diff --git a/share/security/advisories/FreeBSD-EN-18:01.tzdata.asc b/share/security/advisories/FreeBSD-EN-18:01.tzdata.asc
new file mode 100644
index 0000000000..382de9e884
--- /dev/null
+++ b/share/security/advisories/FreeBSD-EN-18:01.tzdata.asc
@@ -0,0 +1,149 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-18:01.tzdata Errata Notice
+ The FreeBSD Project
+
+Topic: Timezone database information update
+
+Category: contrib
+Module: zoneinfo
+Announced: 2018-03-07
+Credits: Philip Paeps
+Affects: All supported versions of FreeBSD
+Corrected: 2018-01-27 13:29:55 UTC (stable/11, 11.1-STABLE)
+ 2018-03-07 06:01:44 UTC (releng/11.1, 11.1-RELEASE-p7)
+ 2018-01-27 13:34:14 UTC (stable/10, 10.4-STABLE)
+ 2018-03-07 06:01:44 UTC (releng/10.4, 10.4-RELEASE-p6)
+ 2018-03-07 06:01:44 UTC (releng/10.3, 10.3-RELEASE-p27)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+.
+
+I. Background
+
+The tzsetup(8) program allows the user to specify the default local timezone.
+Based on the selected timezone, tzsetup(8) copies one of the files from
+/usr/share/zoneinfo to /etc/localtime. This file actually controls the
+conversion.
+
+II. Problem Description
+
+Several changes in Daylight Savings Time happened after previous FreeBSD
+releases were released that would affect many people who live in different
+countries. Because of these changes, the data in the zoneinfo files need to
+be updated, and if the local timezone on the running system is affected,
+tzsetup(8) needs to be run so the /etc/localtime is updated.
+
+III. Impact
+
+An incorrect time will be displayed on a system configured to use one of the
+affected timezones if the /usr/share/zoneinfo and /etc/localtime files are
+not updated, and all applications on the system that rely on the system time,
+such as cron(8) and syslog(8), will be affected.
+
+IV. Workaround
+
+The system administrator can install an updated timezone database from the
+misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected.
+
+Applications that store and display times in Coordinated Universal Time (UTC)
+are not affected.
+
+V. Solution
+
+Please note that some third party software, for instance PHP, Ruby, Java and
+Perl, may be using different zoneinfo data source, in such cases this
+software must be updated separately. For software packages that is installed
+via binary packages, they can be upgraded by executing `pkg upgrade'.
+
+Following the instructions in this Errata Notice will update all of the
+zoneinfo files to be the same as what was released with FreeBSD release.
+
+Perform one of the following:
+
+1) Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date. Restart all the affected
+applications and daemons, or reboot the system.
+
+2) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+Restart all the affected applications and daemons, or reboot the system.
+
+3) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch
+# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch.asc
+# gpg --verify tzdata-2018c.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in .
+
+Restart all the affected applications and daemons, or reboot the system.
+
+VI. Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path Revision
+- -------------------------------------------------------------------------
+stable/10/ r328476
+releng/10.3/ r330568
+releng/10.4/ r330568
+stable/11/ r328475
+releng/11.1/ r330568
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+
+
+VII. References
+
+The latest revision of this advisory is available at
+
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhfZfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cJp7Q//fHWkVYNLtrjtWwhWdklnNdJq16V4Jnvd4bniw9O9tlWBZlQPwFB4Ez/l
+GNLqamLhgakaFXFE9oISjqn1LvNZOoaIDKHVs9KRkTEWpGZaIVRVPyHkZsGImG4A
+ale+8grJBcyepZPxXGbmEcPsrGPlOs5M3LsQabwEvuPW8yf9CLAh5IOkmD7r7qMJ
+zbhLKW/rKQOq9Weka3XZSuVXXi1h536tmGPkQoj0S+k73d0X67E5jlFCOFo8Q/yh
+qqsIXRNrvvfieVujUtTRwYrbCi6Omngj6lNZWCOO7QUNKd0YoEgsdj/tAxZ+cwwn
+Z7J55ARBD+/dkRAFbZaqryPFuznDA3+bPS/oKJfyVdIDWC4gT38L8WUFMSRpeFbr
+BdZMUdoxvj2NRjRejgO/kii7JDzg2+nztGmt8hw0z4lNt5ZXIc2W4+ou7oEaAr5i
+YoM95ZxwnNe5JEgYXWOJ8f4krB1GICLk0KQZ38P1kP2jQRs52OtQKNBRw3UVZLEV
+SnFSACTNYSQzE3CajEgVQ/cfg3+KMA0fYbYdmA5ZXekQqjSMPeqrui/z+9C57Bjm
+6+4qTpzST8oJbNBOGlU2uncIcYllaWSrMQ2kRWmq73O/PUMhoPhukahPeYEMj8PR
+STD8RLoN9Rp+6GdZfLndLBl6ZJHOFKY0yd6NYsGlj7AsjJwsgKw=
+=mVpJ
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-EN-18:02.file.asc b/share/security/advisories/FreeBSD-EN-18:02.file.asc
new file mode 100644
index 0000000000..3fa8fb1fff
--- /dev/null
+++ b/share/security/advisories/FreeBSD-EN-18:02.file.asc
@@ -0,0 +1,144 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-18:02.file Errata Notice
+ The FreeBSD Project
+
+Topic: Version and security update of file(1) and libmagic(3)
+
+Category: contrib
+Module: file
+Announced: 2018-03-07
+Affects: All supported versions of FreeBSD.
