os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
52557 commits 1 branch 79 tags 298 MiB
Commit graph

152 commits

Author SHA1 Message Date
Xin LI
f9fe83c1ad Add SA-16:26. 2016-09-23 07:59:16 +00:00
Gleb Smirnoff
a79a8e4d97 Release 6 errata notices for 10.3-RELEASE, all related to Microsoft Hyper-V. 
Submitted by:	Dexuan Cui <decui microsoft.com>, gjb
 2016-08-12 04:07:51 +00:00
Xin LI
eb73329f15 Add EN-16:09 and SA-16:25. 2016-07-25 15:12:34 +00:00
Xin LI
97d46c0b16 Add SA-16:24.ntp. 2016-06-04 06:51:08 +00:00
Gleb Smirnoff
0891bed875 Publish todays advisories. 
Approved by:	so
 2016-05-31 17:13:22 +00:00
Gleb Smirnoff
23287858f7 Minor revision correction. 
Submitted by:	asomers
 2016-05-17 23:51:58 +00:00
Gleb Smirnoff
03b2b49f5d Publish SA-16:18 and SA-16:19. 2016-05-17 22:38:19 +00:00
Gleb Smirnoff
cf13b85a51 Publish todays advisory and notices: 
- SA-16:17.openssl
- EN-16:06.libc
- EN-16:07.ipi
- EN-16:08.zfs

Approved by:	so
 2016-05-04 22:52:54 +00:00
Xin LI
5653dc5b0c Add SA-16:16.ntp 2016-04-29 08:09:30 +00:00
Gleb Smirnoff
9eb8cb48b2 Last minute correction: a line leaked from template. 2016-03-16 23:19:18 +00:00
Gleb Smirnoff
63b1ba2187 Oops, rename ENs properly. 2016-03-16 23:12:06 +00:00
Gleb Smirnoff
7a3fc19192 Document today updates: 
FreeBSD-16:04.hyperv
FreeBSD-16:05.hv_netvsc
FreeBSD-SA-16:14.openssh
FreeBSD-SA-16:15.sysarch
 2016-03-16 23:10:13 +00:00
Xin LI
2e3c7704e0 Add SA-16:12 and SA-16:13. 2016-03-10 10:18:18 +00:00
Xin LI
67ccd96eb8 Add SA-16:11. 2016-01-30 06:33:43 +00:00
Xin LI
7ad178a584 Fix CVE links. 2016-01-27 10:06:08 +00:00
Xin LI
cf53b9400e Add SA-16:08, SA-16:09 and SA-16:10. 2016-01-27 08:09:32 +00:00
Gleb Smirnoff
7e3734256c Fix update instructions: 
- Fix paths in SA-16:03 for 'make sysent'.
- SA-16:04 doesn't need 'make sysent'.

Noticed by:	Robert Ames <robertames hotmail.com>
 2016-01-16 18:10:09 +00:00
Gleb Smirnoff
5f1cede82c FreeBSD-SA-16:07.openssh 
Approved by:	so
 2016-01-15 05:30:02 +00:00
Gleb Smirnoff
e462d7d801 Fix the snmpd.config file name throughout the advisory. 
Submitted by:	Wout Decré <wout canodus.be>
Submitted by:	Andrei <az azsupport.com>
 2016-01-14 18:05:15 +00:00
Gleb Smirnoff
7301d1d175 Fix URL to 9 patch. 
Submitted by:	pluknet
 2016-01-14 17:37:20 +00:00
Gleb Smirnoff
f77f7192a0 Publish todays advisories. 
Approved by:	so
 2016-01-14 09:40:53 +00:00
Xin LI
b0b8341648 Add advisory and patches for SA-15:27.bind. 2015-12-16 06:28:03 +00:00
Xin LI
b7014d3858 Add advisory and patches for SA-15:26.openssl. 2015-12-05 10:05:07 +00:00
Gleb Smirnoff
1b86cf5a1f Improve wording in recent advisories. 
Submitted by:	gavin
 2015-11-05 11:43:55 +00:00
Gleb Smirnoff
3bdc44ff8a o Fix regressions related to SA-15:25 upgrade of NTP. [1] 
o Fix kqueue write events never fired for files greater 2GB. [2]
o Fix kpplications exiting due to segmentation violation on a correct
  memory address. [3]

