os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add SA-18:01, SA-18:02, EN-18:01, EN-18:02.

Browse source 
Approved by:	so
This commit is contained in:
Gordon Tetlow 2018-03-07 06:45:08 +00:00
parent da0f1f5085
commit e614d59b96
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=51463
15 changed files with 839 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

149
share/security/advisories/FreeBSD-EN-18:01.tzdata.asc Normal file
View file

@ -0,0 +1,149 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:01.tzdata Errata Notice
The FreeBSD Project
Topic: Timezone database information update
Category: contrib
Module: zoneinfo
Announced: 2018-03-07
Credits: Philip Paeps
Affects: All supported versions of FreeBSD
Corrected: 2018-01-27 13:29:55 UTC (stable/11, 11.1-STABLE)
2018-03-07 06:01:44 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-01-27 13:34:14 UTC (stable/10, 10.4-STABLE)
2018-03-07 06:01:44 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 06:01:44 UTC (releng/10.3, 10.3-RELEASE-p27)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The tzsetup(8) program allows the user to specify the default local timezone.
Based on the selected timezone, tzsetup(8) copies one of the files from
/usr/share/zoneinfo to /etc/localtime. This file actually controls the
conversion.
II. Problem Description
Several changes in Daylight Savings Time happened after previous FreeBSD
releases were released that would affect many people who live in different
countries. Because of these changes, the data in the zoneinfo files need to
be updated, and if the local timezone on the running system is affected,
tzsetup(8) needs to be run so the /etc/localtime is updated.
III. Impact
An incorrect time will be displayed on a system configured to use one of the
affected timezones if the /usr/share/zoneinfo and /etc/localtime files are
not updated, and all applications on the system that rely on the system time,
such as cron(8) and syslog(8), will be affected.
IV. Workaround
The system administrator can install an updated timezone database from the
misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected.
Applications that store and display times in Coordinated Universal Time (UTC)
are not affected.
V. Solution
Please note that some third party software, for instance PHP, Ruby, Java and
Perl, may be using different zoneinfo data source, in such cases this
software must be updated separately. For software packages that is installed
via binary packages, they can be upgraded by executing `pkg upgrade'.
Following the instructions in this Errata Notice will update all of the
zoneinfo files to be the same as what was released with FreeBSD release.
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date. Restart all the affected
applications and daemons, or reboot the system.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
Restart all the affected applications and daemons, or reboot the system.
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch
# fetch https://security.FreeBSD.org/patches/EN-18:01/tzdata-2018c.patch.asc
# gpg --verify tzdata-2018c.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all the affected applications and daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r328476
releng/10.3/ r330568
releng/10.4/ r330568
stable/11/ r328475
releng/11.1/ r330568
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-18:01.tzdata.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhfZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cJp7Q//fHWkVYNLtrjtWwhWdklnNdJq16V4Jnvd4bniw9O9tlWBZlQPwFB4Ez/l
GNLqamLhgakaFXFE9oISjqn1LvNZOoaIDKHVs9KRkTEWpGZaIVRVPyHkZsGImG4A
ale+8grJBcyepZPxXGbmEcPsrGPlOs5M3LsQabwEvuPW8yf9CLAh5IOkmD7r7qMJ
zbhLKW/rKQOq9Weka3XZSuVXXi1h536tmGPkQoj0S+k73d0X67E5jlFCOFo8Q/yh
qqsIXRNrvvfieVujUtTRwYrbCi6Omngj6lNZWCOO7QUNKd0YoEgsdj/tAxZ+cwwn
Z7J55ARBD+/dkRAFbZaqryPFuznDA3+bPS/oKJfyVdIDWC4gT38L8WUFMSRpeFbr
BdZMUdoxvj2NRjRejgO/kii7JDzg2+nztGmt8hw0z4lNt5ZXIc2W4+ou7oEaAr5i
YoM95ZxwnNe5JEgYXWOJ8f4krB1GICLk0KQZ38P1kP2jQRs52OtQKNBRw3UVZLEV
SnFSACTNYSQzE3CajEgVQ/cfg3+KMA0fYbYdmA5ZXekQqjSMPeqrui/z+9C57Bjm
6+4qTpzST8oJbNBOGlU2uncIcYllaWSrMQ2kRWmq73O/PUMhoPhukahPeYEMj8PR
STD8RLoN9Rp+6GdZfLndLBl6ZJHOFKY0yd6NYsGlj7AsjJwsgKw=
=mVpJ
-----END PGP SIGNATURE-----