+Corrected: 2018-02-05 08:20:11 UTC (stable/11, 11.1-STABLE)
+ 2018-03-07 06:04:25 UTC (releng/11.1, 11.1-RELEASE-p7)
+ 2018-02-05 08:50:34 UTC (stable/10, 10.4-STABLE)
+ 2018-03-07 06:04:25 UTC (releng/10.4, 10.4-RELEASE-p6)
+ 2018-03-07 06:04:25 UTC (releng/10.3, 10.3-RELEASE-p27)
+CVE Name: CVE-2017-1000249
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+.
+
+I. Background
+
+The file(1) utility attempts to classify file system objects based on
+filesystem, magic number and language tests.
+
+The libmagic(3) library provides most of the functionality of file(1) and
+may be used by other applications.
+
+II. Problem Description
+
+The file(1) utility contains a stack based buffer overflow when parsing
+a specially crafted input file.
+
+III. Impact
+
+The issue lets an attacker overwrite a fixed 20 bytes stack buffer with
+with a specially crafted .notes section in an ELF binary file.
+
+IV. Workaround
+
+No workaround is available, but systems where file(1) and other applications
+using libmagic(3) are never run on untrusted input are not vulnerable.
+
+V. Solution
+
+Perform one of the following:
+
+1) Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+2) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+3) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 10.3]
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch.asc
+# gpg --verify file-10.3.patch.asc
+
+[FreeBSD 10.4]
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch.asc
+# gpg --verify file-10.4.patch.asc
+
+[FreeBSD 11.1]
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch
+# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch.asc
+# gpg --verify file-11.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in .
+
+Restart all daemons that use the library, or reboot the system.
+
+VI. Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path Revision
+- -------------------------------------------------------------------------
+stable/10/ r328875
+releng/10.3/ r330569
+releng/10.4/ r330569
+stable/11/ r328874
+releng/11.1/ r330569
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+
+
+VII. References
+
+
+
+The latest revision of this advisory is available at
+
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmJfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cLAmg/+Ls59X/iLsmZiRvMiqfxI78P7FYuvTZ/6It0oaElmbswoaIDs3NF1c+II
+lcKYwFyXPs4ge/9P4k4pz9bWN7IZcMlGuzDalWSpywF2y3I/6zCNOU2Xyzz4LLVx
+wrLuWbTYqXFq6bgYsT8BBOANIadH5tjCfvO7DXOtRHyfUK5DJqsT+xMyv6R4Kncv
+VnwjyBNkutT/kAkWYYdqJYLR7uhW2NmVk/57Un6lnGxsLUMgfL8jxzsTlGOa90q9
+0fmGVTwkHxqfxqVSd9+lymISuuw4pg2Ar8bY0AKzMjhQTVMhEtLEsn0N+VbLg6Ns
+6HCuPsYwDtGLJ8hd44JPCfbzxzOAW08flUwgu1U5E4e+sUIlKMTOhKxt/HrH+JFk
+OyzLDytuv2364lMepThzO4++vWZkErxfa5uJFjjrax5w+WECyEddrUJG3HovOxMd
+YXD/dBSulgxaAgVQLXhn1AI+BUR5rD59wsmi6rEYFDXhAfTxNtrHXp1vIoHiW4CO
+a8jVPHfFcSuNzLfi+hE/QV8q2RWVOseYlOey0vme4h0upzi3HKQ8WPvUQUrHmDLw
+D0Hmr6m9PpyoKFnh2UlM4RiEMf3RO4o4nkRHzPp40LPawzmOmilSmPwv/HasBe2z
+X49GD/ortXLxn7UmGqjkIEApOo9me8lHxCYtODQC73BwZdFNrP4=
+=PpWQ
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc b/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc
new file mode 100644
index 0000000000..a4e2dfeebe
--- /dev/null
+++ b/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc
@@ -0,0 +1,144 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-18:01.ipsec Security Advisory
+ The FreeBSD Project
+
+Topic: ipsec validation and use-after-free
+
+Category: core
+Module: ipsec
+Announced: 2018-03-07
+Credits: Maxime Villard
+Affects: All supported versions of FreeBSD.
