Publish todays advisories.

Approved by:	so

share/security/advisories/FreeBSD-SA-16:20.linux.asc

@@ -0,0 +1,145 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-16:20.linux                                      Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Kernel stack disclosure in Linux compatibility layer
+
+Category:       core
+Module:         linux(4)
+Announced:      2016-05-31
+Credits:        CTurt
+Affects:	All supported versions of FreeBSD.
+Corrected:      2016-05-31 16:57:42 UTC (stable/10, 10.3-STABLE)
+                2016-05-31 16:55:50 UTC (releng/10.3, 10.3-RELEASE-p4)
+                2016-05-31 16:55:45 UTC (releng/10.2, 10.2-RELEASE-p18)
+                2016-05-31 16:55:41 UTC (releng/10.1, 10.1-RELEASE-p35)
+                2016-05-31 16:58:00 UTC (stable/9, 9.3-STABLE)
+                2016-05-31 16:55:37 UTC (releng/9.3, 9.3-RELEASE-p43)
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+FreeBSD is binary-compatible with the Linux operating system through a
+loadable kernel module/optional kernel component.  The support is provided
+for amd64 and i386 machines.
+
+II.  Problem Description
+
+The implementation of the TIOCGSERIAL ioctl(2) does not clear the output
+struct before copying it out to userland.
+
+The implementation of the Linux sysinfo() system call does not clear the
+output struct before copying it out to userland.
+
+III. Impact
+
+An unprivileged user can read a portion of uninitialised kernel stack data,
+which may contain sensitive information, such as the stack guard, portions
+of the file cache or terminal buffers, which an attacker might leverage to
+obtain elevated privileges.
+
+IV.  Workaround
+
+No workaround is available, but systems not using the Linux binary
+compatibility layer are not vulnerable.
+
+The Linux compatibility layer is not included in the default GENERIC kernel.
+
+The following command can be used to test if the Linux binary compatibility
+layer is loaded:
+
+# kldstat -m linuxelf
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Reboot is required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+Reboot is required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-16:20/linux.patch
+# fetch https://security.FreeBSD.org/patches/SA-16:20/linux.patch.asc
+# gpg --verify linux.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/9/                                                         r301055
+releng/9.3/                                                       r301049
+stable/10/                                                        r301054
+releng/10.1/                                                      r301050
+releng/10.2/                                                      r301051
+releng/10.3/                                                      r301052
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:http://cturt.github.io/compat-info-leaks.html>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:20.linux.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAEBCgAGBQJXTcSOAAoJEO1n7NZdz2rnjSMP/AsGK5jda/QlrRrpvKyd3HGr
+qVsTzro+a2ed2ZlUCamM/JICXfbAit+dOioui+CIN1IKai/mxNPMpIWcPRx1AhDr
+3y52MmSzkCqK6QT3tvwYYaG4uOZ3/wbWAJ8EKz2qqYlZ4hkmy24BdvTCGB2SGDgo
+Nz1P60NWxaqafCwFyb0xz7Lful52txSLIr9mWZzTcSgwNNEscGiMgzXiY64GlWfQ
+r20udpFrPG5+OOwpFAdR4IImQA7B0AYD064NbzN9A+mJlbhtGguDS3oTkbVBVIbF
+ldLgDkrFeIv/Jyhvij1q85xfuOxT6eaVJe7qGUaV8v6qQx17VhH8j0sVzn6nh0w9
+kly4FB0osyZRQJ7bV7c+FVGECUWRyzSpeo7lx6ICXECuyzcX9U4IxC0oxPcokD3o
+CEOJkQEjLtMSfKdE143lbyPCtZUMSXtp/CLEUxW7eDCbW89O7p7pv6xTiNLdopVT
+cpUcF+Y0KepwMrg+jXH8i07yF6QgqRWVziA16821OJ4ThD0RN4MRrWUizl/1J2iD
+LFGxK8l2U3hP5dhXpYpEHsI2xkU94Lojp0SfngFoylo4Z8UjpQeaR9NG+F3+uR45
+Q8aGB3CQe84JZUzFfVN6292AE/4ZMg13iRzKUawV8JBUEWG+MnrtU6a7zwIRVM2F
+zT2f1EP7488fCSxbmicf
+=bohu
+-----END PGP SIGNATURE-----

