os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add SA-18:01, SA-18:02, EN-18:01, EN-18:02.

Browse source 
Approved by:	so
This commit is contained in:
Gordon Tetlow 2018-03-07 06:45:08 +00:00
parent da0f1f5085
commit e614d59b96
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=51463
15 changed files with 839 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

149
share/security/advisories/FreeBSD-EN-18:01.tzdata.asc Normal file
View file

@ -0,0 +1,149 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:01.tzdata Errata Notice
The FreeBSD Project
Topic: Timezone database information update
Category: contrib
Module: zoneinfo
Announced: 2018-03-07
Credits: Philip Paeps
Affects: All supported versions of FreeBSD
Corrected: 2018-01-27 13:29:55 UTC (stable/11, 11.1-STABLE)
2018-03-07 06:01:44 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-01-27 13:34:14 UTC (stable/10, 10.4-STABLE)
2018-03-07 06:01:44 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 06:01:44 UTC (releng/10.3, 10.3-RELEASE-p27)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The tzsetup(8) program allows the user to specify the default local timezone.
Based on the selected timezone, tzsetup(8) copies one of the files from
/usr/share/zoneinfo to /etc/localtime. This file actually controls the
conversion.
II. Problem Description
Several changes in Daylight Savings Time happened after previous FreeBSD
releases were released that would affect many people who live in different
countries. Because of these changes, the data in the zoneinfo files need to
be updated, and if the local timezone on the running system is affected,
tzsetup(8) needs to be run so the /etc/localtime is updated.
III. Impact
An incorrect time will be displayed on a system configured to use one of the
affected timezones if the /usr/share/zoneinfo and /etc/localtime files are
not updated, and all applications on the system that rely on the system time,
such as cron(8) and syslog(8), will be affected.
IV. Workaround
The system administrator can install an updated timezone database from the
misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected.
Applications that store and display times in Coordinated Universal Time (UTC)
are not affected.
V. Solution
Please note that some third party software, for instance PHP, Ruby, Java and
Perl, may be using different zoneinfo data source, in such cases this
software must be updated separately. For software packages that is installed
via binary packages, they can be upgraded by executing `pkg upgrade'.
Following the instructions in this Errata Notice will update all of the
zoneinfo files to be the same as what was released with FreeBSD release.
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date. Restart all the affected
applications and daemons, or reboot the system.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Restart all the affected applications and daemons, or reboot the system.
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch
# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch.asc
# gpg --verify tzdata-2018c.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all the affected applications and daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r328476
releng/10.3/ r330568
releng/10.4/ r330568
stable/11/ r328475
releng/11.1/ r330568
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-18:01.tzdata.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhfZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cJp7Q//fHWkVYNLtrjtWwhWdklnNdJq16V4Jnvd4bniw9O9tlWBZlQPwFB4Ez/l
GNLqamLhgakaFXFE9oISjqn1LvNZOoaIDKHVs9KRkTEWpGZaIVRVPyHkZsGImG4A
ale+8grJBcyepZPxXGbmEcPsrGPlOs5M3LsQabwEvuPW8yf9CLAh5IOkmD7r7qMJ
zbhLKW/rKQOq9Weka3XZSuVXXi1h536tmGPkQoj0S+k73d0X67E5jlFCOFo8Q/yh
qqsIXRNrvvfieVujUtTRwYrbCi6Omngj6lNZWCOO7QUNKd0YoEgsdj/tAxZ+cwwn
Z7J55ARBD+/dkRAFbZaqryPFuznDA3+bPS/oKJfyVdIDWC4gT38L8WUFMSRpeFbr
BdZMUdoxvj2NRjRejgO/kii7JDzg2+nztGmt8hw0z4lNt5ZXIc2W4+ou7oEaAr5i
YoM95ZxwnNe5JEgYXWOJ8f4krB1GICLk0KQZ38P1kP2jQRs52OtQKNBRw3UVZLEV
SnFSACTNYSQzE3CajEgVQ/cfg3+KMA0fYbYdmA5ZXekQqjSMPeqrui/z+9C57Bjm
6+4qTpzST8oJbNBOGlU2uncIcYllaWSrMQ2kRWmq73O/PUMhoPhukahPeYEMj8PR
STD8RLoN9Rp+6GdZfLndLBl6ZJHOFKY0yd6NYsGlj7AsjJwsgKw=
=mVpJ
-----END PGP SIGNATURE-----