+Corrected: 2018-02-24 13:04:02 UTC (stable/11, 11.1-STABLE)
+ 2018-03-07 05:53:35 UTC (releng/11.1, 11.1-RELEASE-p7)
+ 2018-03-07 05:47:48 UTC (stable/10, 10.4-STABLE)
+ 2018-03-07 05:53:35 UTC (releng/10.4, 10.4-RELEASE-p6)
+ 2018-03-07 05:53:35 UTC (releng/10.3, 10.3-RELEASE-p27)
+CVE Name: CVE-2018-6916
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit .
+
+I. Background
+
+The IPsec suite of protocols provide network level security for IPv4 and IPv6
+packets. FreeBSD includes software originally developed by the KAME project
+which implements the various protocols that make up IPsec.
+
+In IPsec, the IP Authentication Header (AH) is used to provide protection
+against replay attacks and connectionless integrity and data origin
+authentication for IP datagrams.
+
+II. Problem Description
+
+Due to a lack of strict checking, an attacker from a trusted host can
+send a specially constructed IP packet that may lead to a system crash.
+
+Additionally, a use-after-free vulnerability in the AH handling code could
+cause unpredictable results.
+
+III. Impact
+
+Access to out of bounds or freed mbuf data can lead to a kernel panic or
+other unpredictable results.
+
+IV. Workaround
+
+No workaround is available, but systems not using IPsec are not vulnerable.
+
+V. Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+And reboot the system.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+And reboot the system
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 10.x]
+# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch
+# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch.asc
+# gpg --verify ipsec-10.patch.asc
+
+[FreeBSD 11.1]
+# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch
+# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch.asc
+# gpg --verify ipsec-11.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+ and reboot the
+system.
+
+VI. Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path Revision
+- -------------------------------------------------------------------------
+stable/10/ r330565
+releng/10.3/ r330566
+releng/10.4/ r330566
+stable/11/ r329907
+releng/11.1/ r330566
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+
+
+VII. References
+
+
+
+The latest revision of this advisory is available at
+
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhClfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cISCQ//f9bjAzuou4wlbaoVBp+csfE8qwJl0PJAs/guwO9dO/TMLrVzJ+oNtAIR
+VO6T7j2uC/eLD80PFsGoTpDAm4O1gqcGGX4OZm/6rE/OdqC3/UhhqpMYke0ZdNuh
+ugUyztXZkHuvsLgoR/peW9QqAxRRABTUWL0NPQU4YvtEpa5iOOkzNYuPQ9+dltQC
+SXkbGDrHgHwMHSyoZ14eRffrlwOU+bYH7tdMvDzPyr3z4NhJSTJvKBy4dohCal9F
+bQRjZSqsGGZ4D0T0BW88RpD3wRBj9s23bSgbcrR8tQvtwEN897S/oL0wtbFYVOQ+
+p/ZgiVgV2JvB17m6Dnmt8+CQLEri+21l1NCF2rVMvMBUcZioiO3L43Z3dZNZfRb5
+pknuSB6q0HEF5qE1sRIlT2WwH/6rd6VASQOb0NQRTBKNVM7ZU6+Q1PN56KjPhZmw
+uVREGJ6fHz/MB58fOLkyhbhvcmL7Hz1CGQwQz1Qi05Gp5T2OYP9POJyK8e/EW+Gs
+hiiErWezEWpVtHHfUpbudVlqlLp/Mc8LHlVOCIhnrEWH1zhgBX2Bx/WmELUerJz/
+RjOKUdPTQwn8IVkXJfpj42IbxdCG8xvQN/NKWf01maa+Y2xLCtlg8H0I9/9zT80Q
+bLdFKjj+M5ysz+bcSR4jl3pd2WMqpidXPvOjph5JcfNWDA5131I=
+=Uzqo
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-SA-18:02.ntp.asc b/share/security/advisories/FreeBSD-SA-18:02.ntp.asc
new file mode 100644
index 0000000000..90cf3fb42c
--- /dev/null
+++ b/share/security/advisories/FreeBSD-SA-18:02.ntp.asc
@@ -0,0 +1,200 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-18:02.ntp Security Advisory
+ The FreeBSD Project
+
+Topic: Multiple vulnerabilities of ntp
+
+Category: contrib
+Module: ntp
+Announced: 2018-03-07
+Credits: Network Time Foundation
+Affects: All supported versions of FreeBSD.
+Corrected: 2018-02-28 09:01:03 UTC (stable/11, 11.1-STABLE)
+ 2018-03-07 05:58:24 UTC (releng/11.1, 11.1-RELEASE-p7)
+ 2018-03-01 04:06:49 UTC (stable/10, 10.4-STABLE)
+ 2018-03-07 05:58:24 UTC (releng/10.4, 10.4-RELEASE-p6)
+ 2018-03-07 05:58:24 UTC (releng/10.3, 10.3-RELEASE-p27)
+CVE Name: CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185,
+ CVE-2018-7183
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit .
+
+I. Background
+
+The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
+used to synchronize the time of a computer system to a reference time
+source.
