK+oK+pooErNX6TyofIyewrck4PB
|
||||
xZ/c7clZg3WRKAZJ1D6RacF02coBlCJHJbajMtjrIO6p3lXLX7FalxrIc9APiDI1
|
||||
n5he7Ij5Uu6FedPqJmSu81wOfInI+mX6vhap2UFrajFXI1iexhT4FiANtHGxTQwG
|
||||
I8GlFfptT7QY1dUugt2+KRoYFobUv4SQynhgDb1CfMZ55SCjnkEPIqE6dMsv/f4d
|
||||
iKBQoMmI8oBB6LLP1YhsidgG7LS84A+CwGXf9KQHRrugU9pPy2b8nQodGBzfmv4c
|
||||
UaVJYO7hIkCof+4loloJrxEATWNnb2V5XlJumY6ENQwCCjttD/TOnfAAbUCkajZW
|
||||
t+LZu5MkTZpx/Zyby9ojHl6yd7u7Cc2klN56vyOjGGBZ9PbXjsrwllEonnlHEThY
|
||||
NDwcML8kjXPCXwgHtysKTxJKT9HsaG5tL/PMdTeHUwmkAfYyOeOTL14wpoF5//tc
|
||||
akIcGw5qQjfFFaFCkfdFwktF63Hdsv8/G56sDBYHsdPE7Bwj4cnJhasWWtUTTN5t
|
||||
XOvxoGUMOKwyQ/tUlNHvuyOEieEy781LYqHhVQObI00qkeSOJmwKaDuOjNd64wjv
|
||||
2jJ4ZLegckyQlYR4GKGr6L0h6WTyL+d4xXZ7EcOxdkDa/dAYnHQ=
|
||||
=Er0a
|
||||
-----END PGP SIGNATURE-----
|
|
@ -4,6 +4,39 @@
|
|||
$FreeBSD$
|
||||
</cvs:keyword>
|
||||
|
||||
<year>
|
||||
<name>2019</name>
|
||||
|
||||
<month>
|
||||
<name>1</name>
|
||||
|
||||
<day>
|
||||
<name>9</name>
|
||||
|
||||
<notice>
|
||||
<name>FreeBSD-EN-19:05.kqueue</name>
|
||||
</notice>
|
||||
|
||||
<notice>
|
||||
<name>FreeBSD-EN-19:04.tzdata</name>
|
||||
</notice>
|
||||
|
||||
<notice>
|
||||
<name>FreeBSD-EN-19:03.sqlite</name>
|
||||
</notice>
|
||||
|
||||
<notice>
|
||||
<name>FreeBSD-EN-19:02.tcp</name>
|
||||
</notice>
|
||||
|
||||
<notice>
|
||||
<name>FreeBSD-EN-19:01.cc_cubic</name>
|
||||
</notice>
|
||||
|
||||
</day>
|
||||
</month>
|
||||
</year>
|
||||
|
||||
<year>
|
||||
<name>2018</name>
|
||||
|
||||
|
|
Loading…
Reference in a new issue