144
share/security/advisories/FreeBSD-EN-18:02.file.asc Normal file
View file

@ -0,0 +1,144 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:02.file Errata Notice
The FreeBSD Project
Topic: Version and security update of file(1) and libmagic(3)
Category: contrib
Module: file
Announced: 2018-03-07
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-05 08:20:11 UTC (stable/11, 11.1-STABLE)
2018-03-07 06:04:25 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-02-05 08:50:34 UTC (stable/10, 10.4-STABLE)
2018-03-07 06:04:25 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 06:04:25 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2017-1000249
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The file(1) utility attempts to classify file system objects based on
filesystem, magic number and language tests.
The libmagic(3) library provides most of the functionality of file(1) and
may be used by other applications.
II. Problem Description
The file(1) utility contains a stack based buffer overflow when parsing
a specially crafted input file.
III. Impact
The issue lets an attacker overwrite a fixed 20 bytes stack buffer with
with a specially crafted .notes section in an ELF binary file.
IV. Workaround
No workaround is available, but systems where file(1) and other applications
using libmagic(3) are never run on untrusted input are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 10.3]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch.asc
# gpg --verify file-10.3.patch.asc
[FreeBSD 10.4]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch.asc
# gpg --verify file-10.4.patch.asc
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch.asc
# gpg --verify file-11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r328875
releng/10.3/ r330569
releng/10.4/ r330569
stable/11/ r328874
releng/11.1/ r330569
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-18:02.file.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cLAmg/+Ls59X/iLsmZiRvMiqfxI78P7FYuvTZ/6It0oaElmbswoaIDs3NF1c+II
lcKYwFyXPs4ge/9P4k4pz9bWN7IZcMlGuzDalWSpywF2y3I/6zCNOU2Xyzz4LLVx
wrLuWbTYqXFq6bgYsT8BBOANIadH5tjCfvO7DXOtRHyfUK5DJqsT+xMyv6R4Kncv
VnwjyBNkutT/kAkWYYdqJYLR7uhW2NmVk/57Un6lnGxsLUMgfL8jxzsTlGOa90q9
0fmGVTwkHxqfxqVSd9+lymISuuw4pg2Ar8bY0AKzMjhQTVMhEtLEsn0N+VbLg6Ns
6HCuPsYwDtGLJ8hd44JPCfbzxzOAW08flUwgu1U5E4e+sUIlKMTOhKxt/HrH+JFk
OyzLDytuv2364lMepThzO4++vWZkErxfa5uJFjjrax5w+WECyEddrUJG3HovOxMd
YXD/dBSulgxaAgVQLXhn1AI+BUR5rD59wsmi6rEYFDXhAfTxNtrHXp1vIoHiW4CO
a8jVPHfFcSuNzLfi+hE/QV8q2RWVOseYlOey0vme4h0upzi3HKQ8WPvUQUrHmDLw
D0Hmr6m9PpyoKFnh2UlM4RiEMf3RO4o4nkRHzPp40LPawzmOmilSmPwv/HasBe2z
X49GD/ortXLxn7UmGqjkIEApOo9me8lHxCYtODQC73BwZdFNrP4=
=PpWQ
-----END PGP SIGNATURE-----

