From nobody Tue Dec 7 21:03:19 2021 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A0F1518DDD89 for ; Tue, 7 Dec 2021 21:03:20 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J7t7C703Pz3FKy; Tue, 7 Dec 2021 21:03:19 +0000 (UTC) (envelope-from gjb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638911000; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=W4XURt/TWQFa3cGIuZkXNooxlNtmYhiAXhSNburG1RI=; b=pKAxLuLZraHqBlMX56VvIpKpsofGGhT5oYk1pSe5A75FWZKPtxxwKq3OPH5674oG89wV1O QrxFux1lXC2U1ZQt1Sk39JUQaQIGHGTE+iJbolDQrdigWD/OTyuS93u1yrjwcgFsVTokVL 11pd8VUQutq2r4Ln5ra1kNkFZKZDQ/Iw0pyWlD/wUa3Z1Ovevm2Cn/s+CYLwD2UUqoXCAX 10l5Gh+CcvySoHfvQAByYQk6lhQJjSebWcjNH6cngRMUKzqh4VYPwOrLq36E2ql+gcq6mc yExi+7INqZ5P0VEVxDOOiFOz2XZWdNyBb3lD7ufQEjYCESiQVbkgqONKsO9H+Q== Received: by freefall.freebsd.org (Postfix, from userid 1237) id 1F6683569; Tue, 7 Dec 2021 21:03:19 +0000 (UTC) To: freebsd-announce@FreeBSD.org Cc: FreeBSD Release Engineering Team Reply-To: FreeBSD Release Engineering Team Subject: [FreeBSD-Announce] FreeBSD 12.3-RELEASE Now Available Precedence: bulk Message-Id: <20211207210319.1F6683569@freefall.freebsd.org> Date: Tue, 7 Dec 2021 21:03:19 +0000 (UTC) From: Glen Barber ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638911000; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=W4XURt/TWQFa3cGIuZkXNooxlNtmYhiAXhSNburG1RI=; b=RJ9YGvcyzo9gLeZOnX1VXqSEOHDz7z6XmMcXDmczjd5XcmxD81/WaD834sWVhB2Dw3z5gn FFuBtgq0KdXz5kU8yUyQlFUhz7m2umqTfiOlhMBzt/O7Yic+R1FlNhlY/gqVvYXRIkOhFZ QkRvoNR+TiMf77QugX6eLXwq39meTnGzltPb4UcfVDOZApUZ0SzPsVArnNmYmERbKSwhG8 LPpJ4enVm1sGCgAdk4vfxTkhiF0JROgG7d29P/2nk/0tXP2KA76kd3vu4wWQ5GJDULtR21 HJXVAHM44zTsfKSKIoHaFDUtHsFcKlloLa5fS9SPKIKSkChlPmnncUA0jhnjuA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638911000; a=rsa-sha256; cv=none; b=siUGhPU4AzFrtszTNNoeLI5wvQoWQ5qwvxlF91KPgJsIwZ3GNHOtsK62Ql+ykpjrfi2SOe OPPU6RzdxTIcBXB/XS6Lmssxg0+JT4gLPqwpLesSHMhEg0D1s4vMvVXisVkhXjb+v+00Xe 7IjUGXcF+4f3TEojKCcnvE56p6OjKSH2h8aGyyKat8TfoeGg9J71htQ/DTxdg+bVP567Z6 cTs5BxjaSLlO7tenr25hJkdub4S20gQJ9el7Nf21M61JnESwdZasYWTNexwBjpC0Ek5+PA eu/1DzeJesD5qpKoNSmZQVjCMtOVbPtsLQa7+j1aX6Md6TSKWBle9qMdKwCqwQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 FreeBSD 12.3-RELEASE Announcement Date: December 7, 2021 The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.3-RELEASE. This is the fourth release of the stable/12 branch. Some of the highlights: * Updates to various networking drivers. * Several updates to upstream contributed software. * Several userland application improvements and kernel bug fixes. * And much more...* For a complete list of new features and known problems, please see the online release notes and errata list, available at: * https://www.FreeBSD.org/releases/12.3R/relnotes/ * https://www.FreeBSD.org/releases/12.3R/errata/ For more information about FreeBSD release engineering activities, please see: * https://www.FreeBSD.org/releng/ Dedication The FreeBSD Project dedicates the FreeBSD 12.3-RELEASE to the memory of Ian Lepore. Availability FreeBSD 12.3-RELEASE is now available for the amd64, i386, powerpc, powerpc64, sparc64, armv6, armv7, and aarch64 architectures. FreeBSD 12.3-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded as described in the section below. SHA512 and SHA256 hashes for the release ISO, memory stick, and SD card images are included at the bottom of this message. PGP-signed checksums for the release images are also available at: * https://www.FreeBSD.org/releases/12.3R/signatures/ A PGP-signed version of this announcement is available at: * https://www.FreeBSD.org/releases/12.3R/announce.asc The purpose of the images provided as part of the release are as follows: dvd1 This contains everything necessary to install the base FreeBSD operating system, the documentation, debugging distribution sets, and a small set of pre-built packages aimed at getting a graphical workstation up and running. It also supports booting into a "livefs" based rescue mode. This should be all you need if you can burn and use DVD-sized media. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.3-RELEASE-amd64-dvd1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. disc1 This contains the base FreeBSD operating system. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.3-RELEASE-amd64-disc1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. bootonly This supports booting a machine using the CDROM drive but does not contain the installation distribution sets for installing FreeBSD from the CD itself. You would need to perform a network based install (e.g., from an HTTP or FTP server) after booting from the CD. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.3-RELEASE-amd64-bootonly.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. memstick This can be written to a USB memory stick (flash drive) and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.3-RELEASE-amd64-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. mini-memstick This can be written to a USB memory stick (flash drive) and used to boot a machine, but does not contain the installation distribution sets on the medium itself, similar to the bootonly image. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the mini-memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.3-RELEASE-amd64-mini-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD/arm SD card images These can be written to an SD card and used to boot the supported arm system. The SD card image contains the full FreeBSD installation, and can be installed onto SD cards as small as 512Mb. For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root, which it is strongly recommended to change the password for both users after gaining access to the system. To write the FreeBSD/arm image to an SD card, use the dd(1) utility, replacing KERNEL with the appropriate kernel configuration name for the system. # dd if=FreeBSD-12.3-RELEASE-arm-armv6-KERNEL.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD 12.3-RELEASE can also be purchased on CD-ROM or DVD from several vendors. One of the vendors that will be offering FreeBSD 12.3-based products is: * FreeBSD Mall, Inc. https://www.freebsdmall.com Pre-installed virtual machine images are also available for the amd64 (x86_64), i386 (x86_32), and AArch64 (arm64) architectures in QCOW2, VHD, and VMDK disk image formats, as well as raw (unformatted) images. FreeBSD 12.3-RELEASE amd64 is also available on these cloud hosting platforms: * FreeBSD/amd64 Amazon(R) EC2(TM): AMIs are available in the following regions: af-south-1 region: ami-0eb5b520bc6ffdf3c eu-north-1 region: ami-049a940cffe531b08 ap-south-1 region: ami-0ce01cde4f9be6450 eu-west-3 region: ami-0ea2db3e85025dcfa eu-west-2 region: ami-0265b59a89510e50f eu-south-1 region: ami-0d3fa75e54398c77c eu-west-1 region: ami-0d5cd35746013f7e3 ap-northeast-3 region: ami-00a2c8bfc41fbbcc1 ap-northeast-2 region: ami-0df9578e64d2a7ad8 me-south-1 region: ami-046b86645e3576f9b ap-northeast-1 region: ami-09e3ff0f870e14442 sa-east-1 region: ami-072830fc32709dca5 ca-central-1 region: ami-03a70893a7eb10727 ap-east-1 region: ami-0cda17669412af91b ap-southeast-1 region: ami-0c8858a5e3610b112 ap-southeast-2 region: ami-003a185d6bc902f22 eu-central-1 region: ami-08d7faf045c4b7a52 us-east-1 region: ami-0762f1426163a4437 us-east-2 region: ami-046c54f1c7e8cd30b us-west-1 region: ami-051d9d9e981f07e53 us-west-2 region: ami-0c29a972614f0eaa0 AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B07L6QV354/ These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/amd64/base/ufs/12.3/RELEASE + FreeBSD/arm64 Amazon(R) EC2(TM): AMIs are available in the following regions: + af-south-1 region: ami-0bafdb11f21d34857 eu-north-1 region: ami-03aa15943bced5272 ap-south-1 region: ami-07f3cf46b968d2857 eu-west-3 region: ami-01d2b426e49f9e1ec eu-west-2 region: ami-00a23846ec16aed8a eu-south-1 region: ami-0f0c9c73e88f129bf eu-west-1 region: ami-090898b9e7da158fc ap-northeast-3 region: ami-05f946201fabf1abb ap-northeast-2 region: ami-00be59b6a951c98f2 me-south-1 region: ami-0767087d3bfee825d ap-northeast-1 region: ami-077df7c7a330a0dc3 sa-east-1 region: ami-0ab88db91655bb3d3 ca-central-1 region: ami-068e2a023de403a70 ap-east-1 region: ami-0c66499e650e24834 ap-southeast-1 region: ami-0641f80688e885d72 ap-southeast-2 region: ami-018fb7e6d549595e7 eu-central-1 region: ami-00e003af907b57862 us-east-1 region: ami-09a739e49858e7222 us-east-2 region: ami-02a0f1c14934f37b6 us-west-1 region: ami-081310253bb966725 us-west-2 region: ami-05d8a3e81f9e22c16 + AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B081NF7BY7/ These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/arm64/base/ufs/12.3/RELEASE * Google(R) Compute Engine(TM): Instances can be deployed using the gcloud utility: % gcloud compute instances create INSTANCE \ --image freebsd-12-3-release-amd64 \ --image-project=freebsd-org-cloud-dev % gcloud compute ssh INSTANCE Replace INSTANCE with the name of the Google Compute Engine instance. FreeBSD 12.3-RELEASE is also expected to be available in the Google Compute Engine(TM) Marketplace once they have completed third-party specific validation at: https://console.cloud.google.com/launcher/browse?filter=category:os&filter=price:free * Hashicorp/Atlas(R) Vagrant(TM): Instances can be deployed using the vagrant utility: % vagrant init freebsd/FreeBSD-12.3-RELEASE % vagrant up Download FreeBSD 12.3-RELEASE may be downloaded via https from the following site: * https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.3/ FreeBSD 12.3-RELEASE virtual machine images may be downloaded from: * https://download.freebsd.org/ftp/releases/VM-IMAGES/12.3-RELEASE/ For instructions on installing FreeBSD or updating an existing machine to 12.3-RELEASE please see: * https://www.FreeBSD.org/releases/12.3R/installation/ Support Based on the new FreeBSD support model, the FreeBSD 12 release series will be supported until at least June 30, 2024. This point release, FreeBSD 12.3-RELEASE, will be supported until at least three months after FreeBSD 12.4-RELEASE. Additional support information can be found at: * https://www.FreeBSD.org/security/ Please note that 12.2 will be supported until three months from the 12.3 release date, currently scheduled for March 31, 2022. Acknowledgments Many companies donated equipment, network access, or human time to support the release engineering activities for FreeBSD 12.3 including: The FreeBSD Foundation Rubicon Communications, LLC (netgate.com) Tarsnap NetApp Internet Systems Consortium ByteMark Hosting CyberOne Data Sentex Data Communications New York Internet Juniper Networks NetActuate Department of Computer Science, National Chiao Tung University NLNet Labs iXsystems The release engineering team for 12.3-RELEASE includes: Glen Barber Release Engineering Lead, 12.3-RELEASE Release Engineer Konstantin Belousov Release Engineering Antoine Brodin Package Building Bryan Drewery Release Engineering, Package Building Marc Fonvieille Release Engineering, Documentation Xin Li Release Engineering, Security Team Liaison Ed Maste Security Officer Deputy Colin Percival Release Engineering Deputy Lead Hiroki Sato Release Engineering, Documentation Gleb Smirnoff Release Engineering Gordon Tetlow Security Officer Special thanks to Tom Rhodes for his work on the release notes. Trademark FreeBSD is a registered trademark of The FreeBSD Foundation. ISO Image Checksums amd64 (x86_64): SHA512 (FreeBSD-12.3-RELEASE-amd64-bootonly.iso) = 61a4d390d2f46ad52165f33adb5ac6abc17bd31c3576658bb4f19635cba21240e6cb65624d56349d3c7d5aea3bf92f238c76c07797fc72138aaf9286e1a253d6 SHA512 (FreeBSD-12.3-RELEASE-amd64-bootonly.iso.xz) = 52324feb679934616a70cdbb6e87c9588734406cee8e750ff7336134ffdc210c3f2fec2a84fd4164ca635f88e7f92bf44339f54b502b1289dc58fc3736684d41 SHA512 (FreeBSD-12.3-RELEASE-amd64-disc1.iso) = 5dd048f8072086c58019c9e18042dc5716d19c2044e96daa2894ddac535712827cf2c8ffbc3098062ea5bfe372bb24f83cc07eae766e4a16a03e1308030af029 SHA512 (FreeBSD-12.3-RELEASE-amd64-disc1.iso.xz) = d8bd150902fc7a02b35f4e893fe801aad5205fb08ec3c7dfee4c88a6d67f00c74a21a662bea7850084f084c09d5ed9c8831c1ad8b1ebcba50f164e8cf5761aee SHA512 (FreeBSD-12.3-RELEASE-amd64-dvd1.iso) = 8f6098bdaba7a2729db321c425f51e61f2d864d3979319c08343d27293165fce9d4d46ac453b25aa845f6f47de0058106be6399b190b6d283384e1ecd5f66164 SHA512 (FreeBSD-12.3-RELEASE-amd64-dvd1.iso.xz) = 0bfec684baa8fc17b9003cc0fd74219452bd0a27315043dfac390f057e61946b56f8dfcfde910e279bc60505e7811a78e521e41d5d5e331173056c8bc0d487f7 SHA512 (FreeBSD-12.3-RELEASE-amd64-memstick.img) = ff7f61910ef896adbd41b95eaa234f27dbd6741c54f4b7242b16cda596dc6b03cc302379ef145e0983c9adef8c08ee2b81c42befef5d7dfc1f8a65b7f0c14d5a SHA512 (FreeBSD-12.3-RELEASE-amd64-memstick.img.xz) = 9c047cd6e9d4e542e3e9f831749624bd742e877f179e3fa5e1b081e8d98f28b7ac1567ef875a220c6ad08cdac49817caf335e2449fdc8676d6eaae3cf873771d SHA512 (FreeBSD-12.3-RELEASE-amd64-mini-memstick.img) = d7a65c018cad1d266d7002161bfc03e7489a9a2ed9caba9b7dcc4ffaf8de1875aeb9a228e9f87974526955a1106d6af49dff157ae80abaf3708299c46add90a8 SHA512 (FreeBSD-12.3-RELEASE-amd64-mini-memstick.img.xz) = 8d78edfb1ef3568ff96bd2e16ca45ba151c53c806c860a37fb9aaf5e60853079cae0a4c9d5c74a294fd823e077f7f4894a313a7725457d72392fc6ff40774f00 SHA256 (FreeBSD-12.3-RELEASE-amd64-bootonly.iso) = e35ff29e9499537fe8360304645d2e287e8b5627167207c5e9acef39bd2aa742 SHA256 (FreeBSD-12.3-RELEASE-amd64-bootonly.iso.xz) = d4850ba13a86c67e619b4ffa0984f78e58bc3208e2c03780dc4fc9494a1f5863 SHA256 (FreeBSD-12.3-RELEASE-amd64-disc1.iso) = 5f0c10ff9af582c7fca90f65868702aa02e80f344c186f0bc75639a687d65641 SHA256 (FreeBSD-12.3-RELEASE-amd64-disc1.iso.xz) = 36dd0de50f1fe5f0a88e181e94657656de26fb64254412f74e80e128e8b938b4 SHA256 (FreeBSD-12.3-RELEASE-amd64-dvd1.iso) = ab214a24c8fb3c2e0ca94eb09493a504d48a1fc5d85eeda1bc9c179f83c877c2 SHA256 (FreeBSD-12.3-RELEASE-amd64-dvd1.iso.xz) = 207c71808f76de3c1f06988791c31db9255b130b67dfb1587b1b624282f466b5 SHA256 (FreeBSD-12.3-RELEASE-amd64-memstick.img) = a9d79fc0fd6468888cd6c7a625387f58be80f66c69ba230a50b4b6387f8565a4 SHA256 (FreeBSD-12.3-RELEASE-amd64-memstick.img.xz) = cb2af07ef25abba1e38aac7a2d98bd8fe75bf4ac748a210aa67f217b7ed5ba11 SHA256 (FreeBSD-12.3-RELEASE-amd64-mini-memstick.img) = 605e8d9d2038d8eab8a4f04ac2b2c849d1aae938e3fa762f01c3b7ce10763ad4 SHA256 (FreeBSD-12.3-RELEASE-amd64-mini-memstick.img.xz) = 593b844b37bff16904e288dc8457312b1e6494fa58ed8d1550b3ce23d45bf950 i386 (x86): SHA512 (FreeBSD-12.3-RELEASE-i386-bootonly.iso) = fc3d29717d107f39c87b988f8eea5b5a7cfa5d9f23539e4f4c72bdb3117222a4c816473a35cfd5d1a1c59a35acc5346a345c675b3a5d128549601a585b6fffa0 SHA512 (FreeBSD-12.3-RELEASE-i386-bootonly.iso.xz) = b3f9ec6d52ebcfadee56394b9e6251c3416e5dc097a594493eeeed18aa10262ed33f3077d9d6d08413980565636a84d482fbd4cb9b4ecb116ec9410d9e380959 SHA512 (FreeBSD-12.3-RELEASE-i386-disc1.iso) = 1c768a312180c6d02d39e54ba3782279bf6be289c157420abecca072db35e895233f69c90ba71ac12d3e6e8788803ad404b2b8c579107dff541982374bab0fde SHA512 (FreeBSD-12.3-RELEASE-i386-disc1.iso.xz) = 90e56e519007dc9cd32c0d3b37072d2fb663790d4d48f764473a6d23b6db8519f2f1236864ad5e754b9601258fa8636903f61f97c459ee8beafbe2cdc1b0e309 SHA512 (FreeBSD-12.3-RELEASE-i386-dvd1.iso) = 67196263baa3455919e6c99417893594031fe25f1f735ee6d854456592e0565bebb3571a2d8cc7aeb9ad405b19cecd7646f27b4a778ecefe2c14193ac43b2176 SHA512 (FreeBSD-12.3-RELEASE-i386-dvd1.iso.xz) = 8eb79c9cb84d2671efe03991cf97fb80d9411ddd65375338f2e87f70816e82d0cbefc4970f4453ea4349ee3e93376cb744cb204df86da5c6924ab9b93a612b79 SHA512 (FreeBSD-12.3-RELEASE-i386-memstick.img) = ceedec30a956141a1818ba55c5de6a685cb6d82f2129fa3d84f4ad47ef751669516f6d8ed4f5591e32348f0240d0dad06929f8b534c89711d1604a5329b088b7 SHA512 (FreeBSD-12.3-RELEASE-i386-memstick.img.xz) = 06963299054ad0e472410c64e0af42809b6d2140a5f1a8cbce051d3a6c1266e94ee76ee7f76a2e10db50e04c5ad5dc116f9e625cef1c46d3cc02fad92c03e86b SHA512 (FreeBSD-12.3-RELEASE-i386-mini-memstick.img) = 9b7d610e1bc5ec8fcacfe824d8c2e9f2278ecf4ceb22c25961528fef84ece713ca174c4aafcbf83aa56d0185caa20d288ab223f378ab86d2fe237bc18ca032fa SHA512 (FreeBSD-12.3-RELEASE-i386-mini-memstick.img.xz) = fc99362673c9f0f8e7e09db458ca9e111ce43de81ef7b9089e5855b2274a97fd7eb131400c3c8c947f6aa1b650b50ae9e0007319767ee9c21e23375084c03e2a SHA256 (FreeBSD-12.3-RELEASE-i386-bootonly.iso) = fbad0309b7aa7daecce829b4338ddeafdbba903e36590f2ba7e2f9cece5e3b46 SHA256 (FreeBSD-12.3-RELEASE-i386-bootonly.iso.xz) = 39b94be7d7eeb9cacf0ec8a5ba7cf3f3fb0b08e4dc18c316324a69de7a2ffbd4 SHA256 (FreeBSD-12.3-RELEASE-i386-disc1.iso) = cc90ab819d3fc4782227fc4269ea7de0747c007cfca9df905f9e50c8617fd820 SHA256 (FreeBSD-12.3-RELEASE-i386-disc1.iso.xz) = 383f18a64a9974fba513b758dbc992ffcbae060e132cbc2ad4c47aaee384cd8d SHA256 (FreeBSD-12.3-RELEASE-i386-dvd1.iso) = 9879bd1ef40e3ddd55285256bd3515b936581c743b98c4abaa3f5f7803fe7d0e SHA256 (FreeBSD-12.3-RELEASE-i386-dvd1.iso.xz) = 373de43e082164f2d99c6edc302fc60cd7d9761b082780337fa5365b38e232b1 SHA256 (FreeBSD-12.3-RELEASE-i386-memstick.img) = e80943747fe95c8085d870f957630017fcb8a1522c29a8a747cb9fb907faee68 SHA256 (FreeBSD-12.3-RELEASE-i386-memstick.img.xz) = 678a34611dfd93e846014e9d7ac202ca075d6923c89ed83bdc955d484e866cc7 SHA256 (FreeBSD-12.3-RELEASE-i386-mini-memstick.img) = ec0ca1b5b2a5f9f044a85b0d59f04f0d229fba32d75f7e3eb32d7320345a1b59 SHA256 (FreeBSD-12.3-RELEASE-i386-mini-memstick.img.xz) = 7fe964b320535723ef8b21b252b1dff29822de751d99cc2399fcbdcac3bc15e2 powerpc: SHA512 (FreeBSD-12.3-RELEASE-powerpc-bootonly.iso) = a42f7a015437984227d094faf6efe2115aef693ddd603d61575f65c6f4b4f33baa22b8e3e7424bbec5cb361bcbc5ecb0b6f5bfaf9bda835338236bb946ef7bfd SHA512 (FreeBSD-12.3-RELEASE-powerpc-bootonly.iso.xz) = 5f525262d2fbad56d41cb0e90b3e7c0f513578f56a844d74f266ea7931f40e874cdf740a191056703a8eb32d1e4ff7cdd675085fca9a68d44efdab8e1d7b7079 SHA512 (FreeBSD-12.3-RELEASE-powerpc-disc1.iso) = e03c54b131430d4522900d4562ff1a4e177524a8c44afc2d69b0613918defb01261521bd3841a606cb0ad0e6a957f389aa19ff8e91779a16827f72096a2514a2 SHA512 (FreeBSD-12.3-RELEASE-powerpc-disc1.iso.xz) = 869b0ee46f44a417175e9e2228ebc6cff604cfddd15fddf5c69150c9e7c111418cd85492b7e5e6986f06599ce616809d90cdd981e6b875b423485799ed2f0adb SHA512 (FreeBSD-12.3-RELEASE-powerpc-dvd1.iso) = fb49e4051c1feab6f3053e1729c8715e93f95b77ba31085d93bb808cada734b1c2f08e7c9981c1a4f2659cb68d8176e20b5e14191987d966f887cb1b08ef9f66 SHA512 (FreeBSD-12.3-RELEASE-powerpc-dvd1.iso.xz) = 9c479916133dd52bd406695f1b16cae9128c56e3dbbd74fc96711eafa25d9f8ba3e4d614b2dc7b275a97a27c2cb771939ae1b1f5d0d37e2380d1283c652aef23 SHA512 (FreeBSD-12.3-RELEASE-powerpc-memstick.img) = 5f095b50be4b4c32ce457dd3f9f88389f166e8ced471fdc83de382108d9623dd257c753c4b03a290ac484eda58e7f2d4dc05a4caba457595e9b50b73674b11e9 SHA512 (FreeBSD-12.3-RELEASE-powerpc-memstick.img.xz) = a204c4acd295a1346e1b2278a5d35c75430bfcfad72288b9cbd9edf54e2020629d659dd98a15c7fbd784bc175e0524e09236351ff5250a5f65c15a886ba3bd54 SHA512 (FreeBSD-12.3-RELEASE-powerpc-mini-memstick.img) = 90f04c7712e4ae7278fa41627f4ea58f7b77b5c59a077331e5598467917e75812f7c66327060c06e719a5b5ac0ccf38525f4b8115ff808456809cbdc54f34b17 SHA512 (FreeBSD-12.3-RELEASE-powerpc-mini-memstick.img.xz) = d4bc4ba2cce1e888066917649f925e58d6af90bd60de70b0a548a99dea8eea4b76296576ee2095fe02c7745a6f01ac8201740bae1ba747c58f92f18c6b5d33c4 SHA256 (FreeBSD-12.3-RELEASE-powerpc-bootonly.iso) = b91f6c86491a017bdb12349e0232110b578c1737639723e6b9cecde22945d486 SHA256 (FreeBSD-12.3-RELEASE-powerpc-bootonly.iso.xz) = 5470058e2476742b3b36944d6a6fb527c7ecfcba9b3b4766afd62adb6e6c2f57 SHA256 (FreeBSD-12.3-RELEASE-powerpc-disc1.iso) = f811cdd02db3b35d809b2dd41003e5e891ee86c201e54041159169973a4789c1 SHA256 (FreeBSD-12.3-RELEASE-powerpc-disc1.iso.xz) = 9a7b12c03b568ed328184317282a644ce7e8b67e1d6cd3c17890892df49d519f SHA256 (FreeBSD-12.3-RELEASE-powerpc-dvd1.iso) = 294f080e3e9e913b9fe9a84e023dba19b6ccdc7fa9497d9820f6ba945ff57802 SHA256 (FreeBSD-12.3-RELEASE-powerpc-dvd1.iso.xz) = 2a3559735abba45ae116a1653f1eb32dc7cecf0adef5e3c6ae5f2665b0efbc51 SHA256 (FreeBSD-12.3-RELEASE-powerpc-memstick.img) = 4afa9659a4b96af692aebe5bb849b715ed17e3e038907b58643076dd9411c41d SHA256 (FreeBSD-12.3-RELEASE-powerpc-memstick.img.xz) = ab7857ce4e4df7c2e648eb7273c367bec0b581ba2d8e57c0d4ef0ef8af54591d SHA256 (FreeBSD-12.3-RELEASE-powerpc-mini-memstick.img) = 44f4a1a285bb53007dea9102a3907199f0cea63cf6b5a45ebbb539d07bfe5e4d SHA256 (FreeBSD-12.3-RELEASE-powerpc-mini-memstick.img.xz) = 551e38150bb97760f97a54e6f8a67d2e04d0fcf6cadcfe2dd536b03de5f35887 powerpc64: SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-bootonly.iso) = bdb03ce7e373a4aa4f53b7763fca94b3c00cbe437f208d0193c19ef714258bf19e224f509908f3cbb3a50bd0448644a92b785752f3ecf3c5fdb81239bfeece85 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 6d563d52bdfd937ebcb4df41038e3c9c17bcb2f8fb86c5ef703894be3a1f5de215d310442412a7917b208f7175c091c54403a88f6da83bde1476e1c7fbba848c SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-disc1.iso) = 6b5a0693aa608181dfd9a43beed976efcfb89e1f8535febdf55c8747701874611f6af6e0ecca38368938c1259d717ab1aeacd152d4d5f5fa0b3d75ea77b52e85 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = dfc96a53172ace7980da000bef15fb17915f6702ca7a0cd3c823bb08d8f5716740dcb0cb0a69ef1390066164d692fbaf0f54b0f4bf38964493373d0c1687cf3c SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-dvd1.iso) = 1929a8640070ffbc301b2b970e0f8fed964cb3b05cd9d5304aeb7deecd3c7387587860dc499a907e4269cf2f707746f29b2b6a4603d772328f3f4f53426e7dc3 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-dvd1.iso.xz) = 4bba44281312ceecd8987f06895685753a6ddac29398fcf94e52da42ad96ebf8c3eb430721a36b3b097a678acc3584d60b4ad9673b0a675a3290ec3eb67ee747 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-memstick.img) = 1275eda998346bb05ad09bef01d0b9cd68728597990cb66fd1218ec9d1d480482bdc30dcb16852fa132084e78bf46c7e8a7492a2741bdda2f5c7af708dffd6a0 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = 2f163ab61644510f0e7136adeaba66864ec51c5446e42bc152ba1682b94d1c6a6a7cd651ad8c7cc2886a0c2cc93b087be2d51e0e70dca3ef753d2de2c1d51c57 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = 9e06cc2712a46652dea437b75b3f8f37623802b0a1306a591b635525c8ab67d3bfae5e60a1b1d2aff252a69966f58d03e56474ffc24d0a900fe88e4d1c87b86f SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = ccf8a7f1b62832648cdc0a3c8b11d66cc6389331fa9c91344c6cb79b126ebb21f0d430a37e6e97c5fa5c67a50fef625ede04d6d3a84091327744cdac7c70774b SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-bootonly.iso) = 7ae884ca94f6829d1af2c96b8044af95e606f2eeac5262d5721783ec0cb12a8b SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 89920c266d8ecce0e14d0b5e62ff0dbae6fede8ecd566651f1a9e89ef8e30661 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-disc1.iso) = 506d35b74fd59879fc14a4542ac788bdcea5a8d881b5f8ba2dbcbd4e872d1b7d SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-disc1.iso.xz) = 4c0c73ce725333ebd5f6a08a29c7e91922bcb629c156192615ae97618ae60530 