+
+II. Problem Description
+
+The ctl_getitem() function is used by ntpd(8) to process incoming "mode 6"
+packets. A malicious "mode 6" packet can be sent to an ntpd instance, and
+if the ntpd instance is from 4.2.8p6 through 4.2.8p10, ctl_getitem() will
+read past the end of its buffer. [CVE-2018-7182]
+
+The ntpd(8) service can be vulnerable to Sybil attacks. If a system is
+configured to use a trustedkey and if one is not using the feature introduced
+in ntp-4.2.8p6 allowing an optional 4th field in the ntp.keys file to specify
+which IPs can serve time, a malicious authenticated peer, i.e., one where the
+attacker knows the private symmetric key, can create arbitrarily-many
+ephemeral associations in order to win the clock selection of ntpd and modify
+a victim's clock. [CVE-2018-7170]
+
+The fix for NtpBug2952 was incomplete, and while it fixed one problem it
+created another. Specifically, it drops bad packets before updating the
+"received" timestamp. This means a third-party can inject a packet with
+a zero-origin timestamp, meaning the sender wants to reset the association,
+and the transmit timestamp in this bogus packet will be saved as the most
+recent "received" timestamp. The real remote peer does not know this
+value and this will disrupt the association until the association resets.
+[CVE-2018-7184]
+
+The NTP Protocol allows for both non-authenticated and authenticated
+associations, in client/server, symmetric (peer), and several broadcast
+modes. In addition to the basic NTP operational modes, symmetric mode and
+broadcast servers can support an interleaved mode of operation. In
+ntp-4.2.8p4, a bug was inadvertently introduced into the protocol engine that
+allows a non-authenticated zero-origin (reset) packet to reset an
+authenticated interleaved peer association. If an attacker can send a packet
+with a zero-origin timestamp and the source IP address of the "other side" of
+an interleaved association, the 'victim' ntpd will reset its association.
+The attacker must continue sending these packets in order to maintain the
+disruption of the association. [CVE-2018-7185]
+
+The ntpq(8) utility is a monitoring and control program for ntpd. The
+internal decodearr() function of ntpq(8) that is used to decode an array in
+a response string when formatted data is being displayed. This is a problem
+in affected versions of ntpq if a maliciously-altered ntpd returns an array
+result that will trip this bug, or if a bad actor is able to read an ntpq(8)
+request on its way to a remote ntpd server and forge and send a response
+before the remote ntpd sends its response. It is potentially possible that
+the malicious data could become injectable/executable code. [CVE-2017-7183]
+
+III. Impact
+
+Malicious remote attackers may be able to break time synchornization,
+or cause the ntpq(8) utility to crash.
+
+IV. Workaround
+
+No workaround is available, but systems not running ntpd(8) or ntpq(8) are
+not affected. Network administrators are advised to implement BCP-38 which
+helps to reduce risk associated with the attacks.