144
share/security/advisories/FreeBSD-SA-18:01.ipsec.asc Normal file
View file

@ -0,0 +1,144 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:01.ipsec Security Advisory
The FreeBSD Project
Topic: ipsec validation and use-after-free
Category: core
Module: ipsec
Announced: 2018-03-07
Credits: Maxime Villard
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-24 13:04:02 UTC (stable/11, 11.1-STABLE)
2018-03-07 05:53:35 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-03-07 05:47:48 UTC (stable/10, 10.4-STABLE)
2018-03-07 05:53:35 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 05:53:35 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2018-6916
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
The IPsec suite of protocols provide network level security for IPv4 and IPv6
packets. FreeBSD includes software originally developed by the KAME project
which implements the various protocols that make up IPsec.
In IPsec, the IP Authentication Header (AH) is used to provide protection
against replay attacks and connectionless integrity and data origin
authentication for IP datagrams.
II. Problem Description
Due to a lack of strict checking, an attacker from a trusted host can
send a specially constructed IP packet that may lead to a system crash.
Additionally, a use-after-free vulnerability in the AH handling code could
cause unpredictable results.
III. Impact
Access to out of bounds or freed mbuf data can lead to a kernel panic or
other unpredictable results.
IV. Workaround
No workaround is available, but systems not using IPsec are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
And reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
And reboot the system
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 10.x]
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch.asc
# gpg --verify ipsec-10.patch.asc
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch.asc
# gpg --verify ipsec-11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r330565
releng/10.3/ r330566
releng/10.4/ r330566
stable/11/ r329907
releng/11.1/ r330566
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6916>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:01.ipsec.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhClfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cISCQ//f9bjAzuou4wlbaoVBp+csfE8qwJl0PJAs/guwO9dO/TMLrVzJ+oNtAIR
VO6T7j2uC/eLD80PFsGoTpDAm4O1gqcGGX4OZm/6rE/OdqC3/UhhqpMYke0ZdNuh
ugUyztXZkHuvsLgoR/peW9QqAxRRABTUWL0NPQU4YvtEpa5iOOkzNYuPQ9+dltQC
SXkbGDrHgHwMHSyoZ14eRffrlwOU+bYH7tdMvDzPyr3z4NhJSTJvKBy4dohCal9F
bQRjZSqsGGZ4D0T0BW88RpD3wRBj9s23bSgbcrR8tQvtwEN897S/oL0wtbFYVOQ+
p/ZgiVgV2JvB17m6Dnmt8+CQLEri+21l1NCF2rVMvMBUcZioiO3L43Z3dZNZfRb5
pknuSB6q0HEF5qE1sRIlT2WwH/6rd6VASQOb0NQRTBKNVM7ZU6+Q1PN56KjPhZmw
uVREGJ6fHz/MB58fOLkyhbhvcmL7Hz1CGQwQz1Qi05Gp5T2OYP9POJyK8e/EW+Gs
hiiErWezEWpVtHHfUpbudVlqlLp/Mc8LHlVOCIhnrEWH1zhgBX2Bx/WmELUerJz/
RjOKUdPTQwn8IVkXJfpj42IbxdCG8xvQN/NKWf01maa+Y2xLCtlg8H0I9/9zT80Q
bLdFKjj+M5ysz+bcSR4jl3pd2WMqpidXPvOjph5JcfNWDA5131I=
=Uzqo
-----END PGP SIGNATURE-----