share/security/advisories/FreeBSD-SA-16:21.43bsd.asc

@@ -0,0 +1,128 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-16:21.43bsd                                      Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Kernel stack disclosure in 4.3BSD compatibility layer
+
+Category:       core
+Module:         kernel
+Announced:      2016-05-31
+Credits:        CTurt
+Affects:        All supported versions of FreeBSD.
+Corrected:      2016-05-31 16:57:42 UTC (stable/10, 10.3-STABLE)
+                2016-05-31 16:55:50 UTC (releng/10.3, 10.3-RELEASE-p4)
+                2016-05-31 16:55:45 UTC (releng/10.2, 10.2-RELEASE-p18)
+                2016-05-31 16:55:41 UTC (releng/10.1, 10.1-RELEASE-p35)
+                2016-05-31 16:58:00 UTC (stable/9, 9.3-STABLE)
+                2016-05-31 16:55:37 UTC (releng/9.3, 9.3-RELEASE-p43)
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+FreeBSD has binary compatibility layer with historic 4.3BSD operating
+system.
+
+II.  Problem Description
+
+The implementation of historic stat(2) system call does not clear the
+output struct before copying it out to userland.
+
+III. Impact
+
+An unprivileged user can read a portion of uninitialised kernel stack data,
+which may contain sensitive information, such as the stack guard, portions
+of the file cache or terminal buffers, which an attacker might leverage to
+obtain elevated privileges.
+
+IV.  Workaround
+
+No workaround is available, but systems not using the 4.3BSD compatibility
+layer are not vulnerable.
+
+The 4.3BSD compatibility layer is not included into the default GENERIC kernel
+configuration.  A custom kernel config that does not have the COMPAT_43 option
+is also not vulnerable.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Reboot is required.
+
+2) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-16:21/stat.patch
+# fetch https://security.FreeBSD.org/patches/SA-16:21/stat.patch.asc
+# gpg --verify stat.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/9/                                                         r301055
+releng/9.3/                                                       r301049
+stable/10/                                                        r301054
+releng/10.1/                                                      r301050
+releng/10.2/                                                      r301051
+releng/10.3/                                                      r301052
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:http://cturt.github.io/compat-info-leaks.html>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:21.43bsd.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAEBCgAGBQJXTcSQAAoJEO1n7NZdz2rn/JYQAKrbMPuSBxDZzMS0iq76R5Gw
+RPkTZcH5zFqXI6s7WGNLtdV6VgatQtG8WsYdaGn+E+dKqGmIu4xtcIfXS6dgP/fT
+aqP522x5CbZt2nl3bpQ/vPDnJbEJ/a25nydLjHuCbJP1MqPKCWOJFlt/EOXlqXd4
+SptiShq/EDPZgJSODmGp34raAIIeuMHUz2gF8YEBD3Uu8cV6zMHlc1Lj8veI1NJv
+xKaSK+31HAdAgkP5NKPEXA3Ei553i1tzN8KGgbEeFvsjtNUuqxR8n2nB2XJ3GANb
+E7Z3byjajZqgYim6tYqobAyZEjrdGInNt8E5XEdrJhsIhzn6mqcdpJsf9yur1xY2
+TSNaNNlWGicd1TYuPQjd7LPiqKKdIKO3s7P3vHXhJRvy2vD9B4NfX/kcU1UjJkAI
+h19iI1B9WbiLakTTJLSn5tcSSIUUNJ3c70jYIoo4WOEHN3x8HvjtaGuH2TK89CA2
+tPqkKau4Txd3ikdpNbU6pYDyWAYG+z/cH6F1dYrkchULK8uNP+sEkHai2MYtNv/W
+Q0CDy46iHBmbYkTwlEDxPkfDEKsiUbm32AgvfwuEAfjszwYuO1+KjZ6oKXwycQz9
+gCyNZVfsjSOV5srzVQ2daUmuNkQiua2zt8JX5J64rUJSYx3AkZHOTNxmVEu12K1U
+RdI/7TaMcgMzkGMlwEv9
+=qPmZ
+-----END PGP SIGNATURE-----