+
+V. Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+The ntpd service has to be restarted after the update. A reboot is
+recommended but not required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+The ntpd service has to be restarted after the update. A reboot is
+recommended but not required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 11.1]
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch.asc
+# gpg --verify ntp-11.1.patch.asc
+
+[FreeBSD 10.4]
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch.asc
+# gpg --verify ntp-10.4.patch.asc
+
+[FreeBSD 10.3]
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch
+# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch.asc
+# gpg --verify ntp-10.3.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in .
+
+Restart the applicable daemons, or reboot the system.
+
+VI. Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path Revision
+- -------------------------------------------------------------------------
+stable/10/ r330141
+releng/10.3/ r330567
+releng/10.4/ r330567
+stable/11/ r330106
+releng/11.1/ r330567
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+
+
+VII. References
+
+
+
+
+
+
+
+
+
+
+
+
+
+The latest revision of this advisory is available at
+
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYNfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cL9GQ/+PLffyegsvxKngL83XWG9UuHbcGG5aWbNwCecTEzNoCI72TI03aga0ge5
+iLz5kW3SQvl8tsq778U4YbfFcCw6ifq2ws8asqNviv+u4AcJh7oD8CS3/kFuA9xM
+zjAIrScdNR2taBJhBW3nwlb7RmDeKqydQ3OIxHVvs9Fj5Alc5ZEGezUjC2dueB+M
+UdORg6GvHGMYQ+4AtBFRgZHAU3BFkwmgqsIICywYnUVH+AxKj34shs/pMMeJd/d9
+a+BIu/tUjAIlQp23VunNAfq7r2eZik9LOV8Y5l1Ww7+K1IwlwezxI+Iw18BMFEVn
+L9baBY9RFh8v/yrZCBqUc7Prhs3ExU/lnAb05Va7TYeD4RXVmSU0jNXi/przN3y2
+PR7Z3JCm60mFKyp0/Hz2MmS1XPBVBrW4P6g9hH8TZmOHb2mZlK3zDXmil7HKp5DK
+UhtMJpPEWV9k5rfP8iijHJnwkPr0ALntMUAAKUyw/6isVtHT6BZLaYsZvRYIm8YY
+Mn2RUl74m+XoIhQ8R4mxRcaAHwKKXyeyP5nlAs6TQVb9QJukoRiNDr3g8TwbtT54
+iTswVu+z/a89/YIwJoc6Ud7eCZSDYe6qfuC19TVuledayjjy/ZPMH0ZkNWFWJ3AE
+VAvdyvoUuNbmsv42o4AUtpE/1CmDqOjwBRZZbtV4CONCDFpk26o=
+=D2ov
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/EN-18:01/tzdata-2018c.patch.asc b/share/security/patches/EN-18:01/tzdata-2018c.patch.asc
new file mode 100644
index 0000000000..6b1e9a48da
--- /dev/null
+++ b/share/security/patches/EN-18:01/tzdata-2018c.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhhBfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cIvlxAAhTIfNoLtwN+UJxpf6IX74iSYuN2xgaF5qm8iJ2Zhox+ix7EnPDzla9As
+xnyuprVjU07f5JrkI2N49bf8axp4txLRkxcdm8yfin/M+XPMjcWhjG+iqwp0ipOn
+qF2hHTSm70AREzZe9Lo5shQtVbotGG4yUxnb/M5+MYfhSFGBR//YF9p3kmVd7tPA
+TuU7x4W7d4EbBoHBsVZb1q/Zei0ksCutg2Y0Jk8b+zjsdeFHP8sv5XyTFibZfTyg
+Se64DVvwxoctZuucdnf+b83C6P2dH5m6MQC8TTK8BkHnRJALfxrlV+pwiBeJrqWZ
+EMlKv6ZYoaRut1DbEIcY5ddNEajrbRB/uK8M/RNVdlw9ykE9nUqHozs8ZgAcj+EV
+IQJIvKK9t11tZ5V+0Ctu6EYPXVxmmmiIWG5HA/bD5BjYuGxpf8tpLgVysUW89mYd
+XP1cbWdXXSlb1bz2Op7PrsErI9K1tzB117i7DPNby1Pe6C0y7Oz8e6Dq5/hvxgAT
+hvHAOPOonIZrJiQUxKPFW4fUdClJU9v2Xz4TjiBbCSOBaZNa03Nhzo+Scw+ZpwvC