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-dvd1.iso) = 6d99a21ca3af8c3b1e2d3832855b22d63ea60b8c5c36724c91ef57d8bba9596b SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-dvd1.iso.xz) = 6949b688308748b6c2438b000c9cc613527ec5a1cc9e9454d15683bbb13d7b4c SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-memstick.img) = 9fd96f4a7fbb36435105c44be686291aaf41a11967640683197bda78c6a0d47c SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-memstick.img.xz) = edafe5c8ed3e335c48bbd563dbf00d092dede13bc555e510d58b38cec7fa2633 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-mini-memstick.img) = 95acbda67efe1e2c13cc965936a1fa2b23d4674c9564009d59760c68e77aee57 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = 35fd854bea52f97b0343debcc0c79a7555a8e7987658f6533227f33972af849a powerpcspe: SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-bootonly.iso) = b17bd599a244a3084326b4ff9d4e49d34f1116d1e6a3b4afce0b7369d35e1960e10ea86c906f9b0b05a4684c0b114637882991e8260a68478f03e86593616038 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = 6c31835fda404b51628598c63133a35d6bc2a5e29b251d39f9dae751f906b8d613f192381c8af03a5ebcbe0eb7bd3c82cf0c4e9930b82f108b2ee5b36fbf58c0 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-disc1.iso) = b74eb04febbe7a59ad2ee46490124183efe7ba6b05bfc4d96c13554c4159f0e278b11ba3209a0cc9839f6a4e88a72cf761c78ffabdf21b138ee983f130ae78c0 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = 1ef5d374c566dab67e090c256bc9ddf4521889fd7c2a1b7177af07c1420ccac212a11cc411713ed229334465d5fbacf899577f59e380a8aec9477b04451b9a14 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-dvd1.iso) = 4a75f6b04998d7e956e2b2a3e0127d7172971d09dc25a10c587fa7b99de0194f1b7069a57c4dd0dc98b8440c9708046647b1165141a55978fd95537cd97f4e0a SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-dvd1.iso.xz) = 0b6479c586b8cf11e93fdcee59b9d9d90df469d6fb3b3b16150bcdbdec2af1be98c3c50532e095623f0bdf4349373f88cf2b1784450f6daacb642e8a7e281dbd SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-memstick.img) = 0e7f56d60bccfcf5b8a501a819de1bf80d4b54774ac57627851ac507f5ce1c08dc4d28d3be1baa9402fcee505b76270b615ab2d72fc23586ea8f526ce9171d76 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-memstick.img.xz) = 65cfde4c35e0095ff5027b09de55c58d26d5e615e657931d59b813825459307f35c8a2926432b83f512729e8ccd7ec025e45160ffe6ac044404ba2d224609815 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-mini-memstick.img) = 9bc50bb7766e89858903c580ff48666045038a9473e93f630782fa17ee69fe42ce30b81eea178d18d4271797dc0beeb148962bacf099d22f114b5da27f4756c8 SHA512 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-mini-memstick.img.xz) = f8e35be271030bdb7e743c3e6238924eda18036605c0250402c6336db5acfd0f071fbaef1c4533140cf7d83182d7681f08d3653ed4e2852a12f787a91b55fad1 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-bootonly.iso) = 7bec12afb66f38bc17c9af7ea4e433edf4847f9275a005c9591a45a92fb12dd1 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = 9d0b470fb8708d97fc8c8e4782db8ffb63c42df455885de61c9d56186a4ec0f0 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-disc1.iso) = 4520282a35ba461aba6dbc1bdcb8e8e9ba79cb6da4190161548c4ee7ec0d09e5 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = ef97b7a39308e0a43657c7669f40f83e561e64ecd6bcc5e6d05f720b51b62263 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-dvd1.iso) = 580038fe2f9d1fa4e835ca5fb9ad2bb0d3ee1fcaafaf50613c21de7a53018d0c SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-dvd1.iso.xz) = 6365ca3654c7b4cf51132d179e1ae01e8866ba3cf73988b5e6cc1183e92a8d43 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-memstick.img) = 48ea17b09ea6fb000c04bfb9b922008faa59009e665b27845d3c1b71204905a4 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-memstick.img.xz) = 3671b4eb8cfe35780baa6c7fb533baef93c23aaa914eb2084e4a1671dd5bc06b SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-mini-memstick.img) = 04fc5a35382eaa9ca9a1449b265176f6dceba212537f0c0b3f942a8f679cd9e5 SHA256 (FreeBSD-12.3-RELEASE-powerpc-powerpcspe-mini-memstick.img.xz) = 2f47292f0bdabb5071ca4ef530becc2fd4a454293289bc236d19c670479a65af sparc64: SHA512 (FreeBSD-12.3-RELEASE-sparc64-bootonly.iso) = 851a28c9f55853f20df09e6bed86eff05eebd4a72f48846c0a8607d4cbd0731f360cbc1f6dbf2e8c6a9d6c407e301f39e37f71b01ee9d0094393c4adc7059600 SHA512 (FreeBSD-12.3-RELEASE-sparc64-bootonly.iso.xz) = a4e7b852e27592c93b27ae1a696486abfb8cddce0efe4dcaaf5b3787fdc3d2ece07d104017cfa9ea91f3517ca16e527595fb047a85b827d61645ff1883c7f0f9 SHA512 (FreeBSD-12.3-RELEASE-sparc64-disc1.iso) = 661727fe99accab50a060d648d2081154059a4088e71d6aa08878224b06502c52134dd6deca0a0b0e34c0c62b42306bcbb4abedcffe4657a363084137fe514fa SHA512 (FreeBSD-12.3-RELEASE-sparc64-disc1.iso.xz) = 96444b3c7b243f5d1f1e106e110f08153512b0eeec121849e8442cd35fa884d8d2b2fdba569c9b557801ed86bc49dc4affb16a7848a488996848594aeb163434 SHA512 (FreeBSD-12.3-RELEASE-sparc64-dvd1.iso) = b4c85fd43b7e19175862c54706aa7d9b72f9c33be804c90a11a1cab81ef391ff5466c09c1b3e4e37c1e238aee5f697b0ce771a6e5ea2a3d5ad5985b1e1488f1e SHA512 (FreeBSD-12.3-RELEASE-sparc64-dvd1.iso.xz) = c97d7e79e8b17d00ef8fc8f580d13e2bace196a0fb882016855f02944e791d7d4d9f75e43d3dc51b5530e39468a17dc90ba9e0cb80e5fd5024067e69a150c15d SHA256 (FreeBSD-12.3-RELEASE-sparc64-bootonly.iso) = c3fa1a8231bf960b75f42037d5556847494f80a8c4927f9b4e490f4a13aa4eb3 SHA256 (FreeBSD-12.3-RELEASE-sparc64-bootonly.iso.xz) = e5f9001774903e1d145b9f770f72a1957ef05d32eb264d4b1f0ba248f295d7c0 SHA256 (FreeBSD-12.3-RELEASE-sparc64-disc1.iso) = 3ed1ab02e10977a2927b852877092959464147eb39b4b4d7eb40b24f03ccedd8 SHA256 (FreeBSD-12.3-RELEASE-sparc64-disc1.iso.xz) = 26743fd702f3248da4b8c131ed9b1494d1b4125ef1668272524e5cccf2a8d9b3 SHA256 (FreeBSD-12.3-RELEASE-sparc64-dvd1.iso) = bc3fecac8f151a65415a62fd724f470ffb24eabbb9c391de98c5539f0bde2357 SHA256 (FreeBSD-12.3-RELEASE-sparc64-dvd1.iso.xz) = d8db8e0aebda4c1fee3c4a1b4625d0d1b53340ca42d85ac1dbc7ebfc6ace27d8 aarch64 GENERIC: SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-bootonly.iso) = 4f0c0144fa47ea2e5dc258c34ec697c50f5277ceb073119b4e8a2a2eebdfb669664f337923f09690314b9ebc5cb3bef887531105025666d947dbb6ab7584174e SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-bootonly.iso.xz) = da9313f4f644b5db2d6beaa559f8239794e56b5852393dd0a898ffc35025ec887169d366be32214947b1d2ceb463b4c696a737bc99b8bfa8dd48ed60207c81f0 SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-disc1.iso) = 7feed724f051466d6f7b181c1c824bdb261c0e6fa65c5ecc961545cd27393f9af498697d6167688ec6e96d2af652fd5e62b43c9b7fa284b39489e4da6358248e SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-disc1.iso.xz) = 574e9c89c05efa9254f985ab15fe7bcdaf6b50dbd4514a9cab2d149ea8c50970adb493d82c667444dd1c489b7e1ee9364280faea05fd383f82901d8cca330700 SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-dvd1.iso) = 8f509a91cab764e65e213bb69d98c7b158af55dba75502bde3d07c72d70f1b842af5b82b2f911754645a4dab7675645fdcdcc1d3a6736dea74ab8228f4759ebb SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-dvd1.iso.xz) = 50d718c513f4b0d17894312b00395587e0300efc607139974eac03043cc8d27d2e4e73354fe085654a6dc004002cf2b486e650c67751e743aa77b56b7d35f04f SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-memstick.img) = cbc4e7fdd912573384046982ed3af314a081e9181bececc4bad830f19dde41f4ff3d86293c8c4391d94a0a53d6241649a4fa9586f412b6bcc3eaad7d43398018 SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-memstick.img.xz) = dab6d89670ce0fb4e69dc102b21bf0b1ace504c6fe94607930ac416d06b2415f92655e4578963918d1cbe25aa4c06a3794229b261af438b4563ac4d0857f4bb1 SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-mini-memstick.img) = 003203c6f8650fa2a8a52495228c023ec56574e76e7fff354bd0a10506dd3b41a8bf4832d84e81c82c89fb6895780b01ba115f2a61c5f3a9d9fab463fd19616e SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-mini-memstick.img.xz) = 8687e67d84c5dde2c72301e930c4a01c81c57d3a7414b27f5d16e015d97e198fad8667ce1e453f9ddb569b566ea1ee1f2154bc674aa6f6c7dcbf10050c555526 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-bootonly.iso) = c7886d884f38144b2058eb9ea1c163d314f2310caaa78f313edbd368717c416c SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-bootonly.iso.xz) = 944474f9e8412668965bffd6130fc081307a5463e276e2a29e597d13eb3783bd SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-disc1.iso) = 914c0008825c93aeeca0d5b9512d194ea4093767220559db81be2debda5ea7be SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-disc1.iso.xz) = 1ef6dcc6bcbfada478c634d5dcd01779d64cd45711f82d5c00f9a3ade4f45096 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-dvd1.iso) = f97c23dde3d3e3c0ced3a08254000c6e59a8f8dff7cd27e314553cea7b0fb692 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-dvd1.iso.xz) = 1f7880596d4490099c67f6101cabc218bb0873f6583ad1c3510a3d714b7fdb50 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-memstick.img) = ab3929aa2a5b6f3194e13bd1222cba9ac039b88ecdd31645b031192f2baaa5b6 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-memstick.img.xz) = 0bd0bb4e79e917e9556263e35ed7079b3dd2fc330fc6bc47365ac0a003d7f348 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-mini-memstick.img) = 7186322e8de5bc3d6cb3c6fbf1e608d25cda47b6afa8143a0d5c3e3824074f00 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-mini-memstick.img.xz) = 9cb324a36414c38dd600a98a3cb754793b55e009a56206a8bbc3e170799f0425 aarch64 PINE64: SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-PINE64.img.xz) = 8448b898ba0805ea43aa2873bca3d9e1679eb4c3762b9eee3413efc14ccc82c2d2750e2a1d08bf55950acc3f944b2af2f2752279c0c5761a8c96eb740125af15 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-PINE64.img.xz) = 422c306dc86c8ce2aa167b30f1e32ac8cb12e35532afe4fc7891d5765ee8ed5b aarch64 PINE64-LTS: SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = bf7e9b98eb15b19e16278acc0e69dd5162dafecf4b1dd88c8e68f08e9549a7337a81462617d1ef02843f1ef17d9f58b7a60fae3cc9c5114dba66988a462b97be SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = 0ff037e78d0ce5b0296a35cfdd24d225ce5ac4dd2ccb4a56d068410e49f54ca8 armv7 BANANAPI: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-BANANAPI.img.xz) = 4c51a6bae6390a40e46cc2281e94d706d087e01b1a0ab6a56d2a81a0faddbd11f14ffbafbc55c73cc789878ba8b77230672e79bae549d5b57cba095bd520b763 SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-BANANAPI.img.xz) = 3e9310dd5e3a375880b70ab5bfdf73c9673d0224fcd5f2bfe2cddff71668ae36 armv7 CUBIEBOARD: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-CUBIEBOARD.img.xz) = 7abe910bd417f0b2ebc0ca2f346980621449d6bfc7f82aa8e1018e7b0a0e4584b7bd08a6923d7714b6a4a46421a7d48f4f35b326d9d2229db7bfd77b53921857 SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-CUBIEBOARD.img.xz) = 79f2b48f20579c23df725ad73b1c12d19c91e73126cfd68ea09a3d57237273e5 armv7 CUBIEBOARD2: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-CUBIEBOARD2.img.xz) = 381d24253731afed8219e28b71c39832e02acd300b82f617953512a3984acc6983f0e2340a589e9ee78f77ee89f400085cc6f0e1ea397949630327156b853d44 SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-CUBIEBOARD2.img.xz) = dd4b3a507bac1dfc2e5a85522a33855b343b73914fb11ea1eb1d210b493ff847 armv7 CUBOX-HUMMINGBOARD: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-CUBOX-HUMMINGBOARD.img.xz) = c3c0872b504c9b8f0aab5e92e92902ec9f24175065f92bae6d900cd804a74753c2e63c22ea0038825967c466f94d1cb901fdc5e1bc793a70fffd0d6e76c6b814 SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-CUBOX-HUMMINGBOARD.img.xz) = 46c2c06bb332406f3be31b2db580809ccb790715d073c3552e3e3dd677700f96 armv7 GENERICSD: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-GENERICSD.img.xz) = 03063ef9a8da5ad407385296b33c00c237b5e75e9035cc2ad6646250aab54ac58d8e75612b91f38accbc1a759634369e2c322af9a9f975a6b8e8bd16bed392ec SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-GENERICSD.img.xz) = 028a95a35f84d728f79efdc64e545f737103ae4fffb5f0d9d75265d6ce2c0a0e armv6 RPI-B: SHA512 (FreeBSD-12.3-RELEASE-arm-armv6-RPI-B.img.xz) = 7b218b769c73a961e7d38401e4225e68c4de39d2ed9f36125566b9f541217f59401bd1ff447b59bfc3a25e76d51b3ed3c88404a00fd3ee7d1d9699642fa5e81e SHA256 (FreeBSD-12.3-RELEASE-arm-armv6-RPI-B.img.xz) = 77eecb051e278696cb12fdeb09a5e0354dd27f78baf7542226e4edde4218429f armv7 RPI2: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-RPI2.img.xz) = 5993da947c9738757e7b08c9733ae07cc5b20fc439a8e07dcdf8cbf89d355db77fb47cf44e292dd37244438058d050218c2e8b67daab485ecb484bd3d91b0e04 SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-RPI2.img.xz) = 836ca37987b3d641e7f0831ca17ca395babd945d6396c0c8e029e37001306046 armv7 WANDBOARD: SHA512 (FreeBSD-12.3-RELEASE-arm-armv7-WANDBOARD.img.xz) = 3fb85398f8e79b41fc3c7be28e6550d48fe86cec12cda8ab8d76c37089def1b3a85ab07411dff1972d14aad7f173453683431a518f03b74f6c1cb6108737f66c SHA256 (FreeBSD-12.3-RELEASE-arm-armv7-WANDBOARD.img.xz) = 3bd3fe4fc5a97caee03af7ce5eb6f9192547a848dfc078682d1d9d3c5439184b Virtual Machine Disk Image Checksums amd64 (x86_64): SHA512 (FreeBSD-12.3-RELEASE-amd64.qcow2.xz) = 4429f8f266e0da613ff616f0934057229f024dac113b248aba9c48200458c94a737a32cd1df792de586714b43653a1f8d7f555d8f6ef13210fee800a4e804705 SHA512 (FreeBSD-12.3-RELEASE-amd64.raw.xz) = 29c4b670bd2adbc4f8880ab74e62a1409985af1f76e2ebb160b8a9a9dfc66b741915171401471e45b4dcd59212e1e50c68685f4dbbd96e86b67e56cc26a39017 SHA512 (FreeBSD-12.3-RELEASE-amd64.vhd.xz) = ea8303561dad68ff4425e86590ae2390dc151a0c8e62fb28115734c7f8e09db34f9eb0f150b274d1edd437127e4e4c5d7e2b65dcbe10e8d323e5ad2bab3aa6a4 SHA512 (FreeBSD-12.3-RELEASE-amd64.vmdk.xz) = 71d550812047577ed871393b96e801c36e76391831da40f300079046815fee1046bbb62c1df56ce8ad5160b8f01d174b6833f16181ce99a3b33a85941a19e23a SHA256 (FreeBSD-12.3-RELEASE-amd64.qcow2.xz) = 325a0144132c975ec70a27df696fb2af8492c353f23d542baf9d5bfe2fff83e7 SHA256 (FreeBSD-12.3-RELEASE-amd64.raw.xz) = 8632f0467837a6b113d323074316774c0fb1f46207c8826e48fe905419036b26 SHA256 (FreeBSD-12.3-RELEASE-amd64.vhd.xz) = 1e0cd4edabdfd1ab3df02c3d2ba57512bf762f24a1f563b6fbe220cd420cde47 SHA256 (FreeBSD-12.3-RELEASE-amd64.vmdk.xz) = 7af7f0a0c7d30ec7616b235cbd29bae7847f1855ec0440259b970a3aa44bfe98 i386 (x86): SHA512 (FreeBSD-12.3-RELEASE-i386.qcow2.xz) = ae8f1bd16d79fa0faf4501a963f9a0ee796b86c1d32be64f3a626d173ff742be3c74c32100b84762de0194820934a25f2aacca8c9a5d5516949159b9abecdf0d SHA512 (FreeBSD-12.3-RELEASE-i386.raw.xz) = a65b2bbc44012b90adcf68f23df75a8bfbf84c6cc2f0de731954ff499d3a71287f756cf755bebc4e067c3835a817e2f243b805c24b8dba9952aab918b7ef5bb0 SHA512 (FreeBSD-12.3-RELEASE-i386.vhd.xz) = e7c9f99283b9b2e52b55b255c5d73e176db0472a7e759de9f296d387e4b7bda6024d06b9f8bda1dcdccbd20a8668926bdbf90b5331bf9fc7000ec4e6e89c537d SHA512 (FreeBSD-12.3-RELEASE-i386.vmdk.xz) = 841ecf7f5af6135969df8217419b50b20adbaa3d597bd408bb79b624d7801b3f460704707eb23811fe035c538292caa69d52afc01e6e2c64f57e4affbb5b5ca3 SHA256 (FreeBSD-12.3-RELEASE-i386.qcow2.xz) = b0586d6ca034a3b4b08a070d41e1507617ff68aff971ea1e0d09e899dd712c4e SHA256 (FreeBSD-12.3-RELEASE-i386.raw.xz) = c7888166c86f76ff0d17bb5fefb355affe5bf61ec027da21a469e26336e39fc8 SHA256 (FreeBSD-12.3-RELEASE-i386.vhd.xz) = c1d1f5dd71de58e53f6d73f108b0c14cb13b962c7ebdeea834c8adefa13cf507 SHA256 (FreeBSD-12.3-RELEASE-i386.vmdk.xz) = c95fdf87b2fd0adcb2eb09cf3774dcd47d0f24d4348714a72845eee917bcc80e aarch64 (arm64): SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64.qcow2.xz) = e30a0263cbd1931a70e1329d25a8841374b0ce75e4c8e14e531c8e6d858732ec80609a2f33e01fe319116b4d8eae3d0dac9d77e31b30adff4ca3e52b5b83c99f SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64.raw.xz) = 38cca80beb6b541e185cdf7d76c0cff15230d0bbdfcdc9cde28c658834f88a39a2f18503b94683b748c48374041d975feb3216c000545ee901b92b56532e8ad1 SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64.vhd.xz) = ca6c3f993d4d6e9fed61506eb9a6ceeff20168ab4cea20fad20ccc211416093617353e54f7dfb516f05e47412730a560dc86c63cf3a06e23a139782cafee4eaf SHA512 (FreeBSD-12.3-RELEASE-arm64-aarch64.vmdk.xz) = 6957bb46f055ab22ba27ac52849e84a3d73fc80f0f06e78af86efb73a1ea7b6059d9408ac0d94e61a728bd3e1d09c953513e2503c9dc19dd31b66918d85e1f27 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64.qcow2.xz) = 63efcf3a6deb9ba92194e28f2b67eb9446a5c2698335eec3fdf7224c33921d28 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64.raw.xz) = 0dc3ab3937b1d2333a5e9bf07b1b0a3ffa9fea4273e5e4c2ddc4d65f056fd0f4 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64.vhd.xz) = a458e7b84420c3276ab61f273aec4635a9f94dac81a6e99460a1ebcaeb30e689 SHA256 (FreeBSD-12.3-RELEASE-arm64-aarch64.vmdk.xz) = cec259a4cc64514069de9883107d9e661a815cae75d06556f9fce2bc3737a0b8 Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation! https://www.FreeBSDFoundation.org/donate/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjRJAPC5sqwhs9k2jAxRYpUeP4pMFAmGvxrMACgkQAxRYpUeP 4pOF8g//WugXx/BkYCkiC20z9TmA9gIb4Q3kIMM+LCzvj16Bt77bDTlCXYPPyUi/ Agdgfj88o1OeiNU+hyWuEikwIDeHRNqoIV++VDuPIc7/eAYYn/moKqRayef4JdpW uM/OGgcfn8bkmNym0pbNxSxbmsE1NGWVWgpeWztCKxDSRM7494pFmZmYTad87Q2o HW9IAs80sgWCcQRydqfhtp7S8xafUVs7wA3CcQd3RIbsyXsqSgzSSmavC6Vq/KmW AAxBgrSi/MEtoP8m+MwEGlh8//dcp0pOtXg9aXFhtQryI9on5P2WSfCNnvlZjxe6 XyUzPJBqTxbBD2jiJQDeVK2/QBkjVlJw4yxrsU/+5B1z0Y3AJx3WWb/ABRdrRmMl B4o4/++j1elKlZxnz7HQSWKkLSafulrpoDjVVslFiWpnHJZLpkvEQQuZ+iRc7VAU yhPAk6U7GUNv+p53YQzuAYkKQwTpmA6+C1KyMqal07OUxPDGchVPDwljsc00/LFg QvpUH6gKpvaf4Vo9ejKgonpK47Yoqf673/FdxoyNjyAVepEVCJ0RY0r5yX32fK5/ FA0kgQq7AMh+faJrQ+VrqL1CmPgMbjSz7zFLJ7KjllSQf/0BpgWiiI8mWX6rD6mx yxmTRuDpm7cL9e63rCrrzRSBFFsOFgecU3tN7tvRMFGiD60nqtk= =zxID -----END PGP SIGNATURE----- From nobody Wed Jan 5 18:46:36 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 2E239193A4EE for ; Wed, 5 Jan 2022 18:46:37 +0000 (UTC) (envelope-from jrm@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JTdk46PfTz3vRr for ; Wed, 5 Jan 2022 18:46:36 +0000 (UTC) (envelope-from jrm@freebsd.org) Received: from phe.ftfl.ca.ftfl.ca (drmons0544w-156-34-249-199.dhcp-dynamic.fibreop.ns.bellaliant.net [156.34.249.199]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: jrm/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 993B99DA for ; Wed, 5 Jan 2022 18:46:36 +0000 (UTC) (envelope-from jrm@freebsd.org) From: Joseph Mingrone To: freebsd-announce@FreeBSD.org Subject: [FreeBSD-Announce] FreeBSD Foundation Soliciting Project Proposals Reply-To: proposals@freebsdfoundation.org Date: Wed, 05 Jan 2022 14:46:36 -0400 Message-ID: <864k6i58c3.fsf@phe.ftfl.ca> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (berkeley-unix) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641408396; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type; bh=nOYOOZFbstKFwETr55itwTgkXNmvjV/smt0QqL5t3PM=; b=mP2DYCPSd88SKLltpJQsTcgVH8Es0FXf6TqLgkcpxERmZT7D7lZLMj9zL7wUEL66w1vY0L xxQw7HRS0UqXjFKMvuuVThcB3TJweLPCszCFDPRxUk0khkXyFwtFwCCtudu2hlTFgU17Pu 81TqNd/t60gG7U5JhRqFfhYwsLih/4t/kxONy+f4ZLQ67AhicSjJcXKZBqMVRPqheBqCWs dwEkdQ0jaOaE79QKJd3Sfvn5B6ASDYgNVO8eSXmBT3cm3VfEB9tyECR1k5Kn3rZXlmhnz/ 3pBtr0Yu2KRbHayqwFcH7yJkIQY7QLLHtKgYL7W/cplybnvtMOhN2RLCR9Nx0g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641408396; a=rsa-sha256; cv=none; b=ZsPZfQFw5xluNSwbqsFlabkzWH5d1FmqQM2zSDIBqi5kf+BkM9un4u1PePzhjGu0jR2jRQ tcx/7yGxWzpIGD2waBt44U1qpLemnapB5DVBR4gNryqlQ0rul2rml6vEZUEmn+Q2v2yROZ 2tvcRvk81FwBLU4RYKz4MXYMl7jNk/wsPedq3glnRKY6NQwUknNBSo5gh7WpaBhCqh9x6f R15lKwohigZ4+9oqU5JCxJM5JxZ4TysuIHcuKSjAlRN5sYKynw2JDoO9xOt8qMwLdyXOwu /aewVBUcwBG5fVhMRveMLB7cM2Joz3jKrHcM0fV4MYxbYhZAvx9zILyFx0m6Xg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N --=-=-= Content-Type: text/plain The FreeBSD Foundation is soliciting the submission of project proposals for funded development. Refer to the following documents for information about submitting a proposal and for project ideas. Proposal Overview ----------------- https://freebsdfoundation.org/get-involved/project-proposal-overview/ Submission Guidelines --------------------- https://freebsdfoundation.org/wp-content/uploads/2017/06/FreeBSDProposalSubmission.pdf http://issue.freebsdfoundation.org/publication/?m=33057&i=263272&p=50&ver=html5 FreeBSD Foundation Technology Roadmap ------------------------------------- https://freebsdfoundation.org/blog/technology-roadmap/ Contributed Project Ideas ------------------------- https://wiki.freebsd.org/2021FoundationCFI Successful completion of many of the contributed ideas such as Raspberry Pi hardware improvements, support for the exFat filesystem, and adding Capsicum use in more applications would be beneficial for the Project and have clear deliverables. However, please do not feel limited to these topics. We welcome proposals with other ideas for improving the base system, the ports tree, documentation, or other areas. If you think your proposal will benefit the Project, we will consider it. Please send any questions about submitting a proposal to proposals@freebsdfoundation.org. Key Dates --------- Call for proposals: 04 January 2022 Deadline for submissions: 15 February 2022 Notification of accepted proposals: 01 March 2022 Regards, Joseph (with Foundation hat on) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKkBAEBCgCOFiEEVbCTpybDiFVxIrrVNqQMg7DW754FAmHV54xfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDU1 QjA5M0E3MjZDMzg4NTU3MTIyQkFENTM2QTQwQzgzQjBENkVGOUUQHGpybUBmcmVl YnNkLm9yZwAKCRA2pAyDsNbvnqeSD/479a/m3D42D13cUKBIw7b512r4z9OearRg PyHrcXi0xGNyTmSoNSgqDKCCksIZcYojrKxa/U0Z20/9RzeuEI4UB3Kf5zp09Fa5 bK9F9EbyrwdvRrWpoAFyPnZFN5M5RfFcrzbF7LuUkWTDgyhqfGMGh8bB6yBb2/4x wDUUvYQApO044rm70TjC4u5EGGHnK3ZsZDpmrPgIpLPU40M0yFrlcPpYY2E5Znh+ nRUu7Z8eqIZyFA3u+rECjTZBtDBy3v35X6cRXulkOE2yK8Fz7ruf7g2Z88VLGFDN kYg2t6w7BY2TZcVqWeuhMQeOlmGJBawGPbmbXwfct+xuGQHGkYT8OvGq2O6S4Phg cIagbrNWCY/SGscLwtUUymHW0nmVaWlqkg2euwIMkqkxyQBUlZ8bpTgWMyfSnRQ6 loSWXPyB2OvNpWDkxiwCWT0aDVYO+Ef0GAVsaHL3bwWIenqxWezU384DWPribDol gu4Q0YX3QQThFABGFsb7QHhD7QWA10WVvYH9fHQL5KngCoKFiB/cjFKYIcD+d75r kJs4EGcn8GC9xq9J7HI3YSa9bjhaV/kaM/HdShN+j1PlnEom3IkSeSLk+DzLChui b+7FdYBFKo1KS1VbuwUuDnPsXFqw1YHaX6Ap4BCBjC4GXchD2qF+QKKK1k20y2bx fbZ9aL2WbQ== =X5a/ -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Jan 11 19:39:14 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 9EE65193A4C1 for ; Tue, 11 Jan 2022 19:39:15 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLc24vQBz3Hk5; Tue, 11 Jan 2022 19:39:14 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929955; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=CO1+eECP7wSGVSGjIFAdYXBzpywxdA72eUYWWcLLsmY=; b=DebWfVyhppeL/ifg38XlajiIUunwIT0JWHLapZ++POKY+B0eeMzzss8ygBxgO/E+3JNBi1 NZcerPEIR4ok8pkoCZZ2vCexhXzDRbEA+BPEN/ByNpcDq8DTyTaDtXi+K5wdlIe2J+Ae6E 2MZOFo3kCk/aVvhmiXz/NnK5Z5f5+wx/eQMXYJcWHHltHgTYjjXQW2DKBz/E41M1oic3gG xx0S/TI3eB8yQu/hz8VO1rMvzGS2YDRBNh/rky/S3sm9uZ8c6Dtv7kIpoXT7DaS99ljx1E cXGmQMYxhm9nATohqkG94i1jDHZH4FleSpZQLENxX+NR6a4c965+vv1Omk9AaA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 4D8F91D936; Tue, 11 Jan 2022 19:39:14 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:04.pcid Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193914.4D8F91D936@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:39:14 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929954; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=CO1+eECP7wSGVSGjIFAdYXBzpywxdA72eUYWWcLLsmY=; b=NxsfpNr1q963Eo3T3nAfIeN4hWOCkC/VfZ5vaAbaRj92HjwK3fB0BtxQ0SaZfscn/jQeBE OPrvfAOBXR9zR89wKpnAmsC5StYQrDfg95ezMCYUe/X1bbBkCMC6VW+WlOVKa79aBzmjIO X7QkJtuXFPBNbjBIXo0n2MOgAQ7q3Z68Q57V2rezVP4/2FKcXkr4gvwl2NvkXSUaWrbL3X NvMUNqTivLS8n+JuN4sqwCRPfvG2Ymn21m+igUOauA1leIJrfsNTRcm1CAxuBinlgNm12h WDxL3jM35W+DMW99HQfeIcP2fFmY4uC7/n/G7IBM1yAIFUt+L1RAOvESAKq5MQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929954; a=rsa-sha256; cv=none; b=Du4b8ygb0fOgoB/H+lhggrlyscuN3kmW8oXOh9IsicON8k3UVo5zK5VwuKH1vs2ZhJ8F7p fE3fDOEgGFQRxBsdSZUqfAktxPoq9lLzkMBAflVHnN1Na4lDS+ntprfLSvrPVw7jTFRwpi i1eQamvreNFoN1V0eKb+Lz1Z9oBpg/CjkGeqek/voZ8qRHD80g0ReiIVpbeRcgWFbBRW9e he5Bc98kSI0rAS7cI9Uu+p0GFuA9f8bbzeLY2nLYUm4qQLm8Halb4mvLz3V9vhcZ5Gm9sR h1Vcb7vxWkHanVG+zEqfZLkb9gcaMMUSUswI2hKUJ8oIDeuwZ4itbbbIoNDEAg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:04.pcid Errata Notice The FreeBSD Project Topic: Incorrect PCID mode invalidations Category: core Module: kernel Announced: 2022-01-11 Affects: FreeBSD 12.x Corrected: 2021-12-14 14:46:07 UTC (stable/12, 12.3-STABLE) 2022-01-11 18:19:29 UTC (releng/12.3, 12.3-RELEASE-p1) 2022-01-11 18:33:17 UTC (releng/12.2, 12.2-RELEASE-p12) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background When switching address spaces the kernel must flush stale Translation Lookaside Buffer (TLB) entries to ensure that correct data is visible to the CPU. An Inter Processor Interrupt (IPI) is used to signal other CPUs of the need to flush TLB entries. PCID is an optimization that associates each page table with an identifier (i.e., Process ID) to allow for efficient context switching. II. Problem Description Operations specific to TLB invalidation in PCID mode were misordered with respect to IPI transmission. III. Impact This issue may cause stale TLB translation entries (and hence invalid data) in multithreaded applications, leading to application misbehaviour. IV. Workaround PCID may be disabled by adding the following line to /boot/loader.conf: vm.pmap.pcid_enabled=0 V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:04/pcid.patch # fetch https://security.FreeBSD.org/patches/EN-22:04/pcid.patch.asc # gpg --verify pcid.