share/security/advisories/FreeBSD-SA-16:22.libarchive.asc

@@ -0,0 +1,139 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-16:22.libarchive                                 Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Directory traversal in cpio(1)
+
+Category:       contrib
+Module:         libarchive
+Announced:      2016-05-31
+Credits:        Alexander Cherepanov
+Affects:        All supported versions of FreeBSD
+Corrected:      2016-05-21 09:03:45 UTC (stable/10, 10.3-STABLE)
+                2016-05-31 16:35:03 UTC (releng/10.3, 10.3-RELEASE-p4)
+                2016-05-31 16:33:56 UTC (releng/10.2, 10.2-RELEASE-p18)
+                2016-05-31 16:32:42 UTC (releng/10.1, 10.1-RELEASE-p35)
+                2016-05-21 09:27:30 UTC (stable/9, 9.3-STABLE)
+                2016-05-31 16:23:56 UTC (releng/9.3, 9.3-RELEASE-p43)
+CVE Name:       CVE-2015-2304
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The libarchive(3) library provides a flexible interface for reading and
+writing streaming archive files such as tar(1) and cpio(1), and has been the
+basis for the FreeBSD implementation of the tar(1) and cpio(1) utilities
+since FreeBSD 5.3.
+
+II.  Problem Description
+
+The cpio(1) tool from the libarchive(3) bundle is vulnerable to a directory 
+traversal problem via absolute paths in an archive file.
+
+III. Impact
+
+A malicious archive file being unpacked can overwrite an arbitrary file on
+a filesystem, if the owner of the cpio process has write access to it.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Reboot is not required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+Reboot is not required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 10.x]
+# fetch https://security.FreeBSD.org/patches/SA-16:22/libarchive-10.patch
+# fetch https://security.FreeBSD.org/patches/SA-16:22/libarchive-10.patch.asc
+# gpg --verify libarchive-10.patch.asc
+
+[FreeBSD 9.3]
+# fetch https://security.FreeBSD.org/patches/SA-16:22/libarchive-9.patch
+# fetch https://security.FreeBSD.org/patches/SA-16:22/libarchive-9.patch.asc
+# gpg --verify libarchive-9.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/9/                                                         r300363
+releng/9.3/                                                       r301044
+stable/10/                                                        r300361
+releng/10.1/                                                      r301046
+releng/10.2/                                                      r301047
+releng/10.3/                                                      r301048
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:22.libarchive.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAEBCgAGBQJXTcSSAAoJEO1n7NZdz2rnpSIQAL4Ao7qcCFcqckTLAwR3UyTe
+e65MD/dXcD+Zn6XWao5t/nLQRFyzJgD6p3HIahcPMBXdzaYOlYxVfU7wMlw95llZ
+mKruSMP1rT59zxwyP+aLh34aRMRmVu+/L8xMHThMBNyiIFjhiyLIvzm4+k+/vBHY
+V1Jc7RdEQr4A19zzhmklCMzttf2M85NggWDraPQfUMyjXwrLDc6Pc1x7w8w8/OAB
+Jyj9tiu883epPstgk8uKVqRaa96SGcwFt9Rsp8WZf0/rfk21BS2hNnlxrjPhdkAU
+s5KZnCqudbh4Uv0KRLO0htLTMo2QU0gP0d/QeoLBxaPo2VaXrB6jvv7KhDInIpRe
+xDQYuc3d/D1m0DkIIjglxKhtunozPdxL3PmzrkY/C3qgFY4RxBCPN60OJ9lTxC15
+H6/FVljRpSFUST5goQ9jsAA+oJ6B+dD4sYU6kh1hTkHeCD/EA+QH66YwzZquGi/T
+4oDNTLSwgfGH/1OzkkhuWCANvVkWO+EckSVX3/sEaud/Z2zRNV0dELbS2NUs3yGl
+sbAytECuvMMEx4FsCteLs9yKrTQmC+OrKBkEtUxoCMQi4eQsEGyH26mHM/L9MOP3
+dyFP2V1dSd3392sGCvjInb9lxAmw5+by3nPzKVnIUW+jLaICdWFzwWhi7ycHupsU
+GH8PGGPIFUd81r7gzrF8
+=+ZX7
+-----END PGP SIGNATURE-----

