From owner-freebsd-announce@freebsd.org Tue Nov 27 21:22:10 2018 Return-Path: Delivered-To: freebsd-announce@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2AB42113934A for ; Tue, 27 Nov 2018 21:22:10 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C734A6E2E4; Tue, 27 Nov 2018 21:22:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 945) id AE3191A810; Tue, 27 Nov 2018 21:22:09 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20181127212209.AE3191A810@freefall.freebsd.org> Date: Tue, 27 Nov 2018 21:22:09 +0000 (UTC) X-Rspamd-Queue-Id: C734A6E2E4 X-Spamd-Result: default: False [2.69 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_SPAM_LONG(0.91)[0.910,0]; NEURAL_SPAM_MEDIUM(0.91)[0.912,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_SPAM_SHORT(0.87)[0.865,0] X-Rspamd-Server: mx1.freebsd.org Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-18:13.nfs X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 21:22:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:13.nfs Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in NFS server code Category: core Module: nfs Announced: 2018-11-27 Credits: Jakub Jirasek, Secunia Research at Flexera Affects: All supported versions of FreeBSD. Corrected: 2018-11-23 20:41:54 UTC (stable/11, 11.2-STABLE) 2018-11-27 19:42:16 UTC (releng/11.2, 11.2-RELEASE-p5) CVE Name: CVE-2018-17157, CVE-2018-17158, CVE-2018-17159 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The Network File System (NFS) allows a host to export some or all of its file systems so that other hosts can access them over the network and mount them as if they were local. FreeBSD includes both server and client implementations of NFS. II. Problem Description Insufficient and improper checking in the NFS server code could cause a denial of service or possibly remote code execution via a specially crafted network packet. III. Impact A remote attacker could cause the NFS server to crash, resulting in a denial of service, or possibly execute arbitrary code on the server. IV. Workaround No workaround is available, but systems that do not provide NFS services are not vulnerable. Additionally, it is highly recommended the NFS service port (default port number 2049) is protected via a host or network based firewall to prevent arbitrary, untrusted clients from being able to connect. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Afterward, reboot the system. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Afterward, reboot the system. 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 11.2] # fetch https://security.FreeBSD.org/patches/SA-18:13/nfs.patch # fetch https://security.FreeBSD.org/patches/SA-18:13/nfs.patch.asc # gpg --verify nfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/11/ r340854 releng/11.2/ r341088 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlv9n85fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKJEg//Umbe1QOUgV0Z6EsdlQffNMo9MHbAz75vCqeaibI36Ng9vmkLKGlS6nCA 5mKFS+BvM5CkekBaiQ6BR8t0xWsrFwX6JCUayQ2FsCSo4rwCZms3AIbvt68vjQAm xWuQIMJzYku5+kALtcXXvVkLhMCaioVDpZmuPCO+rY79OVM4xP1MsnTfqEZSNo+n Cz2urH4eO60YsM8w05coQ3hnOsUjTCk8yCh3+R/uYK1VouLDgD8q96T1eG2ozny6 vwEMK3AjmcpvFkTIF3/2I6TTA5K+Zd+nqzhzPM5HjbLZmdQV02NHcoGaZrK1wsQw D+3wf8icBMfLt9rTUbEqVdvg5FRDkTo8/dH1wY85gWZ2wsSgCqI2wRuqBH4bp3bb