200
share/security/advisories/FreeBSD-SA-18:02.ntp.asc Normal file
View file

@ -0,0 +1,200 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:02.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: contrib
Module: ntp
Announced: 2018-03-07
Credits: Network Time Foundation
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-28 09:01:03 UTC (stable/11, 11.1-STABLE)
2018-03-07 05:58:24 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-03-01 04:06:49 UTC (stable/10, 10.4-STABLE)
2018-03-07 05:58:24 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 05:58:24 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185,
CVE-2018-7183
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
used to synchronize the time of a computer system to a reference time
source.
II. Problem Description
The ctl_getitem() function is used by ntpd(8) to process incoming "mode 6"
packets. A malicious "mode 6" packet can be sent to an ntpd instance, and
if the ntpd instance is from 4.2.8p6 through 4.2.8p10, ctl_getitem() will
read past the end of its buffer. [CVE-2018-7182]
The ntpd(8) service can be vulnerable to Sybil attacks. If a system is
configured to use a trustedkey and if one is not using the feature introduced
in ntp-4.2.8p6 allowing an optional 4th field in the ntp.keys file to specify
which IPs can serve time, a malicious authenticated peer, i.e., one where the
attacker knows the private symmetric key, can create arbitrarily-many
ephemeral associations in order to win the clock selection of ntpd and modify
a victim's clock. [CVE-2018-7170]
The fix for NtpBug2952 was incomplete, and while it fixed one problem it
created another. Specifically, it drops bad packets before updating the
"received" timestamp. This means a third-party can inject a packet with
a zero-origin timestamp, meaning the sender wants to reset the association,
and the transmit timestamp in this bogus packet will be saved as the most
recent "received" timestamp. The real remote peer does not know this
value and this will disrupt the association until the association resets.
[CVE-2018-7184]
The NTP Protocol allows for both non-authenticated and authenticated
associations, in client/server, symmetric (peer), and several broadcast
modes. In addition to the basic NTP operational modes, symmetric mode and
broadcast servers can support an interleaved mode of operation. In
ntp-4.2.8p4, a bug was inadvertently introduced into the protocol engine that
allows a non-authenticated zero-origin (reset) packet to reset an
authenticated interleaved peer association. If an attacker can send a packet
with a zero-origin timestamp and the source IP address of the "other side" of
an interleaved association, the 'victim' ntpd will reset its association.
The attacker must continue sending these packets in order to maintain the
disruption of the association. [CVE-2018-7185]
The ntpq(8) utility is a monitoring and control program for ntpd. The
internal decodearr() function of ntpq(8) that is used to decode an array in
a response string when formatted data is being displayed. This is a problem
in affected versions of ntpq if a maliciously-altered ntpd returns an array
result that will trip this bug, or if a bad actor is able to read an ntpq(8)
request on its way to a remote ntpd server and forge and send a response
before the remote ntpd sends its response. It is potentially possible that
the malicious data could become injectable/executable code. [CVE-2017-7183]
III. Impact
Malicious remote attackers may be able to break time synchornization,
or cause the ntpq(8) utility to crash.
IV. Workaround
No workaround is available, but systems not running ntpd(8) or ntpq(8) are
not affected. Network administrators are advised to implement BCP-38 which
helps to reduce risk associated with the attacks.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
The ntpd service has to be restarted after the update. A reboot is
recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
The ntpd service has to be restarted after the update. A reboot is
recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch.asc
# gpg --verify ntp-11.1.patch.asc
[FreeBSD 10.4]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch.asc
# gpg --verify ntp-10.4.patch.asc
[FreeBSD 10.3]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch.asc
# gpg --verify ntp-10.3.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r330141
releng/10.3/ r330567
releng/10.4/ r330567
stable/11/ r330106
releng/11.1/ r330567
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7183>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cL9GQ/+PLffyegsvxKngL83XWG9UuHbcGG5aWbNwCecTEzNoCI72TI03aga0ge5
iLz5kW3SQvl8tsq778U4YbfFcCw6ifq2ws8asqNviv+u4AcJh7oD8CS3/kFuA9xM
zjAIrScdNR2taBJhBW3nwlb7RmDeKqydQ3OIxHVvs9Fj5Alc5ZEGezUjC2dueB+M
UdORg6GvHGMYQ+4AtBFRgZHAU3BFkwmgqsIICywYnUVH+AxKj34shs/pMMeJd/d9
a+BIu/tUjAIlQp23VunNAfq7r2eZik9LOV8Y5l1Ww7+K1IwlwezxI+Iw18BMFEVn
L9baBY9RFh8v/yrZCBqUc7Prhs3ExU/lnAb05Va7TYeD4RXVmSU0jNXi/przN3y2
PR7Z3JCm60mFKyp0/Hz2MmS1XPBVBrW4P6g9hH8TZmOHb2mZlK3zDXmil7HKp5DK
UhtMJpPEWV9k5rfP8iijHJnwkPr0ALntMUAAKUyw/6isVtHT6BZLaYsZvRYIm8YY
Mn2RUl74m+XoIhQ8R4mxRcaAHwKKXyeyP5nlAs6TQVb9QJukoRiNDr3g8TwbtT54
iTswVu+z/a89/YIwJoc6Ud7eCZSDYe6qfuC19TVuledayjjy/ZPMH0ZkNWFWJ3AE
VAvdyvoUuNbmsv42o4AUtpE/1CmDqOjwBRZZbtV4CONCDFpk26o=
=D2ov
-----END PGP SIGNATURE-----