share/security/advisories/FreeBSD-SA-16:23.libarchive.asc

@@ -0,0 +1,128 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-16:23.libarchive                                 Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Buffer overflow in libarchive(3)
+
+Category:       contrib
+Module:         libarchive
+Announced:      2016-05-31
+Affects:        FreeBSD 9.3
+Corrected:      2016-05-21 09:27:30 UTC (stable/9, 9.3-STABLE)        
+                2016-05-31 16:23:56 UTC (releng/9.3, 9.3-RELEASE-p43)
+CVE Name:       CVE-2013-0211
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The libarchive(3) library provides a flexible interface for reading and
+writing streaming archive files such as tar and cpio, and has been the
+basis for FreeBSD's implementation of the tar(1) and cpio(1) utilities
+since FreeBSD 5.3.
+
+II.  Problem Description
+
+An integer signedness error in the archive_write_zip_data() function in
+archive_write_set_format_zip.c in libarchive(2) could lead to a buffer
+overflow on 64-bit machines.
+
+III. Impact
+
+An attacker who can provide input of their choice for creating a ZIP archive 
+can cause a buffer overflow in libarchive(2) that results in a core dump or
+possibly execution of arbitrary code provided by the attacker.
+
+IV.  Workaround
+
+No workaround is available but 32-bit systems are not vulnerable.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Reboot is not required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+A reboot is not required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-16:23/libarchive.patch
+# fetch https://security.FreeBSD.org/patches/SA-16:23/libarchive.patch.asc
+# gpg --verify libarchive.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart the applicable daemons, or reboot the system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/9/                                                         r300363
+releng/9.3/                                                       r301044
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:23.libarchive.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAEBCgAGBQJXTcSUAAoJEO1n7NZdz2rnjuwP/36GShkMxVtvEF3LeZCtT1bT
+J0TSoXWpOo8rW61W0VEQ8xxOupIUwpDC2zwvgg0ZuPPbUY1nKYGrql8hixzmyg7n
+Da7krIxv7guTrpIWumEztS7JAVjZWEW+SfwiXZ7OY+3KHSLcGh5E0MpEvWDy+Ysa
+5/fjyaxYV2jHCaXwqNpCHv9ahS3Ca4VMr37E2H+3efdbSzkfUz17nReNjBtk8P76
+5teuC/PZ0aXIToOBuP039NPy7Cw42AsgAnEDLayEMIuuq/u4JVmDUONcnjfQ4occ
+tlCl3tNmk8LR9kotcvkg+7ZDOZ6zq4NHkcpjek8GPqScV2EgY0wixf4Eo2hD4P4x
+NDo4pkzt5L+6mkJoSc/6zBYiVGLAqGBMDqsaemqBL/aTLH6+W+Bulvr9prfB2EIN
+EBWfO4zkA3tKAPAZIpCQRzG2FScOjNeH49hy+ISTUWYcWDtNrpYIJdhX+XtsuZIt
+Swd++AYcvnDJGX8bTPRb8nOlBWqAAscuIJsvyqyRVahmKrG2USECmhvaIN6jPbVq
+8dScr0yO0ixzUpnkEMV8GW8kstC5mwCihJ4MG5qDtsWGYybH93N22eHZyOlCqa9J
+d+V8OzEiVEtGtdDqbThDW3FfuimAm6aShTLxATeJTGbc+mQEdUMjjgAmrvCZxcEZ
+URXCjA5XayDc0iZySd4r
+=XTv8
+-----END PGP SIGNATURE-----

share/security/patches/SA-16:20/linux.patch

@@ -0,0 +1,21 @@
+--- sys/compat/linux/linux_ioctl.c.orig
++++ sys/compat/linux/linux_ioctl.c
+@@ -916,6 +916,8 @@
+ 
+ 	case LINUX_TIOCGSERIAL: {
+ 		struct linux_serial_struct lss;
++
++		bzero(&lss, sizeof(lss));
+ 		lss.type = LINUX_PORT_16550A;
+ 		lss.flags = 0;
+ 		lss.close_delay = 0;
+--- sys/compat/linux/linux_misc.c.orig
++++ sys/compat/linux/linux_misc.c
+@@ -149,6 +149,7 @@
+ 	int i, j;
+ 	struct timespec ts;
+ 
++	bzero(&sysinfo, sizeof(sysinfo));
+ 	getnanouptime(&ts);
+ 	if (ts.tv_nsec != 0)
+ 		ts.tv_sec++;

share/security/patches/SA-16:20/linux.patch.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJXTcSQAAoJEO1n7NZdz2rnpM0QAImzU1p8XlerAgX5aqvZA+MT
+bNXa3N3BulpJtlsb9PVH7PwmGiLmg2/MHe4MAxT5m7ivWCZsjL/n6p7JKaVeiBQ4
+87RuZ3WPqgvEIhW/hA0ip7xSy6qI5msmxmEWy4osLRQlwWzYaurHlGT29Rqg4DM2
+hBl+ADmaHZG+Nl/wMCCZ9BADjPWGJwHThms4VZWtNPiVcO2m9N3Qi/czwGfr+iZI
+yf16086n1O/vztGjHV8Q9aTPtj/syF6lztwooZ/0DvGdZFxOMcj7roa7rLDy1V02
+Mhn5GlFszVGMLJdY+UErIX5vNHohnv3+OqRgH9jvYYUAtv6niP+W7n77BE94P1rv
+AGm1V0xRhuvhNeX6gHgGAbfxV/fKC/vputLlkGmxxQheOrCykXBCI91jO2Tm8DMU
+JNoc6FhF5To6pvddvSF2hYfPbNY3MC/r/vSrgYGLA3MOosNhW/hC77JB+iKhC2AW
+A9RN8mzp/XrCza7RPpQoxpi7mZcW8YoleVXkEfjs/bDlrwIwQAuFjtyaQBkwJMdU
+LP1o/Dd0NquajDgdAbTVbgDMz9naV2IupKWUKuK3+70GYtvJXfhRC3dkYGzKwUFr
+Sn29/MAdORjSYKu6qYLESRVGea4PoBmGUcrycwFgNBaSV2jf3BFjFTHbz6lOtN+2
+Js3hl5m552T5bwxACftw
+=nyQH
+-----END PGP SIGNATURE-----

share/security/patches/SA-16:21/stat.patch

@@ -0,0 +1,10 @@
+--- sys/kern/vfs_syscalls.c.orig
++++ sys/kern/vfs_syscalls.c
+@@ -2068,6 +2068,7 @@
+ 	struct ostat *ost;
+ {
+ 
++	bzero(ost, sizeof(*ost));
+ 	ost->st_dev = st->st_dev;
+ 	ost->st_ino = st->st_ino;
+ 	ost->st_mode = st->st_mode;

share/security/patches/SA-16:21/stat.patch.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJXTcSRAAoJEO1n7NZdz2rn4scQAOI8NMv7HPw0NigEysKEiThH
+rLFfaHPjm6Y3EnG2MmUdOsFBY/sP1cfgUIBXCEOL8noGxOb4nS2uqbShmt+KSzJc
+ifOhat9OMtys4EqUl5dB23xxhDcd30x5B2J4luw9JZ2y1reV8oKHxdWNhnKdZOU/
+01OezhlDZQu8eTLzXN5NxGESMg2u5lnMf8ZolrAsD8NGQ2FUPGpuEMIv4VaeuELl
+R7EkeAStGVyCT4D42lmKsEiDuzqnZ5T+6KYnyrIoWyNwrV7OqoaYzU9W56aFvTPv
+tsde1kijeV0WqCJ0ggXFN7dd0rW/MGqgu63FXAL53keIXQulgLFmxNnJJ1fk26So
+qa8J633giaZQlYWS6HOFglHtUTbb34+tJhgb3vwKmKinXWuCRQ7p896EanwJ+9gY
+bJuOUg/F1QORKA4Tr7bmhJa6i+RQg2Tncitm/QZP12p3GhDoMV3dvqPvISl/Mgsu
+IY/qcTztWEa+hbzYFORN/uCXrWrcziZIuoSSyYv/4vGejl7cwc1O8/FHPhTNHICx
+vo9vc7O5N0bdz6ELiYqJlnkTZ89K17U9haseYoUQozrwR/jUWV9cdLns1GKNI+AI
+pYUytHBQEY0CJqLoSDtdDOpGMN3zv7TF1npmY0BjLbFJS8bKkMq7CfRpd9WRcbKq
+NWDRp4dkoUXcKD6AX52d
+=egwA
+-----END PGP SIGNATURE-----

share/security/patches/SA-16:22/libarchive-10.patch

@@ -0,0 +1,124 @@
+--- contrib/libarchive/cpio/bsdcpio.1.orig
++++ contrib/libarchive/cpio/bsdcpio.1
+@@ -156,7 +156,8 @@
+ .It Fl Fl insecure
+ (i and p mode only)
+ Disable security checks during extraction or copying.
+-This allows extraction via symbolic links and path names containing
++This allows extraction via symbolic links, absolute paths,
++and path names containing
+ .Sq ..
+ in the name.
+ .It Fl J , Fl Fl xz
+--- contrib/libarchive/cpio/cpio.c.orig
++++ contrib/libarchive/cpio/cpio.c
+@@ -179,6 +179,7 @@
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_PERM;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_FFLAGS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_ACL;
+@@ -264,6 +265,7 @@
+ 		case OPTION_INSECURE:
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_SYMLINKS;
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 			break;
+ 		case 'L': /* GNU cpio */
+ 			cpio->option_follow_links = 1;
+@@ -300,6 +302,7 @@
+ 				    "Cannot use both -p and -%c", cpio->mode);
+ 			cpio->mode = opt;
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 			break;
+ 		case OPTION_PRESERVE_OWNER:
+ 			cpio->extract_flags |= ARCHIVE_EXTRACT_OWNER;
+--- contrib/libarchive/libarchive/archive.h.orig
++++ contrib/libarchive/libarchive/archive.h
+@@ -562,6 +562,8 @@
+ /* Default: Do not use HFS+ compression if it was not compressed. */
+ /* This has no effect except on Mac OS v10.6 or later. */
+ #define	ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED	(0x8000)
++/* Default: Do not reject entries with absolute paths */
++#define ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS (0x10000)
+ 
+ __LA_DECL int archive_read_extract(struct archive *, struct archive_entry *,
+ 		     int flags);
+--- contrib/libarchive/libarchive/archive_write_disk.3.orig
++++ contrib/libarchive/libarchive/archive_write_disk.3
+@@ -177,6 +177,9 @@
+ Note that paths ending in
+ .Pa ..
+ always cause an error, regardless of this flag.
++.It Cm ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
++Refuse to extract an absolute path.
++The default is to not refuse such paths.
+ .It Cm ARCHIVE_EXTRACT_SPARSE
+ Scan data for blocks of NUL bytes and try to recreate them with holes.
+ This results in sparse files, independent of whether the archive format
+--- contrib/libarchive/libarchive/archive_write_disk_posix.c.orig
++++ contrib/libarchive/libarchive/archive_write_disk_posix.c
+@@ -2504,8 +2504,9 @@
+ /*
+  * Canonicalize the pathname.  In particular, this strips duplicate
+  * '/' characters, '.' elements, and trailing '/'.  It also raises an
+- * error for an empty path, a trailing '..' or (if _SECURE_NODOTDOT is
+- * set) any '..' in the path.
++ * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is
++ * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
++ * is set) if the path is absolute.
+  */
+ static int
+ cleanup_pathname(struct archive_write_disk *a)
+@@ -2524,8 +2525,15 @@
+ 	cleanup_pathname_win(a);
+ #endif
+ 	/* Skip leading '/'. */
+-	if (*src == '/')
++	if (*src == '/') {
++		if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) {
++			archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
++			                  "Path is absolute");
++			return (ARCHIVE_FAILED);
++		}
++
+ 		separator = *src++;
++	}
+ 
+ 	/* Scan the pathname one element at a time. */
+ 	for (;;) {
+--- contrib/libarchive/libarchive/test/test_write_disk_secure.c.orig
++++ contrib/libarchive/libarchive/test/test_write_disk_secure.c
+@@ -178,6 +178,29 @@
+ 	assert(S_ISDIR(st.st_mode));
+ 	archive_entry_free(ae);
+ 
++	/*
++	 * Without security checks, we should be able to
++	 * extract an absolute path.
++	 */
++	assert((ae = archive_entry_new()) != NULL);
++	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	archive_entry_set_mode(ae, S_IFREG | 0777);
++	assert(0 == archive_write_header(a, ae));
++	assert(0 == archive_write_finish_entry(a));
++	assertFileExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	assert(0 == unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"));
++
++	/* But with security checks enabled, this should fail. */
++	assert(archive_entry_clear(ae) != NULL);
++	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	archive_entry_set_mode(ae, S_IFREG | 0777);
++	archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS);
++	failure("Extracting an absolute path should fail here.");
++	assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae));
++	archive_entry_free(ae);
++	assert(0 == archive_write_finish_entry(a));
++	assertFileNotExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++
+ 	assertEqualInt(ARCHIVE_OK, archive_write_free(a));
+ 
+ 	/* Test the entries on disk. */