Gcf2+D4vgX6YY5cZ/wFDcYWpghhrmXUbgnH7PnyVfYB0Ufta9utgMOQKMS0mUWwM DlHP+fL/A8lhPvXIhl1DtSa/TQAiAdMG1JwktzThKrUzjL8bntmjoqtr1Xcp2txJ hgALulqz9nzkHaHcEolgk5xFTvx4gCzhjII7XEU3/rLNPPlJK3Pfo0UvPLAUkdLj McnKqOyQ6uSl8/lNuVsd3JCZ3dlsES7VmdEu0YJ4goc/6/AB8KXnSqzheT7Cjn1p lGzbFYmXosUj9NEQl/SOg6O8LnRrJIw4Tbm9vfkDss1G+sjUdaA= =m/Lh -----END PGP SIGNATURE----- From owner-freebsd-announce@freebsd.org Tue Nov 27 21:22:22 2018 Return-Path: Delivered-To: freebsd-announce@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72D2611393C1 for ; Tue, 27 Nov 2018 21:22:22 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1A2E16E324; Tue, 27 Nov 2018 21:22:22 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 945) id 098161A81F; Tue, 27 Nov 2018 21:22:22 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20181127212222.098161A81F@freefall.freebsd.org> Date: Tue, 27 Nov 2018 21:22:22 +0000 (UTC) X-Rspamd-Queue-Id: 1A2E16E324 X-Spamd-Result: default: False [2.69 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_SPAM_LONG(0.91)[0.910,0]; NEURAL_SPAM_SHORT(0.87)[0.865,0]; NEURAL_SPAM_MEDIUM(0.91)[0.912,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-18:13.icmp X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 21:22:22 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-18:13.icmp Errata Notice The FreeBSD Project Topic: ICMP buffer underwrite Category: core Module: kernel Announced: 2018-11-27 Affects: All supported versions of FreeBSD. Corrected: 2018-11-08 21:58:51 UTC (stable/11, 11.2-STABLE) 2018-11-27 19:43:16 UTC (releng/11.2, 11.2-RELEASE-p5) CVE Name: CVE-2018-17156 For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ICMP messages are control messages used to send error messages and operational information. II. Problem Description The icmp_error routine allocates either an mbuf or a cluster depending on the size of the data to be quoted in the ICMP reply, but the calculation failed to account for additional padding on 64-bit platforms when using a non-default sysctl value for net.inet.icmp.quotelen. III. Impact For systems that set net.inet.icmp.quotelen to a non-default value, a buffer underwrite condition occurs. IV. Workaround Reset net.inet.icmp.quotelen to default value of 8 using sysctl(8): # sysctl net.inet.icmp.quotelen=8 V. Solution Perform one of the following: 1) Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Afterwards, reboot the system. 2) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Afterwards, reboot the system. 3) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 11.2] # fetch https://security.FreeBSD.org/patches/EN-18:13/icmp.patch # fetch https://security.FreeBSD.org/patches/EN-18:13/icmp.patch.asc # gpg --verify icmp.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/11/ r340268 releng/11.2/ r341089 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlv9n+FfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKLuRAAqkua0loRn3k5N5OjGl1MFMiCX3Yg7pu7oQ0N/ZifqDOt8B8slp4+qjSO VyH07EFrk5FTz2WKXShqWcdZAL8+dBUHQaMATBI++ORiPBE+lBjYCZ1/+wrw7ie4 bOjJ4F0d/4ijs+qkt/T0hFBPGMVbF8Xafbm29P6H0mjYPNSID64g+TQacVVUQfhN aLXCfkXFXusbOzFT0DRY8vy+SdsV2anqo3979W4G//+ytGvvwxqy6g+8N8CphUSM 3vxCSvNxkd5o0C5EY53QbwueZ3A4nCnQQwGB2AFQnN9fDT1genIPzGjo0fQ8iY36 lQiSeEg9VVSMLRiey8ix7JlLShVCUADt3dNamSMJiNz4Vo4dAjD4tKNPDGFfKhoQ edUEDTSBbqtN8BbW2e/hiHZSu6vQmXwgI6tKtuEcKPHZbnW/wr+XzyrwcwYBXsNA xK1aGokHr7W0T2FTOZ9b9i4mfZLL8gfr70FBi7/INEbmQYPDylT2VCsoQO7Wox8o uhbXRxtlwZ1ix3POlhzTotjJSou8ny2PZnBVzu/64fGbIFWS4bCk35HmRIlN4lt6 ViAGBFJprJpcitFhOX51SBEgh689LKOuVUmucO2rpXAg53XzUR1xCvC3O2uY78AU fHp/0Gro0HeA45NY8zqQgv0VjbjTXw9mBOi2WCI9EKo+G3cYjOg= =kqz6 -----END PGP SIGNATURE----- From owner-freebsd-announce@freebsd.org Tue Nov 27 21:22:27 2018 Return-Path: Delivered-To: freebsd-announce@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C24DB11393D9 for ; Tue, 27 Nov 2018 21:22:27 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 66B2C6E33E; Tue, 27 Nov 2018 21:22:27 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 945) id 3DC7B1A824; Tue, 27 Nov 2018 21:22:27 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20181127212227.3DC7B1A824@freefall.freebsd.org> Date: Tue, 27 Nov 2018 21:22:27 +0000 (UTC) X-Rspamd-Queue-Id: 66B2C6E33E X-Spamd-Result: default: False [2.69 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_SPAM_LONG(0.91)[0.910,0]; NEURAL_SPAM_MEDIUM(0.91)[0.912,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_SPAM_SHORT(0.87)[0.865,0] X-Rspamd-Server: mx1.freebsd.org Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-18:14.tzdata X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 21:22:28 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-18:14.tzdata Errata Notice The FreeBSD Project Topic: Timezone database information update Category: contrib Module: zoneinfo Announced: 2018-11-27 Credits: Philip Paeps Affects: All supported versions of FreeBSD. Corrected: 2018-10-31 02:01:28 UTC (stable/11, 11.2-STABLE) 2018-11-27 19:44:39 UTC (releng/11.2, 11.2-RELEASE-p5) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The tzsetup(8) program allows the user to specify the default local timezone. Based on the selected timezone, tzsetup(8) copies one of the files from /usr/share/zoneinfo to /etc/localtime. This file actually controls the conversion. II. Problem Description Several changes in Daylight Savings Time happened after previous FreeBSD releases were released that would affect many people who live in different countries. Because of these changes, the data in the zoneinfo files need to be updated, and if the local timezone on the running system is affected, tzsetup(8) needs to be run so the /etc/localtime is updated. III. Impact An incorrect time will be displayed on a system configured to use one of the affected timezones if the /usr/share/zoneinfo and /etc/localtime files are not updated, and all applications on the system that rely on the system time, such as cron(8) and syslog(8), will be affected. IV. Workaround The system administrator can install an updated timezone database from the misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected. Applications that store and display times in Coordinated Universal Time (UTC) are not affected. V. Solution Please note that some third party software, for instance PHP, Ruby, Java and Perl, may be using different zoneinfo data source, in such cases this software must be updated separately. For software packages that is installed via binary packages, they can be upgraded by executing `pkg upgrade'. Following the instructions in this Errata Notice will update all of the zoneinfo files to be the same as what was released with FreeBSD release. Perform one of the following: 1) Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Restart all the affected applications and daemons, or reboot the system. 2) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Restart all the affected applications and daemons, or reboot the system. 3) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-18:14/tzdata-2018g.patch # fetch https://security.FreeBSD.org/patches/EN-18:14/tzdata-2018g.patch.asc # gpg --verify tzdata-2018g.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all the affected applications and daemons, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/11/ r339938 releng/11.2/ r341091 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlv9n+ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cKLTA//f+IoMMK1aLX9Dj1JxdapNpqDjAhL1G+K13uUaLFI8r5+2/WGkZXWvwfh 8z9+KQA76gidGia4zac7DcXXogsqU2ld/JWOMKNgt5RxS43U4LvBAzyMnD1VxWUs 1Z+aMre+h4FW0sB+Hx7/Uo2Mcd70mNEmGMFCilEO6P+XaYY98AGyLIkX7t5XW4cF 6chmLy/gJAXKAsPv1sDHvlvvkLf8rdZuZ/Z5JID6nQsZU7RHKhr0IQqZ6SIURhEo 9TZSnUy+F9CCBPQNz8Sv6S9i/7ggCjyAeaiXQUO4gEvsGUJiovt6MOdeeCQbTnOK 0Gk7gCZ4SGF3nLXSKX4/AFLJn5Kro0v+88Lwoi/hJWhkEGQKgsE4BMMFXxI3Ukah AQ1snXG1/H9dgY1Os1XEjXx4Oxq2Qbeu+Hqppc+YY00Q9b3k8OAEVBDZlgtHlBGc oyOeffWw2nB/Vn8vOl3r+r2wUoTsjU8nVNXZLFMROQadRH2WPEpfSeHM/5PyBCW8 0LPru9Nrt/GbR8wqXSY8Zr7KWIAEC5nLxT0HO8sfbYv6gbEHjUNPezalaTWRn4TZ 0m2OHu2x2Tir5rcUgxsDvz0/LrB6RM8B0TPAqF77fIxvB+Hor6W3PCJbLuNnPiyK ELx2PeumYDKoSxpcQXFPku24SqMYY5du9x80aoFv1tGxZOAJfMw= =2jLJ -----END PGP SIGNATURE----- From owner-freebsd-announce@freebsd.org Tue Nov 27 21:22:32 2018 Return-Path: Delivered-To: freebsd-announce@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4045B11393EC for ; Tue, 27 Nov 2018 21:22:32 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DC14F6E34B; Tue, 27 Nov 2018 21:22:31 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 945) id CC3A01A827; Tue, 27 Nov 2018 21:22:31 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20181127212231.CC3A01A827@freefall.freebsd.org> Date: Tue, 27 Nov 2018 21:22:31 +0000 (UTC) X-Rspamd-Queue-Id: DC14F6E34B X-Spamd-Result: default: False [2.69 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_SPAM_LONG(0.91)[0.910,0]; NEURAL_SPAM_MEDIUM(0.91)[0.912,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_SPAM_SHORT(0.87)[0.865,0] X-Rspamd-Server: mx1.freebsd.org Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-18:15.loader X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 21:22:32 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-18:15.loader Errata Notice The FreeBSD Project Topic: Deferred kernel loading breaks loader password Category: core Module: loader Announced: 2018-11-27 Credits: Devin Teske Affects: All supported versions of FreeBSD. Corrected: 2018-10-24 23:17:17 UTC (stable/11, 11.2-STABLE) 2018-11-27 19:45:25 UTC (releng/11.2, 11.2-RELEASE-p5) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The loader is a FreeBSD component which is part of the boot sequence for a machine. The loader is most commonly visible with the "beastie" boot menu, allowing specification of different boot time parameters. II. Problem Description A change in the loader to allow deferred loading of the kernel introduced a bug when using a loader password. After this change and when