+BRketOTM/Vc8jmVP5gk3ROG8q1VUeBtO23iZTuYJIu5ON6EnMBf2xOBEGfqu3Nho
+GSSteXDAAWLXT2G484IVDLESQheeugLuIQOMTJaBIlqkvbU6MhE=
+=/Wzs
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/EN-18:02/file-10.3.patch.asc b/share/security/patches/EN-18:02/file-10.3.patch.asc
new file mode 100644
index 0000000000..368ad50148
--- /dev/null
+++ b/share/security/patches/EN-18:02/file-10.3.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmlfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cKL4BAAo/it8SSAmCG+oS/VgCuPNDw6zOIM9qDEA5X5jWxp/uOMlCpQOuKlzOgf
+qaOGfGPAoTkKPQnmCnDWIwYJWVkTRVnNi7qkKUMg3pBLCsc0HHcBhe3jsfBgfQYl
+J4nJvSz3mc3+tBm0C4idX/fprzZhBNJXQ2lgxzsBPK6+DWXyBCWVyjEllIttynky
+lYkPnUPRxl75Cbd0XtzDZKROobpJkch9RQnkcEHmn63QSzjHovqYdtUalJVBYGJy
+yGie3CmEeYymUxjMnDowZtJJXXttzySyJwwRaRohEDf46sDDIdZaDL3Qp1hUfDH8
+16Op/fTSSUdEgL4Xoxil2oQ/9hT4VbE1pYKqHdB1Ii35KXpceNIV3PHYf5PmVt37
+2i8VUGrfBUtbpE71dPmVZ9pTw/3tsmVHFzBm5d4+qqcfgrTeyWLyQwISfsq3Wmj6
+swUmOUFGXn+P7lRrUXR+3NppwCT3J4hOrvq3/PMScsP+toSsa7ibbtjDr0ssUcv0
+IduTu22+OpKF+qxT1+17Se8Jcv30HngzEAERdICexqM76KtsA00lUGuWH4pzF4ta
+uWSq3x8M93p+CO0HxEKnA3fR6hNazJsqvo8CX6oUgrjX2hKqMTsiWKkwKeTAbEVO
+R3KWVB5fAXMxaLtIz3/iBZ11x+aSiWQr+N1UHOzjt/iUg/fYad0=
+=l4Y6
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/EN-18:02/file-10.4.patch.asc b/share/security/patches/EN-18:02/file-10.4.patch.asc
new file mode 100644
index 0000000000..471c3884b0
--- /dev/null
+++ b/share/security/patches/EN-18:02/file-10.4.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmpfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cIUYA/6Aky+p3kYOQx1W6Xl3QmOEzy1sTc9kBXHbOgilyYzwC9qh0JLC1xCz1he
+S06EG6BCoJCJ460FAb7qIG4KRREwyc5zHoWRlNfzfoGB+ablScZzJ7fGP25Rgtv0
+WvwObJwQQI/qL4xT/LsYgDzD5p1Qq6c81NzmArGpqMu7LCV9MwvS9aTqDVsqmIyV
+mmrQAFYUrObVeFAYEAF6YbmsQCAygt/LwmoJNbD7cT+gnJXjf0tkdReEKFR+WGdI
+X7a2xKSvNshPGOCNrOzDd25VpibgM3vEqaZx3AVTDjBX0TQQdrCsWVrd4pFvE7Nv
+rCqJ/JwhtYT6ZrQnPpPEIVVw02KZX1XVzjBDEhSyOWkJ02zS4vIv5qWzedRCe1Oc
+C4qHrB6tZTfXBjv/3wAbiZWlhObaWSOvfQSvnwdPP71mAXauId56xB/Nd8vbP0yP
+oYuvtrPhX375wwph66zwjh1Qv6CxMelHmcPfKeiJUeewIOno2oOc0+fvPEAt4ONy
+TH9ih92JxWpftq/EYjclQW5qQRIDUAquBh/RoFMJFD2PhATz/XwCdd574Wnl4sv8
+C+k/vhnNSD4TG8Zv8Pn6A8KQZeK3WU8oTvnVjJTOmjap60L1TiSHqToC0kb9Fufz
+T/TEFlUPhmjpyUurF4ro3tyxfKI5hZl/9bF57nEssd18qeyO2AY=
+=my4y
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/EN-18:02/file-11.patch.asc b/share/security/patches/EN-18:02/file-11.patch.asc
new file mode 100644
index 0000000000..471c3884b0
--- /dev/null
+++ b/share/security/patches/EN-18:02/file-11.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmpfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cIUYA/6Aky+p3kYOQx1W6Xl3QmOEzy1sTc9kBXHbOgilyYzwC9qh0JLC1xCz1he
+S06EG6BCoJCJ460FAb7qIG4KRREwyc5zHoWRlNfzfoGB+ablScZzJ7fGP25Rgtv0
+WvwObJwQQI/qL4xT/LsYgDzD5p1Qq6c81NzmArGpqMu7LCV9MwvS9aTqDVsqmIyV
+mmrQAFYUrObVeFAYEAF6YbmsQCAygt/LwmoJNbD7cT+gnJXjf0tkdReEKFR+WGdI
+X7a2xKSvNshPGOCNrOzDd25VpibgM3vEqaZx3AVTDjBX0TQQdrCsWVrd4pFvE7Nv
+rCqJ/JwhtYT6ZrQnPpPEIVVw02KZX1XVzjBDEhSyOWkJ02zS4vIv5qWzedRCe1Oc
+C4qHrB6tZTfXBjv/3wAbiZWlhObaWSOvfQSvnwdPP71mAXauId56xB/Nd8vbP0yP