share/security/patches/SA-16:22/libarchive-10.patch.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJXTcSSAAoJEO1n7NZdz2rn3vQP/0Vnpmx02B5/7yX/bIuX6MmG
+O2dgO6MwUJBrhC+OBvurPLBj9IOAQC+zVfqXcvqN+rmwo2DtYG/90uOQvOKnuR+8
+grr9lrlaL6SxIBvpM+uRFJHgVCGWiGMSY/4UOgR1fQOF6DNaQBsOCytV+VDpMeBV
+9J0ussdl8LlJpNQSi5BCnf9wy4OmkclBWz8h6BU8z+2QZBHpvLlKV3+q9KGFqZ8v
+XfLv7DBpXuLIZtRN/TzYCRCdblLrLZjqqG/pAif5x+l434CM2OR/XejAh1ttm5Au
+F9Ln+TV6+Dzu8xw1ZL0dSnMq0SYvcQytP2+OiPmwOf1mxQuIt6eWXhkZaRq/KHb/
+UxTpsVCUnNCWnChK7rykrQWilFbfKIVjLZ4lMP2g0GfkTBvSfO/kJom9CDt7f7/T
+WDKCdmNTu5m1NyQ4b6zH8/FpSW4H20S8g0k0ZR0BOyxbJq+SnrVuzI3lq6af+v0z
+KOtmumZjDUTWqI4O29nslnzVoUD26xw23HLj+dIrNFgBRKJavdSsJmKQohSXe5px
+zE5jcIF+Y97/KthufnCzccln50Qjt3bV2awWYDu6RCpliY1XuEp0HcyuNXx9P1sa
+zfTLEXHljIQTaIOY5At0Z29liX0aVS2hzeTU1OL2etzAoUvBrt3ApBiqb+dTOmSw
+AXzkzHPdvDicqrknrpwy
+=cXQF
+-----END PGP SIGNATURE-----