144
share/security/advisories/FreeBSD-EN-18:02.file.asc Normal file
View file

@ -0,0 +1,144 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:02.file Errata Notice
The FreeBSD Project
Topic: Version and security update of file(1) and libmagic(3)
Category: contrib
Module: file
Announced: 2018-03-07
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-05 08:20:11 UTC (stable/11, 11.1-STABLE)
2018-03-07 06:04:25 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-02-05 08:50:34 UTC (stable/10, 10.4-STABLE)
2018-03-07 06:04:25 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 06:04:25 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2017-1000249
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The file(1) utility attempts to classify file system objects based on
filesystem, magic number and language tests.
The libmagic(3) library provides most of the functionality of file(1) and
may be used by other applications.
II. Problem Description
The file(1) utility contains a stack based buffer overflow when parsing
a specially crafted input file.
III. Impact
The issue lets an attacker overwrite a fixed 20 bytes stack buffer with
with a specially crafted .notes section in an ELF binary file.
IV. Workaround
No workaround is available, but systems where file(1) and other applications
using libmagic(3) are never run on untrusted input are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
2) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 10.3]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.3.patch.asc
# gpg --verify file-10.3.patch.asc
[FreeBSD 10.4]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-10.4.patch.asc
# gpg --verify file-10.4.patch.asc
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch
# fetch https://security.FreeBSD.org/patches/EN-18:02/file-11.patch.asc
# gpg --verify file-11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the library, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r328875
releng/10.3/ r330569
releng/10.4/ r330569
stable/11/ r328874
releng/11.1/ r330569
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-18:02.file.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhmJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cLAmg/+Ls59X/iLsmZiRvMiqfxI78P7FYuvTZ/6It0oaElmbswoaIDs3NF1c+II
lcKYwFyXPs4ge/9P4k4pz9bWN7IZcMlGuzDalWSpywF2y3I/6zCNOU2Xyzz4LLVx
wrLuWbTYqXFq6bgYsT8BBOANIadH5tjCfvO7DXOtRHyfUK5DJqsT+xMyv6R4Kncv
VnwjyBNkutT/kAkWYYdqJYLR7uhW2NmVk/57Un6lnGxsLUMgfL8jxzsTlGOa90q9
0fmGVTwkHxqfxqVSd9+lymISuuw4pg2Ar8bY0AKzMjhQTVMhEtLEsn0N+VbLg6Ns
6HCuPsYwDtGLJ8hd44JPCfbzxzOAW08flUwgu1U5E4e+sUIlKMTOhKxt/HrH+JFk
OyzLDytuv2364lMepThzO4++vWZkErxfa5uJFjjrax5w+WECyEddrUJG3HovOxMd
YXD/dBSulgxaAgVQLXhn1AI+BUR5rD59wsmi6rEYFDXhAfTxNtrHXp1vIoHiW4CO
a8jVPHfFcSuNzLfi+hE/QV8q2RWVOseYlOey0vme4h0upzi3HKQ8WPvUQUrHmDLw
D0Hmr6m9PpyoKFnh2UlM4RiEMf3RO4o4nkRHzPp40LPawzmOmilSmPwv/HasBe2z
X49GD/ortXLxn7UmGqjkIEApOo9me8lHxCYtODQC73BwZdFNrP4=
=PpWQ
-----END PGP SIGNATURE-----