+oYuvtrPhX375wwph66zwjh1Qv6CxMelHmcPfKeiJUeewIOno2oOc0+fvPEAt4ONy
+TH9ih92JxWpftq/EYjclQW5qQRIDUAquBh/RoFMJFD2PhATz/XwCdd574Wnl4sv8
+C+k/vhnNSD4TG8Zv8Pn6A8KQZeK3WU8oTvnVjJTOmjap60L1TiSHqToC0kb9Fufz
+T/TEFlUPhmjpyUurF4ro3tyxfKI5hZl/9bF57nEssd18qeyO2AY=
+=my4y
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:01/ipsec-10.patch.asc b/share/security/patches/SA-18:01/ipsec-10.patch.asc
new file mode 100644
index 0000000000..9c4389ad55
--- /dev/null
+++ b/share/security/patches/SA-18:01/ipsec-10.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhGpfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cKa+BAAg4G75ea9cM88a8lYwbYhkJtBXtFKI0ct0k0cur083WGBfwiAjvLvulas
+wTC4agKfFYViZpk7/gXNtfwNsSwM25mA5qTUOgDErA1SbdQqKcZc+bH3NfeMdSwa
+eeQ6xC4qBqgTINE8waXNal1IktqOy3/i/K/Glx6w2UDQrrH1s8PrHDjZBOm0cVlv
+n3jM5jVUjIM4otfJxmdleMaF/NEWCbe6JoPxx5/rrPWjm/ZKa+t3Cbz4FNzl4PHO
+IInFo6k0u9SKtdaAkGuEIOLtEwfULGcGATONxTGj62T7Yd+3NsmqKsj4eXQv2Aoo
+Ez+GRws+QQcQqTHDnqNtAMuRfNXyHnmgKDTxH9DS4uWKIJjjungRJ2OCySSRelPX
+GJmnljcuEr0zOx2JkRRKm3opOWRruqh2juFZr2vUD3eiWApqouWt2Jv4ddzuSBBZ
+6uFdZJtrvwKIUhEE30V6XRIQOXc/QSQygfPgJ4lGNKMyv/IKOmZeT1JtYoU8a74I
+3aX5grnV/fDQgjP6Ks2jwKuMrm9jcJYWEhnhg/rJFaHKcOFmdBde0I4RCraIhCgA
+GX3uCFZRotYerNP2DeLhRuWsn4N6S3bAvAO/ICO2NYQEQe4WbVPF9TJNoXf3MBDd
+HEAL5iNSD3PYCxmD7m2jAVb+Y0oDMlnsLxpM5eZZQtpNy2QWrjc=
+=9maD
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:01/ipsec-11.patch.asc b/share/security/patches/SA-18:01/ipsec-11.patch.asc
new file mode 100644
index 0000000000..681c518d0a
--- /dev/null
+++ b/share/security/patches/SA-18:01/ipsec-11.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhGpfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cLA2g/5AVOghpXVRDHm4763KS/M3PudEMuXyZfeRYB9pg1KyQOffJvIrTlIYcel
+tJA+bf1AbQ9cawmV/vXaEJAY8weBSSrQcmn2ixlygb1dBc2HVxeQgiI9rcBSCs0M
+LcHpEke2oKsqqmAbIUjRlfA5zEwBtWjI93bpDALsdqR0gLMqPOaK7aixVdnfjF9a
+LWMnpQvOQto0klCNBoItsJn90FR9PtkcnyftnsI1nPV/bTszFmGL3tDHWMTV88bo
+p+fZLayXX2Axcxy0FZl1p1Ufh2FmOkipR9c/i1KF6qqhPB7Y9INutJime3vuwLBQ
+LVPLpH5gJwktKdRQIpkH4FMzGkA6vlXzNYV4W7oV7YCjUhV5ZzxiGOtMtU/K2RWE
+kyA7mueqN3rh530EZ+ot1XiQkVCDHe/CHxxMjfs8wWkcLEUllIEma8toFvLqa3pE
+qGAaQG54owj7MuZfs5TAYJsZmZ4FAcTpyC6zf5cOOTRdy786T206j04ID1tAzsbx
+HcITdMnxRCKOKOzZXBpad4zwxnPHhZfuJ/mIG4IAYVJkiGlimdQ2V2E3h5TqSxKP
+df+XFc21ESmy1EuWuZ6su1qQmLrPoJFqor/lJ/tSR4V8SuSUjRmB8YX8/3NZHCuK
+eBE3uCX9Sm+Ef3b0En6izidwLZiSR+E/iNSvuftU75J0AB2SI/w=
+=ZkFm
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:02/ntp-10.3.patch.asc b/share/security/patches/SA-18:02/ntp-10.3.patch.asc
new file mode 100644
index 0000000000..88e80e9027
--- /dev/null
+++ b/share/security/patches/SA-18:02/ntp-10.3.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cKJxRAAhyl9KM4ZY0lA6JpeYUu8xRAu2cskH7c4jydBhIkjSl/vW31+R12IWiCO
+oql6km8dSpLKXEbWKDxJPIlUHjZVTQNxJpv4Hlee+IFH2y/0xQ6Dx1nn8HE8xl23
+j62wCtJcHTorShWZXWLo4Jb+0mi91c8LZ8SO3XwXqfULfj0XLtilKVH/Sv4/58KC
+csYmyGf3gQwPD/lWyMCH5r7/zdoHv3tJDM2klhDY4Wf2jFKtVj68iu5cTaco6saV
+lxnbxTSX1r2SbZi3uIhJBgUKdJHuI6l4p/F0SwdDXu6tBWfYNF/ul1ZjCgFM28yA