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/12/ r371237 releng/12.3/ r371485 releng/12.2/ r371490 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1f0ACgkQ05eS9J6n 5cKgjQ//QW16Hxk3gfCvYOKk1PAxDmov2RlSENPrIT/LaHq6UVjGOsB/xaRGFK7U peWDMtyIQHboTG2RW819xAuB0ZRk7tLzZU9oOIQlQBWwV9qugre9pBLOHhbr98wX D4tZ1nFN3Yz55I2RWPzyT+ncF2NdsXAJLuBtmb4Uj+MPqMl7dhj01X82vPaFvjJH tJDMyWTgWHGJlGRk8ZcQ48gF3/G5p3xV6oD0axCQ+RXz9Sx8y4xX+uW2IUskTFkD ukbRHiNG+Mh1Jt4R9TC92AIvIvFhODts8+R1/1BtARQ76exfYDw6mIf+JC2oCX5+ TrUmk7G8/cxCMyafVNU5+qqVx2qQBcJ8MG/4JwjlEl1kYy9w4ehhB1R7jJtJdfkr CD92bhJcPnS4zB7M90qTanPA+B7QlBWsbxXEaYmy1jyPZFl7KWLNxME6Ywf9BTpW oNE6Jnc77EkWWEMpYAk9i5udRCmxDDnYVFaMWuJR3GaSi4yKNxz4P1jsqOYWLR0v M+fjV6/PJnzn1xZBAWyCHrNT2gUbHxSrjEuHA1r6BKXt59lRFw5VEjwE05T9R7nd gSi12DEkzvz2ijq5iDFblKmW4B6f8jZsnLpaH/c+U5JfaiEotxb+fg2XCyBzxot5 teHqbyKYYKGWmwRl09HyVB9rSawKibmQqCvhGSpxqSjJTInHLpM= =1FCm -----END PGP SIGNATURE----- From nobody Tue Jan 11 19:39:24 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F38C6193A5D1 for ; Tue, 11 Jan 2022 19:39:24 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLcD5PYMz3J1V; Tue, 11 Jan 2022 19:39:24 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929964; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=fL209y7M460/hG2cqRKQcK7DGtEicZNJN5Vwa8u35gk=; b=H6kj64+CVIUuU4ZzfPTLrSTfKcDhjUChxlDDOdlpAlcJIAbTonDOwaxd+ZHVClusS5X3Cu esWJunbGBBu9McfvrXOBTqlVNwtcpCmVybTBGiaRkW9Ny5f1tVlEnIaGvzIrb3mqOJRhy4 nZqKchQ3KJXgDkWWwYGm4nTGp65etWdobMTBu2wnEHfY8TOKbYmrJxDEEWJEIMiiiG0Mw6 E5D/1YldnybUTbL9H8n7rGX3W3+wlYduHR1sbYYiN0RF7dfELbnPQt231+hXH7nKqVWjmf TwOTTATh6l00RFxjzVe0pBhniIAt/bFj2zdZhvedeNQU72gFk/u1UQvzhYbppw== Received: by freefall.freebsd.org (Postfix, from userid 945) id 694621D84A; Tue, 11 Jan 2022 19:39:24 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:05.tail Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193924.694621D84A@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:39:24 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929964; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=fL209y7M460/hG2cqRKQcK7DGtEicZNJN5Vwa8u35gk=; b=qr8C2wIk6JmWngAwHNk1lrqQnNMPux9TvPHAK3PvrxG/AoyikdXBAvJzgOrqObg+Ic0aA9 rNt1JOTlA79tD6a7nFnfHCkxjRtY7zxhPBnp2VCacR6SXPEb3TBhqIt1HpNmqU5rnTorzk 34Vz1jzCBVRlFrfVIOfJaSQqqbsaIE8mtpC+1CXfUcdVvKNZWBUFLyJeQLiSjBOhxH8CnS fyHNnuYnll1ELfmLCwx1iDKlwcLmyLy19kxZ1yc7KoVShiDzmm0vJzhhBM09tB4i4nzTYu ijusuytIV3UW+k4WFbB+BpVQulz38hVQN4onL/XHrtaNiokWerL2BaYrs1MjEw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929964; a=rsa-sha256; cv=none; b=Z2xgS5H9jd75ZGIg3ooaC+u2Jw9MXvmSsYKALg8deB9byLKUZB5LW7VjZSUoYXjs+kt06g tSbeyc5ozhF+eC1CznbZiCB8ilHT3yyE6aBxROOrUot73r6VCF9CUALfORjUbNG2TLDIQL dO4kXGAvc7NaBGxYEM8LfD88ZR2XHXi4Xe9RAX1RBXx8uie6yjjR8yWZbBRxB9WXkrBmmy 6sXW1dJ3PIb9ePWXK7qgeln0+nb4ZcTbhiGVnOsGPnjXZbNIncEYyCMOi6M5gwIP9fxs21 OFIT+ZT16yEmPwJoEkwPcnf/P1wrwE4OV2qHn87Ov5yUynfS+F6E1h7iOJFEJg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:05.tail Errata Notice The FreeBSD Project Topic: tail -F fails to follow some types of log rotation Category: core Module: tail Announced: 2022-01-11 Affects: FreeBSD 13.0 Corrected: 2021-03-18 20:12:24 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:15:01 UTC (releng/13.0, 13.0-RELEASE-p6) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background tail(1) displays the last part of a file, and can wait for and print any data appended to the file. As of FreeBSD 13.0, tail(1) runs in capability mode via Capsicum. II. Problem Description When comparing the inode number of the current file to the file tail(1) has open (in order to detect log rotation), tail(1) compared the inode number of the already open file descriptor, rather than the file that currently has the filename that was passed to tail(1). III. Impact When using tail(1)'s -F flag to follow a log file through log rotation, depending on the type of log rotation performed, tail(1) may continue to follow the original file after it is renamed, rather than detecting the rotation and re-opening the original filename, and then following the new log file. The rotated log is usually never written to after it is rotated, causing tail(1)'s -F flag to not perform its intended function. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:05/tail.patch # fetch https://security.FreeBSD.org/patches/EN-22:05/tail.patch.asc # gpg --verify tail.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 8c59e863e2c0 stable/13-n244979 releng/13.0/ 60cacd2e41e1 releng/13.0-n244771 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1f0ACgkQ05eS9J6n 5cKySw/8DUfeI4ku+36DJjnqTt+SGSqP7CLon8tNneD3MeuXxHewHfF9quVqlW5C 9qaCAJZztpinCvg9u2YXXZbbaZ6FPJKwjrOspo85/ZkodbXXtNkzfIHHVauE0+AH BbHYAMcAUjDgvUaApKRVkUUYODRtzlra2qqpA3ITzK4+vo3WYMmFA78uR6j6TYvN CWkXOEXPGjcMfmaLFtO7udfOs7//0+RaE4X15Ep+tWD+XZlgBF9kNqQ0jLOE6Dio mgJmlmHBNXPNAKud8VjLiEaJ0fhgy5q+9E+UEwol+XW/1HTH4ZMgXyPVenl7O1wH jyZhygc+sV3RK1P3ZC6Ecrm7Ktugtx9urmCOC8/isg/SVBbi1fj+hSeTY3tIrUHr yxtHS7aelPVENxHaRbHW1bJI5O4G0FH0KiLIMHkCg8/9LmDvdozpGqozLijXVaaf KGJ5Xt3qT3udbQP0T0yrmd5yusO75FLS/NnOrrCinQj8gB+355gaEeB58lWH2ndT EqfhS4ey4MM86nrxJrzxBymVlqfGmdNtfkl/HubsBy0qnJ6OWKwom3OCnf8rc9VW 534GFt6BIYM8Ixqc5oOy6pGwzA3vuQ6V3kKOiTNNCvTar5YU9biayf2KI5TTtOo3 vneWtb2fsOSuOdySNBR4k8LxDvefpS36MSgEV4TYiixXx+fRVRg= =nu3N -----END PGP SIGNATURE----- From nobody Tue Jan 11 19:39:02 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 24624193A296 for ; Tue, 11 Jan 2022 19:39:03 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLbp6F4lz3Hct; Tue, 11 Jan 2022 19:39:02 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929942; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=4Gm7Lf80VYmt5sZ+DpwOD9f2wgeGjG2Cgz5/t5ekiCM=; b=GBljTKpBM4Su7ggGrs1QKAr2syTsS+Ax6YMMYXV1TnX/KvTOFZ6GA091rUSDnx9wb3Wtwy 3a8TEvQooJ+ONhdC9D405IrcY0C8QDKC7zCywwFoJ7H0rjH9a3O46c88kBhSv+CeSgbIZi w2bvuiC7/uEcNOJe/K6HK0Xj2jCi5wr1DfgOp1GIvetj5ElNHiKu2gdGTNdxLyaNPImh10 PRDzv0vxKvkEajy9AR0yHgAUHlXaE52tSFZn9vkWcxxecCPTLVXdDcxArBQUzW6shR+Wkg SeueuMD4KndtS2aiibOqnCRR/DC9FL5k8xyzmYoqlZ3T802komLuFz7HYNIT8w== Received: by freefall.freebsd.org (Postfix, from userid 945) id B40921D6EE; Tue, 11 Jan 2022 19:39:02 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:03.hyperv Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193902.B40921D6EE@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:39:02 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929942; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=4Gm7Lf80VYmt5sZ+DpwOD9f2wgeGjG2Cgz5/t5ekiCM=; b=ABaVBWHXRLCegKSacdlQzZ+WnrX4lA6kV4tbX7XfGymLA4uOPi6iMdDLE7+T54CJewwIK0 Id8nTAiE7PF5V3BqBe546WdUv+s5cT/8tw6Wkjoi4vLpiz1RGOTSS2BK3NMhOLQfEgsZT0 myY8xa+RyDZqmWEpQR9YBukoJOPxUnpxtE+tUS2VzMTApRCn3uz5whOh/cvphbd+Z76QJ9 /R3jYwquJykRF5MsX3Cx9RkN7V0EK8Pd1RSbXYeiDMxqcJo0kjCwk8Ppnu7TLGdu4GxmKv wBRj5ZZD7IgtfIoJKtw1rB93z9XR6lI6SOK2t8/LeV8kwmMi1Zu1d6I3gtAaMQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929942; a=rsa-sha256; cv=none; b=M5kH8dpHk0A8ZHcvhZ3rrFecDsuNPYOycCWcEw3I8Rdlly4pl6iutt0ETUBq+dJ9oTRAPb zUbL4tZC89MoXVgkfFmDnXGTTU5s2isxJ6FNiRjbJNx4DtT90LRWzXdP7izN1dxnsCAr6g A6XDkBOLgLxDvEioicU4YGaVAOo2Uxm1OpIpFEG3jzAEfk8D3Ljtab0KCMILWpG+Eq7Y8M faLpfajAATaxgaGJMKgLvE5/+Hy2SanzwAHCHTzCe7hSzf/hpBdwWaLD6q/7BiqfH5i7so zVXmoCtkz4aMduAv2SRhzmAkwr6NWQ3B1EU9lbG7vXqTkJAuZ4iwWQaiPTlrYw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:03.hyperv Errata Notice The FreeBSD Project Topic: vPCI compatibility improvements with certain Hyper-V releases Category: core Module: hyperv Announced: 2022-01-11 Credits: Microsoft OSTC Affects: All supported versions of FreeBSD. Corrected: 2021-11-30 07:43:32 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:14:59 UTC (releng/13.0, 13.0-RELEASE-p6) 2021-12-14 12:20:17 UTC (stable/12, 12.3-STABLE) 2022-01-11 18:19:26 UTC (releng/12.3, 12.3-RELEASE-p1) 2022-01-11 18:33:14 UTC (releng/12.2, 12.2-RELEASE-p12) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Hyper-V is a hypervisor provided on Windows server by Microsoft. It supports vPCI, which is a virtualized bus driver used to expose hardware devices to virtual machines. FreeBSD provides drivers II. Problem Description A Hyper-V vPCI emulation change can cause SR-IOV (Single-Root I/O Virtualization) and DDA (Discrete Device Assignment) devices to fail to operate correctly under Hyper-V. In recent Hyper-V releases on Windows Server 2022, the vPCI code does not initialize the last 4 bit of device registers. This behavior change could result in failure to initialize guest drivers for SR-IOV or DDA devices. III. Impact SR-IOV and DDA devices may not work in FreeBSD running under certain Hyper-V releases. IV. Workaround No workaround is available, however systems not running within Hyper-V or Azure are unaffected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is required. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install A reboot is required. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:03/hyperv.patch # fetch https://security.FreeBSD.org/patches/EN-22:03/hyperv.patch.asc # gpg --verify hyperv.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ d11e9de955ea stable/13-n248279 releng/13.0/ dfca965af4e1 releng/13.0-n244770 stable/12/ r371235 releng/12.3/ r371484 releng/12.2/ r371489 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1f0ACgkQ05eS9J6n 5cJOLw//UcDfEZpVJqRvHm3e5B5c/rXCFLUWSS8NOQ7c4ioAOFZdOIs2D4u17Mbf EJwiYLTdknv1mT2BkE8hr1fgPb/m1+FLyyEuhfaIRpJuqzn2l4YW4v9lwpBNl0I7 neuKqK4/j3SIjgdq7HZeiBEAyhIq5BGzzjnkPSbtW+RvGI8TCaAM7MgJYzCk1GKs kaIHyc0tyFIkoW0RDTjWt3g6UD+VVn7VU6/8xfiBBF9WUBKOay8MtgjAQMpNXcLK SZY2gLM9SMcdHZaKN0M5C0uly1bsXYn8eGOTy+dwGVOiJU2J0rFkcPdFjAIiWARb c9fotcunUzv53dy2ZiP0VWv4chdqv8Yel9wm6D0jkqZ1QKTq3jFnHzaPCmcWPII5 92+YyGF5Yg+pm/s42AqVaMblN0vH/y8GlwOsp9zQBn4jjIhgUENYRdJMfY0KBopH 7SqWtC9C9yUli0PQHN79z6/u7ZIzEPugsGk19WAZUktcWIj+kTkRq7PGBSm3CL/E tSpfRkhx1nMWa6c2ujZkFVCW7+HBaGtv9rlCb450g6Uzv6/7aYPGvxh7RCT8mQYK 9ao05vSkdCrbdGSTlCDG7iSjGTGPVLj7LH2eGp6mfXiZo9UmfItwu24J88QfRhmO nUW3NY9Ff5dYKRLUw7G1nNIynzWsEz8NKyV/HwY2bkd53090CrI= =wXdl -----END PGP SIGNATURE----- From nobody Tue Jan 11 19:39:32 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6FF9C193A7F4 for ; Tue, 11 Jan 2022 19:39:33 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLcP12TBz3Hy5; Tue, 11 Jan 2022 19:39:33 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929973; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=vzwUHMg+ghT+od1reDVF6Lh2hgeLsqN/vpwJRYrKKcM=; b=Ky+swI0eWo0TDYWyvUOrAbW1SwDIdleoaACnr7LtBlR12WAf34TcPlvOipOxZdiMOC5cO7 orOYyXe79ZijtKHaJKdieJ+q/eA/88u/9r/gRo+v4q9XMq9afM3ViwWnnnIwjL4/KZroxy doxJ9ISv1bU5JIdj0cxhPEt2TO3sz8/PLyA19+wpQHQoXzM2HUhZMOGSrNqddspRUIgEKh kPbnpjwfq7R0OYjGE6oyyVXDr0GsA0Haov/G0SSf85Y2L3UrLD5ps356FjVybZH0ECA/N3 ruvHT7nBIhpg315uWIEj4/anEYq6FOdxE48A1+c9wZIEjxG47gQhPSPFq7CJow== Received: by freefall.freebsd.org (Postfix, from userid 945) id EFD081D6F3; Tue, 11 Jan 2022 19:39:32 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:06.libalias Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193932.EFD081D6F3@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:39:32 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929973; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=vzwUHMg+ghT+od1reDVF6Lh2hgeLsqN/vpwJRYrKKcM=; b=ADwiPJUIBxRRvq1JtHFeJ+cUEBIuFwhr9x/t2wFo2jITsBK7PKUstFJng0h01Y86pJ6/U6 0Kd5EzXwzek4+tcrCNYH0JbcIrlzEKQUtAIchPl+LiCD4UaVo00b/6c1zWBHuLZXCZFV5r BfvlF2RbAvm4imTYjbUecxswDzBrt+bzhM/IoOjyUXvD+RTznA4mtHRZHo86DDfJZzWbx0 ZNdlLJLKAPX/CUMOPF+K2s5HP2gONpzYNopnbSh0SqW5QzljU/cIr9Fd/PRJkdtZyzMG24 6sTypbUbD7g865bSzKfOeQI226FXzOaWyCEyda/6kmO+mhkK8H6A9sDVIMEBsw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929973; a=rsa-sha256; cv=none; b=CtHNGA4Mi11G4TNtsgSu/aoXu1iGb9sDdb5nAesFzJZD3pV5sbgJPSXGCHieKrgcgQ4TYQ r7tuiONN7VC/T/CLAF8wYrS8nsWe0gCqnviQRCWzgb2CtVyTEZEUvTz1C/VEHI3WOJCazm wfGnnqbJt3mH2pOuh4xa3SBR4sUaMKwyuNRLxjXs53mFketCIIF8Sgs8cC9vGZrh/CNhjY j0JfGBhQBmy1Ern4bt18TryDBVklif61OF0Yd0ZSXTfP++yZ4VWfu9Ywrm2XcugyfQjFO7 RlgBJBGAv03BOTpOg3CyF8Liv8tDnJG3ViRekvLOY5FOEnAdm17PU9bOjhyg5Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:06.libalias Errata Notice The FreeBSD Project Topic: Incorrect fragmented IPv4 packet handling in libalias Category: core Module: libalias Announced: 2022-01-11 Affects: All supported versions of FreeBSD. Corrected: 2022-01-09 22:04:56 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:15:02 UTC (releng/13.0, 13.0-RELEASE-p6) 2022-01-09 23:06:52 UTC (stable/12, 12.3-STABLE) 2022-01-11 18:19:32 UTC (releng/12.3, 12.3-RELEASE-p1) Note: This errata notice does not update FreeBSD 12.2. FreeBSD 12.2 users affected by this update should upgrade to FreeBSD 12.3. For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The libalias(3) library is a collection of functions for aliasing and dealiasing of IPv4 packets, intended for masquerading and network address translation (NAT). Additionally, libalias(3) includes modules to support protocols that require additional logic to support address translation. libalias(3) is used by several FreeBSD networking components: ng_nat(4), ipfw(4) and natd(8). II. Problem Description The patch committed for SA-20:12.libalias introduced additional validation of TCP, UDP and ICMP protocol headers. This validation failed to take into account the possibility of IP packet fragmentation, and could cause libalias(3) to return the PKT_ALIAS_IGNORED status code for the first fragment of a packet, rather than applying aliasing rules. III. Impact Depending on the configuration of the consumer, this bug may cause fragmented packets to be dropped, or may cause further processing of fragments without aliasing rules applied. For example, if the NG_NAT_DENY_INCOMING flag is set on an ng_nat(4) node, fragments will be unconditionally dropped. Similarly, if the "deny_in" flag is set for an ipfw(4) NAT rule, fragments will be unconditionally dropped. IV. Workaround No workaround is available. Only systems using NAT via ng_nat(4), ipfw(4) NAT rules, or natd(8) are affected. Systems leveraging pf(4) or ipf(4) to perform NAT are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 13.0] # fetch https://security.FreeBSD.org/patches/EN-22:06/libalias.13.patch # fetch https://security.FreeBSD.org/patches/EN-22:06/libalias.13.patch.asc # gpg --verify libalias.13.patch.asc [FreeBSD 12.3] # fetch https://security.FreeBSD.org/patches/EN-22:06/libalias.12.patch # fetch https://security.FreeBSD.org/patches/EN-22:06/libalias.12.patch.asc # gpg --verify libalias.12.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ ec746e619578 stable/13-n248913 releng/13.0/ 4378aee9f82f releng/13.0-n244772 stable/12/ r371477 releng/12.3/ r371486 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1f4ACgkQ05eS9J6n 5cLW2xAAjuMj68hzBt5aSxuRliu4wT+NdXMq/M5VWH9kHSZw2HrMfQuDY25ecwWE VAkeQoIAV/+Uz8OrVKBBqlTgxZyFxmM8a2pNBURPSeY508o7X5h8HMHECaUndqMJ dXfa2YgpUm36RQZfaKCGbBCIXUj4V+fmSFkoq87U0EXexrCim6m5tzMoBsWV7Eob KWbZObwR2PrvYSoHvdbPNWrGF/6CDu/38x9TBxPU+sT3dVa4qJyUD3D/7hhe3Onb VscwvebHNKZwaxxEJJma4xbUcOXJpOUVA/JRjphkzeX5B1Fgix1N4ae8C3ATXiZT H9OhB+AU/EtTU5rbcWjEiNckIh/icGV9lkEuqX4AXKmQHeYJEVCctY+IgcZfppzq MpY1OuDhjObvQtyuBv6up0EN/Lv2AAN8sooXIwwy00DX6ISnjtynP81huCpHLRE9 3xntY/y1JHDlNN5tFOBc+z3YNYRo5ha36UXuhi5IQvxGeN5gonW+cK3BUluK3U+Q 9ibXXaHPZ6V1nowksU1A72RGR2B+axYb7KrNzg+20I/rmjl0t2ZBtULMq1WWks/w nLGY/Wb0uaK7GUiUte8l4ggm0oISGIa0ICCV3OogBeaytsWB0fi2atKJxvMuMvPT XXj+zrqPw33nMu9mf0ClWQwiXWD8AKi3kFgfi6o9aC5zWd1LlCY= =qTdA -----END PGP SIGNATURE----- From nobody Tue Jan 11 19:38:52 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 46AFB193A01A for ; Tue, 11 Jan 2022 19:38:53 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLbc4gwHz3HqG; Tue, 11 Jan 2022 19:38:52 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929932; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=CxWUvRU1T0pvyI6wN0bBXa5bylxeEOFyVaAWExfnpKo=; b=xD82QmM5PLjsDKx9bkmTM+K4XgaSTuDRqSgSdMTZ+v5P8UZ4HPzFY6PqxuD725n8NLetMd 1TZanuH0guUFDjVNMZmxr+1Opr/GbRLhPSBbtcYZszlSooqASPF5btpnX4pHZKf3jhcmnO SJrUcJ4aWNPIWDpSMLluEB7gW69wPHHaH1uJco5K/Bn2XCdebf88Xt6EKcbYL+qqcY7q3S Z0k4jUTYP5EIELCWlKO0nYO0DIvnFwqcbwlov6JqOE+giz7wc/MmIgLNcr7SrkEi0qQdPz t6EwVhs5vB/y1FaXex4n9l69zYlaskyQjclUmridFQ3MIihk4HTxJ4fqmyRJFA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 3BBF21D8DD; Tue, 11 Jan 2022 19:38:52 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:02.xsave Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193852.3BBF21D8DD@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:38:52 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929932; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=CxWUvRU1T0pvyI6wN0bBXa5bylxeEOFyVaAWExfnpKo=; b=gSSozwwp/lOCE6UdNYzVAOgL/dtgEaGSt1zxccXkOq54qC3ucl4IUACFPfs/ABKcybiQHn LaJm9H7QwR3WN761U7+VTwkxFV/fK27n/GCzyTX91nEgdWkVEr08uKIdkBcZlFGdFglRIK LBx8W/vxNM3YWKlT7KqWpcNKeBmA58PU0Gkv3Z5JUO9RQ8+Ex80F+Rq0g/nL6AoBOjI+Cl dGhGVQrDEYlNFilqgjC2i/T7Q6RvvLniuKlHZy5ORvRDrwcTOPthrk/ZV7zkeCceDssgbt wuUpGeZANcPtgZkONsRQg3RzUExqyi7hrTN6R/fDAx8WRbYs02BL0ZRDp4ASTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929932; a=rsa-sha256; cv=none; b=HsJ2U2/ga289PH8E5FtC6IZxKDWBrZq79XQgN8cfNsLno+4DHLUlEK/PW6nWYS3XOjxHEn 8AaNDvt3+7hjKFYSyjCrBs95z2hrq30eFjWWm+iF0P/dQaOQkVqMJg3Vbs0tu0I5l82HWf nM6CIFQopTCtolodnSDWfq/BnL59GvcNGWNLgDXe+wcn0tGTgFxOp8Bh52xLAKikZGheRW 9fin8uIUFlKCU627GEIw0azTlFMjs5cUKLAzgZ6zVKeL5Cq7WUiKeFlg9yx6WIsXfssReq GPwkzZHWhCKkVOGZemA8DHZhHSssO5kROQMlCGBIfHFYtHCSg4V2InqqLSsKUA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:02.xsave Errata Notice The FreeBSD Project Topic: Incorrect XSAVE state size Category: core Module: kernel Announced: 2022-01-11 Affects: All supported versions of FreeBSD. Corrected: 2021-12-12 02:49:50 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:14:58 UTC (releng/13.0, 13.0-RELEASE-p6) 2021-12-12 02:49:50 UTC (stable/12, 12.3-STABLE) 2022-01-11 18:19:21 UTC (releng/12.3, 12.3-RELEASE-p1) 2022-01-11 18:33:11 UTC (releng/12.2, 12.2-RELEASE-p12) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Contemporary x86 CPUs support the XSAVE instruction, "Save Processor Extended tates." Some but not all CPUs support the so-called init optimization for XSAVE. The optimization means that the CPU may not write all of the state on XSAVE, and indicates that it did not in xstate_bv. Whether or not this happens depends on "complex internal microarchitectural conditions." On signal delivery, the OS provides the saved context interrupted by the signal to the signal handler. The context includes all CPU state available to userspace, including FPU registers (XSAVE area). Also, upon return from the signal handler, the saved context is restored, which allows the handler to modify the main program flow. When the init optimization kicks in, the OS tries to hide the effects of the init state optimization from the signal handler by filling in parts of the XSAVE area. The CPU reports sizes of some of the XSAVE state regions, but two of them are fixed and must be hard-coded by the kernel. II. Problem Description The hard-coded size for state region 1 (SSE/XMM) was incorrect, effectively filling the xmm8 through xmm15 registers with arbitrary values on signal return when the init optimization occurred. III. Impact On amd64 and i386 systems, application memory may become corrupted, leading to incorrect behaviour. Other platforms are not affected. IV. Workaround Use of XSAVEOPT may be disabled by adding the following line to loader.conf: hw.cpu_stdext_disable=0x1 V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:02/xsave.patch # fetch https://security.FreeBSD.org/patches/EN-22:02/xsave.patch.asc # gpg --verify xsave.