144
share/security/advisories/FreeBSD-SA-18:01.ipsec.asc Normal file
View file

@ -0,0 +1,144 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:01.ipsec Security Advisory
The FreeBSD Project
Topic: ipsec validation and use-after-free
Category: core
Module: ipsec
Announced: 2018-03-07
Credits: Maxime Villard
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-24 13:04:02 UTC (stable/11, 11.1-STABLE)
2018-03-07 05:53:35 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-03-07 05:47:48 UTC (stable/10, 10.4-STABLE)
2018-03-07 05:53:35 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 05:53:35 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2018-6916
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
The IPsec suite of protocols provide network level security for IPv4 and IPv6
packets. FreeBSD includes software originally developed by the KAME project
which implements the various protocols that make up IPsec.
In IPsec, the IP Authentication Header (AH) is used to provide protection
against replay attacks and connectionless integrity and data origin
authentication for IP datagrams.
II. Problem Description
Due to a lack of strict checking, an attacker from a trusted host can
send a specially constructed IP packet that may lead to a system crash.
Additionally, a use-after-free vulnerability in the AH handling code could
cause unpredictable results.
III. Impact
Access to out of bounds or freed mbuf data can lead to a kernel panic or
other unpredictable results.
IV. Workaround
No workaround is available, but systems not using IPsec are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
And reboot the system.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
And reboot the system
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 10.x]
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-10.patch.asc
# gpg --verify ipsec-10.patch.asc
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch
# fetch https://security.FreeBSD.org/patches/SA-18:01/ipsec-11.patch.asc
# gpg --verify ipsec-11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r330565
releng/10.3/ r330566
releng/10.4/ r330566
stable/11/ r329907
releng/11.1/ r330566
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6916>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:01.ipsec.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhClfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cISCQ//f9bjAzuou4wlbaoVBp+csfE8qwJl0PJAs/guwO9dO/TMLrVzJ+oNtAIR
VO6T7j2uC/eLD80PFsGoTpDAm4O1gqcGGX4OZm/6rE/OdqC3/UhhqpMYke0ZdNuh
ugUyztXZkHuvsLgoR/peW9QqAxRRABTUWL0NPQU4YvtEpa5iOOkzNYuPQ9+dltQC
SXkbGDrHgHwMHSyoZ14eRffrlwOU+bYH7tdMvDzPyr3z4NhJSTJvKBy4dohCal9F
bQRjZSqsGGZ4D0T0BW88RpD3wRBj9s23bSgbcrR8tQvtwEN897S/oL0wtbFYVOQ+
p/ZgiVgV2JvB17m6Dnmt8+CQLEri+21l1NCF2rVMvMBUcZioiO3L43Z3dZNZfRb5
pknuSB6q0HEF5qE1sRIlT2WwH/6rd6VASQOb0NQRTBKNVM7ZU6+Q1PN56KjPhZmw
uVREGJ6fHz/MB58fOLkyhbhvcmL7Hz1CGQwQz1Qi05Gp5T2OYP9POJyK8e/EW+Gs
hiiErWezEWpVtHHfUpbudVlqlLp/Mc8LHlVOCIhnrEWH1zhgBX2Bx/WmELUerJz/
RjOKUdPTQwn8IVkXJfpj42IbxdCG8xvQN/NKWf01maa+Y2xLCtlg8H0I9/9zT80Q
bLdFKjj+M5ysz+bcSR4jl3pd2WMqpidXPvOjph5JcfNWDA5131I=
=Uzqo
-----END PGP SIGNATURE-----