the loader password is enabled, the menu is not loaded and instead the machine goes into the autoboot routine. The autoboot routine then fails when the kernel has not yet been loaded, yielding a loader prompt where the user has full control of the boot process. III. Impact Setting the loader password with the intention of preventing the user from bypassing the boot process instead causes the boot to fail and gives the user full control of the boot process. IV. Workaround No workaround is available, but systems that do not use a loader password are not vulnerable. V. Solution Perform one of the following: 1) Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Afterward, reboot the system. 2) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Afterward, reboot the system. 3) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 11.2] # fetch https://security.FreeBSD.org/patches/EN-18:15/loader.patch # fetch https://security.FreeBSD.org/patches/EN-18:15/loader.patch.asc # gpg --verify loader.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in and reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/11/ r339697 releng/11.2/ r341093 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlv9n+tfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n 5cJRKQ//cJzGNBcKnH3cAltXRM2eWqv6L2UAPYfOs5QEArIB5x4IR+wqc53AbyG4 AlpWAUf1KCwOFV+ceflihmYiWPPUqSV6nn+0My+uEFQebu8j00D5Mer/x9g6SikB x65zXS//rHidaf5KWOKMajEW+jtC9JS42ffdyk+KgEYM4UCNY60iKhJ74rtwRjun RwYKBXdtOcbS9Tp/SIIB3tQm1orhK5xe4w+kG4nM9Cz5OYk4j/GmcudWICjzjNzG QxGENiDePEjLoCZTHn2Rgntwp0AjNY5FxdR8CgN5GtYHIepJIscE7BlYA6kZDoG9 e+01e3d7oAz92Dx8h59AkOGZPNI2lL4ZnBAcrpsZa+YkV67kxMHOIGp6faRYdWsf +Ew8fh7AbVVhBO4yKWyoHkbREof07Iq3hXX7pi/Imb+nsYYPC6x0vax+qv823P4/ jnqIryC3MWezOIkTD6B752yED3prP3TDFi+/Lo2ke2K4rPkVRsMfRojcKaKVnWLl HpgyffSiVv/dwv005Mdx0kCBnKtZthO9D0GHZSkRIXw2r5C5QQ8F7/EABfWFq1iN sM+J682zjJhbFgFzJGceAQGrgVlN91AIl3Ipp2ggi33qQTEOreItRJdN7WBgSI3s fTqA6OqgbknpWmCvusu/gi+SMjbO3Hk2hR6noB4bDVNPhPPCIZE= =om/y -----END PGP SIGNATURE----- From owner-freebsd-announce@freebsd.org Wed Nov 28 15:04:59 2018 Return-Path: Delivered-To: freebsd-announce@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 89E521156E91 for ; Wed, 28 Nov 2018 15:04:59 +0000 (UTC) (envelope-from jrm@ftfl.ca) Received: from mail-it1-f170.google.com (mail-it1-f170.google.com [209.85.166.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 87E1C779F3 for ; Wed, 28 Nov 2018 15:04:58 +0000 (UTC) (envelope-from jrm@ftfl.ca) Received: by mail-it1-f170.google.com with SMTP id a6so4617851itl.4 for ; Wed, 28 Nov 2018 07:04:58 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:user-agent :mime-version; bh=xzbU2Mv/BQxpjJX9Mu5P6A0xRVHKM3FIfT9KS2pbD3E=; b=IK9fdYAeKSUlx7rzIOyUP7AH8Q9S9nQaB7oIv/je2uA9E5Ei2xmTi4NwTDpaVIrdft 3rhZDpgKrYeSalwcVSeC8AxXB3Odrny11pQ6BVIXgLT+Vgp9h+0tV9N2s3Db1jlyejgZ J6ZorTQYimNIJKDXu8u6ANoM4qyDeI7V4C45cU2kHLJ3MuZ6Rvtz6sMAn3s/4mYf2Kp4 5JWkVHXDC2vNkd1nUjjfIDOkwyB/qpMPFMvs/jaTw6/hYuMhgJaRvhyujjRKQVXVdzWI rW+XgOjAr7pWShxCMu9nIPHTxhyfCl2F7e+fB+Ds0Z3MlSmPYEuK09LM2tk5UDRikaJj fikA== X-Gm-Message-State: AA+aEWaO4SsUWiFHOoVWERqMLtyMTMWjwiiC3RoZ/Ez3bv/N+z7vIOOE Ok03lZeStwnNdiKcB1qqOKFtsyrxlHY= X-Google-Smtp-Source: AFSGD/V0MFtslqfmlTlf/PQi+0NIT7pae10DYr+hhgDWkyexJBUGo8AUruMe3+nAVa3gMrLOpJ+Tbg== X-Received: by 2002:a24:1d4a:: with SMTP id 