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 1d6ebddb62bc stable/13-n248578 releng/13.0/ f2caded7f590 releng/13.0-n244769 stable/12/ r371242 releng/12.3/ r371483 releng/12.2/ r371488 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd2CUACgkQ05eS9J6n 5cKE+w//bOsl0ry/Vx4OaIFzX52Blp6iu5nYoSwFu9wipTq5d07xL+UhXT3bbnRN yzxJz4KLkBlBaorwN0OX9N3/bjErOq10QMzzcX2jQnvixgIhV9oxqZoOoMcehfVp 9L2yo1JNhXkn0ysKU2ysxpi1F/9t9xATcqxxC1PuSbl1N143qTnmRB5EWDi9Ygan sjFgBhcTmfz3gATxwKP0hz25KaXO+/0WwZzYHCnGYncPnfh12OgKCkMDi6H2v54R 7+Rl0JtbycK257UIACki/s1FgbiIXkQuPLILD3YBn1kuXFPDhlIBKeK4NLu0G5DQ 6vqYHKrP5RssGsXdROVpjTe4eO1VkKQAkMI9NHCo6SOStbHcOqiB0bdz0TuGYyQN uhI5we2tqDb6uhZBi0az4c+yKp58d+2dF8DizRKGelDjDNby/1L09XAiybnR8liN YcHPV/v0Sx/QPjX9sfutMkhtpw28OdPeqoAQyzW9+VSeTC4z61CDmFi9qrN7Vpne KIvLbgaBYFMSsN4oeG5CfZzlemLNkk8R+5JKmPCxoewX9r7jj2gr9yMqXcmQhjyR 46z0Xp9JL0ovYzvfA9g0nV9tPxmRsAuOL2k7C4nPI38kXbCUlOuCjcNc7EP/gdfi e7sNXtXwzRDWgO4ipHfLeqzmAnxXy42vFpD2Be5RjbsqXdcH+6I= =ejFK -----END PGP SIGNATURE----- From nobody Tue Jan 11 19:38:14 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 53C811939545 for ; Tue, 11 Jan 2022 19:38:15 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYLZt6YlFz3HHh; Tue, 11 Jan 2022 19:38:14 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929895; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=EfVrgY2i1qyfYQHm1BhhQ7WY0XA5BV3T+UVlPV7bXhQ=; b=mcE7B3BWb6bG23W1/CwzNSGZCXVRgl3xpL61hxnTX8zM5Z8swmX8suIqDGTGBJf2KLjHQn xP1wNw6oMG3KiaSWtQntqAL6i8nNXRsowj3JS//x6tVoV7KErnui608ZzPBbLlZbB3/kTo ODY0Boer/k3HvGecpzArI/bLy945MCPFmOdybLyoyNJlHaUOZhGWEVbbrG0w3eNm8H8bF3 hwVaLFUtcHY5UQuSjqOHiYjGVhyd/qku96ACNxeNSrGAjYsYmBkvIjhfNwRKa1w9X2j10s vP1nicpggTs2+FiJS+ROyA8Rw9t40OoOragADVC7NyhWQL63VwoGOMby4t7uKg== Received: by freefall.freebsd.org (Postfix, from userid 945) id BBD631DA09; Tue, 11 Jan 2022 19:38:14 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-22:01.fsck_ffs Reply-To: freebsd-stable@freebsd.org Precedence: bulk Approved: BingGo! Message-Id: <20220111193814.BBD631DA09@freefall.freebsd.org> Date: Tue, 11 Jan 2022 19:38:14 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1641929894; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=EfVrgY2i1qyfYQHm1BhhQ7WY0XA5BV3T+UVlPV7bXhQ=; b=b8drEUp3C4rRK65711x0gH2lwHo9llAXvPkBoGP1F8zZE09tZ1gQNCNJriWj8PeKjhPi4A yrjz75ET5aOXGhh12fOFhxzIdyJmwZbAPE4d6OLmo7auZAD5nLWrp4KTV3xYrA8SBZ7DzL yVDUaOexdy5+QLcgT0n3kdyM5whq0k3D37s4JtBy7Ve3+qD5MoOLoh1WbRiR62h6Z/PsiF do9V9w6sZgOuvEi+28NHwfneAX0cP9VfqhJv6R1glLVErHwfDt8BC4Ub4iWSE6PlX/9gcF 6GmPKwRhaLLU1DWK2ubwEECHkm0iKF03YcVS1nvZCyH01vlChd0+z3WRL+2/9A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1641929894; a=rsa-sha256; cv=none; b=mBarZIt2oVe7IFP1RgC29fh7ZmOVAcHVOZVFbyUH1emySdPuPyJxWPGzxBmBgW0unm8b5X /pXTRbxA7HMOoKDIIObtkvrx38vgto+kZLyjXF3P/aE0tHWjD8UPyzq5Aa4sDNzF+IenmU pCcpmMb3bWcD4AxBLBlsuMTTCRqPfcM3r/Rzgf1HRoX+9xv+kB390xnLhxBU5fBGA4tZdt 2FmezpTo0Y16N+6PqHaXBq+DdcApKCITGQCguBBKtQs4sN3ow9Hsiv84PiDO4gB0QpdgQC iMU3ERmC87XwtpUj+gdFe2MCXLK2I6RRMuzNDLuLgp2o+2luhL2DosrftZs4gA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:01.fsck_ffs Errata Notice The FreeBSD Project Topic: fsck_ffs fails to correct certain errors Category: base Module: fsck_ffs Announced: 2022-01-11 Affects: FreeBSD 13.0 Corrected: 2021-05-19 21:38:21 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:14:57 UTC (releng/13.0, 13.0-RELEASE-p6) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The fsck_ffs(8) program checks and corrects errors in the UFS/FFS filesystem. One error that it detects and corrects is when two different files both claim the same block on the disk. This error occurs rarely and is usually caused by hardware failure. II. Problem Description fsck_ffs(8) was not able to correct blocks claimed by multiple files. III. Impact When duplicate block allocation has occurred, the filesystem is unusable until it is corrected. IV. Workaround No practical workaround is available. Duplicate blocks can be eliminated using the fsdb(8) program, but requires hours of work by a filesystem expert. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:01/fsck_ffs.patch # fetch https://security.FreeBSD.org/patches/EN-22:01/fsck_ffs.patch.asc # gpg --verify fsck_ffs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ e198c1dc8f6f stable/13-n245745 releng/13.0/ 3286a8dc8382 releng/13.0-n244768 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1fMACgkQ05eS9J6n 5cKY0hAAhYQC9fvksfYxoWdsDW8KQX2LdTRVPZ9zfZ/Y1AAPfDU46C41SI1sTIn9 0AunPHMVqnku5H8dh+TrL2o9PAW1CktxoTnHA+sFZX0/2hbox6UB/Spr/Iq/auzB iyAZ/9jskb4YQuh1HPHp7P4uCdAKfY5lHFE9bn4nLNpH+05AwIc6AFCQ8xilTaRK K6eu++DuxJ4p3WLJmRERjuBFK0HAIEnV72diPfZvJH6HOpgTqRTsvURai4GkAsH8 zyexLlHNUGWY+Kbl2t915i7Fu8ApIQV1HJ1sxi5NwyRwm4e/Azif5kjtAlgFOUws gwOfsbqEfGqmzopFSaCk1d7DcjhAnH0GkZ/SGO/WFCiQYV58rXoqs8q8GLpTBenF fwQ4IZakrjz/2qlUxNTMM2YbSyf35GpxuvV0jnigHlzXhN+I11yHS3r/GycTUJ1s z+Hk0JrV6f6fBxCDqC8hrthaxbf9jqcSsrYKRcaIUkcCB/gJ6wz3AApCkW9Z0ii+ 7sRpnNlvPQYJm2PhDTegCfASGRPd0GamXZNVwzohn+c8u+AVUQ5IiPabd7JNfbXD BhPnMj14/1uFuj1TtQ6c9/g+dtLvM7r0p9W/pbPFh1+PRkpyTGWyN5WWCjY3e7wa VOkMVapFXnfe0VLK5VFOCcb7lLbd2uDeaxkGRyP+4rBNqd4MC6s= =J7Og -----END PGP SIGNATURE----- From nobody Wed Jan 12 16:50:14 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F21E319465F3 for ; Wed, 12 Jan 2022 16:50:14 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYtpZ6QBsz4Z3q; Wed, 12 Jan 2022 16:50:14 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642006214; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=i2heb9FW7HS/vs9rz3y2QunA4kbolCGEO1wOJDkhE+M=; b=H0m89/exFt7bieR2Cwt59vzI1lQOgwm8YXoYmcK76XobjWsQ3NTL1zY+IoW8HtSYT8PJMP oDOdOF+YJopRpDa/nLwmJG5Pbvl2Tt0/J2kHty6TTzXICDPPRNZhE785Fcvqt0PwkGHi4m 08KoW4UQ2XhoLzvl3dfGfHpNzWKADT+a/8wxkoDbHznWHGH4MVLAApYUMy122ucJEfXxy4 ifgIAgYQ45vzuLbQ9ef/biJGcILpIFZJAK/ygCBqLv7ICnzeQl4Zxts0cSEkzUYwQdooNi hNx0p2oKhTSob6aWxSKilSxQoiCYA69MO2f5YQpdK/H7zOXWLGwiR30MTeVzdw== Received: by freefall.freebsd.org (Postfix, from userid 945) id BE32B1FDB; Wed, 12 Jan 2022 16:50:14 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-22:01.vt Reply-To: freebsd-security@freebsd.org Precedence: bulk Approved: beauty-dew-stylish-enamour Message-Id: <20220112165014.BE32B1FDB@freefall.freebsd.org> Date: Wed, 12 Jan 2022 16:50:14 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642006214; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=i2heb9FW7HS/vs9rz3y2QunA4kbolCGEO1wOJDkhE+M=; b=UI6z5MWpjOjFpV6v9byCChicBODeXn9rfWSquEcCKiH6dmEi6hQPhJqIeUgkbpwzajK9pn yUpYC+baCRbO6fJefWkqNtfcvv/24xLxoGVat8q3muv9s/NHndG1osXEuB/2wdlB4lXsXB SBy5gHRYs5rhu5a4Qc3TaoWwFMNjrSbhMQd9njdjs5Tk4usm4hAJnnNM3NLZACEm1WjKzd cxNa4DApjwzeV7poF83m7uf82du8NwfORC3lux8QQPs9p+jg+iNjkl03oYFvWgWm3KDaRd 4MYDq4NrkntECvO2bawHIBcqA6VN5sMISoSViP2fHuKCKKZYr0BgV1uK7mpYaQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642006214; a=rsa-sha256; cv=none; b=O6AF8H/B71/CT3Sgd0rcJaKF/0nh4yN3hg3ThuPFU6kBEvfJCM50Y810yuNrdNsN6kwVDR OwnunxVogqo+46C30/+nJLc3NOlHqMCFkLh1ck9Ydulk7afUrTo6byAd8RiC6GBGenp+ji Ecg6Tn15/2UuWDTYeg5TGH+SkdxInFW8wVZqueSnXyzKIcQ4wM8NAa3Wwz+wNTmOJtGhFL a/bAd1DbdKIvwKyWjYJVdxnpzeUkS4xsgg4Sk6WhYdmDTp+GzLjfyBgWDIuplUpYTPm9C8 OTGg2mJqGRIQ/5q9+M0kIdMVHkhNI0rK+OYG69nI7zBEYbucdNVwI0V23UyBwA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:01.vt Security Advisory The FreeBSD Project Topic: vt console buffer overflow Category: kernel Module: vt Announced: 2022-01-11 Credits: Oleg Bulyzhin Affects: FreeBSD 12.2 and FreeBSD 13.0 Corrected: 2021-09-22 18:41:00 UTC (stable/13, 13.0-STABLE) 2022-01-11 18:15:03 UTC (releng/13.0, 13.0-RELEASE-p6) 2021-09-25 18:15:49 UTC (stable/12, 12.2-STABLE) 2022-01-11 18:33:21 UTC (releng/12.2, 12.2-RELEASE-p12) CVE Name: CVE-2021-29632 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD's system console is provided by the vt(4) virtual terminal console driver. II. Problem Description Under certain conditions involving use of the highlight buffer while text is scrolling on the console, console data may overwrite data structures associated with the system console or other kernel memory. III. Impact Users with access to the system console may be able to cause system misbehaviour. IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:01/vt.patch # fetch https://security.FreeBSD.org/patches/SA-22:01/vt.patch.asc # gpg --verify vt.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 9352de39c3dc stable/13-n247428 releng/13.0/ 3e0a1e124169 releng/13.0-n244773 stable/12/ r370674 releng/12.2/ r371491 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmHd1f4ACgkQ05eS9J6n 5cIgEBAAkXpnKSElsT96dj4RYWJLkqB4+OBkGoOGrsZj8zd5Ei85oohhL38xiYAE jQpSwblgYCqmOxRL4hGgKN6fBPMnc/zXCdZhJzAfgkKXsn4eY5mObN1jus7owsmC RnFNOLSr1VVJZs8H1RAeAjJT2I6DF0oLb/f1u3ik+bPFJ8Y4hvPEliSH7rpzVBq7 hpmiH1HxAArVwtJ15N+7u6vNUce57dWSh4NzPHLduzMRpatPKVqtkC7UJIvqisxl bQTK46MYo454SgbZjRPistwnV9NFKjuKy5Rh38/FURbnBxg8w2HVkabidMy5lJyU geSOvV4wc2LraRdSvJHZlNXu1BJKnPpTpsl6XNr8ePzAl9rRPjZKo8cEBMmTlqK0 KdMeKsf1OfspA/8L6mCpg4NDeOoHktCrICWTi4/E6nGX/e1hZrCXKcxf0KYbhcfO xNvrYtKkCtCbEnbzZbW6rjY/RAmRwwMNngVw2FWRuSWU6BCmfKZndUXFO7aghj6Q JKISfctwtcHWn/QzI2BN9pNWZlzAJ8BfxR+/bV6VJNuRILOhrvgjnUzpies1xv7z GRN9JlpxzqihhlX8JED7jDOm99YflEG0Ep7Cr1OYXLDVx1xxh8dQLCOwl5qjnKgd ELae8IKnUn5pI1Og44AsjY9xWOvxxz28luwFxsbYf+3UMo6M4eE= =hcWy -----END PGP SIGNATURE----- From nobody Tue Feb 1 22:29:05 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 9229219A68D7 for ; Tue, 1 Feb 2022 22:29:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JpKNK3mTvz3GVy; Tue, 1 Feb 2022 22:29:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643754545; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SJd/Z5njjhF7vcBRsXSUCK8YWT02lpE2CDIvgXpVDjk=; b=KUC0AMr438MkzbnOeuTecYAshJvo+uH+QYa03oUbna7wdTVRrMkRtDDUtKziPdVJHDgFiY ruMezC5XXMYqTQaLLVj6pVWba92Sn5Be1yCBalaO0MMwyvx1/Klm6rRnf9UUgIQEayn08e x9jt/EHfWqIWoWXHGy9R0ljF8zSTgBqfKv9uoz7E1sE18RqSCuvHdF1xz8xJEQv5rmH2Pr h65uoatXp8R516gvh3uraHf/3AHjSXnlZso1QYYlY/39akPGYgOwocTg5IjEhzWDSdIQbV 0nLXk+yhNs6ahPShho0uUJvjbz/iv3EgLPWpXP60yNPa4ngKunWtgx8bY3j2fA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 7176114FD0; Tue, 1 Feb 2022 22:29:05 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:07.la57 Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220201222905.7176114FD0@freefall.freebsd.org> Date: Tue, 1 Feb 2022 22:29:05 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643754545; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SJd/Z5njjhF7vcBRsXSUCK8YWT02lpE2CDIvgXpVDjk=; b=tszfIg2PRY0M2OjAz4wYjEaRIWCGp34EB1Ee/QTCafPLl4O92g6yy44usDLwEPyA69ROv5 kQhGg8FoWSiaaL30x6z4CZZ5KRE/UY1pewOjZpSmjZhzCTjT1qTSRT8/3UD5Dd3+Qso1E6 5QuER7ft6lKR/5j24jlABEusI1watzKVbllGkuKOqkXzPjZmqvhx/K6K1YXv7GHQ/tUD2y ygz3A0jx07UL6ys6ncM6XRehAlgsnSTvqZtxGEgntheh3JI3z8MR6Hcq/1H2IVoJ4Zzd1N LnHldJ9e2U/05XKNEvG2OcNeS+rNHTdH4PWjrfp1iokTiKul3lKOhoSRkYkTHA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643754545; a=rsa-sha256; cv=none; b=BZ15AqBcJ1rLteK/uTfHeGl9JtaryRDaiBCzrOC1zRc21YTcy7tb+pz8HbxoYAqYOipXNi 0yTwFiFvacmTSxqp07iHaBajukr0HK/7LLu/hUyTlsNz2+6Xcez6zX439HPajVmavlU19n +USZgqATzKFkPoWTGDMxdLLnqvdZdbW/E/2aLdGjxtLk3LBL1qYqWMEZbvPRQkCdIQDxf9 iXWIcGhWsLfog8BeJmV65mQGkFhhbggG5RGzWC9Gd7NexGyWuvtdci5U347/WPxiEvkXzO PVF3l1T3zJsqCIMUX4SEditOprfNJMLkRsjfMQZ++75CzbJVHbPybJf10H/BAA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:07.la57 Errata Notice The FreeBSD Project Topic: Intel CPU LA57 boot failure Category: core Module: kernel Announced: 2022-02-01 Affects: FreeBSD 13.0 Corrected: 2021-05-03 01:27:22 UTC (stable/13, 13.0-STABLE) 2022-02-01 17:43:46 UTC (releng/13.0, 13.0-RELEASE-p7) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Recent Intel x86-64 CPUs support 5-level paging, extending the size of the virtual address space to 57 bits. The extension is enabled by setting a bit known as LA57 in a control register, and switching to 5-level paging during boot. II. Problem Description LA57 support was tested on and is functional within QEMU, but fails on physical hardware. III. Impact The kernel fails to boot on Intel CPUs that support LA57. IV. Workaround LA57 may be disabled by adding the following to /boot/loader.conf: vm.pmap.la57=0 This may also be set from the loader prompt (i.e., for initial boot or installation). V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. After update LA57 will be disabled by default. 5-level paging will be fully supported in a future FreeBSD release. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:07/la57.patch # fetch https://security.FreeBSD.org/patches/EN-22:07/la57.patch.asc # gpg --verify la57.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile and reinstall your kernel as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ df6241fcef9a stable/13-n245478 releng/13.0/ f151464add6f releng/13.0-n244775 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmH5kzIACgkQ05eS9J6n 5cJP+Q//be4jFodkfCtiwKwMNr+1RvGZtopWq0X6g5CQCTIrPtUKqdie3ceOhjRi zl3vNInfus6iTo0jSBMiWCpj7cI3AekZvwLuDHKp1GWv5WWQivDe6A6sbrGSgIQ2 9MG7RYE7t0L0LVnzTSlHCWXCzTqmpzTXEePw7NqgPhg7J3NtwYLBh5C4MqmScA6Y vbNzWMGIfa9IJqaDcxxEdqqGoTrv/MEWzVZ7TzM4O8DWIm+oK/5E+qiTk1fSyc/Z uI6hUMMt7xxP8KkZdlqVODwHzVo6v4kigpNTqNK1epv3nFrL3hJ+e3GhWreV6tkI XA9pjZT2gyLz+Ryn7QyIzrByrpXKDQK/8nKu9eoQdhDdxN6sWS65PPQKPhzQOemk qFx3V2oK3UMF7Q2BeF8aDxm48RU8weDACcxn2w6X73VyIHvz1H3MpirxPrcwjm1v RQJKGUZfnnTfg8zsstVASaj2R2i+Qa0Zk70tbCaXrPH7TB6Cadx6sjBjoLViQYQk 99glmvpc37u2ryW4MKlDNLeae9LnW7jyDMfpGlN3tJ4AD6y+2EcVixiTqAEF8t27 hZgi/3MVUNltCfSUoOol9y/aqaTjxPHTR9HSjrmCnJAWHwmyk33lC4/17kd8Qx0U bEFufzp/pDwFur7dWJOxVehFHc0/MoOioJHbeN3oNBMQiFdDoRY= =efkJ -----END PGP SIGNATURE----- From nobody Tue Feb 1 22:29:09 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 262B319A6A14 for ; Tue, 1 Feb 2022 22:29:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JpKNP0ccgz3GWN; Tue, 1 Feb 2022 22:29:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643754549; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=xZQKsAt6Yvy7oU6MX+ZEtZ8plJe5oYhlO2fKwCPPfmc=; b=WwR2nzOLqdIz523TkZEv4Arw/N/mtm/TZQcdVYcmS9YgxZRjv6ITxaYVxE71mr9jp1gOKj BvkXIYGWNjsLUOQmhsbRgSuBSeGkaLGSS8hsq1O30CZvBag98npCdWJajpIKg24dG1V6kO wPMKKAjz/sZ2xaLoMz5NhdsiLlV81cxreAyqBjfZr1M/cZV1CAXkguDIvoe/HB9p3TKE2h +cRocccYWFSrmiqiaElweU6cdemtGPatuz/bS0vtLubqNMFU/0v5MXdeV3gBLk1Z9PS6pQ gcQUTZO4BJpr0VKVS9SYmuHQVueeu11YufcqikAM3JaTj081dGLJmzAMWSr51g== Received: by freefall.freebsd.org (Postfix, from userid 945) id 0DB3714FD1; Tue, 1 Feb 2022 22:29:09 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:08.i386 Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220201222909.0DB3714FD1@freefall.freebsd.org> Date: Tue, 1 Feb 2022 22:29:09 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643754549; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=xZQKsAt6Yvy7oU6MX+ZEtZ8plJe5oYhlO2fKwCPPfmc=; b=yCLdE4OozBCIp2b9ttRy5+amT4b/GJQU4Tj7+euC/wZwQc8HwANdWU6aAljzgpfS18n+3O Yiht1HJnQWkIH3/QHPT01u9K4RY/6Yp/tV0z93FYZNLuCaYzDaPv2WZgpcusdc/NK0OS0P ocJXr8OLuacwWQD3vIbKZHEjAl/X8CfAAq71w1JYYWc8EbxR18cwSVvrHtpdLyRF2iKm+M +yYwvtHxaiPWd3AlQrQbeBpx6xIAP7ARZ9mngBpwHByPMXNmhYKpX1reA+Z9IPb+tWZU0W jO20tWhqKCMy5AM9x8xAU5mgvzdwMuJM4RIvl7w7CCg5e9VjPsgMz8QZuz8zjw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643754549; a=rsa-sha256; cv=none; b=O96ZD2OAQUBCQYM1bBiEARmR5eEmfj5PS5pAElYsuU+g/vSoiYr+6xirQkbl7iiAH9BYu1 jtg75He/7OhYdH1W4yNzTFGXFqZuZFXUw4iIN3sunkhlQWwXaPnLbqC5SYaFbvOGGOlv2U yJ8XXtKB1mPiJl7p8YtDrCgsHTuxQ3Xqb5L/tKaAq17KjZDX2C5kZlnfpiAqZ3RCoX/nq8 SPcQ0ThqDIe6RQ7hn8ukjIgvQqCsbDCN5plBn+efGPLHOZCsFvQyFEEI8cedIiidBSv0JH yqMaM/uv2kTSlEwhE681Mea8b9ysCYm+z/lAnv4Q6VudVpiLfMKXuiFU7kgJ+w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:08.i386 Errata Notice The FreeBSD Project Topic: Regression in i386 TLB invalidation logic Category: core Module: i386 Announced: 2022-02-01 Affects: FreeBSD 12.2 and 12.3 Corrected: 2022-01-25 10:40:16 UTC (stable/12, 12.3-STABLE) 2022-02-01 19:13:44 UTC (releng/12.3, 12.3-RELEASE-p2) 2022-02-01 19:13:24 UTC (releng/12.2, 12.2-RELEASE-p13) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The FreeBSD/i386 port supports running FreeBSD on 32-bit Intel and AMD CPUs. On the i386 platform, the operating system kernel is responsible for invalidating per-CPU TLBs (translation lookaside buffer) when virtual memory mappings are updated. II. Problem Description The patch which was released as EN-22:04.pcid introduced a regression affecting FreeBSD 12.2 and 12.3. This regression introduced a bug in the i386 platform's TLB invalidation logic. III. Impact The regression causes kernel panics under multi-core CPU load. IV. Workaround No workaround is available. Single-core systems are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:08/i386.patch # fetch https://security.FreeBSD.org/patches/EN-22:08/i386.patch.asc # gpg --verify i386.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/12/ r371519 releng/12.3/ r371536 releng/12.2/ r371534 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmH5kz4ACgkQ05eS9J6n 5cJVsQ/+KFXts6jb5Nrm2qbZm38x6af3zwiN/v39cz5DumOvIC0OFTiaeaWU91Dc bytpGp6KIuOK6pYGIP4NrZW5L0pow3mwV/nxpZLATR4QTCiBydOgKekjaAiU6rxX vX/MS2rm6Th6EcBIw1dept1up73qM2FoM8DC+/e9HlCtqyDqfgBLqbMuSymk0fz+ Lh1Zj9ywS1sY+fn7eeAq7RmlTpuQBnlZEllDhf9paC5JWR4fu23XQeZHUUIuqOkF bnPE7hDaXdEvU0zY4b57vzTT7MQx7vCRBdCsk086s2dvInbeqTDEYSk5+R/kqsgR 5+xijYPGb9D9J0tMaETGQp0vLkDI4xJpkX8AhZ8JBIjxyKxKI/VY+KOwX6CfUmon tgUeo8EYkliLBUtq31L7MLMzzCN1mjA05h78uBvDjmm9ATv8IAmKlSNestIzfl4j Rw3oYpQU/TsQSxUMnReRth781bORmJdDnEDAvjqGKGOT9VkUJ/3chv13EHJX88/R No1DYB3LM4MaGf1c7paB9ahJOnV8Z5bk5j3nqLhys2asEvGcWvuWW722LO/wcREL L4GsQmEbUerTeh8Q5RE147ZTYOnGb5eIQi5McPRozdNQBLjJGUOEhWeSBdBbDgch 8cfYw3UdyNst80puq6t/4Wft4uhvkuNYKiaY9MKNYON/YHrhZ78= =TqoX -----END PGP SIGNATURE----- From nobody Tue Feb 1 22:10:08 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 5B2FD198A6BB for ; Tue, 1 Feb 2022 22:10:08 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JpJyS1q9Lz4s5F; Tue, 1 Feb 2022 22:10:08 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643753408; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SJd/Z5njjhF7vcBRsXSUCK8YWT02lpE2CDIvgXpVDjk=; b=CsgZF1uH6eQTB17ffkhvU7IeDfuCGiUnrpreCEruTZk6flKWv+oZrk3qH3jKsK5k2jgTI9 +ZcXU1/2J/o55wGTcGdYr/fEjoKGwX9+27SwihN7xqaQAIGdxg8K3yDMOXACwbKxmcuCoi 2TP3uJEI29ok/pqI5SW2vVnGaiMEHPVnSyeeVKtAMyhjlAx5QoUI7RLPxdF5WbjDbLOLz9 BAY0LTBFUF2uKSOcYLi/ygr6csg/alDP6KG4ufMEX7K8zHQ4Zh/ONoqouXfaNb1xExam51 zZxHJeEouaTHn2BMm0VAvHg3q/YTcyKRkaRzkaMOAthd7rzPNsNMMcJT3ViY+A== Received: by freefall.freebsd.org (Postfix, from userid 945) id 293A014FC9; Tue, 1 Feb 2022 22:10:08 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:07.la57 Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220201221008.293A014FC9@freefall.freebsd.org> Date: Tue, 1 Feb 2022 22:10:08 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643753408; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SJd/Z5njjhF7vcBRsXSUCK8YWT02lpE2CDIvgXpVDjk=; b=tGzUhU1f69Or7gPnah2maierKc0vmZg4VrZOmWldvTTfSvWz97HNrqgr0I1m3crNztK5HO RTCzglvqKvK6UKwDU02R74rsYATt2qXGKkFBBg9FH3Ce4v85YCrirg69yIXubh/bUZk1fY gDD8FrrvybmEJm9RA2V1eFyhxbtgZiz+bUSJFTuKfLi07t3fxHE8eJojLCLQhK4xdIQpDw 9C4YVgve2B9vczNza1Bz1VQztqKRplRoBEBoMzwIocMucNkuIaEIAvVGcrsfZp056o9LjF aYbBRlIPr8qxHOzYHzIAZNwcctFcwoDpVEmcrDhfnBbDysD8iJ6706F4GZRK2A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643753408; a=rsa-sha256; cv=none; b=Z7A6T6P+JmoKG+n/BoGDoSZxABwZx/YFyN5EFKoo7XxeNBlnH68KDoId3UJ13ceSfw95jx 48IPhQlUMHaOae/4HRV+bJcQ1x7X9q9ttEe9NQ1/ePE1pO1TgAZnZVTyuliRKzRHppmEEU Ho5C3vyqQsI3wYev75aRH4/3g8FQHD0HwCvd9mI7RvJtPBKkimlkF5ngjhImLtqtrrJmji WCke7xxODTFRRTDUqMtYEKfJ6bnJsTOSfTnybbqfI+CkFNuhQGABoNUeDdnBenfYwXTFfA HmJ7N+jlNEoMkHdStWbtGnB4I2A9sUl96i/p+J7HSZiGc1bKjrfMkqUhToLYvw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:07.la57 Errata Notice The FreeBSD Project Topic: Intel CPU LA57 boot failure Category: core Module: kernel Announced: 2022-02-01 Affects: FreeBSD 13.0 Corrected: 2021-05-03 01:27:22 UTC (stable/13, 13.0-STABLE) 2022-02-01 17:43:46 UTC (releng/13.0, 13.0-RELEASE-p7) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Recent Intel x86-64 CPUs support 5-level paging, extending the size of the virtual address space to 57 bits. The extension is enabled by setting a bit known as LA57 in a control register, and switching to 5-level paging during boot. II. Problem Description LA57 support was tested on and is functional within QEMU, but fails on physical hardware. III. Impact The kernel fails to boot on Intel CPUs that support LA57. IV. Workaround LA57 may be disabled by adding the following to /boot/loader.conf: vm.pmap.la57=0 This may also be set from the loader prompt (i.e., for initial boot or installation). V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. After update LA57 will be disabled by default. 5-level paging will be fully supported in a future FreeBSD release. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:07/la57.patch # fetch https://security.FreeBSD.org/patches/EN-22:07/la57.patch.asc # gpg --verify la57.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile and reinstall your kernel as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ df6241fcef9a stable/13-n245478 releng/13.0/ f151464add6f releng/13.0-n244775 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmH5kzIACgkQ05eS9J6n 5cJP+Q//be4jFodkfCtiwKwMNr+1RvGZtopWq0X6g5CQCTIrPtUKqdie3ceOhjRi zl3vNInfus6iTo0jSBMiWCpj7cI3AekZvwLuDHKp1GWv5WWQivDe6A6sbrGSgIQ2 9MG7RYE7t0L0LVnzTSlHCWXCzTqmpzTXEePw7NqgPhg7J3NtwYLBh5C4MqmScA6Y vbNzWMGIfa9IJqaDcxxEdqqGoTrv/MEWzVZ7TzM4O8DWIm+oK/5E+qiTk1fSyc/Z uI6hUMMt7xxP8KkZdlqVODwHzVo6v4kigpNTqNK1epv3nFrL3hJ+e3GhWreV6tkI XA9pjZT2gyLz+Ryn7QyIzrByrpXKDQK/8nKu9eoQdhDdxN6sWS65PPQKPhzQOemk qFx3V2oK3UMF7Q2BeF8aDxm48RU8weDACcxn2w6X73VyIHvz1H3MpirxPrcwjm1v RQJKGUZfnnTfg8zsstVASaj2R2i+Qa0Zk70tbCaXrPH7TB6Cadx6sjBjoLViQYQk 99glmvpc37u2ryW4MKlDNLeae9LnW7jyDMfpGlN3tJ4AD6y+2EcVixiTqAEF8t27 hZgi/3MVUNltCfSUoOol9y/aqaTjxPHTR9HSjrmCnJAWHwmyk33lC4/17kd8Qx0U bEFufzp/pDwFur7dWJOxVehFHc0/MoOioJHbeN3oNBMQiFdDoRY= =efkJ -----END PGP SIGNATURE----- From nobody Tue Feb 1 22:10:13 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 76070198A7BD for ; Tue, 1 Feb 2022 22:10:13 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JpJyY2wK5z4sS1; Tue, 1 Feb 2022 22:10:13 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643753413; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=xZQKsAt6Yvy7oU6MX+ZEtZ8plJe5oYhlO2fKwCPPfmc=; b=sYDA7ySJLwpfXlz+ui9AOdeyjn4Kg8+4jxfOUiVlUbvKk8d0H7THztYVB7Dyx4fM4rjxSs e12gqPXqxrE4NhENnhms5dV/KjmxATkU4+IdNt8LhB8rHzI33IdKETgQ1UOi4v5iNHsdDX 7CqNCfxVSF6oPGX7va3mE52wjafUv1K7FuL9a0vUmcuQ94hS5oIfZbNGIlf6AV4pHw/tWu yBWOEEzn1QVZh9slGGyqZVEw5opaRr0UjOnXRBNx6qBueW4fyZqcytGBW39DWV3p9++gsw 7SRzA6UNzNGKv843KDKHt4o8ppT3us3w6qcUC4fdVzXpApXeTFw/BatztgbIng== Received: by freefall.freebsd.org (Postfix, from userid 945) id 5098B15182; Tue, 1 Feb 2022 22:10:13 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:08.i386 Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220201221013.5098B15182@freefall.freebsd.org> Date: Tue, 1 Feb 2022 22:10:13 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643753413; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=xZQKsAt6Yvy7oU6MX+ZEtZ8plJe5oYhlO2fKwCPPfmc=; b=b6/JtQf39WsuKlgp312DY0F3r4ItxkPo17T8fTzUUuBbIGQ8DZb+1DV/1XzH3527dno2od ZC8OjPGhXJ00FeY8CRqf6VHTKE4WNYE2X92/vYOBDmW82SUA2FD9SFkG9ukZ8WUvkYjJ01 3w47654CBaT3HOwnI8OJqDWcHtXMzcnQUd0azfcwjvgFDEankefBrvxW1OPs2PLh3bdFw+ 7X1ZftN3tTCJGhMWA7yjDHxapxTZo5Ub2Gonfh4lQJKsSNjDjGGqDsJ4ij8AOLLNUdiIOU q8TQptrHLCxCBV6I7kHoUz+QST/vbH2YYED9PVjs7PPwxbhnwRUeXHNslhtNdA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643753413; a=rsa-sha256; cv=none; b=p6qj8dQMuJ1mmxqeTNgtpqm+ErwsBP7Iq5/WVpEldvd7sVTXTrCQ6TIhVaC6b5dfEDwIn3 uJxs/2Z2HuEx4A6P0BimfrhBaQYezMl2OLt+sxbxFO5BQMQG2pkjMm7QC3wElO2ILkya6Y T15MgkWA5UvbqGgcy3GseY00oF0a+lUk2DWl7jK295GNgVAECNl9ucmGHX/amp/are0HaV v4GovM5r7ckpRZ7r/T1BJtmhGCqnEtMXh2kejZNIDFhoURT6KbU2xNN5bJZ4K/VdNWYP+U vD70A7LRcNvpR8fCueG5SYerEw00UWoMNVuASuvslR0Eeh0FVrXDXxNpnTcx0A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:08.i386 Errata Notice The FreeBSD Project Topic: Regression in i386 TLB invalidation logic Category: core Module: i386 Announced: 2022-02-01 Affects: FreeBSD 12.2 and 12.3 Corrected: 2022-01-25 10:40:16 UTC (stable/12, 12.3-STABLE) 2022-02-01 19:13:44 UTC (releng/12.3, 12.3-RELEASE-p2) 2022-02-01 19:13:24 UTC (releng/12.2, 12.2-RELEASE-p13) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The FreeBSD/i386 port supports running FreeBSD on 32-bit Intel and AMD CPUs. On the i386 platform, the operating system kernel is responsible for invalidating per-CPU TLBs (translation lookaside buffer) when virtual memory mappings are updated. II. Problem Description The patch which was released as EN-22:04.pcid introduced a regression affecting FreeBSD 12.2 and 12.3. This regression introduced a bug in the i386 platform's TLB invalidation logic. III. Impact The regression causes kernel panics under multi-core CPU load. IV. Workaround No workaround is available. Single-core systems are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:08/i386.patch # fetch https://security.FreeBSD.org/patches/EN-22:08/i386.patch.asc # gpg --verify i386.