share/security/patches/SA-16:22/libarchive-9.patch

@@ -0,0 +1,124 @@
+--- contrib/libarchive/cpio/bsdcpio.1.orig
++++ contrib/libarchive/cpio/bsdcpio.1
+@@ -159,7 +159,8 @@
+ .It Fl -insecure
+ (i and p mode only)
+ Disable security checks during extraction or copying.
+-This allows extraction via symbolic links and path names containing
++This allows extraction via symbolic links, absolute paths,
++and path names containing
+ .Sq ..
+ in the name.
+ .It Fl J
+--- contrib/libarchive/cpio/cpio.c.orig
++++ contrib/libarchive/cpio/cpio.c
+@@ -162,6 +162,7 @@
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++	cpio->extract_flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_PERM;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_FFLAGS;
+ 	cpio->extract_flags |= ARCHIVE_EXTRACT_ACL;
+@@ -231,6 +232,7 @@
+ 		case OPTION_INSECURE:
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_SYMLINKS;
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 			break;
+ 		case 'L': /* GNU cpio */
+ 			cpio->option_follow_links = 1;
+@@ -265,6 +267,7 @@
+ 				    "Cannot use both -p and -%c", cpio->mode);
+ 			cpio->mode = opt;
+ 			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NODOTDOT;
++			cpio->extract_flags &= ~ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ 			break;
+ 		case OPTION_PRESERVE_OWNER:
+ 			cpio->extract_flags |= ARCHIVE_EXTRACT_OWNER;
+--- contrib/libarchive/libarchive/archive.h.orig
++++ contrib/libarchive/libarchive/archive.h
+@@ -477,6 +477,8 @@
+ #define	ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER	(0x0800)
+ /* Detect blocks of 0 and write holes instead. */
+ #define	ARCHIVE_EXTRACT_SPARSE			(0x1000)
++/* Default: Do not reject entries with absolute paths */
++#define ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS (0x10000)
+ 
+ __LA_DECL int	 archive_read_extract(struct archive *, struct archive_entry *,
+ 		     int flags);
+--- contrib/libarchive/libarchive/archive_write_disk.3.orig
++++ contrib/libarchive/libarchive/archive_write_disk.3
+@@ -169,6 +169,9 @@
+ Note that paths ending in
+ .Pa ..
+ always cause an error, regardless of this flag.
++.It Cm ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
++Refuse to extract an absolute path.
++The default is to not refuse such paths.
+ .It Cm ARCHIVE_EXTRACT_SPARSE
+ Scan data for blocks of NUL bytes and try to recreate them with holes.
+ This results in sparse files, independent of whether the archive format
+--- contrib/libarchive/libarchive/archive_write_disk.c.orig
++++ contrib/libarchive/libarchive/archive_write_disk.c
+@@ -1649,8 +1649,9 @@
+ /*
+  * Canonicalize the pathname.  In particular, this strips duplicate
+  * '/' characters, '.' elements, and trailing '/'.  It also raises an
+- * error for an empty path, a trailing '..' or (if _SECURE_NODOTDOT is
+- * set) any '..' in the path.
++ * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is
++ * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
++ * is set) if the path is absolute.
+  */
+ static int
+ cleanup_pathname(struct archive_write_disk *a)
+@@ -1670,8 +1671,15 @@
+ 		return (ARCHIVE_FAILED);
+ #endif
+ 	/* Skip leading '/'. */
+-	if (*src == '/')
++	if (*src == '/') {
++		if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) {
++			archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
++			                  "Path is absolute");
++			return (ARCHIVE_FAILED);
++		}
++
+ 		separator = *src++;
++	}
+ 
+ 	/* Scan the pathname one element at a time. */
+ 	for (;;) {
+--- contrib/libarchive/libarchive/test/test_write_disk_secure.c.orig
++++ contrib/libarchive/libarchive/test/test_write_disk_secure.c
+@@ -178,6 +178,29 @@
+ 	assert(S_ISDIR(st.st_mode));
+ 	archive_entry_free(ae);
+ 
++	 /*
++	 * Without security checks, we should be able to
++	 * extract an absolute path.
++	 */
++	assert((ae = archive_entry_new()) != NULL);
++	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	archive_entry_set_mode(ae, S_IFREG | 0777);
++	assert(0 == archive_write_header(a, ae));
++	assert(0 == archive_write_finish_entry(a));
++	assertFileExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	assert(0 == unlink("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp"));
++
++	/* But with security checks enabled, this should fail. */
++	assert(archive_entry_clear(ae) != NULL);
++	archive_entry_copy_pathname(ae, "/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++	archive_entry_set_mode(ae, S_IFREG | 0777);
++	archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS);
++	failure("Extracting an absolute path should fail here.");
++	assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae));
++	archive_entry_free(ae);
++	assert(0 == archive_write_finish_entry(a));
++	assertFileNotExists("/tmp/libarchive_test-test_write_disk_secure-absolute_path.tmp");
++
+ 	assert(0 == archive_write_finish(a));
+ 
+ 	/* Test the entries on disk. */