18
share/security/patches/EN-18:01/tzdata-2018c.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhhBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cIvlxAAhTIfNoLtwN+UJxpf6IX74iSYuN2xgaF5qm8iJ2Zhox+ix7EnPDzla9As
xnyuprVjU07f5JrkI2N49bf8axp4txLRkxcdm8yfin/M+XPMjcWhjG+iqwp0ipOn
qF2hHTSm70AREzZe9Lo5shQtVbotGG4yUxnb/M5+MYfhSFGBR//YF9p3kmVd7tPA
TuU7x4W7d4EbBoHBsVZb1q/Zei0ksCutg2Y0Jk8b+zjsdeFHP8sv5XyTFibZfTyg
Se64DVvwxoctZuucdnf+b83C6P2dH5m6MQC8TTK8BkHnRJALfxrlV+pwiBeJrqWZ
EMlKv6ZYoaRut1DbEIcY5ddNEajrbRB/uK8M/RNVdlw9ykE9nUqHozs8ZgAcj+EV
IQJIvKK9t11tZ5V+0Ctu6EYPXVxmmmiIWG5HA/bD5BjYuGxpf8tpLgVysUW89mYd
XP1cbWdXXSlb1bz2Op7PrsErI9K1tzB117i7DPNby1Pe6C0y7Oz8e6Dq5/hvxgAT
hvHAOPOonIZrJiQUxKPFW4fUdClJU9v2Xz4TjiBbCSOBaZNa03Nhzo+Scw+ZpwvC
BRketOTM/Vc8jmVP5gk3ROG8q1VUeBtO23iZTuYJIu5ON6EnMBf2xOBEGfqu3Nho
GSSteXDAAWLXT2G484IVDLESQheeugLuIQOMTJaBIlqkvbU6MhE=
=/Wzs
-----END PGP SIGNATURE-----

18
share/security/patches/EN-18:02/file-10.3.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cKL4BAAo/it8SSAmCG+oS/VgCuPNDw6zOIM9qDEA5X5jWxp/uOMlCpQOuKlzOgf
qaOGfGPAoTkKPQnmCnDWIwYJWVkTRVnNi7qkKUMg3pBLCsc0HHcBhe3jsfBgfQYl
J4nJvSz3mc3+tBm0C4idX/fprzZhBNJXQ2lgxzsBPK6+DWXyBCWVyjEllIttynky
lYkPnUPRxl75Cbd0XtzDZKROobpJkch9RQnkcEHmn63QSzjHovqYdtUalJVBYGJy
yGie3CmEeYymUxjMnDowZtJJXXttzySyJwwRaRohEDf46sDDIdZaDL3Qp1hUfDH8
16Op/fTSSUdEgL4Xoxil2oQ/9hT4VbE1pYKqHdB1Ii35KXpceNIV3PHYf5PmVt37
2i8VUGrfBUtbpE71dPmVZ9pTw/3tsmVHFzBm5d4+qqcfgrTeyWLyQwISfsq3Wmj6
swUmOUFGXn+P7lRrUXR+3NppwCT3J4hOrvq3/PMScsP+toSsa7ibbtjDr0ssUcv0
IduTu22+OpKF+qxT1+17Se8Jcv30HngzEAERdICexqM76KtsA00lUGuWH4pzF4ta
uWSq3x8M93p+CO0HxEKnA3fR6hNazJsqvo8CX6oUgrjX2hKqMTsiWKkwKeTAbEVO
R3KWVB5fAXMxaLtIz3/iBZ11x+aSiWQr+N1UHOzjt/iUg/fYad0=
=l4Y6
-----END PGP SIGNATURE-----

18
share/security/patches/EN-18:02/file-10.4.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cIUYA/6Aky+p3kYOQx1W6Xl3QmOEzy1sTc9kBXHbOgilyYzwC9qh0JLC1xCz1he
S06EG6BCoJCJ460FAb7qIG4KRREwyc5zHoWRlNfzfoGB+ablScZzJ7fGP25Rgtv0
WvwObJwQQI/qL4xT/LsYgDzD5p1Qq6c81NzmArGpqMu7LCV9MwvS9aTqDVsqmIyV
mmrQAFYUrObVeFAYEAF6YbmsQCAygt/LwmoJNbD7cT+gnJXjf0tkdReEKFR+WGdI
X7a2xKSvNshPGOCNrOzDd25VpibgM3vEqaZx3AVTDjBX0TQQdrCsWVrd4pFvE7Nv
rCqJ/JwhtYT6ZrQnPpPEIVVw02KZX1XVzjBDEhSyOWkJ02zS4vIv5qWzedRCe1Oc
C4qHrB6tZTfXBjv/3wAbiZWlhObaWSOvfQSvnwdPP71mAXauId56xB/Nd8vbP0yP
oYuvtrPhX375wwph66zwjh1Qv6CxMelHmcPfKeiJUeewIOno2oOc0+fvPEAt4ONy
TH9ih92JxWpftq/EYjclQW5qQRIDUAquBh/RoFMJFD2PhATz/XwCdd574Wnl4sv8
C+k/vhnNSD4TG8Zv8Pn6A8KQZeK3WU8oTvnVjJTOmjap60L1TiSHqToC0kb9Fufz
T/TEFlUPhmjpyUurF4ro3tyxfKI5hZl/9bF57nEssd18qeyO2AY=
=my4y
-----END PGP SIGNATURE-----