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/12/ r371519 releng/12.3/ r371536 releng/12.2/ r371534 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmH5kz4ACgkQ05eS9J6n 5cJVsQ/+KFXts6jb5Nrm2qbZm38x6af3zwiN/v39cz5DumOvIC0OFTiaeaWU91Dc bytpGp6KIuOK6pYGIP4NrZW5L0pow3mwV/nxpZLATR4QTCiBydOgKekjaAiU6rxX vX/MS2rm6Th6EcBIw1dept1up73qM2FoM8DC+/e9HlCtqyDqfgBLqbMuSymk0fz+ Lh1Zj9ywS1sY+fn7eeAq7RmlTpuQBnlZEllDhf9paC5JWR4fu23XQeZHUUIuqOkF bnPE7hDaXdEvU0zY4b57vzTT7MQx7vCRBdCsk086s2dvInbeqTDEYSk5+R/kqsgR 5+xijYPGb9D9J0tMaETGQp0vLkDI4xJpkX8AhZ8JBIjxyKxKI/VY+KOwX6CfUmon tgUeo8EYkliLBUtq31L7MLMzzCN1mjA05h78uBvDjmm9ATv8IAmKlSNestIzfl4j Rw3oYpQU/TsQSxUMnReRth781bORmJdDnEDAvjqGKGOT9VkUJ/3chv13EHJX88/R No1DYB3LM4MaGf1c7paB9ahJOnV8Z5bk5j3nqLhys2asEvGcWvuWW722LO/wcREL L4GsQmEbUerTeh8Q5RE147ZTYOnGb5eIQi5McPRozdNQBLjJGUOEhWeSBdBbDgch 8cfYw3UdyNst80puq6t/4Wft4uhvkuNYKiaY9MKNYON/YHrhZ78= =TqoX -----END PGP SIGNATURE----- From nobody Mon Feb 14 23:41:47 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 684F819484B4 for ; Mon, 14 Feb 2022 23:41:57 +0000 (UTC) (envelope-from jrm@ftfl.ca) Received: from mail-qk1-f178.google.com (mail-qk1-f178.google.com [209.85.222.178]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JyLNN43Q8z3PkX for ; Mon, 14 Feb 2022 23:41:56 +0000 (UTC) (envelope-from jrm@ftfl.ca) Received: by mail-qk1-f178.google.com with SMTP id b22so15828378qkk.12 for ; Mon, 14 Feb 2022 15:41:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=AZ4Dfk9D5meOqHQ0uJ5wQ9YFcZrY9FlFwH2V3bQScjA=; b=k6okIInCEScVDe9nXH93C+pViIe7hmQWI3rPEV19CnvXitQL5pdHgwnOxXpOMlSqNy GL+5VerKbZvmQL/gxXNbxUSZMAAecClphtydSx0QGS4yV/2KPYBM5HbHOahVFRk1lMkN u1X8c0F3b9HdgGpOlvVoxKmfA97smsP9oG5FQ4E1FQKLFwSR4G4c4iMI43azftQ43vh2 3d2E+rdTlUZIWT+zh9iVCemADuk3Zd5Q9zcEvE6ZassNb42HGtAx3Yx82lRV84jojrXy JbYt/l5pCR86oY88n9JPIWR5AGIkGTnJJanWzwYj6Ee8cgklAMhbRQ/QBkMZIR9kU0Pu Z7Ug== X-Gm-Message-State: AOAM531hms4Bt2riazfSqcC9pTl7u+SUPsrdiQblO7SMKILkX33N/Gyg wi4+gRX9wGSz5ONWOWFfkOjiEpyA42nV3MduWj8= X-Google-Smtp-Source: ABdhPJz/KDv3BjGcsCNY0dhPoNa7SRKhYiVtj18vlMjM8Ko5VH3CtwIDWnp8HWf5nHK+nbF0gkibYw== X-Received: by 2002:a05:620a:2902:: with SMTP id m2mr762843qkp.512.1644882109769; Mon, 14 Feb 2022 15:41:49 -0800 (PST) Received: from phe.ftfl.ca.ftfl.ca (drmons0544w-156-34-173-250.dhcp-dynamic.fibreop.ns.bellaliant.net. [156.34.173.250]) by smtp.gmail.com with ESMTPSA id h20sm11330104qtk.21.2022.02.14.15.41.48 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 14 Feb 2022 15:41:48 -0800 (PST) From: Joseph Mingrone To: freebsd-announce@FreeBSD.org Cc: proposals@freebsdfoundation.org Subject: Re: FreeBSD Foundation Soliciting Project Proposals References: <864k6i58c3.fsf@phe.ftfl.ca> Date: Mon, 14 Feb 2022 19:41:47 -0400 In-Reply-To: <864k6i58c3.fsf@phe.ftfl.ca> (Joseph Mingrone's message of "Wed, 05 Jan 2022 14:46:36 -0400") Message-ID: <865yphqamc.fsf@phe.ftfl.ca> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (berkeley-unix) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Content-Type: text/plain X-Rspamd-Queue-Id: 4JyLNN43Q8z3PkX X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jrm@ftfl.ca designates 209.85.222.178 as permitted sender) smtp.mailfrom=jrm@ftfl.ca X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; TO_DN_NONE(0.00)[]; HAS_WP_URI(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[jrm@FreeBSD.org,jrm@ftfl.ca]; RECEIVED_SPAMHAUS_PBL(0.00)[156.34.173.250:received]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[jrm@FreeBSD.org,jrm@ftfl.ca]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEFALL_USER(0.00)[jrm]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-announce@freebsd.org]; DMARC_NA(0.00)[FreeBSD.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[209.85.222.178:from]; MLMMJ_DEST(0.00)[freebsd-announce]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.222.178:from]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N Hello everyone, We received a message yesterday letting us know that the content in the Journal article was not accessible for those using screen readers. The same content in a more accessible format can be found at http://issue.freebsdfoundation.org/publication/?m=33057&i=263272&view=articleBrowser&article_id=2037083&ver=html5. Apologies to anyone affected by this. It looks like newer Journal articles are in a more accessible format. Regards, Joseph (with Foundation hat on) On Wed, 2022-01-05 at 14:46, Joseph Mingrone wrote: > The FreeBSD Foundation is soliciting the submission of project proposals > for funded development. Refer to the following documents for > information about submitting a proposal and for project ideas. > Proposal Overview > ----------------- > https://freebsdfoundation.org/get-involved/project-proposal-overview/ > Submission Guidelines > --------------------- > https://freebsdfoundation.org/wp-content/uploads/2017/06/FreeBSDProposalSubmission.pdf > http://issue.freebsdfoundation.org/publication/?m=33057&i=263272&p=50&ver=html5 > FreeBSD Foundation Technology Roadmap > ------------------------------------- > https://freebsdfoundation.org/blog/technology-roadmap/ > Contributed Project Ideas > ------------------------- > https://wiki.freebsd.org/2021FoundationCFI > Successful completion of many of the contributed ideas such as Raspberry > Pi hardware improvements, support for the exFat filesystem, and adding > Capsicum use in more applications would be beneficial for the Project > and have clear deliverables. However, please do not feel limited to > these topics. We welcome proposals with other ideas for improving the > base system, the ports tree, documentation, or other areas. If you > think your proposal will benefit the Project, we will consider it. > Please send any questions about submitting a proposal to > proposals@freebsdfoundation.org. > Key Dates > --------- > Call for proposals: 04 January 2022 > Deadline for submissions: 15 February 2022 > Notification of accepted proposals: 01 March 2022 > Regards, > Joseph (with Foundation hat on) From nobody Tue Mar 1 04:38:57 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 702D419F6AC5 for ; Tue, 1 Mar 2022 04:38:57 +0000 (UTC) (envelope-from security-officer@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K74Jd2pznz4m27 for ; Tue, 1 Mar 2022 04:38:57 +0000 (UTC) (envelope-from security-officer@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646109537; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=TwsoDFD0bY4Ug9trbB82+PoLYlErwGdSliMp8Fd2jD8=; b=jpgUkE8w7pOSLhROozb9p1sHJOQxk/bCMaXm0QVGoIYpkZkS6irP+lhyXwUY9lbrusLuxn kvfWqYCh7SLP/kuBUKNdFxgF0X7WbO95EubzIOFhzxM0HM6P1U8z45ojZb+go3a4v4BJJF WFrbOSoNUCT625aOdQwn+47VGhd9jyvJGCi6IrAvcMt86mdYqUD/orMJ5LmzkDahFy7CNF xBaBS7CPvoypiaNRkowB24h9UrcIsWM2CwB6S92vdhxf8G1KOdyQ/DJigEYqZJrCA8z5ot P7VSaFWf+hRZWaDNnA2VqxqKFK3qqdQp6ivYp4Y/wj3qz+sZZ/wJfNcq2DmHKw== Received: by freefall.freebsd.org (Postfix, from userid 945) id 40E0C6C51; Tue, 1 Mar 2022 04:38:57 +0000 (UTC) From: FreeBSD Security Officer To: freebsd-announce@freebsd.org Subject: FreeBSD 12.2 end-of-life Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220301043857.40E0C6C51@freefall.freebsd.org> Date: Tue, 1 Mar 2022 04:38:57 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646109537; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=TwsoDFD0bY4Ug9trbB82+PoLYlErwGdSliMp8Fd2jD8=; b=yt8XXHjBhNBjfdihLv+dH8ruBS35EIm3lUSlZHm5mLglVQusGA1aGKKIqA7LEdpt+BJRms 5wJvOZJ8m9vOOhk9SX+wzGqCZmdV/qAwOYUVy7zPlLj+yXYB7nau24ABVRJvAkvROMqQQ5 PyrKT+uOmTj8//wBTlFZNyZGBbBeJBrMaNzruAUgia7AMcxzzsUabPptoYhl8L17f21Juu rsVDakEVzFO3YhmWiWM4Fz1HTkdOOQXG8v4xf6HImTXrPXieNo7pxCU4MwvSX5a7wXxua0 0tHCN9Q7QtOONo2n9eZZ64nSkLxuKEP9on0gKTYXJXw/Q1wLOnCFaBze+O3hig== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646109537; a=rsa-sha256; cv=none; b=ffUrKOkaqO6319EEjVete4iigGUOxIC3x+leckaorVHcoYt8NfHK31vPbCi8SvvQyQlp3g xhnZB27oYx2ZELv+8yw5ILI8HtVktQUIirhPlPyhe74nHohqCeL4l8HSRjfBDdZvo4roBl DsCzn2Ss27jEPy4jtTBAi60N3XoDdaM4FdG9iFdq8DgC/mSWPFkYYAwXhsv+zK1FS+fu89 t3KYXQoZEHwe9GgqUKhjkDVVdroQx15tH5c8+kF8jGYPvtutQ6F17GKw+GiiNPNJ4dfGAy AzG3b+SfwNpsJBJG7iysd/tkYoaVx86UzJ3WQudTXC90XdQkTJreLqYled/u6w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear FreeBSD community, On March 31, 2022, FreeBSD 12.2 will reach end-of-life and will no longer be supported by the FreeBSD Security Team. Users of FreeBSD 12.2 are strongly encouraged to upgrade to a newer release as soon as possible. After March 31, the supported branches and releases and their expected end-of-life dates are: +--------------------------------------------------------------------------+ | Branch | Release | Release Date | Expected EoL | +-------------+--------------+-------------------+-------------------------+ | stable/13 | N/A | N/A | January 31, 2026 | +-------------+--------------+-------------------+-------------------------+ | releng/13.0 | 13.0-RELEASE | April 13, 2021 | 13.1-RELEASE + 3 months | +-------------+--------------+-------------------+-------------------------+ | stable/12 | N/A | N/A | June 30, 2024 | +-------------+--------------+-------------------+-------------------------+ | releng/12.3 | 12.3-RELEASE | December 7, 2021 | 12.4-RELEASE + 3 months | +--------------------------------------------------------------------------+ Please refer to https://security.freebsd.org/ for an up-to-date list of supported releases and the latest security advisories. - -- The FreeBSD Security Team -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmIdoi0ACgkQ05eS9J6n 5cJnfA/+K3AT+vRR2lT3X5qJvJzRzR4XXW0Eo+dscPV6skHB/buomc38Ec5s0eXm p8hec6KA6yfd3yLhhKR/pi+74t9bYcWvTRuq2YmIvjnpqXv1Cy2UC6E2N1xoeays aCFvUjy1ibkE457Fr/dyvCBkFwOrXZ3wccP51U7hXQhehap2XxhQQQX9RSIlDl/6 FOLtjJGJ4W5hljyGjXpSFTBYem8iD0bvSDEBCjL9aFNviJ0f4YCV9T3OHEuoTVVQ i8vj+/Lipwzl4NUh5PtQngyQ8gL00OMpA/vAmsfTAyg3rR29LnZ9aMPng1T5ZkeD GxmDmYRan7daUpF7mr0BR8NmWcluopGOajqT84WgwasJk6labAmTOU9BJ/cfK5uW yKI/zgKTwvWFPc1FCImG/SEGk62klxps5pVUbsF5FU2qFxQkddnz2Y78nu+t9Nab AzSu0WYzbrs6z3kekHjDKeYf8OLpW0x3UgN4PPp1MPR9+JI0lUaQEwWcIq9+NS8u FOlcf6ZTReXbXFTCWpmiiyNKs+PO/psSFQNMLAPt1WYiRjnD5n/52vssBM8a3mKK 8QcGO2inbqhzvACMnHF/IsO7ryUx8ZOSzig9pt5kqigbeR1pUnR1U9+ir74AfsMR YOC5W4kLfJrg0Ra26Gx6CrudvhXSqTxKR8Hp/9rArROPJljIUgc= =6TSH -----END PGP SIGNATURE----- From nobody Fri Mar 11 02:05:29 2022 X-Original-To: announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 398F31A151DE for ; Fri, 11 Mar 2022 02:05:31 +0000 (UTC) (envelope-from jrm@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KF8Qz13T7z4XGw for ; Fri, 11 Mar 2022 02:05:31 +0000 (UTC) (envelope-from jrm@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646964331; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=FPb+LmPpYZNT7KDUl9ETDWOReZyQ1WJFhtxWBlhib3s=; b=NQt3oQKpATxRQbv0NFCNWSBdSapNxLSGmjEFr2NQftlSqMoLGP2Osx7pUNj/UWHKGKHv65 qUk3jBL0PgUvnLo3J4Gqab+qk6dCxWXmuJk0eu4wLGKz3tXA/n/zC9ih1de3PANB+DJbSQ J1Jo3RfyhTGphjeig4/gcS1sCf6QieeOcgUYO7Pn7v+kFoEuwrrvZ6fSkZbdPqhfdab6D0 Uza8NjgAAJvNTOhc/P/GByp1vr7mqSi9mFJAuHB6Pi8r5dAent9C3CZy6+C9k2XI9dx4RA Xwzp1d1OwXll1C4Any7kAdMACZXRrhkrFD4KOZ7mGrUAxLvjYF0owECQeGwEXg== Received: from phe.ftfl.ca.ftfl.ca (drmons0544w-156-34-173-250.dhcp-dynamic.fibreop.ns.bellaliant.net [156.34.173.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: jrm/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id A5A432631B for ; Fri, 11 Mar 2022 02:05:30 +0000 (UTC) (envelope-from jrm@freebsd.org) From: Joseph Mingrone To: announce@FreeBSD.org Subject: FreeBSD Quarterly Status Report - Fourth Quarter 2021 Followup-To: Joseph,Mingrone,,announce@FreeBSD.org Date: Thu, 10 Mar 2022 22:05:29 -0400 Message-ID: <86zglxgs5y.fsf@phe.ftfl.ca> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (berkeley-unix) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646964331; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=FPb+LmPpYZNT7KDUl9ETDWOReZyQ1WJFhtxWBlhib3s=; b=HRc74aGIfhPj3FqRdBycAe/NBfvAtbqi1IgnuEDY+YnlibYfm8IMx3x0nY2ReFaXIHwXDt +wWxSQJdy6NdnQw100goKuceFz1PbCOAJ6U/s1m7FXA4XYzJOFQpy5ZEN5xQ9jd8FvJOrT OHs+nYB3a81Xn3VJdJvDUOvNfcY5zfVJS8ztlqkF57hKFuN4e5ZspvnHSqNRlYPCxYk7+k t2YDXDGmuV7antQGTNLr2QaT9/0mJzgsxHFRl1sHgcc6/U2kzvHWrWqHhXXqY+LJMhCO1X za+rhwctkQgoJ9+Ah5syXBXus4jNsuc0eu+tR0nND2RZHLw3icp44NLsb0SJnA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646964331; a=rsa-sha256; cv=none; b=WHDFd2vkXwNf0rv0f6WjsUqUsRs3+gD3hD7cAQWcJR0WUxMSh2G0UfptWVaa1RMn+Pw5i5 r2WmZukkwIs3HHOLXCp4zIqJd4H2Xj1PO8ulVW6fvbkXrzHGYdCTdqE87f3Eh15vwkH6YV jRo4+40+7gXjgE1nFqeUlP5du6+Ta2I+dENKM+gRAg2p1Lm/yT1cvVsnFVqvx3r326Ss5I 6bmCqSOwCBppmvM8dnfntMhJXeUii8PAthoe6hRrB7PMi02D2a+6wgKYSkZpN4K8KsZlbV L3TKhL+aNIiyJxHSgFX3/hCtds7pXPs/8SSaJdIn/NifTuYnzjVHq/ojC9kjJA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 RnJlZUJTRCBRdWFydGVybHkgU3RhdHVzIFJlcG9ydCA0dGggUXVhcnRlciAyMDIxDQoNClRoaXMg cmVwb3J0IGNvdmVycyBGcmVlQlNEIHJlbGF0ZWQgcHJvamVjdHMgZm9yIHRoZSBwZXJpb2QgYmV0 d2VlbiBPY3RvYmVyIGFuZA0KRGVjZW1iZXIuIEl0IGlzIHRoZSBmb3VydGggb2YgZm91ciBwbGFu bmVkIHJlcG9ydHMgZm9yIDIwMjEsIGFuZCBjb250YWlucyAxOQ0KZW50cmllcy4gSGlnaGxpZ2h0 cyBpbmNsdWRlIGZhc3RlciBib290IHRpbWVzLCBtb3JlIExMREIgd29yaywgYSBiYXNlIE9wZW5T U0gNCnVwZGF0ZSwgYW5kIG1vcmUgd2lyZWxlc3MgZGV2ZWxvcG1lbnQuDQoNCllvdXJzLA0KUGF1 IEFtbWEsIERhbmllbCBFYmRydXAsIEpvaG4tTWFyayBHdXJuZXksIGFuZCBKb2UgTWluZ3JvbmUN Cg0K4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSBDQpUYWJsZSBvZiBDb250ZW50cw0KDQogIOKAoiBGcmVlQlNEIFRlYW0gUmVw b3J0cw0KICAgICAg4pahIEZyZWVCU0QgRm91bmRhdGlvbg0KICAgICAg4pahIFBvcnRzIENvbGxl Y3Rpb24NCiAgICAgIOKWoSBEb2N1bWVudGF0aW9uIEVuZ2luZWVyaW5nIFRlYW0NCiAgICAgIOKW oSBGcmVlQlNEIFdlYnNpdGUgUmV2YW1wIC0gV2ViQXBwcyB3b3JraW5nIGdyb3VwDQogIOKAoiBQ cm9qZWN0cw0KICAgICAg4pahIEVuYWJsZSBBU0xSIGJ5IGRlZmF1bHQgZm9yIDY0LWJpdCBleGVj dXRhYmxlcw0KICAgICAg4pahIEJvb3QgUGVyZm9ybWFuY2UgSW1wcm92ZW1lbnRzDQogICAgICDi lqEgTExEQiBEZWJ1Z2dlciBJbXByb3ZlbWVudHMNCiAgICAgIOKWoSBOWFAgTFMxMDI4QS8xMDI3 QSBTb0Mgc3VwcG9ydA0KICAgICAg4pahIHNjaGVkX2dldGNwdSgyKSwgbWVtYmFycmllcigyKSwg YW5kIHJzZXEoMikgc3lzY2FsbHMNCiAgICAgIOKWoSBCYXNlIFN5c3RlbSBPcGVuU1NIIFVwZGF0 ZQ0KICAgICAg4pahIFZEU08gb24gYW1kNjQNCiAg4oCiIEtlcm5lbA0KICAgICAg4pahIFRoZSBB VlggYnVnIG9uIGFtZDY0DQogICAgICDilqEgRU5BIEZyZWVCU0QgRHJpdmVyIFVwZGF0ZQ0KICAg ICAg4pahIEludGVsIFdpcmVsZXNzIGRyaXZlciBzdXBwb3J0DQogICAgICDilqEgS2VybmVsIENy eXB0byBjaGFuZ2VzIHRvIHN1cHBvcnQgV2lyZUd1YXJkDQogIOKAoiBQb3J0cw0KICAgICAg4pah IEtERSBvbiBGcmVlQlNEDQogICAgICDilqEgRnJlZUJTRCBPZmZpY2UgVGVhbQ0KICDigKIgVGhp cmQtUGFydHkgUHJvamVjdHMNCiAgICAgIOKWoSBoZWxsb1N5c3RlbQ0KICAgICAg4pahIENvbnRh aW5lcnMgJiBGcmVlQlNEOiBQb3QsIFBvdGx1Y2sgJiBQb3RtYW4NCg0K4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSBDQoNCkZy ZWVCU0QgVGVhbSBSZXBvcnRzDQoNCkVudHJpZXMgZnJvbSB0aGUgdmFyaW91cyBvZmZpY2lhbCBh bmQgc2VtaS1vZmZpY2lhbCB0ZWFtcywgYXMgZm91bmQgaW4gdGhlDQpBZG1pbmlzdHJhdGlvbiBQ YWdlLg0KDQpGcmVlQlNEIEZvdW5kYXRpb24NCg0KTGlua3M6DQpGcmVlQlNEIEZvdW5kYXRpb24g VVJMOiBodHRwczovL3d3dy5GcmVlQlNERm91bmRhdGlvbi5vcmcNClRlY2hub2xvZ3kgUm9hZG1h cCBVUkw6IGh0dHBzOi8vRnJlZUJTREZvdW5kYXRpb24ub3JnL2Jsb2cvdGVjaG5vbG9neS1yb2Fk bWFwLw0KRG9uYXRlIFVSTDogaHR0cHM6Ly93d3cuRnJlZUJTREZvdW5kYXRpb24ub3JnL2RvbmF0 ZS8NCkZvdW5kYXRpb24gUGFydG5lcnNoaXAgUHJvZ3JhbSBVUkw6IGh0dHBzOi8vd3d3LkZyZWVC U0RGb3VuZGF0aW9uLm9yZy8NCkZyZWVCU0QtZm91bmRhdGlvbi1wYXJ0bmVyc2hpcC1wcm9ncmFt DQpGcmVlQlNEIEpvdXJuYWwgVVJMOiBodHRwczovL3d3dy5GcmVlQlNERm91bmRhdGlvbi5vcmcv am91cm5hbC8NCkZvdW5kYXRpb24gTmV3cyBhbmQgRXZlbnRzIFVSTDogaHR0cHM6Ly93d3cuRnJl ZUJTREZvdW5kYXRpb24ub3JnLw0KbmV3cy1hbmQtZXZlbnRzLw0KDQpDb250YWN0OiBEZWIgR29v ZGtpbiA8ZGViQEZyZWVCU0RGb3VuZGF0aW9uLm9yZz4NCg0KVGhlIEZyZWVCU0QgRm91bmRhdGlv biBpcyBhIDUwMShjKSgzKSBub24tcHJvZml0IG9yZ2FuaXphdGlvbiBkZWRpY2F0ZWQgdG8NCnN1 cHBvcnRpbmcgYW5kIHByb21vdGluZyB0aGUgRnJlZUJTRCBQcm9qZWN0IGFuZCBjb21tdW5pdHkg d29ybGR3aWRlLiBEb25hdGlvbnMNCmZyb20gaW5kaXZpZHVhbHMgYW5kIGNvcnBvcmF0aW9ucyBh cmUgdXNlZCB0byBmdW5kIGFuZCBtYW5hZ2Ugc29mdHdhcmUNCmRldmVsb3BtZW50IHByb2plY3Rz LCBjb25mZXJlbmNlcywgYW5kIGRldmVsb3BlciBzdW1taXRzLiBXZSBhbHNvIHByb3ZpZGUNCnRy YXZlbCBncmFudHMgdG8gRnJlZUJTRCBjb250cmlidXRvcnMsIHB1cmNoYXNlIGFuZCBzdXBwb3J0 IGhhcmR3YXJlIHRvIGltcHJvdmUNCmFuZCBtYWludGFpbiBGcmVlQlNEIGluZnJhc3RydWN0dXJl LCBhbmQgcHJvdmlkZSByZXNvdXJjZXMgdG8gaW1wcm92ZSBzZWN1cml0eSwNCnF1YWxpdHkgYXNz dXJhbmNlLCBhbmQgcmVsZWFzZSBlbmdpbmVlcmluZyBlZmZvcnRzLiBXZSBwdWJsaXNoIG1hcmtl dGluZw0KbWF0ZXJpYWwgdG8gcHJvbW90ZSwgZWR1Y2F0ZSwgYW5kIGFkdm9jYXRlIGZvciB0aGUg RnJlZUJTRCBQcm9qZWN0LCBmYWNpbGl0YXRlDQpjb2xsYWJvcmF0aW9uIGJldHdlZW4gY29tbWVy Y2lhbCB2ZW5kb3JzIGFuZCBGcmVlQlNEIGRldmVsb3BlcnMsIGFuZCBmaW5hbGx5LA0KcmVwcmVz ZW50IHRoZSBGcmVlQlNEIFByb2plY3QgaW4gZXhlY3V0aW5nIGNvbnRyYWN0cywgbGljZW5zZSBh Z3JlZW1lbnRzLCBhbmQNCm90aGVyIGxlZ2FsIGFycmFuZ2VtZW50cyB0aGF0IHJlcXVpcmUgYSBy ZWNvZ25pemVkIGxlZ2FsIGVudGl0eS4NCg0KSGVyZSBhcmUgc29tZSBoaWdobGlnaHRzIG9mIHdo YXQgd2UgZGlkIHRvIGhlbHAgRnJlZUJTRCBsYXN0IHF1YXJ0ZXI6DQoNCkZ1bmRyYWlzaW5nIEVm Zm9ydHMNCg0KV2UgZGlkIGl0ISBXZSBtZXQgb3VyIDIwMjEgZnVuZHJhaXNpbmcgZ29hbCBieSBy YWlzaW5nICQxLDI4MSw0MzchISBPbiBiZWhhbGYNCm9mIHRoZSBGb3VuZGF0aW9uLCBJIHdhbnQg dG8gdGhhbmsgeW91IGZvciB5b3VyIGZpbmFuY2lhbCBzdXBwb3J0IGxhc3QgeWVhciwNCnRoYXQg d2lsbCBoZWxwIHVzIGNvbnRpbnVlIGFuZCBpbmNyZWFzZSBvdXIgc3VwcG9ydCBmb3IgRnJlZUJT RCBpbiAyMDIyLiBJbg0KYWRkaXRpb24sIGZvbGtzIGFyZSBhbHJlYWR5IHNlbmRpbmcgdXMgdGhl aXIgMjAyMiBjb250cmlidXRpb25zLCB3aGljaCBpcw0KaW5jcmVkaWJseSBoZWFydHdhcm1pbmch IFdl4oCZbGwgc3RhcnQgdXBkYXRpbmcgdGhlIGZ1bmRyYWlzaW5nIG1ldGVyIGZvciAyMDIyIGJ5 DQp0aGUgZW5kIG9mIEphbnVhcnkuDQoNCkluIHRoaXMgUXVhcnRlcmx5IFN0YXR1cyByZXBvcnQg eW914oCZbGwgcmVhZCBhYm91dCBtYW55IG9mIHRoZSBhcmVhcyB3ZSBmdW5kZWQNCmluIFE0IHRv IGltcHJvdmUgRnJlZUJTRCBhbmQgYWR2b2NhdGUgZm9yIHRoZSBQcm9qZWN0ICh0aGUgdHdvIG1h aW4gYXJlYXMgd2UNCnNwZW5kIG1vbmV5IG9uKS4gQ2hlY2sgb3V0IHJlcG9ydHMgb24gdGhlIGV4 dGVybmFsbHkgZnVuZGVkIHByb2plY3RzIGxpa2UgTExEQg0Kc3VwcG9ydCwgUmFpZC1aIEV4cGFu c2lvbiwgV2lyZUd1YXJkLCBhbmQgd2lmaSwgYXMgd2VsbCBhcywgaW50ZXJuYWxseQ0Kc3VwcG9y dGVkIHdvcmsgbGlrZSBpbXByb3ZlZCBzZWN1cml0eSwgdGllci0xIGFyY2hpdGVjdHVyZSBzdXBw b3J0LCBhbmQNCnByb3ZpZGluZyBvbmxpbmUgb3Bwb3J0dW5pdGllcyB0byBjb25uZWN0IGFuZCBl ZHVjYXRlIHRoZSBjb21tdW5pdHkuDQoNCklmIHlvdSB3YW50IHRvIGhlbHAgdXMgY29udGludWUg b3VyIGVmZm9ydHMsIHBsZWFzZSBjb25zaWRlciBtYWtpbmcgYSBkb25hdGlvbg0KdG93YXJkcyBv dXIgMjAyMiBmdW5kcmFpc2luZyBjYW1wYWlnbiEgaHR0cHM6Ly93d3cuRnJlZUJTREZvdW5kYXRp b24ub3JnL2RvbmF0ZS8uDQoNCldlIGFsc28gaGF2ZSBhIFBhcnRuZXJzaGlwIFByb2dyYW0gZm9y IGxhcmdlciBjb21tZXJjaWFsIGRvbm9ycy4gWW91IGNhbiByZWFkDQphYm91dCBpdCBhdCBodHRw czovL3d3dy5GcmVlQlNERm91bmRhdGlvbi5vcmcvDQpGcmVlQlNELWZvdW5kYXRpb24tcGFydG5l cnNoaXAtcHJvZ3JhbS8uDQoNCk9TIEltcHJvdmVtZW50cw0KDQpEdXJpbmcgdGhlIGZvdXJ0aCBx dWFydGVyLCBGb3VuZGF0aW9uIHN0YWZmIGFuZCBncmFudCByZWNpcGllbnRzIGNvbW1pdHRlZCA0 NzINCnNyYyB0cmVlIGNoYW5nZXMsIDk4IHBvcnRzIHRyZWUgY2hhbmdlcywgYW5kIDExIGRvYyB0 cmVlIGNoYW5nZXMuIFRoaXMNCnJlcHJlc2VudHMgNDElLCA0MSUsIGFuZCAxMyUgb2Ygc3JjLCBw b3J0cywgYW5kIGRvYyBjb21taXRzIGlkZW50aWZ5aW5nIGENCnNwb25zb3IuDQoNCllvdSBjYW4g cmVhZCBhYm91dCBGb3VuZGF0aW9uLXNwb25zb3JlZCBwcm9qZWN0cyBpbiBpbmRpdmlkdWFsIHF1 YXJ0ZXJseSByZXBvcnQNCmVudHJpZXM6DQoNCiAg4oCiIFRoZSBBVlggYnVnIG9uIGFtZDY0DQoN CiAg4oCiIENyeXB0byBjaGFuZ2VzIGZvciBXaXJlR3VyYXJkDQoNCiAg4oCiIEludGVsIFdpcmVs ZXNzIGRyaXZlciBzdXBwb3J0DQoNCiAg4oCiIExMREIgRGVidWdnZXIgSW1wcm92ZW1lbnRzDQoN CiAg4oCiIEJhc2UgU3lzdGVtIE9wZW5TU0ggVXBkYXRlDQoNCiAg4oCiIHNjaGVkX2dldGNwdSgy KSwgbWVtYmFycmllcigyKSwgYW5kIHJzZXEoMikgc3lzY2FsbHMNCg0KICDigKIgVkRTTyBvbiBh bWQ2NA0KDQpIZXJlIGlzIGEgc21hbGwgc2FtcGxlIG9mIG90aGVyIGJhc2Ugc3lzdGVtIGltcHJv dmVtZW50cyBmcm9tIEZvdW5kYXRpb24NCmRldmVsb3BlcnMgdGhpcyBxdWFydGVyIHRoYXQgZG8g bm90IGhhdmUgc2VwYXJhdGUgcmVwb3J0IGVudHJpZXMuDQoNCmtlcm4ucHJvYy5wYXRobmFtZSBj YW5vbmljYWwgaGFyZCBsaW5rDQoNClNvbWUgcHJvZ3JhbXMgYWRqdXN0IHRoZWlyIGJlaGF2aW9y IGRlcGVuZGluZyBvbiB3aGljaCBuYW1lIHdhcyB1c2VkIGZvcg0KZXhlY3V0aW9uLiBGb3IgdGhl c2UgcHJvZ3JhbXMsIGl0IGlzIG9mdGVuIGltcG9ydGFudCB0byBoYXZlIGEgY29uc2lzdGVudCBu YW1lDQppbiBhcmd2WzBdLCBzeXNjdGwga2Vybi5wcm9jLnBhdGhuYW1lLCBhdXh2IEFUX0VYRUNQ QVRILCBhbmQgYW55IHByb2NmcyBmaWxlDQpzeW1saW5rLiBCZWZvcmUgdGhpcyB3b3JrLCBhbGwg bGlzdGVkIGtlcm5lbCBpbnRlcmZhY2VzIHRyaWVkIHRvIGNhbGN1bGF0ZSBzb21lDQpuYW1lIGZv ciB0aGUgdGV4dCB2bm9kZSBhbmQgcmV0dXJuZWQgdGhlIHJlc3VsdC4gSWYgdGhlIGV4ZWN1dGVk IGJpbmFyeSBoYXMNCm1vcmUgdGhhbiBvbmUgaGFyZGxpbmssIHRoZSByZXR1cm5lZCBuYW1lcyB3 ZXJlIGFyYml0cmFyaWx5IGNob3NlbiBmcm9tIHRoZQ0KbGlzdCBvZiB2YWxpZCBuYW1lcyBmb3Ig dGhlIGZpbGUuIEFmdGVyIHdvcmsgY29tcGxldGVkIHRoaXMgcXVhcnRlciBieQ0KRm91bmRhdGlv biBkZXZlbG9wZXIgS29uc3RhbnRpbiBCZWxvdXNvdiwgdGhlIHN5c3RlbSBub3cgaG9sZHMgdGhl IHBhcmVudA0KZGlyZWN0b3J5IGFuZCB0aGUgbmFtZSBvZiB0aGUgdGV4dCBmaWxlIGZvciB0aGUg cnVubmluZyBpbWFnZS4gVGhpcyBpcyB1c2VkIHRvDQpyZWNvbnN0cnVjdCB0aGUgY29ycmVjdCBu YW1lIG9mIHRoZSB0ZXh0IGZpbGUgd2hlbiByZXF1ZXN0ZWQuDQoNCnN3YXBvbi9zd2Fwb2ZmLCBm aWxlIHN3YXBwaW5nDQoNCkFmdGVyIHdvcmsgdG8gZml4IGFzc2VydHMgZm9yIGNoYXJhY3RlciBk ZXZpY2Ugdm5vZGUgbG9ja2luZywgdGhlcmUgd2FzIGENCnJlcG9ydCB0aGF0IHN3YXAgb24gZmls ZSBjb2RlIGJyb2tlIHRoZSBWRlMgbG9ja2luZyBwcm90b2NvbC4gU29tZSBvdGhlcg0KcmVncmVz c2lvbnMgaW4gdGhlIHN3YXAgb24gZmlsZSB3ZXJlIGFsc28gaWRlbnRpZmllZC4gRm9yIGluc3Rh bmNlLCBvbg0Kc2h1dGRvd24sIGZpbGVzeXN0ZW1zIHdlcmUgdW5tb3VudGVkIGJlZm9yZSBzd2Fw b2ZmLCB3aGljaCBtYWtlcyBzd2Fwb2ZmIHBhbmljDQpvbiBwYWdlLWluLiBUaGVzZSBidWdzIHdl cmUgZml4ZWQgYW5kIGEgc3dhcG9mZigyKSBmZWF0dXJlIHdhcyBhZGRlZCB0byBhdm9pZA0Kc29t ZSB2ZXJ5IGNvbnNlcnZhdGl2ZSBlc3RpbWF0aW9ucyBmb3IgcHJvdGVjdGlvbiBhZ2FpbnN0IG1l bW9yeSBhbmQgc3dhcCBzcGFjZQ0Kc2hvcnRhZ2VzLg0KDQpmY250bChGX0tJTkZPKQ0KDQpBcHBs aWNhdGlvbiBkZXZlbG9wZXJzIG9mdGVuIHJlcXVlc3QgYW4gaW50ZXJmYWNlIHRvIHJldHVybiB0 aGUgZmlsZSBwYXRoIGZvcg0KYW4gb3BlbiBmaWxlIGRlc2NyaXB0b3IuIE91ciBvbmx5IHVzZWZ1 bCBmYWNpbGl0eSBmb3IgdGhpcyB3YXMNCmtlcm4ucHJvYy5maWxlZGVzYyBzeXNjdGwsIHdoaWNo IGlzIHNvbWV3aGF0IHVzYWJsZSwgYnV0IGluY3VycyB0b28gaGlnaCBvZiBhbg0Kb3ZlcmhlYWQg d2hlbiBhIHByb2Nlc3MgaGFzIG1hbnkgb3BlbiBmaWxlcy4gQSBmY250bChGX0tJTkZPKSBpbnRl cmZhY2Ugd2FzDQphZGRlZCwgd2hpY2ggcmV0dXJucyBhIHN0cnVjdCBraW5mb19maWxlIGp1c3Qg