PR:		204046 [1]
PR:		204203 [1]
Errata Notice:	FreeBSD-EN-15:19.kqueue [2]
Errata Notice:	FreeBSD-EN-15:20.vm [3]
Approved by:	so
 2015-11-04 11:52:12 +00:00
Gleb Smirnoff
59682c2276 Upgrade NTP to 4.2.8p4. 
Security:	FreeBSD-SA-15:25.ntp
Approved by:	so
 2015-10-26 12:04:07 +00:00
Xin LI
60948361ad Add revised patch and advisory. 2015-10-02 16:50:00 +00:00
Xin LI
50ffc8f3ac Add SA-15:24.rpcbind. 2015-09-29 18:14:20 +00:00
Xin LI
ea8e130e3b Correct path for the patches. 
Reported by:	allanjude
 2015-09-17 04:33:17 +00:00
Xin LI
27146c98df Add EN-15:16 - EN-15:18. 2015-09-16 21:14:16 +00:00
Xin LI
817e854bad Add advisory and patches for SA-15:23.bind. 2015-09-02 21:00:38 +00:00
Xin LI
9c7cd2396b Add SA-15:21.amd64, SA-15:22.openssh, EN-15:14.ixgbe and EN-15:15.pkg. 2015-08-25 21:09:45 +00:00
Xin LI
1ce4c8455f Add EN-15:11, EN-15:12, EN-15:13 and SA-15:20. 2015-08-18 20:11:44 +00:00
Xin LI
217e99633c Add SA-15:18 and SA-15:19. 2015-08-05 22:18:29 +00:00
Xin LI
0689018aae Fix two typos. 
Submitted by:	erwin, allanjude
 2015-07-30 17:02:50 +00:00
Xin LI
5dc8888d30 Revise SA-15:16 for regression in FreeBSD 8.4. 2015-07-30 10:27:50 +00:00
Xin LI
a670bd9852 Add SA-15:14 - SA-15:17. 2015-07-28 20:17:10 +00:00
Xin LI
838fb2801b Add SA-15:13.tcp. 2015-07-21 23:51:20 +00:00
Xin LI
a8bf2581ee Add SA-15:12.openssl for today's OpenSSL advisory. Note that this affects 
-STABLE only so no patch is associated with it.
 2015-07-09 17:29:12 +00:00
Xin LI
47eed586a2 Add SA-15:11.bind. 2015-07-07 23:10:24 +00:00
Xin LI
e53a87ba89 Revise EN-15:08, add EN-15:09.xlocale and EN-15:10.iconv. 2015-06-30 23:36:51 +00:00
Xin LI
0981bd3448 Add EN-15:08.sendmail. 2015-06-18 05:43:44 +00:00
Xin LI
3c90fafa17 Add advisory for SA-15:10.openssl. 2015-06-12 07:33:55 +00:00
Xin LI
4e199bcb5e Fix patch path. 2015-06-09 22:33:47 +00:00
Xin LI
729febe05e Add two new erratas. 2015-06-09 22:27:13 +00:00
Xin LI
04b2605719 Add two recent errata notices. 2015-05-13 23:07:20 +00:00
Xin LI
4f5662b555 Add 3 new advisories and patches. 2015-04-07 20:36:34 +00:00
Xin LI
d12c50eb58 Add patch errata and revised advisory. 2015-03-20 07:25:28 +00:00
Xin LI
0c2ac51c94 Add SA-15:06.openssl. 2015-03-19 17:48:01 +00:00
Xin LI
f01c32e590 Add latest batch of security advisories and errata notices. 2015-02-25 06:25:59 +00:00
Xin LI
4865711fb9 Add advisories and patches for SA-15:02.kmem and SA-15:03.sctp. 2015-01-27 19:53:31 +00:00
Xin LI
6cdc0083a1 Add advisory and patches for SA-15:01.openssl. 2015-01-14 21:37:46 +00:00
Dag-Erling Smørgrav
7ca200b383 New version with correct dates for stable/*. 2014-12-24 00:57:15 +00:00
Dag-Erling Smørgrav
adcd3fee12 Add EN-14:13 and SA-13:31 2014-12-23 23:28:30 +00:00
Dag-Erling Smørgrav
0cfc9585b8 Add SA-14:30 2014-12-17 08:29:53 +00:00
Dag-Erling Smørgrav
9197ce8969 Add SA-14:2[789] 2014-12-10 16:42:08 +00:00
Xin LI
54875cd196 Fix solution section for correction steps. 
Reported/Reviewed by:	grembo
 2014-11-06 23:48:07 +00:00
Dag-Erling Smørgrav
e3df104633 Add missing credit. 2014-11-05 13:26:22 +00:00
Xin LI
c33db5514e Fix announced date. 2014-11-05 01:38:18 +00:00
Dag-Erling Smørgrav
d97869806c Add EN-14:12, SA-14:24, SA-14:25 and SA-14:26. 2014-11-05 00:28:45 +00:00
Xin LI
7562def0b2 Add EN-14:10 and EN-14:11. 2014-10-22 20:16:10 +00:00
Xin LI
80fa2f495c Add SA-14:20 - SA-14:23. 2014-10-21 20:48:08 +00:00
Xin LI
c6ff33a274 Add SA-14:19.tcp. 2014-09-16 10:03:58 +00:00
Xin LI
957bbade8e Add SA-14:18.openssl. 2014-09-09 10:29:20 +00:00
Xin LI
9c418f4d41 Correct a typo found by gjb. 2014-07-08 22:31:44 +00:00
Xin LI
d126e9c52b Add SA-14:17.kmem and EN-14:09.jail. 2014-07-08 22:23:25 +00:00
Xin LI
bbd3497201 Add SA-14:15.iconv, SA-14:16.file, EN-14:07.pmap and EN-14:08.heimdal. 2014-06-24 19:29:17 +00:00
Xin LI
c0079cbc97 Correct URL. 2014-06-05 13:09:03 +00:00
Xin LI
05be27dd8f Add SA-14:14.openssl. 2014-06-05 13:03:07 +00:00
Xin LI
3d67a0a480 Correct a typo. 
Noticed by:	pluknet
 2014-06-04 17:51:15 +00:00
Xin LI
dec0f7974c Revise the errata to provide more correct information. 
Submitted by:	kib, gjb
 2014-06-04 04:47:10 +00:00
Xin LI
e6520ef815 Add 3 latest advisories and 1 errata: 
Fix sendmail improper close-on-exec flag handling. [SA-14:11]