71mr3013941itj.62.1543417491547; Wed, 28 Nov 2018 07:04:51 -0800 (PST) Received: from phe.ftfl.ca.ftfl.ca (hlfxns017vw-142-68-132-248.dhcp-dynamic.fibreop.ns.bellaliant.net. [142.68.132.248]) by smtp.gmail.com with ESMTPSA id r139sm3762807ior.53.2018.11.28.07.04.50 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 28 Nov 2018 07:04:50 -0800 (PST) From: FreeBSD Core Team Secretary To: freebsd-announce@freebsd.org Date: Wed, 28 Nov 2018 11:04:48 -0400 Message-ID: <86mupt6y5r.fsf@phe.ftfl.ca> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (berkeley-unix) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 87E1C779F3 X-Spamd-Result: default: False [-6.06 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-announce@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[FreeBSD.org]; MX_GOOD(-0.01)[cached: alt1.aspmx.l.google.com]; NEURAL_HAM_SHORT(-0.96)[-0.956,0]; RCVD_IN_DNSWL_NONE(0.00)[170.166.85.209.list.dnswl.org : 127.0.5.0]; SIGNED_PGP(-2.00)[]; FORGED_SENDER(0.30)[core-secretary@FreeBSD.org,jrm@ftfl.ca]; RWL_MAILSPIKE_POSSIBLE(0.00)[170.166.85.209.rep.mailspike.net : 127.0.0.17]; R_DKIM_NA(0.00)[]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[core-secretary@FreeBSD.org,jrm@ftfl.ca]; IP_SCORE(-1.00)[ipnet: 209.85.128.0/17(-3.53), asn: 15169(-1.36), country: US(-0.09)]; TO_DOM_EQ_FROM_DOM(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-Mailman-Approved-At: Wed, 28 Nov 2018 16:16:42 +0000 Subject: [FreeBSD-Announce] Interim support guarantee for FreeBSD 12 X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Nov 2018 15:04:59 -0000 --=-=-= Content-Type: text/plain Dear FreeBSD community, The Core Team, in consultation with Release Engineering, the Security Team, and Port Manager has decided that we need to reevaluate the 5-year support of stable branches starting with stable/12. A changed security landscape, increased toolchain velocity, and shorter support windows for our upstream components necessitate this reevaluation. We will be leading discussions on updating our support model, with the goal of making the model sustainable for the Project. These discussions, which will include opportunities for community feedback, will be complete by March 31, 2019. Regardless of the outcome of the discussions, we guarantee support for the stable/12 branch for at least 18 months, or at least 6 months after 13.0 is released, whichever is later. Again, these are minimum durations for the stable/12 branch support and they will not be reduced. After these discussions are complete, there will be a revised statement about the stable/12 branch lifetime. Release Engineering, the Security Team, Port Manager, and the Core Team --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGTBAEBCgB9FiEEnwKDb1DTrVq3WsWIDLQD5OlbluwFAlv+rpBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDlG MDI4MzZGNTBEM0FENUFCNzVBQzU4ODBDQjQwM0U0RTk1Qjk2RUMACgkQDLQD5Olb luxrOQf7BNv1JqyjTqxT1uavei6SFwZo1rKlf8eH7ExzucBwrDCmoMpKKPiCngFN Esn6KED+JVm3eAn+8MoazUQ4Gz5nGfRfTMkBNdqMp/AAWp0at9NrLd2Hk8ziKb9y CqFx8VngtXDxCnJrMdvaX3ndBAuvb2AVECkP+Gm8szp/vPpYpCeq10IRpSLIap0E 7S4lWiSiSFAMqOdZ3WxJ+kD/Sc9bRyCbinUKvvUbRa86lXjmXSTjVB/N+fmuje1k lLmrMRZ5Dyj98dOFVrRHb1AEOUVBX24usliTtgojnIV6tyjcY/AVL9augzb3XoU3 Ib6qeJzzVzPIA6fjclY4CbSTuZB0JQ== =lLbj -----END PGP SIGNATURE----- --=-=-=--