share/security/patches/SA-16:22/libarchive-9.patch.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJXTcSTAAoJEO1n7NZdz2rnNQEP/3hUwYHKlSzOIniC8AgaPzmd
+twrPLgpVAyTMKJc/nNkLNK3qz/RU++PnLB+HpwJrqvOQdtBIuNsw2M+5t0HKm8QB
+R481dEQBl+8SaYjSAtEB216nEyzBf0Zax9uhkc1tSBRBxoE7x9Z4lG9up5Yvy8Mn
+msGJ2x20BZ30FTExpJo6WVlA0xhqsEElrnmtbA3vznEkqXWt+oG/YYZ57Tv1NztL
+pX4yeZZZ8+6JjyaWecg70wIHHn3I9LMX+sigZrS0oeBFBLdy9oRQkFN+6W/p0xtP
+euS8Z5HbUnrac/I0TNUNS52r9F38hwmqohEYgXeLRhUpiqLgbDLe56ISOWEhrNip
+mgR67ELEadZteBHV90JcfTJ6B/Zpxzj8m8u1IHDlfvyqX3EOwglbsNxAnUk+WAeJ
+YvpvA3w74lEQDsK3Pk0m2EQRtUSNDlL2ilZrdA5bpXwcNtZtCT8YWC0KsRQi4sQZ
+LGOzuCEORmwgeBrwpThfCPoNJHnq6fIsE+swhlFAGA4uGLXZ8tFs5A87VsdDbKWJ
+FIFtHwbTzl47T7T3VzYStN2d3UMFvIqlNlxZh9BdzzZemz6KF0xgJPN+3ROcTXhv
+LBPRXj58rlSZBJl2GsD+rkUS1hMxyxNqeAxEiHXplOVuwoYiEYNK+7ayze5ZY172
+Pk7JBZHn5Op08Bs7K7Mj
+=w5dZ
+-----END PGP SIGNATURE-----

share/security/patches/SA-16:23/libarchive.patch

@@ -0,0 +1,15 @@
+--- contrib/libarchive/libarchive/archive_write.c.orig
++++ contrib/libarchive/libarchive/archive_write.c
+@@ -459,8 +459,12 @@
+ _archive_write_data(struct archive *_a, const void *buff, size_t s)
+ {
+ 	struct archive_write *a = (struct archive_write *)_a;
++	const size_t max_write = INT_MAX;
+ 	__archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
+ 	    ARCHIVE_STATE_DATA, "archive_write_data");
++	/* In particular, this catches attempts to pass negative values. */
++	if (s > max_write)
++		s = max_write;
+ 	archive_clear_error(&a->archive);
+ 	return ((a->format_write_data)(a, buff, s));
+ }

share/security/patches/SA-16:23/libarchive.patch.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAABCgAGBQJXTcSUAAoJEO1n7NZdz2rnPOwQAOyBb2rb/PyT51f7lPYSyEBd
+xE5o17lluTyjaUVW5nkchw41DA9AHUuQ0UdflK2HQbKq154rO1h9r2rjnRX7N1/W
+agNExACW3CNg+VUbTvK6+G6sVrYXpvU4EWVAENj6puj8CIOye9l/HWbYi8eGNoKG
+phscberW7WJljUZgCr8Epx/SaqDsItwntPkjOgAg2PdgYpOsE+4RR6B2MRrpIuBk
+/EtQD5CDz4w8GsR4LfJNB25phkljKuH+SdbhZdQlG6vr3gAlEGqfSbcNCwH3q1Ug
+gexqOvYQ4fSH8bKpzlV43jjTq1GhaMzbjnEhfHyA7Hmvb5GnYl1zUZBDlWFjrPQz
+atwYsamSgdiMINCGbpiUi7APwKCM+bEAG9eRC6jvTQCW0LFBq8Gumj/PIeVPa4h8
+HDDjrb9+XotxPwLXYsZSn08JXjWwdBnYPAV5uwrpjOerFfFYhxU2mxtEHmbKIwgw
+8uPBborFzX0zj0iR/+ZQDOOO2eD9qC2WQKCywYVH9xO7veyWRuybUWs6Gs4BENXg
+oC6UGjpaHpEYb9lxzfSu7ur9gBfw2c24MnIB0Gbqg0XMzyIUEieIF+M37BVLWrH3
+OU3/gpP+k69bZHPT4JMJuHbAZIk0UuxxG+TTJIZG0z+h4I8XNyZfq6hEVB94LrrF
+xMEZNwPmeXPHaIRCaJb9
+=2/lb
+-----END PGP SIGNATURE-----

share/xml/advisories.xml

@@ -10,6 +10,26 @@
     <month>
       <name>5</name>
 
+      <day>
+        <name>31</name>
+
+        <advisory>
+          <name>FreeBSD-SA-16:23.libarchive</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-16:22.libarchive</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-16:21.43bsd</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-16:20.linux</name>
+        </advisory>
+      </day>
+
       <day>
         <name>17</name>