Zm9yIHRoZSBzcGVjaWZpZWQgZmlsZQ0KZGVzY3JpcHRvci4gQW1vbmcgb3RoZXIgdXNlZnVsIGRh dGEsIGtpbmZvX2ZpbGUgcHJvdmlkZXMgdGhlIGNhbGN1bGF0ZWQgcGF0aCwNCndoZW4gYXZhaWxh YmxlLg0KDQpDb250aW51b3VzIEludGVncmF0aW9uIGFuZCBRdWFsaXR5IEFzc3VyYW5jZQ0KDQpU aGUgRm91bmRhdGlvbiBwcm92aWRlcyBhIGZ1bGwtdGltZSBzdGFmZiBtZW1iZXIgYW5kIGZ1bmRz IHByb2plY3RzIHRvIGltcHJvdmUNCmNvbnRpbnVvdXMgaW50ZWdyYXRpb24sIGF1dG9tYXRlZCB0 ZXN0aW5nLCBhbmQgb3ZlcmFsbCBxdWFsaXR5IGFzc3VyYW5jZQ0KZWZmb3J0cyBmb3IgdGhlIEZy ZWVCU0QgcHJvamVjdC4NCg0KU3VwcG9ydGluZyBGcmVlQlNEIEluZnJhc3RydWN0dXJlDQoNClRo ZSBGb3VuZGF0aW9uIHByb3ZpZGVzIGhhcmR3YXJlIGFuZCBzdXBwb3J0IGZvciB0aGUgUHJvamVj dC4gSW4gdGhlIGZvdXJ0aA0KcXVhcnRlciBvZiAyMDIxLCB3ZSBiZWdhbiBzZWFyY2hpbmcgZm9y IGEgbmV3IEF1c3RyYWxpYW4gbWlycm9yIHNlcnZlci4gQXQgdGhlDQp0aW1lIG9mIHdyaXRpbmcs IHRoZSBzZXJ2ZXIgaXMgcHVyY2hhc2VkLCBidXQgd2l0aCBkZWxheXMgb2J0YWluaW5nIGNvbXBv bmVudHMNCmFuZCBzaGlwcGluZywgaXQgbWF5IG5vdCBiZSBhY3RpdmUgdW50aWwgdGhlIHNlY29u ZCBvciB0aGlyZCBxdWFydGVyIG9mIDIwMjIuDQpCZXR0ZXIgYW5kIGZhc3RlciBhY2Nlc3MgdG8g b3VyIHNpdGVzIGZvciB0aGUgQXVzdHJhbGlhbiBGcmVlQlNEIGNvbW11bml0eSBpcw0KY29taW5n Lg0KDQpGcmVlQlNEIEFkdm9jYWN5IGFuZCBFZHVjYXRpb24NCg0KTXVjaCBvZiBvdXIgZWZmb3J0 IGlzIGRlZGljYXRlZCB0byBQcm9qZWN0IGFkdm9jYWN5LiBUaGlzIG1heSBpbnZvbHZlDQpoaWdo bGlnaHRpbmcgaW50ZXJlc3RpbmcgRnJlZUJTRCB3b3JrLCBwcm9kdWNpbmcgbGl0ZXJhdHVyZSwg YXR0ZW5kaW5nIGV2ZW50cywNCm9yIGdpdmluZyBwcmVzZW50YXRpb25zLiBUaGUgZ29hbCBvZiB0 aGUgbGl0ZXJhdHVyZSB3ZSBwcm9kdWNlIGlzIHRvIHRlYWNoDQpwZW9wbGUgRnJlZUJTRCBiYXNp Y3MgYW5kIGhlbHAgbWFrZSB0aGVpciBwYXRoIHRvIGFkb3B0aW9uIG9yIGNvbnRyaWJ1dGlvbg0K ZWFzaWVyLiBPdGhlciB0aGFuIGF0dGVuZGluZyBhbmQgcHJlc2VudGluZyBhdCBldmVudHMsIHdl IGVuY291cmFnZSBhbmQgaGVscA0KY29tbXVuaXR5IG1lbWJlcnMgcnVuIHRoZWlyIG93biBGcmVl QlNEIGV2ZW50cywgZ2l2ZSBwcmVzZW50YXRpb25zLCBvciBzdGFmZg0KRnJlZUJTRCB0YWJsZXMu DQoNClRoZSBGcmVlQlNEIEZvdW5kYXRpb24gc3BvbnNvcnMgbWFueSBjb25mZXJlbmNlcywgZXZl bnRzLCBhbmQgc3VtbWl0cyBhcm91bmQNCnRoZSBnbG9iZS4gVGhlc2UgZXZlbnRzIGNhbiBiZSBC U0QtcmVsYXRlZCwgb3BlbiBzb3VyY2UsIG9yIHRlY2hub2xvZ3kgZXZlbnRzDQpnZWFyZWQgdG93 YXJkcyB1bmRlcnJlcHJlc2VudGVkIGdyb3Vwcy4gV2Ugc3VwcG9ydCB0aGUgRnJlZUJTRC1mb2N1 c2VkIGV2ZW50cw0KdG8gaGVscCBwcm92aWRlIGEgdmVudWUgZm9yIHNoYXJpbmcga25vd2xlZGdl LCB3b3JraW5nIHRvZ2V0aGVyIG9uIHByb2plY3RzLA0KYW5kIGZhY2lsaXRhdGluZyBjb2xsYWJv cmF0aW9uIGJldHdlZW4gZGV2ZWxvcGVycyBhbmQgY29tbWVyY2lhbCB1c2Vycy4gVGhpcw0KYWxs IGhlbHBzIHByb3ZpZGUgYSBoZWFsdGh5IGVjb3N5c3RlbS4gV2Ugc3VwcG9ydCB0aGUgbm9uLUZy ZWVCU0QgZXZlbnRzIHRvDQpwcm9tb3RlIGFuZCByYWlzZSBhd2FyZW5lc3Mgb2YgRnJlZUJTRCwg dG8gaW5jcmVhc2UgdGhlIHVzZSBvZiBGcmVlQlNEIGluDQpkaWZmZXJlbnQgYXBwbGljYXRpb25z LCBhbmQgdG8gcmVjcnVpdCBtb3JlIGNvbnRyaWJ1dG9ycyB0byB0aGUgUHJvamVjdC4gV2UgYXJl DQpjb250aW51aW5nIHRvIGF0dGVuZCB2aXJ0dWFsIGV2ZW50cyBhbmQgaGVsZCBhIHZpcnR1YWwg dmVuZG9yIHN1bW1pdCB0aGlzIHBhc3QNCk5vdmVtYmVyLg0KDQpDaGVjayBvdXQgc29tZSBvZiB0 aGUgYWR2b2NhY3kgYW5kIGVkdWNhdGlvbiB3b3JrIHdlIGRpZCBsYXN0IHF1YXJ0ZXI6DQoNCiAg 4oCiIFByb21vdGVkIGFuZCBwYXJ0aWNpcGF0ZWQgYXMgYSBtZWRpYSBzcG9uc29yIGZvciBBTEwg VGhpbmdzIE9wZW4gMjAyMQ0KDQogIOKAoiBDb21taXR0ZWQgdG8gYmVpbmcgYSBNZWRpYSBTcG9u c29yIGZvciBTQ0FMRSAxOXgNCg0KICDigKIgQ29tbWl0dGVkIHRvIGhvc3RpbmcgYSBzdGFuZCBh dCBGT1NERU0gMjAyMg0KDQogIOKAoiBTZW50IG91dCB0aGUgRmFsbCAyMDIxIE5ld3NsZXR0ZXIN Cg0KICDigKIgSGVsZCBhIEZyZWVCU0QgRnJpZGF5IHRhbGs6IFRoZSBXcml0aW5nIFNjaG9sYXLi gJlzIEd1aWRlIHRvIEZyZWVCU0QsICh0ZXh0DQogICAgZXF1aXZhbGVudCkNCg0KICDigKIgR2F2 ZSBhIEZvdW5kYXRpb24gdGFsayBhdCBTZW1pLUJ1ZywgTm92ZW1iZXIgMTYsIDIwMjENCg0KICDi gKIgR2F2ZSBGb3VuZGF0aW9uIGFuZCBGcmVlQlNEIHRhbGtzIGF0IFNlYWdhdGUgT1NQTywgRGVj ZW1iZXIgOSwgMjAyMQ0KDQogIOKAoiBIZWxwZWQgb3JnYW5pemUgdGhlIDIgZGF5IEZyZWVCU0Qg VmlydHVhbCBWZW5kb3IgU3VtbWl0LCBOb3ZlbWJlciAxOC0xOSwNCiAgICAyMDIxLiBWaWRlb3Mg Y2FuIGJlIGZvdW5kIG9uIHRoZSBQcm9qZWN04oCZcyBZb3V0dWJlIENoYW5uZWwNCg0KICDigKIg TmV3IGJsb2cgYW5kIHZpZGVvIHBvc3RzOg0KDQogICAgICDilqEgRnJlZUJTRCBGb3VuZGF0aW9u IEZhbGwgMjAyMSBVcGRhdGUNCg0KICAgICAg4pahIDIwMjEgaW4gUmV2aWV3OiBBZHZvY2FjeQ0K DQogICAgICDilqEgMjAyMSBpbiBSZXZpZXc6IEluZnJhc3RydWN0dXJlIFN1cHBvcnQNCg0KICAg ICAg4pahIDIwMjEgaW4gUmV2aWV3OiBTb2Z0d2FyZSBEZXZlbG9wbWVudA0KDQogICAgICDilqEg T3BlbiBTb3VyY2UgU3VtbWl0IDIwMjEgQ29uZmVyZW5jZSBSZWNhcA0KDQogIOKAoiBOZXcgSG93 LVRvIEd1aWRlOiBJbnRyb2R1Y3Rpb24gdG8gRnJlZUJTRA0KDQpXZSBoZWxwIGVkdWNhdGUgdGhl IHdvcmxkIGFib3V0IEZyZWVCU0QgYnkgcHVibGlzaGluZyB0aGUgcHJvZmVzc2lvbmFsbHkNCnBy b2R1Y2VkIEZyZWVCU0QgSm91cm5hbC4gQXMgd2UgbWVudGlvbmVkIHByZXZpb3VzbHksIHRoZSBG cmVlQlNEIEpvdXJuYWwgaXMNCm5vdyBhIGZyZWUgcHVibGljYXRpb24uIEZpbmQgb3V0IG1vcmUg YW5kIGFjY2VzcyB0aGUgbGF0ZXN0IGlzc3VlcyBhdCBodHRwczovLw0Kd3d3LkZyZWVCU0Rmb3Vu ZGF0aW9uLm9yZy9qb3VybmFsLy4NCg0KWW91IGNhbiBmaW5kIG91dCBtb3JlIGFib3V0IGV2ZW50 cyB3ZSBhdHRlbmRlZCBhbmQgdXBjb21pbmcgZXZlbnRzIGF0IGh0dHBzOi8vDQp3d3cuRnJlZUJT RGZvdW5kYXRpb24ub3JnL25ld3MtYW5kLWV2ZW50cy8uDQoNCkxlZ2FsL0ZyZWVCU0QgSVANCg0K VGhlIEZvdW5kYXRpb24gb3ducyB0aGUgRnJlZUJTRCB0cmFkZW1hcmtzLCBhbmQgaXQgaXMgb3Vy IHJlc3BvbnNpYmlsaXR5IHRvDQpwcm90ZWN0IHRoZW0uIFdlIGFsc28gcHJvdmlkZSBsZWdhbCBz dXBwb3J0IGZvciB0aGUgY29yZSB0ZWFtIHRvIGludmVzdGlnYXRlDQpxdWVzdGlvbnMgdGhhdCBh cmlzZS4NCg0KR28gdG8gaHR0cHM6Ly93d3cuRnJlZUJTREZvdW5kYXRpb24ub3JnIHRvIGZpbmQg bW9yZSBhYm91dCBob3cgd2Ugc3VwcG9ydA0KRnJlZUJTRCBhbmQgaG93IHdlIGNhbiBoZWxwIHlv dSENCg0K4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSBDQoNClBvcnRzIENvbGxlY3Rpb24NCg0KTGlua3M6DQpBYm91dCBGcmVl QlNEIFBvcnRzIFVSTDogaHR0cHM6Ly93d3cuRnJlZUJTRC5vcmcvcG9ydHMvDQpDb250cmlidXRp bmcgdG8gUG9ydHMgVVJMOiBodHRwczovL2RvY3MuZnJlZWJzZC5vcmcvZW4vYXJ0aWNsZXMvY29u dHJpYnV0aW5nLyMNCnBvcnRzLWNvbnRyaWJ1dGluZw0KRnJlZUJTRCBQb3J0cyBNb25pdG9yaW5n IFVSTDogaHR0cDovL3BvcnRzbW9uLmZyZWVic2Qub3JnLw0KUG9ydHMgTWFuYWdlbWVudCBUZWFt IFVSTDogaHR0cHM6Ly93d3cuZnJlZWJzZC5vcmcvcG9ydG1nci8NClBvcnRzIFRhcmJhbGwgVVJM OiBodHRwOi8vZnRwLmZyZWVic2Qub3JnL3B1Yi9GcmVlQlNEL3BvcnRzL3BvcnRzLw0KDQpDb250 YWN0OiBSZW7DqSBMYWRhbiA8cG9ydG1nci1zZWNyZXRhcnlARnJlZUJTRC5vcmc+DQpDb250YWN0 OiBGcmVlQlNEIFBvcnRzIE1hbmFnZW1lbnQgVGVhbSA8cG9ydG1nckBGcmVlQlNELm9yZz4NCg0K VGhlIFBvcnRzIE1hbmFnZW1lbnQgVGVhbSBpcyByZXNwb25zaWJsZSBmb3Igb3ZlcnNlZWluZyB0 aGUgb3ZlcmFsbCBkaXJlY3Rpb24NCm9mIHRoZSBQb3J0cyBUcmVlLCBidWlsZGluZyBwYWNrYWdl cywgYW5kIHBlcnNvbm5lbCBtYXR0ZXJzLiBCZWxvdyBpcyB3aGF0DQpoYXBwZW5lZCBpbiB0aGUg bGFzdCBxdWFydGVyLg0KDQpXZSBjdXJyZW50bHkgaGF2ZSA0Niw3MDAgcG9ydHMgaW4gdGhlIFBv cnRzIENvbGxlY3Rpb24gYWNjb3JkaW5nIHRvIEZyZXNoUG9ydHMuDQpUaGVyZSBhcmUgY3VycmVu dGx5IDIsNjY2IG9wZW4gcG9ydHMgUFJzIG9mIHdoaWNoIDYxMSBhcmUgdW5hc3NpZ25lZC4gVGhp cw0KcXVhcnRlciBzYXcgOSw1MzUgY29tbWl0cyBmcm9tIDE2NiBjb21taXR0ZXJzIG9uIHRoZSBt YWluIGJyYW5jaCBhbmQgNjQ0DQpjb21taXRzIGZyb20gNjIgY29tbWl0dGVycyBvbiB0aGUgcXVh cnRlcmx5IGJyYW5jaC4gQ29tcGFyZWQgdG8gbGFzdCBxdWFydGVyLA0KdGhpcyBtZWFucyBhIHNs aWdodCBkcm9wIGluIHRoZSBudW1iZXIgb2YgY29tbWl0cyBhbHRob3VnaCBtb3JlIGNvbW1pdHRl cnMgd2VyZQ0KYWN0aXZlLCBhbmQgYSBzbGlnaHQgaW5jcmVhc2UgaW4gdGhlIG51bWJlciBvZiBv cGVuIFBScy4NCg0KRHVyaW5nIHRoZSBsYXN0IHF1YXJ0ZXIsIHdlIHdlbGNvbWVkIERyaWVzIE1p Y2hpZWxzIChkcmllc21AKSBhbmQgc2FpZCBnb29kYnllDQp0byBrdXJpeWFtYUAgYW5kIGZqb2VA LiBUaGVyZSB3YXMgYWxzbyBhIGNoYW5nZSBpbiBwb3J0bWdyOiBhZGFtd0Agc3RlcHBlZCBkb3du DQphZnRlciBmaXZlIHllYXJzIG9mIHNlcnZpY2UgYW5kIHRjYmVybmVyQCBpcyBub3cgYSBmdWxs IG1lbWJlciBvZiBwb3J0bWdyQC4NCg0KVGhyZWUgbmV3IFVTRVMgd2VyZSBpbnRyb2R1Y2VkOg0K DQogIOKAoiBtYWdpY2sgdG8gaGFuZGxlIGRlcGVuZGVuY2llcyBvbiBJbWFnZU1hZ2ljaw0KDQog IOKAoiBub2RlanMgdG8gcHJvdmlkZSBzdXBwb3J0IGZvciBOb2RlSlMgKHdpdGggYSBuZXcgZGVm YXVsdCB2ZXJzaW9uIE5PREVKUz0NCiAgICBsdHMpDQoNCiAg4oCiIHRyaWdnZXIgdG8gaGFuZGxl IHBrZyB0cmlnZ2VycyB1c2luZyB0aGUgVFJJR0dFUlMgdmFyaWFibGUNCg0KVGhlIGRlZmF1bHQg dmVyc2lvbiBvZiBQR1NRTCBzd2l0Y2hlZCB0byAxMy4gRnVydGhlcm1vcmUsIElOU1RBTExTX0lD T05TIGhhcw0KYmVlbiByZXBsYWNlZCBieSBhIHRyaWdnZXIgb24gZ3RrLXVwZGF0ZS1pY29uLWNh Y2hlIGFuZCB0aGUgbWFjcm8gaXMgbm8gbG9uZ2VyDQpmdW5jdGlvbmFsLg0KDQpBcyBhbHdheXMs IHRoZXJlIHdlcmUgc29tZSB1cGRhdGVzIHRvICJiaWciIHBhY2thZ2VzOiBwa2cgd2FzIHVwZGF0 ZWQgdG8NCjEuMTcuNSwgQ2hyb21pdW0gdG8gOTQuMC40NjA2LjgxXzMsIGFuZCBGaXJlZm94IHRv IDk1LjAuMl8xLDIuIFJ1YnkgMy4xLjAgYW5kDQpQeXRob24gMy4xMSBhcmUgbm93IGF2YWlsYWJs ZSBmb3IgdXNlIGJ5IHVzZXJzIGFuZCBvdGhlciBwb3J0cy4NCg0K4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSBDQoNCkRvY3Vt ZW50YXRpb24gRW5naW5lZXJpbmcgVGVhbQ0KDQpMaW5rczoNCkZyZWVCU0QgRG9jdW1lbnRhdGlv biBQcm9qZWN0IFVSTDogaHR0cHM6Ly93d3cuZnJlZWJzZC5vcmcvZG9jcHJvai8NCkZyZWVCU0Qg RG9jdW1lbnRhdGlvbiBQcm9qZWN0IFByaW1lciBmb3IgTmV3IENvbnRyaWJ1dG9ycyBVUkw6IGh0 dHBzOi8vDQpkb2NzLmZyZWVic2Qub3JnL2VuL2Jvb2tzL2ZkcC1wcmltZXIvDQpEb2N1bWVudGF0 aW9uIEVuZ2luZWVyaW5nIFRlYW0gVVJMOiBodHRwczovL3d3dy5mcmVlYnNkLm9yZy9hZG1pbmlz dHJhdGlvbi8jDQp0LWRvY2VuZw0KDQpDb250YWN0OiBGcmVlQlNEIERvY2VuZyBUZWFtIDxkb2Nl bmdARnJlZUJTRC5vcmc+DQoNClRoZSBkb2NlbmdAIHRlYW0gaXMgYSBib2R5IHRvIGhhbmRsZSBz b21lIG9mIHRoZSBtZXRhLXByb2plY3QgaXNzdWVzIGFzc29jaWF0ZWQNCndpdGggdGhlIEZyZWVC U0QgRG9jdW1lbnRhdGlvbiBQcm9qZWN0OyBmb3IgbW9yZSBpbmZvcm1hdGlvbiwgc2VlIEZyZWVC U0QNCkRvY2VuZyBUZWFtIENoYXJ0ZXIuDQoNCk5vIG5ldyBkb2N1bWVudGF0aW9uIGNvbW1pdCBi aXQgd2FzIGdyYW50ZWQgZHVyaW5nIHRoZSBsYXN0IHF1YXJ0ZXIsIGFuZCBvbmx5DQpvbmUgY29t bWl0IGJpdCB3YXMgc2FmZSBrZXB0Lg0KDQpTZXZlcmFsIHRhc2tzIHdlcmUgY29tcGxldGVkIHJl bGF0ZWQgdG8gdGhlIGRvYyB0cmVlIGR1cmluZyB0aGUgbGFzdCBxdWFydGVyOg0KDQogIOKAoiBB IENPUFlSSUdIVCBmaWxlIHdhcyBhZGRlZCBpbiB0aGUgcm9vdCBkaXJlY3Rvcnkgb2YgdGhlIGRv YyByZXBvc2l0b3J5LiBUaGUNCiAgICBsaWNlbnNlIHdhcyBhbHNvIHVwZGF0ZWQgdG8gcmVmbGVj dCB0aGUgY3VycmVudCB0b29sY2hhaW4gdGhlIHByb2plY3QgaXMNCiAgICB1c2luZyBub3cuDQoN CiAg4oCiIENsZWFudXAgb2YgTWFpbG1hbiBpbmZvcm1hdGlvbiBpbiB0aGUgZG9jIHRyZWUuIEZv bGxvd2luZyBtYWlsaW5nIGxpc3RzDQogICAgbWlncmF0aW9uIGZyb20gTWFpbG1hbiB0byBNbG1t aiwgdmVyeSBvbGQgbWFpbGluZyBsaXN0cyB3ZXJlIHJlbW92ZWQ7IG1vc3QNCiAgICBvZiB0aGUg d29yayB3YXMgbWFkZSBvbiBFbmdsaXNoIGRvY3VtZW50cy4NCg0KICDigKIgVGFnIEZyZWVCU0Qg ZG9jc2V0IGZvciAxMi4zLVJFTEVBU0UuDQoNCiAg4oCiIFVwZGF0ZSBhbGwgcG9ydHMvcGFja2Fn ZXMgbWlzYy9mcmVlYnNkLWRvYy0qLg0KDQogIOKAoiBNb3ZlIGFydGljbGVzL2NvbnRyaWJ1dG9y cy9jb250cmliLSogZmlsZXMgdG8gdGhlIGRvYyBzaGFyZWQgZGlyZWN0b3J5Lg0KDQogIOKAoiBB ZGQgb3B0aW9uIGluIGRvY3VtZW50YXRpb24gTWFrZWZpbGUgdG8gYXJjaGl2ZS9jb21wcmVzcyBE b2N1bWVudGF0aW9uL0hUTUwNCiAgICBvZmZsaW5lIGZpbGVzLCBhIG5lY2Vzc2FyeSBzdGVwIGJl Zm9yZSB1cGRhdGluZyBodHRwczovLw0KICAgIGRvd25sb2FkLmZyZWVic2Qub3JnL2Z0cC8uIFRo aXMgd2FzIGFmdGVyIGEgZGlzY3Vzc2lvbiB3aXRoIGNsdXN0ZXJhZG1AIHRvDQogICAgdXBkYXRl IHRoZSBvZmZsaW5lIGFzc2V0cyAoSFRNTC9QREYpLg0KDQogIOKAoiBBZGQgZXhwZXJpbWVudGFs IHN1cHBvcnQgZm9yIEVQVUIgb3V0cHV0IChib29rcy9hcnRpY2xlcykuDQoNCiAg4oCiIFRhbGtp bmcgd2l0aCBjbHVzdGVyYWRtQCB0byBpbXByb3ZlIHRoZSBwZXJmb3JtYW5jZSBvZiBodHRwczov Lw0KICAgIHd3dy5mcmVlYnNkLm9yZyBhbmQgaHR0cHM6Ly9kb2NzLmZyZWVic2Qub3JnLg0KDQri lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIENCg0KRnJlZUJTRCBXZWJzaXRlIFJldmFtcCAtIFdlYkFwcHMgd29ya2luZyBncm91 cA0KDQpDb250YWN0OiBTZXJnaW8gQ2FybGF2aWxsYSA8Y2FybGF2aWxsYUBGcmVlQlNELm9yZz4N Cg0KV29ya2luZyBncm91cCBpbiBjaGFyZ2Ugb2YgY3JlYXRpbmcgdGhlIG5ldyBGcmVlQlNEIERv Y3VtZW50YXRpb24gUG9ydGFsIGFuZA0KcmVkZXNpZ25pbmcgdGhlIEZyZWVCU0QgbWFpbiB3ZWJz aXRlIGFuZCBpdHMgY29tcG9uZW50cy4gRnJlZUJTRCBkZXZlbG9wZXJzIGNhbg0KZm9sbG93IGFu ZCBqb2luIHRoZSB3b3JraW5nIGdyb3VwIG9uIHRoZSBGcmVlQlNEIFNsYWNrIGNoYW5uZWwgI3dn LXd3dzIxLiBUaGUNCndvcmsgd2lsbCBiZSBkaXZpZGVkIGludG8gZm91ciBwaGFzZXM6DQoNCiAx LiBSZWRlc2lnbiBvZiB0aGUgRG9jdW1lbnRhdGlvbiBQb3J0YWwNCg0KICAgIENyZWF0ZSBhIG5l dyBkZXNpZ24sIHJlc3BvbnNpdmUgYW5kIHdpdGggZ2xvYmFsIHNlYXJjaC4gKENvbXBsZXRlKQ0K DQogICAgQWN0aXZhdGUgYW4gZWRpdCBsaW5rIGluIHRoZSBEb2N1bWVudGF0aW9uIChib29rcy9h cnRpY2xlcykgcG9pbnRpbmcgdG8NCiAgICBHaXRIdWIgYW5kIGVuY291cmFnaW5nIEdpdEh1YiBw dWxsIHJlcXVlc3RzLiAoQ29tcGxldGUpDQoNCiAyLiBSZWRlc2lnbiBvZiB0aGUgTWFudWFsIFBh Z2VzIG9uIHdlYg0KDQogICAgU2NyaXB0cyB0byBnZW5lcmF0ZSB0aGUgSFRNTCBwYWdlcyB1c2lu ZyBtYW5kb2MuIChXb3JrIGluIHByb2dyZXNzKQ0KDQogMy4gUmVkZXNpZ24gb2YgdGhlIFBvcnRz IHBhZ2Ugb24gd2ViDQoNCiAgICBQb3J0cyBzY3JpcHRzIHRvIGNyZWF0ZSBhbiBhcHBsaWNhdGlv bnMgcG9ydGFsLiAoV29yayBpbiBwcm9ncmVzcykNCg0KIDQuIFJlZGVzaWduIG9mIHRoZSBGcmVl QlNEIG1haW4gd2Vic2l0ZQ0KDQogICAgTmV3IGRlc2lnbiwgcmVzcG9uc2l2ZSBhbmQgZGFyayB0 aGVtZS4gKE5vdCBzdGFydGVkKQ0KDQrilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIENCg0KUHJvamVjdHMNCg0KUHJvamVjdHMg dGhhdCBzcGFuIG11bHRpcGxlIGNhdGVnb3JpZXMsIGZyb20gdGhlIGtlcm5lbCBhbmQgdXNlcnNw YWNlIHRvIHRoZQ0KUG9ydHMgQ29sbGVjdGlvbiBvciBleHRlcm5hbCBwcm9qZWN0cy4NCg0KRW5h YmxlIEFTTFIgYnkgZGVmYXVsdCBmb3IgNjQtYml0IGV4ZWN1dGFibGVzDQoNCkNvbnRhY3Q6IERh d2lkIEdvcmVja2kgPGRnckBzZW1paGFsZi5jb20+DQpDb250YWN0OiBNYXJjaW4gV29qdGFzIDxt d0BzZW1paGFsZi5jb20+DQoNCkFkZHJlc3MgU3BhY2UgTGF5b3V0IFJhbmRvbWl6YXRpb24gKEFT TFIpIGlzIGFuIGV4cGxvaXQgbWl0aWdhdGlvbiB0ZWNobmlxdWUNCmltcGxlbWVudGVkIGluIHRo ZSBtYWpvcml0eSBvZiBtb2Rlcm4gb3BlcmF0aW5nIHN5c3RlbXMuIEl0IGludm9sdmVzIHJhbmRv bWx5DQpwb3NpdGlvbmluZyB0aGUgYmFzZSBhZGRyZXNzIG9mIGFuIGV4ZWN1dGFibGUgYW5kIHRo ZSBwb3NpdGlvbiBvZiBsaWJyYXJpZXMsDQpoZWFwLCBhbmQgc3RhY2ssIGluIGEgcHJvY2Vzc+KA mXMgYWRkcmVzcyBzcGFjZS4gQWx0aG91Z2ggb3ZlciB0aGUgeWVhcnMgQVNMUg0KcHJvdmVkIHRv IG5vdCBndWFyYW50ZWUgZnVsbCBPUyBzZWN1cml0eSBvbiBpdHMgb3duLCB0aGlzIG1lY2hhbmlz bSBjYW4gbWFrZQ0KZXhwbG9pdGF0aW9uIG1vcmUgZGlmZmljdWx0Lg0KDQpUaGUgU2VtaWhhbGYg dGVhbSBtYWRlIGFuIGVmZm9ydCB0byBzd2l0Y2ggb24gdGhlIGFkZHJlc3MgbWFwIHJhbmRvbWl6 YXRpb24gZm9yDQpQSUUgKFBvc2l0aW9uIEluZGVwZW5kZW50IEV4ZWN1dGFibGVzKSAmIG5vbi1Q SUUgNjQtYml0IGJpbmFyaWVzLiBPbmNlIHRoZQ0KcGF0Y2ggd2FzIG1lcmdlZCB0byBIRUFELCB0 aGUgQVNMUiBmZWF0dXJlIGJlY2FtZSBlbmFibGVkIGZvciBhbGwgNjQtYml0DQphcmNoaXRlY3R1 cmVzLg0KDQpBZGRpdGlvbmFsbHksIHRoZSBtZW50aW9uZWQgY2hhbmdlIGRpc2FibGVkIFNCUkss IGluIG9yZGVyIHRvIGFsbG93IHV0aWxpemF0aW9uDQpvZiB0aGUgYnNzIGdyb3cgcmVnaW9uIGZv ciBtYXBwaW5ncy4gSXQgaGFzIG5vIGVmZmVjdCB3aXRob3V0IEFTTFIsIHNvIGl0IHdhcw0KYXBw bGllZCB0byBhbGwgYXJjaGl0ZWN0dXJlcy4NCg0KVE9ETzoNCg0KICDigKIgSW1wcm92ZSBzdGFj a2dhcCBmZWF0dXJlIGltcGxlbWVudGF0aW9uLg0KDQogIOKAoiBNRkMgdG8gc3RhYmxlLzEzIGJy YW5jaC4NCg0KU3BvbnNvcjogU3Rvcm1zaGllbGQNCg0K4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSBDQoNCkJvb3QgUGVyZm9y bWFuY2UgSW1wcm92ZW1lbnRzDQoNCkxpbmtzOg0KV2lraSBwYWdlIFVSTDogaHR0cHM6Ly93aWtp LmZyZWVic2Qub3JnL0Jvb3RUaW1lDQpPUyBib290IHRpbWUgY29tcGFyaXNvbiBVUkw6IGh0dHBz Oi8vd3d3LmRhZW1vbm9sb2d5Lm5ldC9ibG9nLw0KMjAyMS0wOC0xMi1FQzItYm9vdC10aW1lLWJl bmNobWFya2luZy5odG1sDQoNCkNvbnRhY3Q6IENvbGluIFBlcmNpdmFsIDxjcGVyY2l2YUBGcmVl QlNELm9yZz4NCg0KQ29saW4gUGVyY2l2YWwgaXMgY29vcmRpbmF0aW5nIGFuIGVmZm9ydCB0byBz cGVlZCB1cCB0aGUgRnJlZUJTRCBib290IHByb2Nlc3MuDQpGb3IgYmVuY2htYXJraW5nIHB1cnBv c2VzLCBoZSBpcyBwcmltYXJpbHkgdXNpbmcgYW4gRUMyIGM1LnhsYXJnZSBpbnN0YW5jZSBhcyBh DQpyZWZlcmVuY2UgcGxhdGZvcm0gYW5kIGlzIG1lYXN1cmluZyB0aGUgdGltZSBiZXR3ZWVuIHdo ZW4gdGhlIHZpcnR1YWwgbWFjaGluZQ0KZW50ZXJzIHRoZSBFQzIgInJ1bm5pbmciIHN0YXRlIGFu ZCB3aGVuIGl0IGlzIHBvc3NpYmxlIHRvIFNTSCBpbnRvIHRoZQ0KaW5zdGFuY2UuDQoNClRoaXMg d29yayBzdGFydGVkIGluIDIwMTcsIGFuZCBhcyBvZiB0aGUgZW5kIG9mIFNlcHRlbWJlciAyMDIx IHRoZSBGcmVlQlNEIGJvb3QNCnRpbWUgd2FzIHJlZHVjZWQgZnJvbSBhcHByb3hpbWF0ZWx5IDMw IHNlY29uZHMgdG8gYXBwcm94aW1hdGVseSAxNSBzZWNvbmRzLg0KDQpEdXJpbmcgMjAyMVE0LCBm dXJ0aGVyIGltcHJvdmVtZW50cyBoYXZlIHNoYXZlZCBtb3JlIHRpbWUgb2ZmIHRoZSBib290IHBy b2Nlc3MsDQp0YWtpbmcgaXQgZG93biB0byByb3VnaGx5IDEwIHNlY29uZHMuIEEgZnVydGhlciA0 IHNlY29uZHMgb2YgaW1wcm92ZW1lbnRzIGFyZQ0KaW4gcHJvY2Vzcy4NCg0KSW4gYWRkaXRpb24s IHRoZSB1c2VybGFuZCBib290IHByb2Nlc3MgaXMgbm93IGJlaW5nIHByb2ZpbGVkIHVzaW5nIFRT TE9HLA0KbWFraW5nIGl0IHBvc3NpYmxlIHRvIHNlZSBmbGFtZWNoYXJ0cyBvZiB0aGUgZW50aXJl IGJvb3QgcHJvY2VzczsgYW5kIHRoZQ0KZWMyLWJvb3QtYmVuY2ggdG9vbCBpcyBub3cgYWJsZSB0 byBnZW5lcmF0ZSBNUDQgdmlkZW9zIG9mIHRoZSBib290IHByb2Nlc3MgYnkNCnRha2luZyBzbmFw c2hvdHMgb2YgdGhlIEVDMiBWR0EgY29uc29sZS4NCg0KSXNzdWVzIGFyZSBsaXN0ZWQgb24gdGhl IHdpa2kgcGFnZSBhcyB0aGV5IGFyZSBpZGVudGlmaWVkOyB0aGUgd2lraSBwYWdlIGFsc28NCmhh cyBpbnN0cnVjdGlvbnMgZm9yIHBlcmZvcm1pbmcgcHJvZmlsaW5nLiBVc2VycyBhcmUgZW5jb3Vy YWdlZCB0byBwcm9maWxlIHRoZQ0KYm9vdCBwcm9jZXNzIG9uIHRoZWlyIG93biBzeXN0ZW1zLCBp biBjYXNlIHRoZXkgZXhwZXJpZW5jZSBkZWxheXMgd2hpY2ggZG9u4oCZdA0Kc2hvdyB1cCBvbiB0 aGUgc3lzdGVtIENvbGluIGlzIHVzaW5nIGZvciB0ZXN0aW5nLg0KDQpUaGlzIHdvcmsgaXMgc3Vw cG9ydGVkIGJ5IENvbGlu4oCZcyBGcmVlQlNEL0VDMiBQYXRyZW9uLg0KDQpTcG9uc29yOiBodHRw czovL3d3dy5wYXRyZW9uLmNvbS9jcGVyY2l2YQ0KDQrilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIENCg0KTExEQiBEZWJ1Z2dl ciBJbXByb3ZlbWVudHMNCg0KTGlua3M6DQpNb3JpdHogU3lzdGVtcyBQcm9qZWN0IERlc2NyaXB0 aW9uIFVSTDogaHR0cHM6Ly93d3cubW9yaXR6LnN5c3RlbXMvYmxvZy8NCmZyZWVic2Qta2dkYi1z dXBwb3J0LWluLWxsZGIvDQpQcm9ncmVzcyBSZXBvcnQgMyBVUkw6IGh0dHBzOi8vd3d3Lm1vcml0 ei5zeXN0ZW1zL2Jsb2cvDQpsbGRiLXNlcmlhbC1wb3J0LWNvbW11bmljYXRpb24tc3VwcG9ydC8N ClByb2dyZXNzIFJlcG9ydCA0IFVSTDogaHR0cHM6Ly93d3cubW9yaXR6LnN5c3RlbXMvYmxvZy8N CmxsZGItZnJlZWJzZC1rZXJuZWwtY29yZS1kdW1wLXN1cHBvcnQvDQpMTFZNIEdpdCBSZXBvc2l0 b3J5IFVSTDogaHR0cHM6Ly9naXRodWIuY29tL21vcml0ei1zeXN0ZW1zL2xsdm0tcHJvamVjdA0K bGliZmJzZHZtY29yZSBHaXQgUmVwb3NpdG9yeSBVUkw6IGh0dHBzOi8vZ2l0aHViLmNvbS9tb3Jp dHotc3lzdGVtcy8NCmxpYmZic2R2bWNvcmUNCg0KQ29udGFjdDogS2FtaWwgUnl0YXJvd3NraSA8 a2FtaWxAbW9yaXR6LnN5c3RlbXM+DQpDb250YWN0OiBNaWNoYcWCIEfDs3JueSA8bWdvcm55QG1v cml0ei5zeXN0ZW1zPg0KDQpBY2NvcmRpbmcgdG8gdGhlIHVwc3RyZWFtIGRlc2NyaXB0aW9uLCAi TExEQiBpcyBhIG5leHQgZ2VuZXJhdGlvbiwNCmhpZ2gtcGVyZm9ybWFuY2UgZGVidWdnZXIuIEl0 IGlzIGJ1aWx0IGFzIGEgc2V0IG9mIHJldXNhYmxlIGNvbXBvbmVudHMgd2hpY2gNCmhpZ2hseSBs ZXZlcmFnZSBleGlzdGluZyBsaWJyYXJpZXMgaW4gdGhlIGxhcmdlciBMTFZNIFByb2plY3QsIHN1 Y2ggYXMgdGhlDQpDbGFuZyBleHByZXNzaW9uIHBhcnNlciBhbmQgTExWTSBkaXNhc3NlbWJsZXIu Ig0KDQpGcmVlQlNEIGluY2x1ZGVzIExMREIgaW4gdGhlIGJhc2Ugc3lzdGVtLiBBdCBwcmVzZW50 LCBpdCBoYXMgc29tZSBsaW1pdGF0aW9ucw0KY29tcGFyZWQgdG8gdGhlIEdOVSBHREIgZGVidWdn ZXIsIGFuZCBkb2VzIG5vdCB5ZXQgcHJvdmlkZSBhIGNvbXBsZXRlDQpyZXBsYWNlbWVudC4gVGhp cyBwcm9qZWN0IHNwYW5zIGZyb20gSnVseSAyMDIxIHRvIEphbnVhcnkgMjAyMiBhbmQgYWltcyB0 byBtYWtlDQpMTERCIHN1aXRhYmxlIGZvciBkZWJ1Z2dpbmcgRnJlZUJTRCBrZXJuZWxzLg0KDQpU aGUgZWFybGllciBwYXJ0IG9mIHRoZSBwcm9qZWN0IHdhcyBmb2N1c2VkIG9uIGltcHJvdmluZyBj b21wYXRpYmlsaXR5IGJldHdlZW4NCkxMREIgYW5kIG90aGVyIHNlcnZlcnMgaW1wbGVtZW50aW5n IHRoZSBHREIgUmVtb3RlIFByb3RvY29sLiBUaGlzIHdhcyBmb2xsb3dlZA0KYnkgaW1wbGVtZW50 aW5nIGEgZnVsbHktZmVhdHVyZWQgc2VyaWFsIHBvcnQgc3VwcG9ydCBhbmQgdGhlbiBzdXBwb3J0 IGZvcg0KRnJlZUJTRCBrZXJuZWwgY29yZSBkdW1wcyAodm1jb3JlcykuDQoNClRoZSBMTERCIGNs aWVudCBnYWluZWQgbXVjaCBpbXByb3ZlZCBzdXBwb3J0IGZvciBjb25uZWN0aW5nIHRvIHRoZSBy ZW1vdGUNCnNlcnZlciBvdmVyIGEgc2VyaWFsIHBvcnQsIGFuZCB0aGUgTExEQiBzZXJ2ZXIgZ2Fp bmVkIHN1cHBvcnQgZm9yIGFjY2VwdGluZw0KY29tbXVuaWNhdGlvbiBvdmVyIGEgc2VyaWFsIHBv cnQuIFRoaXMgb3BlbmVkIHRoZSBwb3NzaWJpbGl0eSBvZiB1c2luZyBMTERCIHRvDQpkZWJ1ZyBl bWJlZGRlZCBkZXZpY2VzIHRoYXQgdXNlIHRoZSBSUzIzMiBpbnRlcmZhY2UuIEl0IGNhbiBhbHNv IGFpZCBkZWJ1Z2dpbmcNCmtlcm5lbHMgb24gcmVndWxhciBQQ3MgYXMgaXQgZG9lcyBub3QgcmVs eSBvbiB0aGUgbmV0d29yayBzdGFjay4NCg0KU3VwcG9ydCBmb3IgRnJlZUJTRCB2bWNvcmVzIGhh cyBhbHNvIGJlZW4gYWRkZWQgdG8gTExEQi4gVGhpcyBtYWtlcyBpdCBwb3NzaWJsZQ0KdG8gaW5z cGVjdCB0aGUgY3Jhc2hlZCBrZXJuZWwgc3RhdGUgd2l0aG91dCBoYXZpbmcgdG8gcmVzb3J0IHRv IEtHREIgb3INCm1hbnVhbGx5IGNvbnZlcnQgdGhlIHZtY29yZSBpbnRvIHRoZSBzdGFuZGFyZCBF TEYgZm9ybWF0IHN1cHBvcnRlZCBieSBMTERCLg0KDQpUaGUgaW50cm9kdWNlZCBjaGFuZ2VzIGFy ZSBleHBlY3RlZCB0byBiZSBzaGlwcGVkIHdpdGggTExEQiAxNC4wLg0KDQpTcG9uc29yOiBUaGUg RnJlZUJTRCBGb3VuZGF0aW9uDQoNCuKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgQ0KDQpOWFAgTFMxMDI4QS8xMDI3QSBTb0Mg c3VwcG9ydA0KDQpDb250YWN0OiBLb3JuZWwgRHVsxJliYSA8bWluZGFsQHNlbWloYWxmLmNvbT4N CkNvbnRhY3Q6IEFydHVyIFJvamVrIDxhckBzZW1paGFsZi5jb20+DQpDb250YWN0OiBIdWJlcnQg TWF6dXIgPGh1bUBzZW1paGFsZi5jb20+DQpDb250YWN0OiBXb2pjaWVjaCBNYWNlayA8d21hQHNl bWloYWxmLmNvbT4NCg0KVGhlIFNlbWloYWxmIHRlYW0gaGFzIGJlZW4gd29ya2luZyBvbiBhZGRp bmcgdGhlIEZyZWVCU0Qgc3VwcG9ydCBmb3IgdGhlIE5YUA0KTFMxMDI4QSBTb0MsIGFzIHdlbGwg YXMgaXRzIEdQVS1sZXNzIHZhcmlhbnQgKE5YUCBMUzEwMjdBKS4NCg0KTlhQIExTMTAyOEEvTFMx MDI3QSBTb0MgaXMgYSBkdWFsLWNvcmUgNjQtYml0IEFSTXY4IENvcnRleC1BNzIgYXBwbGljYXRp b24NCnByb2Nlc3NvciB3aXRoIGhpZ2gtc3BlZWQgcGVyaXBoZXJhbHMgc3VjaCBhcyAyIFRpbWUt U2Vuc2l0aXZlDQpOZXR3b3JraW5nLWNhcGFibGUgKFRTTikgRXRoZXJuZXQgY29udHJvbGxlcnMs IHF1YWQtcG9ydCBUU04tZW5hYmxlZCBzd2l0Y2gsDQpQQ0lFLCBTRC9NTUMsIFVTQjMuMCBhbmQg b3RoZXJzLg0KDQpUaGUgb3JpZ2luYWwgc3VwcG9ydCB3YXMgZXh0ZW5kZWQgaW4gdGhlIGZvbGxv d2luZyB3YXk6DQoNCiAg4oCiIEVORVRDIEV0aGVybmV0IGRyaXZlcg0KDQogICAgICDilqEgQWRk IHN1cHBvcnQgZm9yIFBIWSBpbnRlcnJ1cHRzDQoNCiAgICAgIOKWoSBGaXggVklEL21jYXN0IGFk ZHJlc3MgaGFzaCBjYWxjdWxhdGlvbg0KDQogICAgICDilqEgU2VyaWFsaXplIE1ESU8gdHJhbnNh Y3Rpb25zDQoNCiAgICAgIOKWoSBBbGxvdyBsb2FkaW5nIGRyaXZlciBhcyBhIG1vZHVsZQ0KDQog IOKAoiBJbXByb3ZlbWVudHMgaW4gdGhlIEZTTCBTREhDSSBkcml2ZXINCg0KICAgICAg4pahIEFk ZCBzdXBwb3J0IGZvciBIUzIwMC9IUzQwMCBtb2Rlcw0KDQogICAgICDilqEgQWRkIGZ1bGwgc3Vw cG9ydCBmb3Igc29mdHdhcmUgcmVzZXQNCg0KICAgICAg4pahIFByb3ZpZGUgbW9yZSBhY2N1cmF0 ZSBjbGsgY2FsY3VsYXRpb24NCg0KICAgICAg4pahIEltcGxlbWVudCBwdWxzZSB3aWR0aCBkZXRl Y3Rpb24gZXJyYXRhDQoNCiAgICAgIOKWoSBGaXggdmNjcSByZWNvbmZpZ3VyYXRpb24NCg0KICDi gKIgRkxFWCBTUEkgTk9SIGNvbnRyb2xsZXIgZHJpdmVyDQoNCiAg4oCiIEFkZGl0aW9uYWwgZmVh dHVyZXM6DQoNCiAgICAgIOKWoSBUTVA0NjEgdGhlcm1hbCBzZW5zb3IgZHJpdmVyDQoNCiAgICAg IOKWoSBQQ0Y4NTA2MyBSVEMgZHJpdmVyIGRyaXZlcg0KDQogICAgICDilqEgVENBNjQwOCBJMkMg R1BJTyBleHBhbmRlciBkcml2ZXINCg0KVE9ETzoNCg0KICDigKIgSW1wcm92ZSBNTUMgSFMyMDAv SFM0MDAgc3VwcG9ydCBmb3Igb3RoZXIgU29DcyB1c2luZyB0aGUgRlNMIFNESENJDQogICAgY29u dHJvbGxlci4NCg0KU3BvbnNvcjogQWxzdG9tIEdyb3VwDQoNCuKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgQ0KDQpzY2hlZF9n ZXRjcHUoMiksIG1lbWJhcnJpZXIoMiksIGFuZCByc2VxKDIpIHN5c2NhbGxzDQoNCkNvbnRhY3Q6 IEtvbnN0YW50aW4gQmVsb3Vzb3YgPGtpYkBGcmVlQlNELm9yZz4NCg0KTGlua3M6DQpMaW51eCBt YW5wYWdlIGZvciBtZW1iYXJyaWVyKDIpIFVSTDogaHR0cHM6Ly9raWIua2lldi51YS9raWIvbWVt YmFycmllci5wZGYNCm1lbWJhcnJpZXIoMikgaW1wbGVtZW50YXRpb24gVVJMOiBodHRwczovL3Jl dmlld3MuZnJlZWJzZC5vcmcvRDMyMzYwDQpMaW51eCBtYW5wYWdlIGZvciByc2VxKDIpIFVSTDog aHR0cHM6Ly9raWIua2lldi51YS9raWIvcnNlcS5wZGYNCnJzZXEoMikgYW5kIHVzZXJzcGFjZSBi aW5kaW5ncyBpbXBsZW1lbnRhdGlvbiBVUkw6IGh0dHBzOi8vcmV2aWV3cy5mcmVlYnNkLm9yZy8N CkQzMjUwNQ0KDQpMaW51eCBwcm92aWRlcyBhIHNldCBvZiBzeXNjYWxscyB0aGF0IGFsbG93IHRv IGRldmVsb3AgbW9zdGx5IHN5c2NhbGwtbGVzcw0Kc2NhbGFibGUgYWxnb3JpdGhtcyBpbiB1c2Vy c3BhY2UuIFRoZSBtZWNoYW5pc21zIGFyZSBiYXNlZCBvbiBvcHRpbWlzdGljDQpleGVjdXRpb24g dXNpbmcgQ1BVLWxvY2FsIGRhdGEgd2l0aCB0aGUgYXNzdW1wdGlvbiB0aGF0IHJhcmUgZXZlbnRz IGxpa2UNCmNvbnRleHQgc3dpdGNoZXMgb3Igc2lnbmFsIGRlbGl2ZXJ5IGRvIG5vdCBvY2N1ciBm b3IgdGhlIGdpdmVuIGNhbGN1bGF0aW9uLCBhbmQNCmlmIHRoZXkgZG8gb2NjdXIsIHJvbGxiYWNr IGFuZCByZXN0YXJ0IGlzIHBlcmZvcm1lZC4gVGhpcyB2ZXJ5IGhpZ2gtbGV2ZWwNCmFwcHJvYWNo IGlzIHVzZWQsIGFzIEkgdW5kZXJzdGFuZCwgZm9yIGltcGxlbWVudGF0aW9uIG9mIHRvb2xzIGxp a2UgVVJDVSwgZmFzdA0KbWFsbG9jIGFsbG9jYXRvcnMgKHRjbWFsbG9jKSBhbmQgb3RoZXIgdXNl cnNwYWNlIGluZnJhc3RydWN0dXJlIHByb2plY3RzIGFpbWVkDQphdCBsYXJnZSBwYXJ0aXRpb25l ZCBtYWNoaW5lcy4NCg0KRm9yIGluc3RhbmNlLCBzY2hlZF9nZXRjcHUoMikgc3lzY2FsbCByZXR1 cm5zIHRoZSBDUFUgaWQgb2YgdGhlIENQVSB3aGVyZSB0aGUNCmN1cnJlbnQgdGhyZWFkIGlzIGN1 cnJlbnRseSBleGVjdXRpbmcuIE9uIGFtZDY0LCBpZiBhdmFpbGFibGUsIHdlIHVzZSBhIFJEVFND UA0Kb3IgUkRQSUQgaW5zdHJ1Y3Rpb24gdG8gcXVlcnkgdGhlIENQVSBpZCB3aXRob3V0IGNoYW5n aW5nIENQVSBtb2RlLCBvdGhlcndpc2UNCnRoaXMgaXMgYSBsaWdodC13ZWlnaHQgc3lzY2FsbC4g T2YgY291cnNlLCB0aGUgYW5zd2VyIHByb3ZpZGVkIGlzIG9ic29sZXRlIHRoZQ0KbW9tZW50IGl0 IGlzIGNyZWF0ZWQsIGV2ZW4gYmVmb3JlIGl0IGlzIHJldHVybmVkIHRvIHVzZXJzcGFjZS4gQnV0 IGl0IGFsbG93cw0Kc2VlZGluZyB2YWx1ZXMgaW4gc29tZSBzdHJ1Y3R1cmVzIHRoYXQgYXJlIHZh bGlkIGZvciBhIGxvbmcgdGltZSAoYXQgdGhlIENQVQ0Kc3BlZWQgc2NhbGUpIGFuZCBhcmUgYXV0 b21hdGljYWxseSBjb3JyZWN0ZWQgb24gZXhjZXB0aW9uYWwgY29udHJvbCBmbG93IGV2ZW50cw0K bGlrZSBjb250ZXh0IHN3aXRjaGVzLCBhbmQgdXNlcnNwYWNlIGNhbiBlaXRoZXIgZGV0ZWN0IGFu