+fiXuHa+KQlxzkNnQ4RxMD+Wtw83WADGabFfzTBXmVbdGKt8gAd9l81c3HohQgDQw
+dRSZmHq/QR8kFNQfBixo+JgzqLFgM6lryrPoVBo5Oh8MEmKY9796YJt2932Ki6BA
+ctkIaoRuBERPTYtjE30zMaVkeQY8UEQjVAw4aoTHglUFEddAilY1/bRL3psL3I3U
+YN4wnbL1QqAwnicFE2r43iGr+eYn5jXm9dwAf31E2al4/2yQxrSa/Lc6GyH1jeC6
+KNZ9shnhKhyK8Azk7p8mKWL2t557GMdX7tzU7tJ5I6pOF9d+OChcnQ6Gtu2EJ7wP
+uf4CKXSLsu9J2Xiwig9X8MFQA2TfxCg8q1I/JucRGLbbRxzxEq8=
+=iYV1
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:02/ntp-10.4.patch.asc b/share/security/patches/SA-18:02/ntp-10.4.patch.asc
new file mode 100644
index 0000000000..05b0a9fed7
--- /dev/null
+++ b/share/security/patches/SA-18:02/ntp-10.4.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cK/dRAAk2pm/ZGwjquO0bC93OyWgdqzraNBTWl1QuHa3w4g3dDuJ0zOVyWe1fMf
+YQLItXv57xjA14FUdNorz/0Zb0Sd8X+hE6adghHtoP00mdYxAGlTQlmn73T1hwHs
+k633aBdp3gJ0R87fspeBl6nZNhrIN4Th273U7VTrQOh2RTY90KkFS1GZGIFFVeOc
+dhxcJS4pYdggoH4SIVnhyGmRtdy4UINit2QgBI7IH8JqZQXWKkYWKhvEBTRs+BbF
+RzxWUSRrZtfW1IBJ0u0+g0b8tFAexNt3xgRxOxTguAGcQ/AjrWmt6Tic/T5i65gl
++Jny0XdH67n66IZk5G2qUHYvGcaEw7vCjzRPGyKMYCt57LbBt1dxDFrm0Se1D7vI
+T/UPHSgkACp+LurkWNsykGFyG+WIecQq+MyHjt6cE2IXZVVzmE6v6XfMMQcuUlq2
+6Box2Y/1fS+A6B9fN7uD1lsSicHMZ1m03UH9t4dsMqrrwlorki8+6FV88Kalf2Mb
+xqaxaPhg7VJlDZ8SVqUJMRHwiaig2b5U75E+WzSyl13KUCbWnrM71ndG9q+2Pujl
+n9G3oUQ5cR9cFV0Ow5br/+XLyQn1saP+ipQ9U04KC2pq1XIGRX1BJV+l2Ijz3O5B
+Tj96N/g6yOwbqmZo102kJSwIGEXImscKBXRT7+ldOoHoFCJ1jYE=
+=fnry
+-----END PGP SIGNATURE-----
diff --git a/share/security/patches/SA-18:02/ntp-11.1.patch.asc b/share/security/patches/SA-18:02/ntp-11.1.patch.asc
new file mode 100644
index 0000000000..49f0913b5c
--- /dev/null
+++ b/share/security/patches/SA-18:02/ntp-11.1.patch.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYhfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cKuYBAAn/SwhJm6JonngCaPLNI/Ak8y8layW2KJGQ01wJBntFDbiIScGe+SMfUm
+KpeKCtzrwyWxs+8kAEaDgpclovFD7pMSKcPMROC4z1TK9cHgZxY5naWnUnKMl0j2
+XSSbqCg+w3KYJSbDo2bkF/yJEM8nkS2Cj0pTNHvUvIyAE5Ph6mAQcX38uDUUJhg2
+R3AVFY5SKBW0v3ZMcmOTPmj6IjLe59cZh9qgbmY6f4wJx8ywAawkjRNHyf2w9z7O
+jdgqFfVU8fYl9r4/whKkqyPk3HbjqPPoq3YZ4uX4DpkMFBixwpitG1C8oRRRTEgc
+MW5Manq4PYXeC7zX9cRPAn66sjWoZQN3R41JHCGN9YxzSpZEK9oIp6XnO9i22KzE
+RUMU+CXaT2OAmdjIHXB+GpxRzq1WGFbsYfRGTAkdxi4uDc12YCzumCXKFXhuqne9
+G1tfDWk091DbFlRJFB6w44Bq4/t3PEETAJKrrJRDyGWBp38/D9Kzwxuf/LzYFGv6
+Ip3ccbXkbDNafE4JOgK0VjWfRgHfeSG1VVMhdGGhHPnw7vTl0NW82XVUmaS2mMUm
+9CY/5dYq/d9MIgZybg7xrBKHfbazI5IWK0cdmHfYvPL5rSrdtmNJgTa6zJ4Hw1d9
+In40AnGJFBKSdCkcW1itABPIKYGHtwbISI251TaVJSgj6TweOFI=
+=OQFZ
+-----END PGP SIGNATURE-----
diff --git a/share/xml/advisories.xml b/share/xml/advisories.xml
index 6722573bf9..92626fee15 100644
--- a/share/xml/advisories.xml
+++ b/share/xml/advisories.xml
@@ -4,6 +4,26 @@
$FreeBSD$
+
+ 2018
+
+
+ 3
+
+
+ 7
+
+
+ FreeBSD-SA-18:01.ipsec
+
+
+
+ FreeBSD-SA-18:02.ntp
+
+
+
+
+
2017
diff --git a/share/xml/notices.xml b/share/xml/notices.xml
index 6ce38192ec..0a12d0e8de 100644
--- a/share/xml/notices.xml
+++ b/share/xml/notices.xml
@@ -4,6 +4,26 @@
$FreeBSD$
+
+ 2018
+
+
+ 3
+
+
+ 7
+
+
+ FreeBSD-EN-18:01.tzdata
+
+
+
+ FreeBSD-EN-18:02.file
+
+
+
+
+
2017