Fix ktrace memory disclosure. [SA-14:12]

Fix incorrect error handling in PAM policy parser. [SA-14:13]

Fix triple-fault when executing from a threaded process. [EN-14:06]
 2014-06-03 19:32:04 +00:00
Xin LI
6705d61482 Add the latest advisory and 3 new errata notices: 
Fix OpenSSL NULL pointer deference vulnerability. [SA-14:09]

  Add pkg bootstrapping, configuration and public keys. [EN-14:03]
  Improve build repeatability for kldxref(8). [EN-14:04]
  Fix data corruption with ciss(4). [EN-14:05]
 2014-05-13 23:55:52 +00:00
Xin LI
1d96bac693 Revise the advisory to include patch procedure. 
Noticed by:	Lukasz <lukasz chroot pl>
 2014-04-30 19:05:34 +00:00
Xin LI
e4e2190aed Add 3 new advisories: 
Fix devfs rules not applied by default for jails. [SA-14:07]

Fix OpenSSL use-after-free vulnerability. [SA-14:08]

Fix TCP reassembly vulnerability. [SA-14:09]
 2014-04-30 04:32:38 +00:00
Xin LI
8c5f751193 SA-14:06: Add patch applying step in Solutions section. 
Noticed by:	fwaggle <fwagglechop gmail com>
 2014-04-09 01:06:06 +00:00
Xin LI
dd97bfc0fc Add two latest security advisories: 
Fix NFS server deadlock vulnerability. [SA-14:05]

Fix OpenSSL multiple vulnerabilities. [SA-14:06]
 2014-04-08 23:27:31 +00:00
Xin LI
62d937ff2f Remove a line that is not supposed to be in the advisory. 
Noticed by:	pluknet
 2014-01-14 22:21:52 +00:00
Xin LI
dcb9c59cc2 Add 4 latest advisories and 2 latest errata notices: 
Fix bsnmpd remote denial of service vulnerability. [SA-14:01]

Fix ntpd distributed reflection Denial of Service vulnerability.
[SA-14:02]

Fix OpenSSL multiple vulnerabilities. [SA-14:03]

Fix BIND remote denial of service vulnerability. [SA-14:04]

Disable hardware RNGs by default. [EN-14:01]

Fix incorrect coalescing of stack entry with mmap. [EN-14:02]
 2014-01-14 19:57:49 +00:00
Xin LI
494b6033e6 Correct sshd_config path. 
Noticed by:	cstdenis at ctgameinfo.com
 2013-11-29 01:08:37 +00:00
Xin LI
a5b8f65bdb Add latest errata notice: 
Fix error in patch for FreeBSD-EN-13:04.freebsd-update [EN-13:05].
 2013-11-29 01:02:00 +00:00
Dag-Erling Smørgrav
f57acf6c24 Pre-zero the MAC context. 
Security:	CVE-2013-4548
Security:	FreeBSD-SA-13:14.openssh
Approved by:	so
 2013-11-19 10:20:35 +00:00
Xin LI
20f8872397 Correct a typo. 
Submitted by:	Kenta Suzumoto <kentas hush com>
 2013-10-26 20:36:08 +00:00
Xin LI
5686fe11cf Add latest errata notice: 
Fix multiple freebsd-update bugs that break upgrading to
FreeBSD 10.0. [EN-13:04]
 2013-10-26 20:21:27 +00:00
Dag-Erling Smørgrav
18d8e0c127 mjg@ has asked not to be credited. 
Approved by:	so
 2013-09-10 11:01:30 +00:00
Dag-Erling Smørgrav
1febdc15b9 Missed some Xs. 
Approved by:	so
 2013-09-10 10:55:15 +00:00
Dag-Erling Smørgrav
c4d9a19be3 Fix the length calculation for the final block of a sendfile(2) 
transmission which could be tricked into rounding up to the nearest
page size, leaking up to a page of kernel memory.  [13:11]