200
share/security/advisories/FreeBSD-SA-18:02.ntp.asc Normal file
View file

@ -0,0 +1,200 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:02.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: contrib
Module: ntp
Announced: 2018-03-07
Credits: Network Time Foundation
Affects: All supported versions of FreeBSD.
Corrected: 2018-02-28 09:01:03 UTC (stable/11, 11.1-STABLE)
2018-03-07 05:58:24 UTC (releng/11.1, 11.1-RELEASE-p7)
2018-03-01 04:06:49 UTC (stable/10, 10.4-STABLE)
2018-03-07 05:58:24 UTC (releng/10.4, 10.4-RELEASE-p6)
2018-03-07 05:58:24 UTC (releng/10.3, 10.3-RELEASE-p27)
CVE Name: CVE-2018-7182, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185,
CVE-2018-7183
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
used to synchronize the time of a computer system to a reference time
source.
II. Problem Description
The ctl_getitem() function is used by ntpd(8) to process incoming "mode 6"
packets. A malicious "mode 6" packet can be sent to an ntpd instance, and
if the ntpd instance is from 4.2.8p6 through 4.2.8p10, ctl_getitem() will
read past the end of its buffer. [CVE-2018-7182]
The ntpd(8) service can be vulnerable to Sybil attacks. If a system is
configured to use a trustedkey and if one is not using the feature introduced
in ntp-4.2.8p6 allowing an optional 4th field in the ntp.keys file to specify
which IPs can serve time, a malicious authenticated peer, i.e., one where the
attacker knows the private symmetric key, can create arbitrarily-many
ephemeral associations in order to win the clock selection of ntpd and modify
a victim's clock. [CVE-2018-7170]
The fix for NtpBug2952 was incomplete, and while it fixed one problem it
created another. Specifically, it drops bad packets before updating the
"received" timestamp. This means a third-party can inject a packet with
a zero-origin timestamp, meaning the sender wants to reset the association,
and the transmit timestamp in this bogus packet will be saved as the most
recent "received" timestamp. The real remote peer does not know this
value and this will disrupt the association until the association resets.
[CVE-2018-7184]
The NTP Protocol allows for both non-authenticated and authenticated
associations, in client/server, symmetric (peer), and several broadcast
modes. In addition to the basic NTP operational modes, symmetric mode and
broadcast servers can support an interleaved mode of operation. In
ntp-4.2.8p4, a bug was inadvertently introduced into the protocol engine that
allows a non-authenticated zero-origin (reset) packet to reset an
authenticated interleaved peer association. If an attacker can send a packet
with a zero-origin timestamp and the source IP address of the "other side" of
an interleaved association, the 'victim' ntpd will reset its association.
The attacker must continue sending these packets in order to maintain the
disruption of the association. [CVE-2018-7185]
The ntpq(8) utility is a monitoring and control program for ntpd. The
internal decodearr() function of ntpq(8) that is used to decode an array in
a response string when formatted data is being displayed. This is a problem
in affected versions of ntpq if a maliciously-altered ntpd returns an array
result that will trip this bug, or if a bad actor is able to read an ntpq(8)
request on its way to a remote ntpd server and forge and send a response
before the remote ntpd sends its response. It is potentially possible that
the malicious data could become injectable/executable code. [CVE-2017-7183]
III. Impact
Malicious remote attackers may be able to break time synchornization,
or cause the ntpq(8) utility to crash.
IV. Workaround
No workaround is available, but systems not running ntpd(8) or ntpq(8) are
not affected. Network administrators are advised to implement BCP-38 which
helps to reduce risk associated with the attacks.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
The ntpd service has to be restarted after the update. A reboot is
recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
The ntpd service has to be restarted after the update. A reboot is
recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 11.1]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-11.1.patch.asc
# gpg --verify ntp-11.1.patch.asc
[FreeBSD 10.4]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.4.patch.asc
# gpg --verify ntp-10.4.patch.asc
[FreeBSD 10.3]
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch
# fetch https://security.FreeBSD.org/patches/SA-18:02/ntp-10.3.patch.asc
# gpg --verify ntp-10.3.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart the applicable daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/10/ r330141
releng/10.3/ r330567
releng/10.4/ r330567
stable/11/ r330106
releng/11.1/ r330567
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7183>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc>
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqfhYNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
5cL9GQ/+PLffyegsvxKngL83XWG9UuHbcGG5aWbNwCecTEzNoCI72TI03aga0ge5
iLz5kW3SQvl8tsq778U4YbfFcCw6ifq2ws8asqNviv+u4AcJh7oD8CS3/kFuA9xM
zjAIrScdNR2taBJhBW3nwlb7RmDeKqydQ3OIxHVvs9Fj5Alc5ZEGezUjC2dueB+M
UdORg6GvHGMYQ+4AtBFRgZHAU3BFkwmgqsIICywYnUVH+AxKj34shs/pMMeJd/d9
a+BIu/tUjAIlQp23VunNAfq7r2eZik9LOV8Y5l1Ww7+K1IwlwezxI+Iw18BMFEVn
L9baBY9RFh8v/yrZCBqUc7Prhs3ExU/lnAb05Va7TYeD4RXVmSU0jNXi/przN3y2
PR7Z3JCm60mFKyp0/Hz2MmS1XPBVBrW4P6g9hH8TZmOHb2mZlK3zDXmil7HKp5DK
UhtMJpPEWV9k5rfP8iijHJnwkPr0ALntMUAAKUyw/6isVtHT6BZLaYsZvRYIm8YY
Mn2RUl74m+XoIhQ8R4mxRcaAHwKKXyeyP5nlAs6TQVb9QJukoRiNDr3g8TwbtT54
iTswVu+z/a89/YIwJoc6Ud7eCZSDYe6qfuC19TVuledayjjy/ZPMH0ZkNWFWJ3AE
VAvdyvoUuNbmsv42o4AUtpE/1CmDqOjwBRZZbtV4CONCDFpk26o=
=D2ov
-----END PGP SIGNATURE-----