18
share/security/patches/EN-18:02/file-11.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cIUYA/6Aky+p3kYOQx1W6Xl3QmOEzy1sTc9kBXHbOgilyYzwC9qh0JLC1xCz1he
S06EG6BCoJCJ460FAb7qIG4KRREwyc5zHoWRlNfzfoGB+ablScZzJ7fGP25Rgtv0
WvwObJwQQI/qL4xT/LsYgDzD5p1Qq6c81NzmArGpqMu7LCV9MwvS9aTqDVsqmIyV
mmrQAFYUrObVeFAYEAF6YbmsQCAygt/LwmoJNbD7cT+gnJXjf0tkdReEKFR+WGdI
X7a2xKSvNshPGOCNrOzDd25VpibgM3vEqaZx3AVTDjBX0TQQdrCsWVrd4pFvE7Nv
rCqJ/JwhtYT6ZrQnPpPEIVVw02KZX1XVzjBDEhSyOWkJ02zS4vIv5qWzedRCe1Oc
C4qHrB6tZTfXBjv/3wAbiZWlhObaWSOvfQSvnwdPP71mAXauId56xB/Nd8vbP0yP
oYuvtrPhX375wwph66zwjh1Qv6CxMelHmcPfKeiJUeewIOno2oOc0+fvPEAt4ONy
TH9ih92JxWpftq/EYjclQW5qQRIDUAquBh/RoFMJFD2PhATz/XwCdd574Wnl4sv8
C+k/vhnNSD4TG8Zv8Pn6A8KQZeK3WU8oTvnVjJTOmjap60L1TiSHqToC0kb9Fufz
T/TEFlUPhmjpyUurF4ro3tyxfKI5hZl/9bF57nEssd18qeyO2AY=
=my4y
-----END PGP SIGNATURE-----

18
share/security/patches/SA-18:01/ipsec-10.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhGpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cKa+BAAg4G75ea9cM88a8lYwbYhkJtBXtFKI0ct0k0cur083WGBfwiAjvLvulas
wTC4agKfFYViZpk7/gXNtfwNsSwM25mA5qTUOgDErA1SbdQqKcZc+bH3NfeMdSwa
eeQ6xC4qBqgTINE8waXNal1IktqOy3/i/K/Glx6w2UDQrrH1s8PrHDjZBOm0cVlv
n3jM5jVUjIM4otfJxmdleMaF/NEWCbe6JoPxx5/rrPWjm/ZKa+t3Cbz4FNzl4PHO
IInFo6k0u9SKtdaAkGuEIOLtEwfULGcGATONxTGj62T7Yd+3NsmqKsj4eXQv2Aoo
Ez+GRws+QQcQqTHDnqNtAMuRfNXyHnmgKDTxH9DS4uWKIJjjungRJ2OCySSRelPX
GJmnljcuEr0zOx2JkRRKm3opOWRruqh2juFZr2vUD3eiWApqouWt2Jv4ddzuSBBZ
6uFdZJtrvwKIUhEE30V6XRIQOXc/QSQygfPgJ4lGNKMyv/IKOmZeT1JtYoU8a74I
3aX5grnV/fDQgjP6Ks2jwKuMrm9jcJYWEhnhg/rJFaHKcOFmdBde0I4RCraIhCgA
GX3uCFZRotYerNP2DeLhRuWsn4N6S3bAvAO/ICO2NYQEQe4WbVPF9TJNoXf3MBDd
HEAL5iNSD3PYCxmD7m2jAVb+Y0oDMlnsLxpM5eZZQtpNy2QWrjc=
=9maD
-----END PGP SIGNATURE-----