In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK at the socket layer rather than pass them on to the
link layer without validation or credential checks.  [SA-13:12]

Prevent cross-mount hardlinks between different nullfs mounts of the
same underlying filesystem.  [SA-13:13]

Security:	CVE-2013-5666
Security:	FreeBSD-SA-13:11.sendfile
Security:	CVE-2013-5691
Security:	FreeBSD-SA-13:12.ifioctl
Security:	CVE-2013-5710
Security:	FreeBSD-SA-13:13.nullfs
Approved by:	so
 2013-09-10 10:31:23 +00:00
Dag-Erling Smørgrav
e8346ce7d0 Patches for SA-13:09 and SA-13:10 were retroactively released for 9.2-RC1. 
Approved by:	so
 2013-09-10 10:25:27 +00:00
Xin LI
b735a9d213 Add two latest advisories: 
Fix an integer overflow in computing the size of a temporary buffer
can result in a buffer which is too small for the requested
operation. [13:09]

Fix a bug that could lead to kernel memory disclosure with
SCTP state cookie. [13:10]

Add latest errata notices:

Fix a data corruption problem with mfi(4) operating on > 2TB
disks in a JBOD. [EN-13:03]
 2013-08-22 01:12:09 +00:00
Xin LI
223eda903e Add two latest advisories: 
Fix Denial of Service vulnerability in named(8). [13:07]

  Fix a bug that allows remote client bypass the normal
  access checks when when -network or -host restrictions are
  used at the same time with -mapall. [13:08]
 2013-07-27 03:39:12 +00:00
Xin LI
bf74ae0e2e Add latest errata notices: 
Fix a problem where dhclient(8) utility tries to initilaize an
  fxp(4) forever because the driver resets the controller chip
  twice upon initialization. [EN-13:01]

  Fix a problem where frames sent to additional MAC addresses are
  not forwarded to the vtnet(4) interface. [EN-13:02]
 2013-06-28 05:58:41 +00:00
Xin LI
bf1c404ec6 Commit revised advisory for 13:06.mmap. 2013-06-21 21:41:48 +00:00
Dag-Erling Smørgrav
037314c9bc Fix a bug that allowed a tracing process (e.g. gdb) to write 
to a memory-mapped file in the traced process's address space
even if neither the traced process nor the tracing process had
write access to that file.

Security:	CVE-2013-2171
Security:	FreeBSD-SA-13:06.mmap
Approved by:	so
 2013-06-18 07:17:53 +00:00
Dag-Erling Smørgrav
4ebf8b68aa Revised advisory. 2013-04-29 21:56:02 +00:00
Dag-Erling Smørgrav
d1056d0259 Fix a bug that allows NFS clients to issue READDIR on files. 
PR:		kern/178016
Security:	CVE-2013-3266
Security:	FreeBSD-SA-13:05.nfsserver
Approved by:	so
 2013-04-29 20:53:58 +00:00
Xin LI
04b880b25a Add latest security advisories: 
Fix OpenSSL multiple vulnerabilities. [13:03]

  Fix BIND remote denial of service. [13:04]

Security:	CVE-2013-0166, CVE-2013-0169
Security:	FreeBSD-SA-13:03.openssl
Security:	CVE-2013-2266
Security:	FreeBSD-SA-13:04.bind
 2013-04-02 18:01:39 +00:00
Bjoern A. Zeeb
fef748c3be Add latest security advisories: 
Fix Denial of Service vulnerability in named(8) with DNS64. [13:01]

  Fix Denial of Service vulnerability in libc's glob(3) functionality.
  [13:02]

Security:	CVE-2012-5688
Security:	FreeBSD-SA-13:01.bind
Security:	CVE-2010-2632
Security:	FreeBSD-SA-13:02.libc
 2013-02-19 13:56:49 +00:00
Simon L. B. Nielsen
2974adeecf Fix Subversion revision ID's in SA-12:07.hostapd. 
Reported by:	pluknet
 2012-11-23 00:34:39 +00:00
Simon L. B. Nielsen
79c48ea54e Add resigned SA-12:07.hostapd fix fixes a bad URL. 2012-11-22 23:57:58 +00:00
Simon L. B. Nielsen
26913edc9f Add latest advisories. 2012-11-22 23:46:26 +00:00