ZCByb2xsYmFjayBvciBzeW5jIGFuZA0Kcm9sbGJhY2sgd2l0aCB0aGUgZXhjZXB0aW9ucy4NCg0K VGhlcmUgYXJlIHR3byBjb3JuZXJzdG9uZSBzeXNjYWxscyB0aGF0IGFsbG93IHVzZXJzcGFjZSB0 byBpbXBsZW1lbnQgdGhlc2UNCmVmZmljaWVudCBhbGdvcml0aG1zOiBtZW1iYXJyaWVyKDIpIGFu ZCByc2VxKDIpLg0KDQpNZW1iYXJyaWVyIGlzIGEgZmFjaWxpdHkgdGhhdCBoZWxwcyBpbXBsZW1l bnRpbmcgZmFzdCBDUFUgb3JkZXJpbmcgYmFycmllcnMsDQp0eXBpY2FsbHkgdXNlZCBmb3IgYXN5 bW1ldHJpYy9iaWFzZWQgbG9ja2luZy4gSW4gdGhlc2UgbG9jayBpbXBsZW1lbnRhdGlvbg0Kc2No ZW1lcywgdGhlIG93bmVyIG9mIHRoZSBvYmplY3Qgb2Z0ZW4gYXNzdW1lcyB0aGF0IHRoZXJlIGFy ZSBjb250ZW5kZXJzLw0KcGFyYWxsZWwgdGhyZWFkcyB0aGF0IG5lZWQgY29vcmRpbmF0aW5nIHdp dGguIElmIHNvbWUgdGhyZWFkIHN0YXJ0cyBhY2Nlc3NpbmcNCnRoZSBzYW1lIHJlc291cmNlLCB0 aGVuIGl0IGlzIGl0cyBkdXR5IHRvIGVuc3VyZSBjb3JyZWN0bmVzcy4gRXhhbXBsZXMgb2YNCid0 cmFwcycgdGhhdCBmYXN0IGNvZGUgcGF0aCB1dGlsaXplIGFyZSByZWFkcyBmcm9tIGEgZGVkaWNh dGVkIHBhZ2UgdGhhdCBpcw0KdW5tYXBwZWQgYnkgY29udGVuZGVycywgdG8gc3dpdGNoIHRoZSBm YXN0IHBhdGggdG8gdGhlIHNsb3cgb25lLiBPciB3ZSBjb3VsZA0Kc2VuZCBhIHNpZ25hbCB0byBh bGwgdGhyZWFkcyB0aGF0IHBvdGVudGlhbGx5IGhhdmUgYWNjZXNzIHRvIHRoYXQgb2JqZWN0LCB0 bw0KaW5zZXJ0IGEgYmFycmllci4gT3Igd2UgY2FuIHVzZSB0aGUgbWVtYmFycmllcigyKSBmYWNp bGl0eSwgd2hpY2ggaW5jdXJzDQpzaWduaWZpY2FudGx5IGxlc3Mgb3ZlcmhlYWQgdGhhbiBzaWdu YWxsaW5nIGFsbCB0aHJlYWRzLg0KDQpNZW1iYXJyaWVyKDIpIGluc2VydHMgYSBiYXJyaWVyLCB3 aGljaCBpcyB0aGUgdHlwaWNhbCB1bmRlcmx5aW5nIGhhcmR3YXJlDQpvcGVyYXRpb24gdG8gZW5z dXJlIG9yZGVyaW5nLCBpbnRvIHRoZSBzcGVjaWZpZWQgc2V0IG9mIENQVXMsIGlmIHRoZXNlIENQ VXMgYXJlDQpleGVjdXRpbmcgdGhlIHNwZWNpZmllZCB0aHJlYWQuIElmIHRoZXNlIENQVXMgYXJl IG5vdCBleGVjdXRpbmcgdGhlIHRhcmdldGVkDQp0aHJlYWRzLCBpdCBpcyBhc3N1bWVkIHRoYXQg c2VxdWVudGlhbCBjb25zaXN0ZW5jeSBndWFyYW50ZWVzIGZyb20gdGhlIGNvbnRleHQNCnN3aXRj aCBhcmUgZW5vdWdoIHRvIGZ1bGZpbGwgdGhlIHJlcXVpcmVtZW50IG9mIG1lbWJhcnJpZXIoMiku IE92ZXJhbGwsIHRoZQ0KZmFzdCBwYXRoIGNhbiBiZSBpbXBsZW1lbnRlZCB3aXRob3V0IHNsb3cg aW5zdHJ1Y3Rpb25zLCBhbmQgdGhlIHNsb3cgcGF0aA0KaW5qZWN0cyByZXF1aXJlZCBmZW5jZXMg aW50byB0aGUgZmFzdCBwYXRoIGF0IHRoZSBjb3N0IG9mIElQSS4NCg0KVGhlIGZhY2lsaXR5IHRv IGRldGVjdCBleGNlcHRpb25hbCBjb25kaXRpb25zIGluIHRoZSB1c2Vyc3BhY2UgdGhyZWFkIGV4 ZWN1dGlvbg0Kd2FzIGRldmVsb3BlZCBpbiBMaW51eCBhbmQgY2FsbGVkIHJzZXEoMikuIEl0IGlz IGEgZmVhdHVyZSBvZnRlbiBjYWxsZWQNClJlc3RhcnRhYmxlIEF0b21pYyBTZXF1ZW5jZXMsIHdo aWNoIGV4cGxhaW5zIHRoZSBhY3JvbnltLiBUaGUgYWJpbGl0eSB0bw0KY2hlYXBseSBkbyB0aGF0 IGFsbG93cyBjb2RlIGxvbmdlciB0aGFuIGEgc2luZ2xlIGluc3RydWN0aW9uIHRvIGV4ZWN1dGUN CmF0b21pY2FsbHksIHdpdGhvdXQgdGhlIG5lZWQgdG8gcHJvcG9zZSBhbmQgaW1wbGVtZW50IHVu c2FmZSBvcGVyYXRpb25zIGxpa2UNCmRpc2FibGluZyBwcmVlbXB0aW9uLCB3aGljaCBpcyBub3Qg ZmVhc2libGUgZm9yIHVzZXJzcGFjZS4gRm9yIGluc3RhbmNlLCBjb2RlDQptaWdodCB1c2UgQ1BV LWxvY2FsIHJlc291cmNlcywgd2hpY2ggb3RoZXJ3aXNlIGRvZXMgbm90IGNvcGUgd2VsbCB3aXRo IGNvbnRleHQNCnN3aXRjaGVzLiBUaGVyZSBjYW5ub3QgYmUgYW4gYW5hbG9nIG9mIGNyaXRpY2Fs X2VudGVyKDkpIGluIHVzZXJzcGFjZS4gKEENCmZhY2lsaXR5IHRvIGNoZWFwbHkgYmxvY2sgc2ln bmFsIGRlbGl2ZXJ5IGV4aXN0cyBpbiBGcmVlQlNELCBzZWUgc2lnZmFzdGJsb2NrDQooMiksIGJ1 dCBjb3JyZWN0bHkgdXNpbmcgaXQgaXMgcHJvdmFibHkgdG9vIGhhcmQgdG8gaW1wbGVtZW50IGlu DQpnZW5lcmFsLXB1cnBvc2UgY29kZSwgZXNwLiBiZWNhdXNlIGl0IHJlcXVpcmVzIHZlcnNpb24t ZGVwZW5kZW50IGNvb3JkaW5hdGlvbg0Kd2l0aCBydGRsIGFuZCBsaWJ0aHIuKQ0KDQpyc2VxKDIp IHRha2VzIHBlci10aHJlYWQgYmxvY2sgb2YgbWVtb3J5LCB3aGVyZSB0aGUgdGhyZWFkIHdyaXRl cyB0aGUgY3VycmVudA0KQ1BVIGlkIChzZWUgc2NoZWRfZ2V0Y3B1KDIpKSBhbmQgc3BlY2lmaWVz IHRoZSBibG9jayBvZiBjcml0aWNhbCBjb2RlIHRoYXQgbXVzdA0KYmUgdW53b3VuZCBpZiBhbiBl eGNlcHRpb25hbCBzaXR1YXRpb24gbGlrZSBhIGNvbnRleHQgc3dpdGNoIG9jY3VycmVkIHdoaWxl IHRoZQ0KYmxvY2sgd2FzIGV4ZWN1dGluZy4gVGhlIGZhc3QgY29kZSBwYXRoIHVzZXMgcGVyLWNw dSBkYXRhIGFuZCB0eXBpY2FsbHkgZG9lcw0Kbm90IG5lZWQgYW55IGNvcnJlY3Rpb25zLCBidXQg d291bGQgYSBjb250ZXh0IHN3aXRjaCBvY2N1ciwgdHJhbnNmZXIgb2YgY29udHJvbA0KdG8gdGhl IGFib3J0IGhhbmRsZXIgaW5mb3JtcyB1c2Vyc3BhY2UgYWJvdXQgdGhlIGV2ZW50LiBTbyBpbnN0 ZWFkIG9mIGRpc2FibGluZw0KY29udGV4dCBzd2l0Y2hlcywgY29kZSBjYW4gY2hlYXBseSBjaGVj ayBmb3Igb25lIGFmdGVyIHRoZSBjYWxjdWxhdGlvbiBhbmQNCnJldHJ5IGlmIG5lZWRlZC4NCg0K QW4gaW50ZXJlc3RpbmcgcnNlcSgyKSBpbXBsZW1lbnRhdGlvbiBkZXRhaWwgaXMgdGhhdCBpdCBp cyBpbXBvc3NpYmxlIChhbmQgbm90DQpuZWVkZWQpIHRvIGFjY2Vzcy91cGRhdGUgcnNlcSBzdHJ1 Y3R1cmVzIGZyb20ga2VybmVsIGR1cmluZyB0aGUgYWN0dWFsIGNvbnRleHQNCnN3aXRjaCwgYmVj YXVzZSB3ZSBjYW5ub3QgYWNjZXNzIHVzZXJzcGFjZSBmcm9tIHVuZGVyIGEgc3BpbmxvY2suIElu IG90aGVyDQp3b3JkcywgdGhyZWFkcyB1c2luZyByc2VxIGRvIG5vdCBpbmN1ciBhbnkgcGVyZm9y bWFuY2UgY29zdCBmcm9tIHN5c3RlbS1nbG9iYWwNCmNvbnRleHQgc3dpdGNoZXMuIEluc3RlYWQs IGlmIHRoZSBwcm9jZXNzIHJlZ2lzdGVyZWQgZm9yIHJzZXEoMiksIG9uIGFueSByZXR1cm4NCnRv IHVzZXIgbW9kZSB3ZSBjaGVjayBpZiBhbnkgZXhjZXB0aW9uYWwgZXZlbnRzIGhhcHBlbmVkIHdo aWxlIHRoZSB0aHJlYWQgd2FzDQppbiB0aGUga2VybmVsIChjb250ZXh0IHN3aXRjaGVzIG1heSBo YXBwZW4gb25seSB3aGlsZSB0aGUgdGhyZWFkIGlzIGluIGtlcm5lbA0KbW9kZSksIGFuZCBpZiBh IGNvbnRleHQgc3dpdGNoIGluZGVlZCBvY2N1cmVkLCB3ZSBmaXJlIGFuIGFzdCB0byBjaGVjayB3 aGV0aGVyDQp0aGUgcHJvZ3JhbSBjb3VudGVyIGlzIGluc2lkZSB0aGUgY3JpdGljYWwgc2VjdGlv biBhbmQganVtcCB0byB0aGUgYWJvcnQNCmhhbmRsZXIgaWYgaXQgaXMuDQoNClRoZSBpbXBsZW1l bnRhdGlvbnMgb2YgbWVtYmFycmllcigyKSBhbmQgcnNlcSgyKSBhcmUgY2xlYW4tcm9vbTogSSB1 c2VkIExpbnV4DQptYW51YWwgcGFnZXMgYXMgdGhlIHJlZmVyZW5jZSBhbmQgcHVibGljIGRpc2N1 c3Npb25zIG9mIHRoZSBmZWF0dXJlcyBmb3INCmNsYXJpZnlpbmcgY29ybmVyIGNhc2VzLiBPbiBM aW51eC9nbGliYywgdGhlcmUgd2FzIG5vIHN0YWJsZSBnbGliYyBpbnRlcmZhY2UgdG8NCnRoZSBy c2VxIGZhY2lsaXR5LiBPbmUgcHJvcG9zZWQgaW50ZWdyYXRpb24gd2FzIGNvbW1pdHRlZCB0aGVu IHJldmVydGVkIGZyb20NCmdsaWJjLiBJdCBtaWdodCBiZSBwcnVkZW50IHRvIHdhaXQgc29tZSBt b3JlIGZvciB0aGUgcnNlcSgyKSBpbnRlcmZhY2UgdG8NCnN0YWJpbGl6ZSBpbiBnbGliYyBiZWZv cmUgcHJvdmlkaW5nIGl0IGluIG91ciBsaWJjIG9yIHRvIHJlbHkgb24gdGlnaHQNCmludGVncmF0 aW9uIGJldHdlZW4ga2VybmVsIGFuZCB1c2Vyc3BhY2UgaW4gb3VyIGJhc2Ugc3lzdGVtLCBhbmQg dXNlIEFCSSB0cmlja3MNCmxpa2Ugc3ltYm9sIHZlcnNpb25pbmcgdG8gZXZvbHZlIHRoZSBpbnRl cmZhY2UuIFRoZXJlIGlzIG5vIGdvYWwgdG8gYmUgMTAwJQ0KY29tcGF0aWJsZSB3aXRoIExpbnV4 IGFueXdheS4NCg0KU3BvbnNvcjogVGhlIEZyZWVCU0QgRm91bmRhdGlvbg0KDQrilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIEN Cg0KQmFzZSBTeXN0ZW0gT3BlblNTSCBVcGRhdGUNCg0KTGlua3M6DQpPcGVuU1NIIFVSTDogaHR0 cHM6Ly93d3cub3BlbnNzaC5jb20vDQpBbm5vdW5jZW1lbnQgdG8gZnJlZWJzZC1zZWN1cml0eUAg VVJMOiBodHRwczovL2xpc3RzLmZyZWVic2Qub3JnL3BpcGVybWFpbC8NCmZyZWVic2Qtc2VjdXJp dHkvMjAyMS1TZXB0ZW1iZXIvMDEwNDczLmh0bWwNCg0KQ29udGFjdDogRWQgTWFzdGUgPGVtYXN0 ZUBmcmVlYnNkLm9yZz4NCg0KT3BlblNTSCwgYSBzdWl0ZSBvZiByZW1vdGUgbG9naW4gYW5kIGZp bGUgdHJhbnNmZXIgdG9vbHMsIHdhcyB1cGRhdGVkIGZyb20NCnZlcnNpb24gOC43cDEgdG8gOC44 cDEgaW4gdGhlIEZyZWVCU0QgYmFzZSBzeXN0ZW0uDQoNCk5PVEU6IE9wZW5TU0ggOC44cDEgZGlz YWJsZXMgdGhlIHNzaC1yc2Egc2lnbmF0dXJlIHNjaGVtZSBieSBkZWZhdWx0LiBGb3IgbW9yZQ0K aW5mb3JtYXRpb24gcGxlYXNlIHNlZSB0aGUgSW1wb3J0YW50IG5vdGUgZm9yIGZ1dHVyZSBGcmVl QlNEIGJhc2Ugc3lzdGVtDQpPcGVuU1NIIHVwZGF0ZSBtYWlsaW5nIGxpc3QgcG9zdC4NCg0KT3Bl blNTSCBzdXBwb3J0cyBGSURPL1UyRiBkZXZpY2VzLCBhbmQgc3VwcG9ydCBpcyBub3cgZW5hYmxl ZCBpbiB0aGUgYmFzZQ0Kc3lzdGVtLg0KDQpOZXh0IHN0ZXBzIGluY2x1ZGUgaW50ZWdyYXRpbmcg VTJGIGtleSBkZXZkIHJ1bGVzIGludG8gdGhlIGJhc2Ugc3lzdGVtLCBhbmQNCm1lcmdpbmcgdGhl IHVwZGF0ZWQgT3BlblNTSCBhbmQgRklETy9VMkYgc3VwcG9ydCB0byBzdGFibGUgYnJhbmNoZXMu DQoNClNwb25zb3I6IFRoZSBGcmVlQlNEIEZvdW5kYXRpb24NCg0K4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSBDQoNClZEU08g b24gYW1kNjQNCg0KQ29udGFjdDogS29uc3RhbnRpbiBCZWxvdXNvdiA8a2liQEZyZWVCU0Qub3Jn Pg0KDQpBIFZEU08sIG9yIFZpcnR1YWwgRHluYW1pYyBTaGFyZWQgT2JqZWN0LCBpcyBhIHNoYXJl ZCBvYmplY3QgKG1vcmUgY29tbW9ubHkNCmNhbGxlZCBkeW5hbWljIGxpYnJhcnkpIHRoYXQgaXMg aW5zZXJ0ZWQgaW50byB0aGUgZXhlY3V0ZWQgaW1hZ2UgYnkgYSBqb2ludA0KZWZmb3J0IG9mIHRo ZSBrZXJuZWwgYW5kIHRoZSBkeW5hbWljIGxpbmtlci4gSXQgZG9lcyBub3QgZXhpc3RzIG9uIGRp c2sgYXMgYQ0Kc3RhbmRhbG9uZSAuc28sIGFuZCB0aGVyZSBhcmUgbm8gaW5zdHJ1Y3Rpb25zIGlu IHRoZSBFTEYgZm9ybWF0IHRoYXQgY2F1c2UgdGhlDQppbnNlcnRpb24uIEl0IGlzIGRvbmUgYnkg dGhlIHN5c3RlbSB0byBpbXBsZW1lbnQgc29tZSBmdW5jdGlvbmFsaXR5IGZvciB0aGUgQw0KcnVu dGltZSBpbXBsZW1lbnRhdGlvbiBjb21wb25lbnRzLg0KDQpGcmVlQlNEIGFscmVhZHkgaGFzIGEg bG90IG9mIGZlYXR1cmVzIHR5cGljYWxseSBkb25lIHVzaW5nIFZEU08gKGluIExpbnV4KSwgYnV0 DQpyZWFsbHkgbm90IHJlcXVpcmluZyB0aGF0IGNvbXBsaWNhdGlvbi4gVGhlIG1haW4gcmVhc29u IHdoeSBpdCBpcyBwb3NzaWJsZSBpcw0KdGhlIG9mdGVuIG1lbnRpb25lZCBjby1ldm9sdXRpb24g b2YgdGhlIGtlcm5lbCBhbmQgQyBydW50aW1lLiBXZSBjYW4gbmF0dXJhbGx5DQppbnRyb2R1Y2Ug ZmVhdHVyZXMgdGhhdCByZXF1aXJlIGltcGxlbWVudGF0aW9uIGJvdGggaW4ga2VybmVsLCBhbmQg c3VwcG9ydCBpbg0KdGhlIHVzZXJzcGFjZSBwYXJ0cywgc2luY2UgRnJlZUJTRCBpcyBkZXZlbG9w ZWQgYXMgYSB3aG9sZS4gU3VycHJpc2luZ2x5LCBpdA0KYWxzbyBhbGxvd3MgdGhlIGtlcm5lbCBh bmQgZHluYW1pYyBsaW5rZXIgdG8ga25vdyBtdWNoIGxlc3MgKGFuZCBub3QgZW5mb3JjZQ0KYW55 dGhpbmcpIGFib3V0IHVzZXJzcGFjZSBjb25zdW1lcnMgb2YgaW50ZXJmYWNlcy4NCg0KRm9yIGlu c3RhbmNlLCBhIHN5c2NhbGwtbGVzcyB3YWxsIGNsb2NrIHdhcyBpbXBsZW1lbnRlZCBsb25nIGFn bywgYnkgdGhlIGtlcm5lbA0KcHJvdmlkaW5nIGEgdGltZSBoYW5kcyBibG9iIGluIHRoZSBzaGFy ZWQgcGFnZSwgYW5kIHRoZSBDIGxpYnJhcnkga25vd2luZyBhYm91dA0KaXRzIGxvY2F0aW9uIGFu ZCB0aGUgc3VwcG9ydGVkIGFsZ29yaXRobXMuIFRoZXJlIGlzIG5vIG5lZWQgZm9yIGEgVkRTTyB0 aGF0DQppbnRlcnBvc2VzIHNvbWUgbGliYyBzeW1ib2xzIG9yIHByb3ZpZGVzIHNlcnZpY2VzIHRo YXQgYXJlIG5hbWVkIGJ5IGtub3duDQpzeW1ib2xzIHRvIHVzZXJsYW5kLg0KDQpGcm9tIGFsbCB0 aGUgeWVhcnMgb2YgZXhwZXJpZW5jZSB3aXRoIHRoaXMgcHNldWRvLVZEU08gYXBwcm9hY2gsIHRo ZSBvbmx5DQpmZWF0dXJlIHRoYXQgd2FzIGltcG9zc2libGUgdG8gaW1wbGVtZW50IHdpdGhvdXQg cHJvdmlkaW5nIHJlYWwgVkRTTyBzdXBwb3J0DQp3YXMgdGhlIHNpZ25hbCB0cmFtcG9saW5lIERX QVJGIGFubm90YXRpb25zLCBmb3IgdGhlIGJlbmVmaXQgb2Ygc3RhY2sNCnVud2luZGVycy4NCg0K V2hlbiB0aGUga2VybmVsIGRlbGl2ZXJzIHNpZ25hbCB0byB1c2VybGFuZCwgaXQgY2hhbmdlcyBz b21lIGtleSByZWdpc3RlcnMNCihsaWtlIHRoZSBpbnN0cnVjdGlvbiBwb2ludGVyLCB0aGUgc3Rh Y2sgcG9pbnRlciwgYW5kIHdoYXRldmVyIGVsc2UgaXMgbmVlZGVkDQpieSB0aGUgYXJjaGl0ZWN0 dXJlKSBhbmQgcHVzaGVzIHRoZSBzYXZlZCBpbWFnZSBvZiB0aGUgd2hvbGUgdXNlcm1vZGUgQ1BV IHN0YXRlDQooY29udGV4dCkgb250byB0aGUgdXNlciBzdGFjay4gVGhlbiwgY29udHJvbCBpcyBw YXNzZWQgdG8gYSBzbWFsbCBwaWVjZSBvZiBjb2RlDQpsb2NhdGVkIGluIHRoZSBzaGFyZWQgcGFn ZSAoc2lnbmFsIHRyYW1wb2xpbmUpLCB3aGljaCBjYWxscyB0aGUgdXNlciBoYW5kbGVyDQpmdW5j dGlvbiBhbmQgb24gcmV0dXJuIGZyb20gdGhlIGhhbmRsZXIgaXNzdWVzIGEgc2lncmV0dXJuKDIp IHN5c2NhbGwgdG8gcmVsb2FkDQp0aGUgb2xkIGNvbnRleHQuDQoNCkZyb20gdGhpcyBkZXNjcmlw dGlvbiwgaXQgaXMgY2xlYXIgdGhhdCB0aGUgc3RhdGUgb2YgdGhlIG1hY2hpbmUgZHVyaW5nDQp0 cmFtcG9saW5lIGV4ZWN1dGlvbiBpcyBxdWl0ZSBkaWZmZXJlbnQgZnJvbSB0aGUgbm9ybWFsIEMg Y2FsbGluZyBmcmFtZXMuDQpVbndpbmRlcnMgdGhhdCBoYW5kbGUgdGhpbmdzIGxpa2UgQysrIGV4 Y2VwdGlvbnMsIFJ1c3QgcGFuaWNzLCBvciBvdGhlciBzaW1pbGFyDQptZWNoYW5pc21zIGluIHNw ZWNpZmljIGxhbmd1YWdlIHJ1bnRpbWVzLCBuZWVkIHRvIHVuZGVyc3RhbmQgdGhlIHNwZWNpYWxu ZXNzIG9mDQp0aGUgdHJhbXBvbGluZSBmcmFtZS4gVGhlIGN1cnJlbnQgYXBwcm9hY2ggaXMgdG8g aGFyZGNvZGUgdGhlIGRldGVjdGlvbiBvZiB0aGUNCnRyYW1wb2xpbmUsIGUuZy4gYnkgbWF0Y2hp bmcgdGhlIGluc3RydWN0aW9uIHBvaW50ZXIgYWdhaW5zdCBzeXNjdGwNCmtlcm4ucHJvYy5zaWd0 cmFtcC4NCg0KRFdBUkYgYW5ub3RhdGlvbnMgYXJlIGVub3VnaCB0byBwcm92aWRlIHRoZSByZXF1 aXJlZCBpbmZvcm1hdGlvbiB0byB1bndpbmRlcnMNCnRvIG1ha2UgdGhlIHRyYW1wb2xpbmUgZnJh bWUgbm90IHNwZWNpYWwgYW55bW9yZSwgYnV0IHRoZSBwcm9ibGVtIGlzIHRoYXQgdGhlcmUNCmlz IG5vIHdheSBmb3IgdW53aW5kZXJzIHRvIGZpbmQgdGhlIGFubm90YXRpb24gd2l0aG91dCBpbnRy b2R1Y2luZyBldmVuIG1vcmUNCnNwZWNpYWxuZXNzLiBJbnN0ZWFkLCB3ZSBjYW4gaW5zZXJ0IGEg VkRTTyB0aGF0IG9ubHkgc2VydmVzIHRvIGFwcGVhciBpbiB0aGUNCmVudW1lcmF0aW9uIG9mIERT T3MgbG9hZGVkIGludG8gdGhlIHByb2Nlc3MsIHdpdGggZWl0aGVyIGRsX2l0ZXJhdGVfcGhkcigz KQ0KKGluLXByb2Nlc3MpIG9yIHJfZGVidWcgKHJlbW90ZSksIHdpdGggUFRfR05VX0VIX0ZSQU1F IGhlYWRlciBwb2ludGluZyB0byB0aGUNCnJvb3Qgb2YgRFdBUkYgaW5mby4NCg0KVGhpcyBpcyBl eGFjdGx5IHdoYXQgdGhlIFZEU08gb24gRnJlZUJTRCBkb2VzOiBpdCB3cmFwcyBzaWduYWwgdHJh bXBvbGluZSBiaXRzDQphbmQgdGhlaXIgRFdBUkYgYW5ub3RhdGlvbiAoLmNmaSkgaW50byBhIHNo YXJlZCBvYmplY3QsIHdoaWNoIGlzIHB1dCBpbnRvIHRoZQ0Kc2hhcmVkIHBhZ2UgYW5kIGxpbmtl ZCBieSBydGxkKDEpIGludG8gdGhlIHNldCBvZiBwcmVsb2FkZWQgb2JqZWN0cyB1cG9uIGltYWdl DQphY3RpdmF0aW9uLg0KDQpFZmZvcnRzIHdlcmUgbWFkZSB0byBzdHJpcCBhcyBtYW55IHVubmVl ZGVkIHN0cnVjdHVyZXMgYW5kIGFzIG11Y2ggcGFkZGluZyBhcw0KcG9zc2libGUgZnJvbSB0aGUg VkRTTyBpbWFnZSwgYmVjYXVzZSBpdCBjb25zdW1lcyBzcGFjZSBpbiB0aGUgc2hhcmVkIHBhZ2Uu IEl0DQp3YXMgcHVzaGVkIGFzIGZhciBhcyB0aGUgY29tbW9uIGRlbm9taW5hdG9yIG9mIGxsZCBh bmQgbGQuYmZkIGFsbG93ZWQsIHdpdGgNCnNldmVyYWwgdHJpY2tzIGRvbmUgYnkgbGlua2VyIHNj cmlwdHMgYW5kIHNvbWUgdXNlIG9mIHNlZW1pbmdseSB1bmRvY3VtZW50ZWQNCmxpbmtlciBvcHRp b25zLg0KDQpXZSBuZWVkIGF0IGxlYXN0IHR3byBWRFNPcyBmb3IgYW1kNjQ6IGEgNjQtYml0IG9u ZSBmb3IgbmF0aXZlIGJpbmFyaWVzIGFuZCBhDQozMi1iaXQgb25lIGZvciBpYTMyIGJpbmFyaWVz LiBXaXRoIHRoZSBzaXplIG9mIGVhY2ggVkRTTyBhcm91bmQgMS41S0IsIHNwYWNlDQpiZWNvbWVz IHJlYWxseSB0aWdodCBpbiB0aGUgc2hhcmVkIHBhZ2UsIHdoaWNoIG5lZWRzIHNwYWNlIGZvciBv dGhlciBzdHVmZiBhcw0Kd2VsbCwgbGlrZSB0aW1laGFuZHMgb3IgcmFuZG9tIGdlbmVyYXRvciBz ZWVkcy4NCg0KQnVpbGQgc2NyaXB0cyBlbmZvcmNlIHRoYXQgVkRTT3MgZG8gbm90IGdyb3cgbGFy Z2VyIHRoYW4gMks7IGlmIHRoZXkgZG8sIHdlDQpuZWVkIHRvIGV4dGVuZCBzaGFyZWQgcGFnZSB0 byBiZWNvbWUgYXQgbGVhc3QgdHdvIHNoYXJlZCBwYWdlcy4gU2NyaXB0cyBhbHNvDQplbmZvcmNl IHRoYXQgVkRTTyBhcmUgcHVyZSBwb3NpdGlvbi1pbmRlcGVuZGVudCwgbm90IHJlcXVpcmluZyBy ZWxvY2F0aW9ucyBmb3INCmVpdGhlciBjb2RlIG9yIG1ldGFkYXRhICguY2ZpKS4NCg0KU3BvbnNv cjogVGhlIEZyZWVCU0QgRm91bmRhdGlvbg0KDQrilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIENCg0KS2VybmVsDQoNClVwZGF0 ZXMgdG8ga2VybmVsIHN1YnN5c3RlbXMvZmVhdHVyZXMsIGRyaXZlciBzdXBwb3J0LCBmaWxlc3lz dGVtcywgYW5kIG1vcmUuDQoNClRoZSBBVlggYnVnIG9uIGFtZDY0DQoNCkNvbW1pdDogNzNiMzU3 YmU5MjM4IFVSTDogaHR0cHM6Ly9jZ2l0LmZyZWVic2Qub3JnL3NyYy9jb21taXQvP2lkPQ0KNzNi MzU3YmU5MjM4NWNiYjcwYmExOWU3MDIzYTczNmFmMmM2YjQ5Mw0KDQpDb250YWN0OiBLb25zdGFu dGluIEJlbG91c292IDxraWJARnJlZUJTRC5vcmc+DQoNClNvbWUgQ1BVcyBzdXBwb3J0IHRoZSBz byBjYWxsZWQgaW5pdCBvcHRpbWl6YXRpb24gZm9yIFhTQVZFLCBidXQgbm90IGFsbCBDUFVzDQpk by4gQW5kIHdoZW4gdGhleSBkbywgJ2FjY29yZGluZyB0byBjb21wbGV4IGludGVybmFsIG1pY3Jv YXJjaGl0ZWN0dXJhbA0KY29uZGl0aW9ucycsIHRoZSBvcHRpbWl6YXRpb24gbWlnaHQgaGFwcGVu IG9yIG5vdC4gQmFzaWNhbGx5LCB0aGlzIG1lYW5zIHRoYXQNCnNvbWV0aW1lcyB0aGUgQ1BVIGRv ZXMgbm90IHdyaXRlIGFsbCBvZiB0aGUgc3RhdGUgb24gWFNBVkUgYW5kIHJlY29yZHMgaW4NCnhz dGF0ZV9idiB0aGF0IGl0IGRpZCBub3QuDQoNCk9uIHNpZ25hbCBkZWxpdmVyeSwgdGhlIE9TIHBy b3ZpZGVzIHRoZSBzYXZlZCBjb250ZXh0IGludGVycnVwdGVkIGJ5IHRoZSBzaWduYWwNCnRvIHRo ZSBzaWduYWwgaGFuZGxlci4gVGhlIGNvbnRleHQgaW5jbHVkZXMgYWxsIENQVSBzdGF0ZSBhdmFp bGFibGUgdG8NCnVzZXJzcGFjZSwgaW5jbHVkaW5nIEZQVSByZWdpc3RlcnMgKFhTQVZFIGFyZWEp LiBBbHNvLCBvbiByZXR1cm4gZnJvbSB0aGUNCnNpZ25hbCBoYW5kbGVyLCBjb250ZXh0IGlzIHJl c3RvcmVkLCB3aGljaCBhbGxvd3MgdGhlIGhhbmRsZXIgdG8gbW9kaWZ5IHRoZQ0KbWFpbiBwcm9n cmFtIGZsb3cuIFdoZW4gaW5pdCBvcHRpbWl6YXRpb24ga2lja3MgaW4sIHRoZSBPUyB0cmllcyB0 byBoaWRlIGluaXQNCnN0YXRlIG9wdGltaXphdGlvbiBmcm9tIHRoZSBzaWduYWwgaGFuZGxlciwg YnkgZmlsbGluZyBub24tc2F2ZWQgcGFydHMgb2YgdGhlDQpYU0FWRSBhcmVhLg0KDQpUaGlzIGlz IHdoZXJlIHRoZSBwcm9ibGVtIGhhcHBlbnMuIEZvciBzdGF0ZXMgcGFydHMgMCAoeDg3KSBhbmQg MSAoU1NFL1hNTSksDQpJbnRlbCBDUFVzIGRvIG5vdCBwcm92aWRlIGFuIGVudW1lcmF0aW9uIG9m IGxheW91dCBpbiBDUFVJRCwgYXNzdW1pbmcgdGhhdCB0aGUNCk9TIGtub3dzIGFib3V0IHRoZSBy ZWdpb25zIGFueXdheS4gVGhlIGJ1ZyB3YXMgdGhhdCB0aGUgYW1kNjQga2VybmVsIGhhcmRjb2Rl ZA0KYSAzMmJpdCBzaXplIGZvciB0aGUgWE1NIHNhdmUgYXJlYSwgZWZmZWN0aXZlbHkgZmlsbGlu ZyAlWE1NOC0lWE1NMTUgd2l0aA0KZ2FyYmFnZSBvbiBzaWduYWwgcmV0dXJuIHdoZW4gaW5pdCBv cHRpbWl6YXRpb24ga2lja2VkIGluLCBiZWNhdXNlIG9ubHkNCnNwZWNpZmllZCBwYXJ0IG9mIHRo ZSBTU0Ugc2F2ZSBhcmVhIHdhcyBjb3BpZWQgZnJvbSB0aGUgY2Fub25pY2FsIHNhdmUgYXJlYS4N Cg0KU3BvbnNvcjogVGhlIEZyZWVCU0QgRm91bmRhdGlvbg0KDQrilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIENCg0KRU5BIEZy ZWVCU0QgRHJpdmVyIFVwZGF0ZQ0KDQpMaW5rczoNCkVOQSBSRUFETUUgVVJMOiBodHRwczovL2dp dGh1Yi5jb20vYW16bi9hbXpuLWRyaXZlcnMvYmxvYi9tYXN0ZXIva2VybmVsL2Zic2QvDQplbmEv UkVBRE1FDQoNCkNvbnRhY3Q6IE1pY2hhbCBLcmF3Y3p5ayA8bWtAc2VtaWhhbGYuY29tPg0KQ29u dGFjdDogRGF3aWQgR29yZWNraSA8ZGdyQHNlbWloYWxmLmNvbT4NCkNvbnRhY3Q6IE1hcmNpbiBX b2p0YXMgPG13QHNlbWloYWxmLmNvbT4NCg0KRU5BIChFbGFzdGljIE5ldHdvcmsgQWRhcHRlcikg aXMgdGhlIHNtYXJ0IE5JQyBhdmFpbGFibGUgaW4gdGhlIHZpcnR1YWxpemVkDQplbnZpcm9ubWVu dCBvZiBBbWF6b24gV2ViIFNlcnZpY2VzIChBV1MpLiBUaGUgRU5BIGRyaXZlciBzdXBwb3J0cyBt dWx0aXBsZQ0KdHJhbnNtaXQgYW5kIHJlY2VpdmUgcXVldWVzIGFuZCBjYW4gaGFuZGxlIHVwIHRv IDEwMCBHYi9zIG9mIG5ldHdvcmsgdHJhZmZpYywNCmRlcGVuZGluZyBvbiB0aGUgaW5zdGFuY2Ug dHlwZSBvbiB3aGljaCBpdCBpcyB1c2VkLg0KDQpDb21wbGV0ZWQgc2luY2UgdGhlIGxhc3QgdXBk YXRlOg0KDQogIOKAoiBBZGQgSVB2NiBsYXllciA0IGNoZWNrc3VtIG9mZmxvYWQgc3VwcG9ydCB0 byB0aGUgZHJpdmVyDQoNCiAg4oCiIEFkZCBOVU1BIGF3YXJlbmVzcyB0byB0aGUgZHJpdmVyIHdo ZW4gdGhlIFJTUyBrZXJuZWwgb3B0aW9uIGlzIGVuYWJsZWQNCg0KICDigKIgUmV3b3JrIHZhbGlk YXRpb24gb2YgdGhlIFR4IHJlcXVlc3QgSUQNCg0KICDigKIgQ2hhbmdlIGxpZmV0aW1lIG9mIHRo ZSBkcml2ZXLigJlzIHRpbWVyIHNlcnZpY2UNCg0KICDigKIgQXZvaWQgcmVzZXQgdHJpZ2dlcmlu ZyB3aGVuIHRoZSBkZXZpY2UgaXMgdW5yZXNwb25zaXZlDQoNCldvcmsgaW4gcHJvZ3Jlc3M6DQoN CiAg4oCiIFByb3RvdHlwZSB0aGUgZHJpdmVyIHBvcnQgdG8gdGhlIGlmbGliIGZyYW1ld29yaw0K DQogIOKAoiBUZXN0cyBvZiB0aGUgaW5jb21pbmcgRU5BIGRyaXZlciByZWxlYXNlICh2Mi41LjAp DQoNClNwb25zb3I6IEFtYXpvbi5jb20gSW5jDQoNCuKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgQ0KDQpJbnRlbCBXaXJlbGVz cyBkcml2ZXIgc3VwcG9ydA0KDQpMaW5rczoNCml3bHdpZmkgc3RhdHVzIEZyZWVCU0Qgd2lraSBw YWdlIFVSTDogaHR0cHM6Ly93aWtpLmZyZWVic2Qub3JnL1dpRmkvSXdsd2lmaQ0KDQpDb250YWN0 OiBCam9lcm4gQS4gWmVlYiA8YnpARnJlZUJTRC5PUkc+DQoNClRoZSBJbnRlbCBXaXJlbGVzcyBk cml2ZXIgdXBkYXRlIHByb2plY3QgYWltcyB0byBicmluZyBzdXBwb3J0IGZvciBuZXdlcg0KY2hp cHNldHMgYWxvbmcgd2l0aCBtYWM4MDIxMSBMaW51eEtQSSBjb21wYXQgY29kZS4gVGhlIGR1YWwt bGljZW5zZWQgSW50ZWwNCmRyaXZlciBjb2RlIHdhcyBwb3J0ZWQgaW4gdGhlIHBhc3QgZm9yIHRo ZSBpd20oNCkgbmF0aXZlIGRyaXZlcjsgdXNpbmcgdGhlDQpMaW51eEtQSSBjb21wYXQgZnJhbWV3 b3JrIGFsbG93cyB1cyB0byB1c2UgdGhlIGRyaXZlciBkaXJlY3RseSwgd2l0aCBvbmx5IHZlcnkN Cm1pbm9yIG1vZGlmaWNhdGlvbnMgdGhhdCB3ZSBob3BlIHdpbGwgYmUgaW5jb3Jwb3JhdGVkIGlu dG8gdGhlIG9yaWdpbmFsIGRyaXZlci4NCg0KRHVyaW5nIERlY2VtYmVyIHRoZSBkcml2ZXIsIGZp cm13YXJlLCBhbmQgYWxsIHJlbWFpbmluZyBMaW51eEtQSSBjb21wYXRpYmlsaXR5DQpjb2RlIHdl cmUgY29tbWl0dGVkIHRvIEZyZWVCU0QgbWFpbiAoSEVBRCkgYW5kIG1lcmdlZCB0byB0aGUgc3Rh YmxlLzEzIGJyYW5jaC4NCkZ1cnRoZXIgZml4ZXMsIHVwZGF0ZXMsIGFuZCBpbXByb3ZlbWVudHMg d2lsbCBnbyBkaXJlY3RseSBpbnRvIEZyZWVCU0QsIG1lYW5pbmcNCnRoZSBuZWVkIHRvIGFwcGx5 IHNuYXBzaG90cyBpcyBnb25lIGFuZCBjaGFuZ2VzIGNhbiBiZSBkaXN0cmlidXRlZCBtb3JlIHRp bWVseS4NCg0KRHVyaW5nIHRoZSBsYXN0IG1vbnRocyB3ZSB0cmllZCB0byBlbnN1cmUgdGhhdCB0 aGUgbGF0ZXN0IEFYMjEwIGNoaXBzZXRzIGFyZQ0Kc3VwcG9ydGVkLiBUaGUgY29tcGF0IGNvZGUg d2FzIHJlc3RydWN0dXJlZCBib3RoIHRvIGJlIGFibGUgdG8gYmV0dGVyIHRyYWNlIGFuZA0KZGVi dWcgdGhlIG1hYzgwMjExIGNvbXBhdGliaWxpdHkgbGF5ZXIsIGJ1dCBhbHNvIHRvIGtlZXAgdGhl IG5ldDgwMjExIGFuZA0KbWFjODAyMTEgc3RhdGUgbWFjaGluZXMgZm9yIHN0YXRpb25zIGJldHRl ciBpbiBzeW5jLg0KDQpXaGlsZSB3ZSBrZWVwIHVwZGF0aW5nIHRoZSBkcml2ZXIgYW5kIGFsbCB0 aGUgY29tcGF0IGNvZGUgbmVlZGVkIGZvciB0aGF0LCB0aGUNCmZvY3VzIHJlbWFpbnMgb24gc3Rh YmlsaXR5IGFuZCBhZGRpbmcgc3VwcG9ydCBmb3IgbmV3ZXIgODAyLjExIHN0YW5kYXJkcy4gVGhl DQpkcml2ZXIgaXMgc3RpbGwgc2V0IHRvIDExYS9iL2ctb25seSBhbmQgMTFuIHdpbGwgYmUgbmV4 dCBiZWZvcmUgd2UgbG9vayBhdA0KMTFhYy4NCg0KV2l0aCB0aGUgY29kZSBpbiBGcmVlQlNEIGdp dCB3ZSBhbnRpY2lwYXRlIGJyb2FkZXIgdGVzdGluZyBhbmQgd2l0aCB0aGF0IGFsc28NCnNvbWUg ZmFsbG91dC4gRm9yIHRoZSBsYXRlc3Qgc3RhdGUgb2YgdGhlIGRldmVsb3BtZW50LCBwbGVhc2Ug Zm9sbG93IHRoZQ0KcmVmZXJlbmNlZCB3aWtpIHBhZ2UgYW5kIHRoZSBmcmVlYnNkLXdpcmVsZXNz IG1haWxpbmcgbGlzdC4NCg0KU3BvbnNvcjogVGhlIEZyZWVCU0QgRm91bmRhdGlvbg0KDQrilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIENCg0KS2VybmVsIENyeXB0byBjaGFuZ2VzIHRvIHN1cHBvcnQgV2lyZUd1YXJkDQoNCkNv bnRhY3Q6IEpvaG4gQmFsZHdpbiA8amhiQEZyZWVCU0Qub3JnPg0KDQpEdXJpbmcgdGhlIHBhc3Qg ZmV3IG1vbnRocywgSSBtZXJnZWQgc2V2ZXJhbCBjaGFuZ2VzIHRvIHRoZSBrZXJuZWwgdG8gYmV0 dGVyDQpzdXBwb3J0IHRoZSBXaXJlR3VhcmQgZHJpdmVyLiBUaGVzZSBpbmNsdWRlIGV4dGVuc2lv bnMgdG8gdGhlICdzdHJ1Y3QNCmVuY194Zm9ybScgaW50ZXJmYWNlIHRvIGJldHRlciBzdXBwb3J0 IEFFQUQgY2lwaGVycywgY2hhbmdlcyB0byAnc3RydWN0DQplbmNfeGZvcm0nIHRvIHN1cHBvcnQg bXVsdGktYmxvY2sgb3BlcmF0aW9ucyBmb3IgaW1wcm92ZWQgcGVyZm9ybWFuY2UsIGFuZCB0aGUN CmFkZGl0aW9uIG9mIHRoZSBYQ2hhQ2hhMjAtUG9seTEzMDUgQUVBRCBjaXBoZXIgc3VpdGUgdG8g T0NGLiBBZGRpdGlvbmFsbHksIHRoZQ0Ka2VybmVsIG5vdyBpbmNsdWRlcyBhIG5ldyAiZGlyZWN0 IiBBUEkgZm9yIENoYUNoYTIwLVBvbHkxMzA1IG9wZXJhdGlvbnMgb24NCnNtYWxsLCBmbGF0IGJ1 ZmZlcnMuIEEgY2hhbmdlIGluIHJldmlldyBhZGRzIGFuIEFQSSB0byBzdXBwb3J0IGN1cnZlMjU1 MTkNCm9wZXJhdGlvbnMuIFdpdGggdGhlc2UgY2hhbmdlcywgdGhlIFdpcmVHdWFyZCBkcml2ZXIg aXMgbW9zdGx5IGFibGUgdG8gdXNlDQpjcnlwdG8gQVBJcyBmcm9tIHRoZSBrZXJuZWwgcmF0aGVy IHRoYW4gaXRzIGludGVybmFsIGltcGxlbWVudGF0aW9ucy4NCg0KSW4gcGFyYWxsZWwgSSBoYXZl IGJlZW4gdXBkYXRpbmcgdGhlIFdpcmVHdWFyZCBkcml2ZXIgdG8gdXNlIHRoZSBuZXcgQVBJcw0K dmVyaWZ5aW5nIGludGVyb3BlcmFiaWxpdHkgd2l0aCB0aGUgZXhpc3RpbmcgZHJpdmVyLiBPbmUg b2YgdGhlIG5leHQgdGFza3MgaXMNCnRvIHJlZmluZSB0aGVzZSBjaGFuZ2VzIChhbG9uZyB3aXRo IHNvbWUgbWlub3IgYnVnIGZpeGVzKSBhcyBjYW5kaWRhdGVzIGZvcg0KdXBzdHJlYW1pbmcgaW50 byB0aGUgV2lyZUd1YXJkIGRyaXZlci4NCg0KU3BvbnNvcjogVGhlIEZyZWVCU0QgRm91bmRhdGlv bg0KDQrilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIENCg0KUG9ydHMNCg0KQ2hhbmdlcyBhZmZlY3RpbmcgdGhlIFBvcnRzIENv bGxlY3Rpb24sIHdoZXRoZXIgc3dlZXBpbmcgY2hhbmdlcyB0aGF0IHRvdWNoDQptb3N0IG9mIHRo ZSB0cmVlLCBvciBpbmRpdmlkdWFsIHBvcnRzIHRoZW1zZWx2ZXMuDQoNCktERSBvbiBGcmVlQlNE DQoNCkxpbmtzOg0KS0RFIEZyZWVCU0QgVVJMOiBodHRwczovL2ZyZWVic2Qua2RlLm9yZy8NCktE RSBDb21tdW5pdHkgRnJlZUJTRCBVUkw6IGh0dHBzOi8vY29tbXVuaXR5LmtkZS5vcmcvRnJlZUJT RA0KDQpDb250YWN0OiBBZHJpYWFuIGRlIEdyb290IDxrZGVARnJlZUJTRC5vcmc+DQoNClRoZSBL REUgb24gRnJlZUJTRCBwcm9qZWN0IGFpbXMgdG8gcGFja2FnZSB0aGUgc29mdHdhcmUgZnJvbSB0 aGUgS0RFIENvbW11bml0eSwNCmFsb25nIHdpdGggZGVwZW5kZW5jaWVzIGFuZCByZWxhdGVkIHNv ZnR3YXJlLCBmb3IgdGhlIEZyZWVCU0QgcG9ydHMgdHJlZS4gVGhhdA0KaW5jbHVkZXMgYSBmdWxs IGRlc2t0b3AgZW52aXJvbm1lbnQgY2FsbGVkIEtERSBQbGFzbWEgKGZvciBib3RoIFgxMSBhbmQN CldheWxhbmQpIGFuZCBodW5kcmVkcyBvZiBhcHBsaWNhdGlvbnMgdGhhdCBjYW4gYmUgdXNlZCBv biBhbnkgRnJlZUJTRCBtYWNoaW5lLg0KDQpUaGUgS0RFIHRlYW0gKGtkZUApIGlzIHBhcnQgb2Yg ZGVza3RvcEAgYW5kIHgxMUAgYXMgd2VsbCwgYnVpbGRpbmcgdGhlIHNvZnR3YXJlDQpzdGFjayB0 byBtYWtlIEZyZWVCU0QgYmVhdXRpZnVsIGFuZCB1c2FibGUgYXMgYSBkYWlseS1kcml2ZXIgZ3Jh cGhpY3MtYmFzZWQNCmRlc2t0b3AgbWFjaGluZS4NCg0KICDigKIgSnVzdCB0d28gQ01ha2UgdXBk YXRlcyB0aGlzIHF1YXJ0ZXIsIGVuZGluZyB1cCB3aXRoIENNYWtlIDMuMjIuMS4gU29tZSBtb3Jl DQogICAgcGF0Y2hlcyBoYXZlIGxhbmRlZCB1cHN0cmVhbSwgYW5kIENNYWtlIGlzIHNvb24gdG8g c3dpdGNoIHRvIHNoYXJlL21hbiBmb3INCiAgICBtYW5wYWdlcyBvbiBGcmVlQlNELiBXaGVuIGl0 IGRvZXMsIHRoZXJlIHdpbGwgYmUgcGxlbnR5IG9mIHBrZy1wbGlzdCBjaHVybi4NCg0KICDigKIg TW9udGhseSByZWxlYXNlcyBvZiBLREUgRnJhbWV3b3JrcywgS0RFIFBsYXNtYSwgYW5kIEtERSBH ZWFyIGtlcHQgdGhlDQogICAgZXhwLXJ1bnMgZ29pbmcuIGtkZUAgd291bGQgbGlrZSB0byB0aGFu ayBBbnRvaW5lIGZvciBvdmVyc2VlaW5nIG91ciBtYW55DQogICAgZXhwLXJ1biByZXF1ZXN0cy4g V2UgYXJlIG5vdyBhdCBLREUgRnJhbWV3b3JrcyA1Ljg5IChsYXRlc3QgcmVsZWFzZSBhcyBvZg0K ICAgIERlY2VtYmVyIDIwMjEpLCBLREUgUGxhc21hIERlc2t0b3AgNS4yMy40IGFuZCBLREUgR2Vh ciAyMS4xMi4NCg0KICDigKIgUXQgNSBpcyBub3QgcmVjZWl2aW5nIGFueSBvcGVuIHNvdXJjZSB1 cGRhdGVzIGZyb20gdGhlIFF0IENvbXBhbnksIGJ1dCB0aGUNCiAgICBLREUgQ29tbXVuaXR5IG1h aW50YWlucyBpdHMgb3duIHNldCBvZiBwYXRjaGVzIHRoYXQgYmFja3BvcnQgbWFueSBmaXhlcw0K ICAgIGZyb20gUXQgNi4gV29yayBpcyB1bmRlcndheSB0byBpbXBvcnQgdGhlIEtERSBwYXRjaCBj b2xsZWN0aW9uLg0KDQogIOKAoiBRdCA2IHJlbWFpbnMgdGFudGFsaXppbmdseSBjbG9zZS4gVGhl cmUgaGFzbuKAmXQgYmVlbiByZWFsIHByb2dyZXNzIG9uIHRoZQ0KICAgIGNyYXNoLW9uLWV4aXQg cHJvYmxlbSwgdGhvdWdoLg0KDQogIOKAoiBkZXNrdXRpbHMva2FsZW5kYXIgaXMgYSByZWxhdGl2 ZWx5IG5ldyBwb3J0IHRoYXQgdXNlcyBLREUgdGVjaG5vbG9naWVzIGZvcg0KICAgIGEgZGVza3Rv