18
share/security/patches/SA-18:01/ipsec-11.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhGpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cLA2g/5AVOghpXVRDHm4763KS/M3PudEMuXyZfeRYB9pg1KyQOffJvIrTlIYcel
tJA+bf1AbQ9cawmV/vXaEJAY8weBSSrQcmn2ixlygb1dBc2HVxeQgiI9rcBSCs0M
LcHpEke2oKsqqmAbIUjRlfA5zEwBtWjI93bpDALsdqR0gLMqPOaK7aixVdnfjF9a
LWMnpQvOQto0klCNBoItsJn90FR9PtkcnyftnsI1nPV/bTszFmGL3tDHWMTV88bo
p+fZLayXX2Axcxy0FZl1p1Ufh2FmOkipR9c/i1KF6qqhPB7Y9INutJime3vuwLBQ
LVPLpH5gJwktKdRQIpkH4FMzGkA6vlXzNYV4W7oV7YCjUhV5ZzxiGOtMtU/K2RWE
kyA7mueqN3rh530EZ+ot1XiQkVCDHe/CHxxMjfs8wWkcLEUllIEma8toFvLqa3pE
qGAaQG54owj7MuZfs5TAYJsZmZ4FAcTpyC6zf5cOOTRdy786T206j04ID1tAzsbx
HcITdMnxRCKOKOzZXBpad4zwxnPHhZfuJ/mIG4IAYVJkiGlimdQ2V2E3h5TqSxKP
df+XFc21ESmy1EuWuZ6su1qQmLrPoJFqor/lJ/tSR4V8SuSUjRmB8YX8/3NZHCuK
eBE3uCX9Sm+Ef3b0En6izidwLZiSR+E/iNSvuftU75J0AB2SI/w=
=ZkFm
-----END PGP SIGNATURE-----

18
share/security/patches/SA-18:02/ntp-10.3.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cKJxRAAhyl9KM4ZY0lA6JpeYUu8xRAu2cskH7c4jydBhIkjSl/vW31+R12IWiCO
oql6km8dSpLKXEbWKDxJPIlUHjZVTQNxJpv4Hlee+IFH2y/0xQ6Dx1nn8HE8xl23
j62wCtJcHTorShWZXWLo4Jb+0mi91c8LZ8SO3XwXqfULfj0XLtilKVH/Sv4/58KC
csYmyGf3gQwPD/lWyMCH5r7/zdoHv3tJDM2klhDY4Wf2jFKtVj68iu5cTaco6saV
lxnbxTSX1r2SbZi3uIhJBgUKdJHuI6l4p/F0SwdDXu6tBWfYNF/ul1ZjCgFM28yA
fiXuHa+KQlxzkNnQ4RxMD+Wtw83WADGabFfzTBXmVbdGKt8gAd9l81c3HohQgDQw
dRSZmHq/QR8kFNQfBixo+JgzqLFgM6lryrPoVBo5Oh8MEmKY9796YJt2932Ki6BA
ctkIaoRuBERPTYtjE30zMaVkeQY8UEQjVAw4aoTHglUFEddAilY1/bRL3psL3I3U
YN4wnbL1QqAwnicFE2r43iGr+eYn5jXm9dwAf31E2al4/2yQxrSa/Lc6GyH1jeC6
KNZ9shnhKhyK8Azk7p8mKWL2t557GMdX7tzU7tJ5I6pOF9d+OChcnQ6Gtu2EJ7wP
uf4CKXSLsu9J2Xiwig9X8MFQA2TfxCg8q1I/JucRGLbbRxzxEq8=
=iYV1
-----END PGP SIGNATURE-----

18
share/security/patches/SA-18:02/ntp-10.4.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cK/dRAAk2pm/ZGwjquO0bC93OyWgdqzraNBTWl1QuHa3w4g3dDuJ0zOVyWe1fMf
YQLItXv57xjA14FUdNorz/0Zb0Sd8X+hE6adghHtoP00mdYxAGlTQlmn73T1hwHs
k633aBdp3gJ0R87fspeBl6nZNhrIN4Th273U7VTrQOh2RTY90KkFS1GZGIFFVeOc
dhxcJS4pYdggoH4SIVnhyGmRtdy4UINit2QgBI7IH8JqZQXWKkYWKhvEBTRs+BbF
RzxWUSRrZtfW1IBJ0u0+g0b8tFAexNt3xgRxOxTguAGcQ/AjrWmt6Tic/T5i65gl
+Jny0XdH67n66IZk5G2qUHYvGcaEw7vCjzRPGyKMYCt57LbBt1dxDFrm0Se1D7vI
T/UPHSgkACp+LurkWNsykGFyG+WIecQq+MyHjt6cE2IXZVVzmE6v6XfMMQcuUlq2
6Box2Y/1fS+A6B9fN7uD1lsSicHMZ1m03UH9t4dsMqrrwlorki8+6FV88Kalf2Mb
xqaxaPhg7VJlDZ8SVqUJMRHwiaig2b5U75E+WzSyl13KUCbWnrM71ndG9q+2Pujl
n9G3oUQ5cR9cFV0Ow5br/+XLyQn1saP+ipQ9U04KC2pq1XIGRX1BJV+l2Ijz3O5B
Tj96N/g6yOwbqmZo102kJSwIGEXImscKBXRT7+ldOoHoFCJ1jYE=
=fnry
-----END PGP SIGNATURE-----

18
share/security/patches/SA-18:02/ntp-11.1.patch.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP SIGNATURE-----
iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cKuYBAAn/SwhJm6JonngCaPLNI/Ak8y8layW2KJGQ01wJBntFDbiIScGe+SMfUm
KpeKCtzrwyWxs+8kAEaDgpclovFD7pMSKcPMROC4z1TK9cHgZxY5naWnUnKMl0j2
XSSbqCg+w3KYJSbDo2bkF/yJEM8nkS2Cj0pTNHvUvIyAE5Ph6mAQcX38uDUUJhg2
R3AVFY5SKBW0v3ZMcmOTPmj6IjLe59cZh9qgbmY6f4wJx8ywAawkjRNHyf2w9z7O
jdgqFfVU8fYl9r4/whKkqyPk3HbjqPPoq3YZ4uX4DpkMFBixwpitG1C8oRRRTEgc
MW5Manq4PYXeC7zX9cRPAn66sjWoZQN3R41JHCGN9YxzSpZEK9oIp6XnO9i22KzE
RUMU+CXaT2OAmdjIHXB+GpxRzq1WGFbsYfRGTAkdxi4uDc12YCzumCXKFXhuqne9
G1tfDWk091DbFlRJFB6w44Bq4/t3PEETAJKrrJRDyGWBp38/D9Kzwxuf/LzYFGv6
Ip3ccbXkbDNafE4JOgK0VjWfRgHfeSG1VVMhdGGhHPnw7vTl0NW82XVUmaS2mMUm
9CY/5dYq/d9MIgZybg7xrBKHfbazI5IWK0cdmHfYvPL5rSrdtmNJgTa6zJ4Hw1d9
In40AnGJFBKSdCkcW1itABPIKYGHtwbISI251TaVJSgj6TweOFI=
=OQFZ
-----END PGP SIGNATURE-----

20
share/xml/advisories.xml
View file

@ -4,6 +4,26 @@
$FreeBSD$
</cvs:keyword>
<year>
<name>2018</name>
<month>
<name>3</name>
<day>
<name>7</name>
<advisory>
<name>FreeBSD-SA-18:01.ipsec</name>
</advisory>
<advisory>
<name>FreeBSD-SA-18:02.ntp</name>
</advisory>
</day>
</month>
</year>
<year>
<name>2017</name>

20
share/xml/notices.xml
View file

@ -4,6 +4,26 @@
$FreeBSD$
</cvs:keyword>
<year>
<name>2018</name>
<month>
<name>3</name>
<day>
<name>7</name>
<notice>
<name>FreeBSD-EN-18:01.tzdata</name>
</notice>
<notice>
<name>FreeBSD-EN-18:02.file</name>
</notice>
</day>
</month>
</year>
<year>
<name>2017</name>