cCAoYXBwb2ludG1lbnRzKSBjYWxlbmRhci4NCg0KICDigKIgZGVza3V0aWxzL2xhdHRlLWRvY2ss IGFuIGFsdGVybmF0aXZlIGxhdW5jaGVyIGZvciBLREUgUGxhc21hIChhbmQgb3RoZXINCiAgICBl bnZpcm9ubWVudHMpIHdhcyB1cGRhdGVkIHRvIGVhY2ggb2YgaXRzIGJ1Z2ZpeCByZWxlYXNlcy4N Cg0KICDigKIgZGV2ZWwvcWJzIGFuZCBkZXZlbC9xdGNyZWF0b3Igd2VyZSB1cGRhdGVkLiBRYnMg KG9yICJRdCBCdWlsZCBTeXN0ZW0iKSBpcyBhDQogICAgZGVjbGFyYXRpdmUgYnVpbGQgc3lzdGVt IHN0eWxlZCBhbG9uZyB0aGUgbGluZXMgb2YgZGVjbGFyYXRpdmUgUU1MDQogICAgcHJvZ3JhbXMu IChOb3RlIHRoYXQgUWJzIGlzIG5vdCB1c2VkIGJ5IFF0IGl0c2VsZikuDQoNCiAg4oCiIGdyYXBo aWNzL2RpZ2lrYW0gd2FzIHVwZGF0ZWQgdG8gdGhlIGxhdGVzdCByZWxlYXNlIGFuZCBub3cgc3Vw cG9ydHMgYm90aA0KICAgIEltYWdlTWFnaWNrIDYgYW5kIEltYWdlTWFnaWNrIDcuIFNwZWFraW5n IG9mIHdoaWNoLCBhIG5ldyBVU0VTPW1hZ2ljayB3YXMNCiAgICBpbnRyb2R1Y2VkIHRvIHNpbXBs aWZ5IHBvcnRzIHRoYXQgZGVwZW5kIGluIEltYWdlTWFnaWNrLg0KDQogIOKAoiBncmFwaGljcy9r c25pcCwgb25lIG9mIHNldmVyYWwgc2NyZWVuc2hvdC1hcHBsaWNhdGlvbnMgZm9yIEtERSBQbGFz bWEgKGFuZA0KICAgIG90aGVyIGVudmlyb25tZW50cykgaGFkIGEgbG90cy1vZi1idWdmaXhlcyB1 cGRhdGUuDQoNCiAg4oCiIGdyYXBoaWNzL3NrYW5wYWdlIGlzIGEgbmV3IHBvcnQgdGhhdCBzY2Fu cyBtdWx0aXBsZSBwYWdlcyBhbmQgcHJvZHVjZXMgYQ0KICAgIFBERiBvZiB0aGUgd2hvbGUuDQoN CiAg4oCiIG11bHRpbWVkaWEvcXQ1LW11bHRpbWVkaWEgbm93IGlnbm9yZXMgZ3N0cmVhbWVyLWds IChyYXRoZXIgdGhhbiBpbXBsaWNpdGx5DQogICAgYnVpbGRpbmcgd2l0aCBpdCBhcyBhIGRlcGVu ZGVuY3kgaWYgaXQgaXMgaW5zdGFsbGVkIGEgYnVpbGQgdGltZSkuDQoNCiAg4oCiIG5ldC1pbS9y dXFvbGEgaXMgYSBSb2NrZXQgQ2hhdCBjbGllbnQsIHVwZGF0ZWQgdG8gdGhlIGxhdGVzdCByZWxl YXNlLg0KDQogIOKAoiBzZWN1cml0eS9xdGtleWNoYWluIGhhcyBhIG5ldyByZWxlYXNlLg0KDQpF bHNld2hlcmUgaW4gdGhlIHNvZnR3YXJlIHN0YWNrLCBrZGVAIGFsc28gbWFpbnRhaW5zIHBvcnRz IHRoYXQgc3VwcG9ydCB0aGUNCmRlc2t0b3AgaW4gZ2VuZXJhbC4gU29tZSBoaWdobGlnaHRzIGFy ZToNCg0KICDigKIgZGV2ZWwvbGlicGhvbmVudW1iZXIga2VlcHMgY2hhc2luZyBjaGFuZ2VzIHRv IHRoZSB3b3JsZOKAmXMgcGhvbmUgbnVtYmVycw0KICAgICh0aGUgRnJlZUJTRCBmb3VuZGF0aW9u IGNhbiBiZSByZWFjaGVkIGF0ICsxLjcyMC4yMDcuNTE0MikuDQoNCiAg4oCiIGdyYXBoaWNzL3Bv cHBsZXIgdXBkYXRlZCB0aGlzIG11Y2gtdXNlZCBQREYtcmVuZGVyaW5nIGxpYnJhcnkuDQoNCiAg 4oCiIG11bHRpbWVkaWEvcGlwZXdpcmUsIHRoZSBhdWRpby1hbmQtdmlkZW8gc3VjY2Vzc29yIHRv IHB1bHNlYXVkaW8sIHdhcw0KICAgIHVwZGF0ZWQgYW5kIG5vdyBzdXBwb3J0cyBTU0wgYXMgd2Vs bC4NCg0KICDigKIgbmV0L3B5LXB5dHJhZGZyaSBnb3Qgc2V2ZXJhbCB1cGRhdGVzIHNvIHlvdSBj YW4gY29udHJvbCB5b3VyIGxpZ2h0cyBmcm9tDQogICAgRnJlZUJTRC4NCg0KICDigKIgcHJpbnQv ZnJlZXR5cGUyIHdhcyB1cGRhdGVkIHRvIHRoZSBsYXRlc3QgcmVsZWFzZTsgcmVsYXRlZGx5LCB0 aGVyZSB3YXMgYW0NCiAgICB1cGRhdGUgdG8geDExLXRvb2xraXRzL2xpYlhmdC4NCg0KICDigKIg cHJpbnQvaGFyZmJ1enosIHRoZSB0ZXh0LXNoYXBpbmcgbGlicmFyeSwgd2FzIHVwZGF0ZWQgZm9y IG1vcmUgZm9udCB0eXBlDQogICAgc3VwcG9ydC4NCg0KICDigKIgc3lzdXRpbHMvYnNkaXNrcyBp cyBhbiBpbXBsZW1lbnRhdGlvbiBvZiBEQnVzIGludGVyZmFjZXMgZm9yIGV4YW1pbmluZw0KICAg IGRpc2tzIChkcml2ZXMsIHBhcnRpdGlvbnMsIGV0Yy4pLiBJdCBpcyBhbHNvIHVzZWQgZm9yIHJl bW92YWJsZS1kaXNrDQogICAgbm90aWZpY2F0aW9ucy4NCg0KICDigKIgeDExLXRoZW1lcy9hZHdh aXRhLXF0LCB3aGljaCBjb25uZWN0cyB0aGUgYWR3YWl0YSB0aGVtZSBlbmdpbmUgdG8gUXQtYmFz ZWQNCiAgICBhcHBsaWNhdGlvbnMsIHdhcyB1cGRhdGVkLg0KDQrilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHi lIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIHilIENCg0KRnJlZUJT RCBPZmZpY2UgVGVhbQ0KDQpMaW5rczoNClRoZSBGcmVlQlNEIE9mZmljZSBwcm9qZWN0IFVSTDog aHR0cHM6Ly93aWtpLmZyZWVic2Qub3JnL09mZmljZQ0KDQpDb250YWN0OiBGcmVlQlNEIE9mZmlj ZSB0ZWFtIE1MIDxvZmZpY2VARnJlZUJTRC5vcmc+DQpDb250YWN0OiBEaW1hIFBhbm92IDxmbHVm ZnlARnJlZUJTRC5vcmc+DQpDb250YWN0OiBMaS1XZW4gSHN1IDxsd2hzdUBGcmVlQlNELm9yZz4N Cg0KVGhlIEZyZWVCU0QgT2ZmaWNlIHRlYW0gd29ya3Mgb24gYSBudW1iZXIgb2Ygb2ZmaWNlLXJl bGF0ZWQgc29mdHdhcmUgc3VpdGVzIGFuZA0KdG9vbHMgc3VjaCBhcyBPcGVuT2ZmaWNlIGFuZCBM aWJyZU9mZmljZS4NCg0KV29yayBkdXJpbmcgdGhpcyBxdWFydGVyIHdhcyBmb2N1c2VkIG9uIHBy b3ZpZGluZyB0aGUgbGF0ZXN0IHN0YWJsZSByZWxlYXNlIG9mDQpMaWJyZU9mZmljZSBzdWl0ZSBh bmQgY29tcGFuaW9uIGFwcHMgdG8gYWxsIEZyZWVCU0QgdXNlcnMuDQoNCkxhdGVzdCBhbmQgcXVh cnRlcmx5IHBvcnRzIGJyYW5jaGVzIGdvdCBhIG5ldyBicmFuY2ggKDcuMikgb2YgdGhlIExpYnJl T2ZmaWNlDQpzdWl0ZSBhbmQgdXBkYXRlZCB0byB0aGUgNy4yLjQgcmVsZWFzZSB3aGlsZSBuZXcg cHJlbGVhc2VzIHN1Y2ggYXMgNy4yLjUuUkMyDQphbmQgNy4zLjAuUkMxIGFyZSBjb29raW5nIGlu IHRoZSBXSVAgc3RhZ2UgYXJlYS4NCg0KTWVhbndoaWxlLCBvdXIgV0lQIHJlcG9zaXRvcnkgZ290 IGJhY2sgYSB3b3JraW5nIENJIGluc3RhbmNlIGFnYWluLCB0aGFua3MgdG8NCkxpLVdlbiBIc3Uu DQoNCkFsc28gd2UgYXJlIHN0aWxsIHdvcmtpbmcgb24gdGhlIEJvb3N0IFdJUCByZXBvc2l0b3J5 IHRvIGJyaW5nIHRoZSBsYXRlc3QgQm9vc3QNCmxpYnJhcnkgdG8gdGhlIHBvcnRzLg0KDQpXZSBh cmUgbG9va2luZyBmb3IgcGVvcGxlIHRvIGhlbHAgd2l0aCB0aGUgb3BlbiB0YXNrczoNCg0KICDi gKIgVGhlIG9wZW4gYnVncyBsaXN0IGNvbnRhaW5zIGFsbCBmaWxlZCBpc3N1ZXMgd2hpY2ggbmVl ZCBzb21lIGF0dGVudGlvbg0KDQogIOKAoiBVcHN0cmVhbSBsb2NhbCBwYXRjaGVzIGluIHBvcnRz DQoNClBhdGNoZXMsIGNvbW1lbnRzIGFuZCBvYmplY3Rpb25zIGFyZSBhbHdheXMgd2VsY29tZSBp biB0aGUgbWFpbGluZyBsaXN0IGFuZA0KYnVnemlsbGEuDQoNCuKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgQ0KDQpUaGlyZC1Q YXJ0eSBQcm9qZWN0cw0KDQpNYW55IHByb2plY3RzIGJ1aWxkIHVwb24gRnJlZUJTRCBvciBpbmNv cnBvcmF0ZSBjb21wb25lbnRzIG9mIEZyZWVCU0QgaW50bw0KdGhlaXIgcHJvamVjdC4gQXMgdGhl c2UgcHJvamVjdHMgbWF5IGJlIG9mIGludGVyZXN0IHRvIHRoZSBicm9hZGVyIEZyZWVCU0QNCmNv bW11bml0eSwgd2Ugc29tZXRpbWVzIGluY2x1ZGUgYnJpZWYgdXBkYXRlcyBzdWJtaXR0ZWQgYnkg dGhlc2UgcHJvamVjdHMgaW4NCm91ciBxdWFydGVybHkgcmVwb3J0LiBUaGUgRnJlZUJTRCBwcm9q ZWN0IG1ha2VzIG5vIHJlcHJlc2VudGF0aW9uIGFzIHRvIHRoZQ0KYWNjdXJhY3kgb3IgdmVyYWNp dHkgb2YgYW55IGNsYWltcyBpbiB0aGVzZSBzdWJtaXNzaW9ucy4NCg0KaGVsbG9TeXN0ZW0NCg0K TGlua3M6DQpEb2N1bWVudGF0aW9uIFVSTDogaHR0cHM6Ly9oZWxsb3N5c3RlbS5naXRodWIuaW8v DQoNCkNvbnRhY3Q6IFNpbW9uIFBldGVyIDxwcm9ib25vQHB1cmVkYXJ3aW4ub3JnPg0KQ29udGFj dDogI2hlbGxvU3lzdGVtIG9uIGlyYy5saWJlcmEuY2hhdCwgbWlycm9yZWQgdG8gI2hlbGxvU3lz dGVtOm1hdHJpeC5vcmcNCm9uIE1hdHJpeA0KDQpXaGF0IGlzIGhlbGxvU3lzdGVtPw0KDQpoZWxs b1N5c3RlbSBpcyBGcmVlQlNEIHByZWNvbmZpZ3VyZWQgYXMgYSBkZXNrdG9wIG9wZXJhdGluZyBz eXN0ZW0gd2l0aCBhIGZvY3VzDQpvbiBzaW1wbGljaXR5LCBlbGVnYW5jZSwgYW5kIHVzYWJpbGl0 eS4gSXRzIGRlc2lnbiBmb2xsb3dzIHRoZSDigJxMZXNzLCBidXQNCmJldHRlcuKAnSBwaGlsb3Nv cGh5Lg0KDQpRNCAyMDIxIFN0YXR1cw0KDQogIOKAoiBWZXJzaW9uIDAuNy4wIG9mIGhlbGxvU3lz dGVtIGhhcyBiZWVuIHB1Ymxpc2hlZCBpbmNsdWRpbmcgbWFueSBjb250cmlidXRlZA0KICAgIGZl YXR1cmVzIGFuZCBidWdmaXhlcw0KDQogICAgICDilqEgaGVsbG9TeXN0ZW0gaXMgbm93IGJhc2Vk IG9uIEZyZWVCU0QgMTMuMC1SRUxFQVNFDQoNCiAgICAgIOKWoSBDb21wbGV0ZWx5IHJld29ya2Vk IExpdmUgSVNPIGFyY2hpdGVjdHVyZSwgcmVzdWx0aW5nIGluIDEvM3JkIGJvb3QgdGltZQ0KICAg ICAgICBhbmQgdW5kZXIgODAwIE1CIHNpemUgKGZpdHMgYSBDRC1ST00pDQoNCiAgICAgIOKWoSBE ZXZlbG9wZXIgVG9vbHMgYXJlIG5vdyBhIHNlcGFyYXRlIGRvd25sb2FkDQoNCiAgICAgIOKWoSBE aXNrIEltYWdlcyBhcmUgaW5jcmVhc2luZ2x5IHVzZWQgdGhyb3VnaG91dCB0aGUgc3lzdGVtLCBz dWNoIGFzIGZvcg0KICAgICAgICBhcHBsaWNhdGlvbiBkaXN0cmlidXRpb24gYW5kIExpbnV4dWxh dG9yIHVzZXJsYW5kIGRlcGxveW1lbnQNCg0KICAgICAg4pahIE1hbnkgbmV3IGZlYXR1cmVzIGFu ZCBHVUkgdXRpbGl0aWVzIHRvIG1ha2UgdGhlIGRlc2t0b3AgbW9yZSB1c2FibGUgZm9yDQogICAg ICAgICJtZXJlIG1vcnRhbHMiIHdpdGhvdXQgdGhlIG5lZWQgZm9yIGEgdGVybWluYWwNCg0KSW5z dGFsbGFibGUgTGl2ZSBJU08gaW1hZ2VzIGFuZCBhIGZ1bGwgY2hhbmdlbG9nIGFyZSBhdmFpbGFi bGUgYXQgaHR0cHM6Ly8NCmdpdGh1Yi5jb20vaGVsbG9TeXN0ZW0vSVNPL3JlbGVhc2VzL3RhZy9y MC43LjANCg0KQ29udHJpYnV0aW5nDQoNClRoZSBwcm9qZWN0IGFwcHJlY2lhdGVzIGNvbnRyaWJ1 dGlvbnMgaW4gdmFyaW91cyBhcmVhcy4NCg0K4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB 4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSB4pSBDQoNCkNvbnRhaW5lcnMgJiBGcmVl QlNEOiBQb3QsIFBvdGx1Y2sgJiBQb3RtYW4NCg0KTGlua3M6DQpQb3Qgb24gZ2l0aHViIFVSTDog aHR0cHM6Ly9naXRodWIuY29tL3BpenphbWlnL3BvdA0KUG90bHVjayBSZXBvc2l0b3J5ICYgUHJv amVjdCBVUkw6IGh0dHBzOi8vcG90bHVjay5ob25leWd1aWRlLm5ldC8NClBvdGx1Y2sgb24gZ2l0 aHViIFVSTDogaHR0cHM6Ly9naXRodWIuY29tL2hueS1nZC9wb3RsdWNrDQpQb3RtYW4gb24gZ2l0 aHViIFVSTDogaHR0cHM6Ly9naXRodWIuY29tL2dyZW1iby9wb3RtYW4NCg0KQ29udGFjdDogTHVj YSBQaXp6YW1pZ2xpbyAoUG90KSA8cGl6emFtaWdAZnJlZWJzZC5vcmc+DQpDb250YWN0OiBTdGVw aGFuIExpY2h0ZW5hdWVyIChQb3RsdWNrKSA8c2xAaG9uZXlndWlkZS5ldT4NCkNvbnRhY3Q6IE1p Y2hhZWwgR21lbGluIChQb3RtYW4pIDxncmVtYm9ARnJlZUJTRC5vcmc+DQoNClBvdCBpcyBhIGph aWwgbWFuYWdlbWVudCB0b29sIHRoYXQgYWxzbyBzdXBwb3J0cyBvcmNoZXN0cmF0aW9uIHRocm91 Z2ggTm9tYWQuDQoNCkluIHRoZSBsYXN0IHF1YXJ0ZXIsIGEgbmV3IHJlbGVhc2UgMC4xNC4wIHdp dGggYSBudW1iZXIgb2YgZml4ZXMgYW5kIGZlYXR1cmVzDQpsaWtlIHRoZSBuZXcgY29weS1pbi1m bHYgY29tbWFuZCB3YXMgbWFkZSBhdmFpbGFibGUuDQoNClBvdGx1Y2sgYWltcyB0byBiZSB0byBG cmVlQlNEIGFuZCBQb3Qgd2hhdCBEb2NrZXJodWIgaXMgdG8gTGludXggYW5kIERvY2tlcjogYQ0K cmVwb3NpdG9yeSBvZiBQb3QgZmxhdm91cnMgYW5kIGNvbXBsZXRlIGNvbnRhaW5lciBpbWFnZXMg Zm9yIHVzYWdlIHdpdGggUG90IGFuZA0KaW4gbWFueSBjYXNlcyBOb21hZC4NCg0KSGVyZSB3ZSBh Z2FpbiBoYWQgYSBidXN5IHF1YXJ0ZXIuIEFsbCBpbWFnZXMgaGF2ZSBiZWVuIHJlYnVpbHQgZm9y IEZyZWVCU0QgMTIuMw0KYW5kIHBvdCAwLjEzLjAuDQpBbHNvIHRoZSBpbWFnZXMgdGhhdCBjYW4g YmUgdXNlZCB0byBidWlsZCBhIHZpcnR1YWwgZGF0YSBjZW50ZXIgbGlrZSBOb21hZCwNCkNvbnN1 bCBhbmQgVmF1bHQgaGF2ZSByZWNlaXZlZCBhIGxvdCBtb3JlIHRlbmRlciBsb3ZlIGFuZCBjYXJl IGFuZCBhcmUNCm1lYW53aGlsZSBpbiBwcmUtcHJvZHVjdGlvbiB1c2Ugb24gYSBjbHVzdGVyIGF0 IGEgZmludGVjaC4NCk5vdCBhbGwgdGhlc2UgY2hhbmdlcyBoYXZlIHlldCBiZWVuIGNvbW1pdHRl ZCB0byB0aGUgZ2l0aHViIHJlcG9zaXRvcnkgdGhvdWdoLA0KdGhpcyBpcyBwbGFubmVkIGZvciB0 aGUgbmV4dCBxdWFydGVyLiBBZGRpdGlvbmFsbHksIG5ldyBpbWFnZXMgbGlrZQ0KbXVsdGktbWFz dGVyIE9wZW5MREFQIGhhdmUgYmVlbiBhZGRlZCwgdG9vLg0KDQpQb3RtYW4gYWltcyB0byBzaW1w bGlmeSBidWlsZGluZyBQb3QgaW1hZ2VzIHdpdGggVmFncmFudCBhbmQgVmlydHVhbEJveCBiYXNl ZA0Kb24gdGhlIFBvdGx1Y2sgYXBwcm9hY2gsIGUuZy4gYXMgcGFydCBvZiBhIERldk9wcyB3b3Jr ZmxvdyBmb3Igc29mdHdhcmUNCmRldmVsb3BtZW50IGluY2x1ZGluZyB0ZXN0aW5nIGFuZCBwdWJs aXNoaW5nIHRoZW0gdG8gYSByZXBvc2l0b3J5Lg0KDQpIZXJlIHdlIGhhdmUgbm90IHlldCBtYWRl IGEgbG90IG9mIGhlYWR3YXkgd2l0aCBvdXIgcGxhbiB0byB1dGlsaXNlIFBvdG1hbiBpbg0KdGhl IFBvdGx1Y2sgbGlicmFyeSBidWlsZCBwcm9jZXNzIGJ1dCB0aGlzIGlzIHN0aWxsIG9uIG91ciBU T0RPLWxpc3QsIGxpa2UNCmltcHJvdmluZyB0aGUgZG9jdW1lbnRhdGlvbiBmb3IgdXNpbmcgdGhl IFZpcnR1YWwgREMgaW1hZ2VzIGZyb20gdGhlIFBvdGx1Y2sNCmxpYnJhcnkuDQoNCkFzIGFsd2F5 cywgZmVlZGJhY2sgYW5kIHBhdGNoZXMgYXJlIHdlbGNvbWUuDQoNCuKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKU geKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgeKUgQ0K --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQKkBAEBCgCOFiEEVbCTpybDiFVxIrrVNqQMg7DW754FAmIqrmlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDU1 QjA5M0E3MjZDMzg4NTU3MTIyQkFENTM2QTQwQzgzQjBENkVGOUUQHGpybUBmcmVl YnNkLm9yZwAKCRA2pAyDsNbvnnzFD/4yHT0rr3yNpfzo2TaWPw7lxQ/hJS7ge94D FI1RUs2y8TQhz42J00gC8R5UO8eofun8IbmlI8NS8H5jLDMbm3JFCn0sBCy0dfzH uTXDybfLull6dr8xmNL/davTwCA9hqi72Uah3SnA79JYhSX64OJeNHSf1G0+gvsi +5cfWNfBsopqAUybttF1UPHGtN5PUHNszVzT04JdRcH0Pa81wXQ9ywaWV3vvdU6L mZGnWjExUhDaMyhMzVzNGfQVUYyhrNtS7+clgI+I+6J7z9MvM5J3EpXxKNnI3axP OWWdd/af/3MmLdd4RPGTIOq5/2Bv5R7Sf3A451fMTg/QCJurAd9fTx0J2zQsbz/c qg7V5OpTt6G6UMr7FLkbgMKjpG+IVd/1PhySs27gVm5wTFPo+1C+lA1nX+lagctE m9NxKQM6aQAARsuCh0kSGbM25CwzUWjqsxB8MxDlr+owHRIfs+W3zjUd1x28oPaV aAYdG7vNEgJxt9GiqiNr4wQSJfaY99cAiaMAwljE9SOHU3dILDvqpeKhcxl0kBL6 IpOCq+ZYF3qA3O2e07kvBzS3FZ1l6C13lgLeGTch+CkQ+1DL45jlMhp9u5L3u3EM hGrpZhdNL3XcYgx7kvriTYNBY5w2y3rAyjRx+JCwrTyxF8E7OG9Z53jQbUW/ueJT gAtMY3AnMg== =j4Wu -----END PGP SIGNATURE----- --=-=-=-- From nobody Wed Mar 16 00:10:50 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6185E1A2F413 for ; Wed, 16 Mar 2022 00:10:51 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KJ9fL3ZQnz4fQZ; Wed, 16 Mar 2022 00:10:50 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647389451; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=V3Slp2WBr7ztxWNnMSYBlJKRcPpYvUxFmdFBbz7qZJ4=; b=tGGitomROyuIhtfz/jDYOSu9fY3XUmIbldIEpb8S2GpkcSLH9nHJs+lMBxwqhfbZ8iyWst fUNX4R4NZnFACFhoKnaqdY1qGELQT7GqF8rhq1GOKo2mB0CKWYGsyB/V4D4qfFMicIEnje z5GkhHi1kN2zfnzJaOrreaNDIKXrtATlwQ29DZB6YrmtYTb7VBh4198YORVRxkBLS49WRi F4J7+9cjnnYltwu6xV360gk/6Uii/ILEMxL97g+ZTiyD9KeNDirCfnM53hOIHa8t3Fsplt Qtgm5mEFLp9bl/OojeasCsnOO4/ngloDOOOc9sj6isjCWQPq/pRyEb9J2A3nHw== Received: by freefall.freebsd.org (Postfix, from userid 945) id 4F8A952B3; Wed, 16 Mar 2022 00:10:50 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:11.zfs [REVISED] Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220316001050.4F8A952B3@freefall.freebsd.org> Date: Wed, 16 Mar 2022 00:10:50 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647389450; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=V3Slp2WBr7ztxWNnMSYBlJKRcPpYvUxFmdFBbz7qZJ4=; b=wd/jXwNGX6NbMc/PcmQiO6X/ifmDIsU1+hZUO2P3QVkdlPsM6i9MPSk1xkH1fhaNdvAW80 kAUSaDPCC2p57sCl6VYxET3XZfAnIArhO+ksGKv9X6Q4YiBDu/PH40O6r9GW02OChQOfzw T41iaY4aGqYf3NPkCuuXVL8hiv5w6HFOd7+0rb4EZVva5Mjo6ufTXNniWmQKJFMXKiykv6 kPYpwZ2CyaCQzZUA68LcB0uPTNV6tkp5M3u565ggO+fNtFjqDNDE46UvhKWWx+/rTpm3PI SrFdASGZ+3sd0jhJzhOgoCq2ebfhIR/RAOmfqvpvEgWpFG2NelmYziTiYkSyng== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1647389450; a=rsa-sha256; cv=none; b=uLxcbkVx5kfUhEnmgrXSQlvGW7qxQnu96XF+eN+haJZmnZBMfm9hAT3mBxmTxIZQSxJF8B O5VfukkF/TZUwDHpl0Oewd3YrZokoLbszMA/8zxeI3UsA6cHSxi3ux8GFEsBz++XLqPVjo 98KnPlYvXrmrJBTSr54YuhdqNqFYx4r+Z0Bo9PfTS2apbFscZ2kZPmRDd9h4ot2dAWs7BC fdHlaGM8Q8GAK3b3ZCn8Bqoa/Ivp7nFLXtEYvBcZ/pgVfRJl3YfdPl//3PSjWolX6SVWGX 28Bl5DwNvhqXJJlOKVdyroBEnRowJBAU+WpXIB3ZCo60T+JQPytJjjjCBIndJA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:11.zfs Errata Notice The FreeBSD Project Topic: ZFS lseek(2) inconsistencies Category: contrib Module: zfs Announced: 2022-03-15 Affects: FreeBSD 13.0 Corrected: 2021-12-19 15:25:26 UTC (stable/13, 13.0-STABLE) 2022-03-15 18:09:52 UTC (releng/13.0, 13.0-RELEASE-p8) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . 0. Revision History v1.0 2022-05-15 -- Initial release v1.1 2022-05-15 -- Updated Correction Details to point to fixed patch that was missing a prerequisite in the source tree. The standalone patch linked in this SA is correct, only the git repo needed updating. I. Background ZFS is one of several filesystems available on FreeBSD. ZFS supports many advanced features, including checksumming, transparent compression, and snapshots. File "holes" are used by filesystems to limit the amount of storage space occupied by a file containing long runs of zero bytes. Rather than filling disk blocks with zeroes, file metadata can indicate the extent of such a run and the filesystem hides the distinction from user applications. II. Problem Description When a file containing holes is mapped using mmap(2), mapped regions of the file may be ignored by lseek(2) when SEEK_HOLE or SEEK_DATA are passed as the "whence" parameter. III. Impact The bug may cause application misbehavior; the precise effects depend on the nature of the application triggering the bug. IV. Workaround No workaround is available, but systems not using ZFS are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:11/zfs.patch # fetch https://security.FreeBSD.org/patches/EN-22:11/zfs.patch.asc # gpg --verify zfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 3aa1cabca37d stable/13-n248633 releng/13.0/ 210991b1f28b releng/13.0-n244787 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmIxJ20ACgkQ05eS9J6n 5cIQiA/+MTR6zs76LH3map57EjI5xSQmlGGRaf6QFKqHg1IeawkxdIKRHWc+fvZz zT4stvv7nz+EAo8wSIJllU7vnjMD+hbbDzgylFQcpVThCtR0VlXaShZtq8Tn4vNK WlIq4ArOB6gWFn2YdLc321kJrxHZOZQ2ttcirwFsLeg7hphw02rp/l7T3iPgKsK3 t8jAvDpuN/pjzQmDwMnVVR2FnofAa3SdMUdCC5LBh9pXf7RWh2yXAMfHr2R219It xYugZf+Nr/SyZGgQsLgkB2K5n/RxAIAQMp5eHgbWGUfMfhmlqmUdg9KE2u2j4v/7 Fj6B4pPpZhcVUKlHhiCryeo1TwURwZ5sUazLg3heIfjsJY7SsSnaKQEyuKNdBuob e5NKQtgKWuCs57DlBKvrjWCUcpWRqBGtxqh2DExQONuRI4DxoWrDL+gkoL5oIZ2j HNy2tCWcZH8meWj8UvBwxE8GBHYUdn1ICJSgyDt4me5AVa+8lYQlcCo2ZpUpMfYs eO8xHbEm+CmwBkGqtYeiZct2irl1XCSWXNIosMNGJz9u2aXj5dFsVjJAM+dMRfli M1Rn5b6H9DlQ4HsAuITlNaHbzey+ej6N/Oot2O95GFWrKnypqh5R3EaH2q971GPT nS1rledjMXwKxW4f7hCZK2NzzwMutxymGcRsBhzrtxZgP+YA22M= =i5YI -----END PGP SIGNATURE----- From nobody Mon Mar 21 19:38:55 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 90D901A28430 for ; Mon, 21 Mar 2022 19:38:55 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KMlKq3nYRz4Tc2; Mon, 21 Mar 2022 19:38:55 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647891535; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=ZewUCruvMJCr0wDF171TpRM8sm/+6gLyxhDWx4ltwmw=; b=WXFys/eE0gc+CwH2svEVPIPEc2kiLSqX/TpnBD8lqLt+SsAfDrN19K6LjGbBSso2gK21SS V9uHXHhEyyLvBOrbiJY4Ye8kWYr97RkNtWitRy7r/ECm3hgF3IjClU/rtqeQRK1+hkTR1X dS+uNwzWhkUE4UacN94PC8ei4K8plDM+dlx7Y74MKKhPMNexMQnDhPslqNMAIil7C73IZe 2Ber6AP6moIrqpUS2JYh3c+9OOE8l4hh9CQcK3qXdrtOYLWXyP48iYmWLod2DmIuEUaWmt O8s+pCiGOrOKu5Pk23TjlrlcmwhY6oVrvNJxxQUYhB7whKvC9UkLJNNtaxrfZg== Received: by freefall.freebsd.org (Postfix, from userid 945) id 6AA231B19E; Mon, 21 Mar 2022 19:38:55 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:13.zfs Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220321193855.6AA231B19E@freefall.freebsd.org> Date: Mon, 21 Mar 2022 19:38:55 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647891535; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=ZewUCruvMJCr0wDF171TpRM8sm/+6gLyxhDWx4ltwmw=; b=bk09woh+o50nrhWu46X8eOdEfZdzmruop4q/bZVBm6TowFauHNMnOAR2FUmIeGCyfku+u/ yMD2VnDHrw+YuWbzeXh/JYO0yE4x2AXahRwYT6OOkisP95lcRxLfleJHesbyLrcAyjxlY4 JwUpuysVxS8skzXNQWADorEVBOhmd2oNwKSZbeEMV9YlHEGPh/fxgQcpyzHMpByTCGifMG 8TYPXkg+Z3hzMmlHHkyoG8y2EYfnTIsCM0BMt+NCTcQsopsSa0UJkbB95ha6/8hKsW8DEF yU3zc6oQUooX6+zzSbFwPpRFHW0tvTCP4jwFJ34jXfzAyWLBmFH5DHuhs8sdkQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1647891535; a=rsa-sha256; cv=none; b=nk4tPdCqVWGBgXh+djE8k4oBV2iLbGRjJyuX/zoEazO9LxxivAg1Shgcv9xVG37K5V7AAI ZjtenwZMf1iUdcZGKbir/sSTtdzMsurIzzaEMPmCDry6iBvqsNpGLPZx2vcfWRrGxOt7Jp XuSIkVqMrWHb238o+/fe5tABm0htvjpndr5Fi4K1yXDfgFCHK4a65FZYl9mnO6G0Epfv5T pUP3TZJVaQ4tiXGJ8W1QWz09+t5lFUwrhsw7lGWONFIpKueK1a2JsY6yJbn3RfgoA9WaDx 4AXU4HLuDg1B9P+P+DRyg5noMGOhrkdeRlAS2isFwC7R3VUdkG2JVro0h3t6wg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:13.zfs Errata Notice The FreeBSD Project Topic: ZFS data loss Category: contrib Module: zfs Announced: 2022-03-21 Affects: FreeBSD 13.0-p8 Corrected: 2022-03-20 14:10:36 UTC (releng/13.0, 13.0-RELEASE-p9) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ZFS is one of several filesystems available on FreeBSD. ZFS supports many advanced features, including checksumming, transparent compression, and snapshots. II. Problem Description Erratum FreeBSD-EN-22:11.zfs was addressed by a patch which modified a ZFS kernel function that determines whether the in-memory copy of a filesystem object is dirty with respect to its representation on stable storage. The modification contained a bug which could cause the function to return false negatives. III. Impact Under heavy load, files written to a ZFS filesystem may not be correctly saved to disk. IV. Workaround No workaround is available, but systems not using ZFS are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:13/zfs.patch # fetch https://security.FreeBSD.org/patches/EN-22:13/zfs.patch.asc # gpg --verify zfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- releng/13.0/ b8ae329db949 releng/13.0-n244788 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat NNNNNNNNNNNN Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmI4zUQACgkQ05eS9J6n 5cJN8w//cVuY7dgMFIFsxLdMUfWQevqhWKHgT3itBo+WCYgpDixBHGvXrduYbFGO gBB4Q9qlTKnNqVVR3AQvzmc7t2quJcjI+p6Sfq1UlmjyEEYmsSQndYOSUGeR0zli P8UgjMx9VDXyugZWy/jGDBIXr3tKYXdeTlfSwJ0Dxkf3k0NpOCPvvpZSCAQlrCXd dwI25I39fGOZKES8rW6TPcN8K2uSvlHu4i2v3MYfPHkRVOwdbMA33YaX/bCvTwHa h8hg2hnwLNGUWhQZ6cwW/kPBjp7yVuDc0VIqfCyA7DqgUbo6juYm7ZD+EHUaVfAV 32FFrMY/crH6UoZ1LXYK7I/xmyec5o66VewoGYsiY+5bFb0jNC8Pv/fmtzFPOFGW rHPxsLP/2rFpqwoNnhTX9wohqxHLOoN/DtjcTzznlL+VutOdQqNuU+U9o8wG5tea e+8tfNbvxSV2qvEZ/gqliSkpICe70jM04/ZkBw+eFdFqRZdV/tIIfEonzutqCi3x h/9r335b+6gJvpEkyq1VHesuydY5K21aPPnyETEOGKQAGfPMNyB67LNSd29gATHi CjJDkylMhMMf/qaTBxViMYSEZ3mzkbTkIQE9Oph2M2YMbZoh8VwNfu0mU6kxBBfT kSeGF1QZjnHeHWeRpd/lsKxFbNfElwVeoQc8e9evYHqNEdeyle8= =085i -----END PGP SIGNATURE----- From nobody Tue Mar 22 16:58:31 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 1FEEE1A3A103 for ; Tue, 22 Mar 2022 16:58:32 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KNHkJ0PnJz3FlN; Tue, 22 Mar 2022 16:58:32 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647968312; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=7w+i88lgkLLJ7Y9jC3dzVpgBZRWkHBQVWxj5qoeYnJM=; b=g+yqz/L8i79Ta1UBpCWfy6gMJWcYWqgOGMD569yL8B2uoTFerTml29r6Y7IuxUQIUUY53U pyyguxxjFsCpDgSuZl4DM4ApAg7lw5obk0ISV44ZUT3EaFEqPv0ZGwEjl82P1fW6Kbi1PK 2cWBIpL88gstLLpGNKqFNkszfa6Q0Z0tHmyHf8YCHWe7DWxIJr4tGuaSFF1sF4gX8vqW11 7zpgNZRM94WD/09P0wSkRuhPIiIc74JOXSd/zj7JOxPzzs2l9ZLNwA6ESlHsHGS5KgsUD1 /AT008S0xXnyFaQidP3LnREfE8bpoIbK/Ssnd4UMSRxDNJwqSaCyb0cLdlmLSw== Received: by freefall.freebsd.org (Postfix, from userid 945) id E50F91E865; Tue, 22 Mar 2022 16:58:31 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:14.tzdata Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220322165831.E50F91E865@freefall.freebsd.org> Date: Tue, 22 Mar 2022 16:58:31 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1647968312; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=7w+i88lgkLLJ7Y9jC3dzVpgBZRWkHBQVWxj5qoeYnJM=; b=FRK8pctp91DvHbyXrzhD/+2Dvywl9VJd5Q/hoU2sNByo85oiM6d2DtFDCLjLiOh32BSE5H sVM0hAfE8CkfZ/HxHYLvHKiHNlPjqaSSEXmTAE0Z5Q9qvI3E2+zRNu0nsl/0aA2dAEku5B VxW5G7/C7Z+9UGoYu7vffZeYzJ1fdPFQeKCK3XkkZjVosjs+YWcpJBpP5dbVu/TQ2yEemd wIiQo7q16Q0EKQEAOzZluyRlocGyMafArc5/3JnnegvodYve7nn32ev5bzg2+WFFgxATHZ hLpJvUR8H9hU5Rhs/nokBeV7qKX8L8CDh38uZm9QguRJGt73fuIFlMC7EVqGiA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1647968312; a=rsa-sha256; cv=none; b=OCZXXFhJfvbgxSiBxebveV/k97YKwp3T0yMTGBhmGJQOE3zJnrv13Y3+gUt6W/eO66Wlvg fp9vjA21j3xoZEkI8XjQVSrQzXbSteOGgw1fOPWOL3RRtcTsjllOAXc2dsTyK/CppsEhhv /5J65xZ019LrtVCEuf5ktuVa4PHmebkAw7vRNAgnD1CWLIfB23sc37dJvAykRV0+vrw0Z5 oAo6S+HYAU2Ne3aUe1lyJpA9elgDm+Lf3jihUgj/cQxTY2ncI1dInxd57EBrxrtnItSU93 fZekQCJ+Z9kT2fwTmhUBumX7ThrxzzLA6nc9PQrD6/Y2wD8+NcqH5v+N9oEkJQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:14.tzdata Errata Notice The FreeBSD Project Topic: Timezone database information update Category: contrib Module: zoneinfo Announced: 2022-03-22 Affects: All supported versions of FreeBSD. Corrected: 2022-03-21 15:26:58 UTC (stable/13, 13.1-STABLE) 2022-03-22 15:54:06 UTC (releng/13.1, 13.1-BETA2-p1) 2022-03-22 15:54:07 UTC (releng/13.0, 13.0-RELEASE-p10) 2022-03-21 15:29:26 UTC (stable/12, 12.3-STABLE) 2022-03-22 15:56:37 UTC (releng/12.3, 12.3-RELEASE-p4) 2022-03-22 15:57:12 UTC (releng/12.2, 12.2-RELEASE-p15) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The IANA Time Zone Database (often called tz or zoneinfo) contains code and data that represent the history of local time for many representative locations around the globe. It is updated periodically to reflect changes made by political bodies to time zone boundaries, UTC offsets, and daylight-saving rules. FreeBSD releases install the IANA Time Zone Database in /usr/share/zoneinfo. The tzsetup(8) utility allows the user to specify the default local time zone. Based on the selected time zone, tzsetup(8) copies one of the files from /usr/share/zoneinfo to /etc/localtime. A time zone may also be selected for an individual process by setting its TZ environment variable to a desired time zone name. II. Problem Description Several changes to future and past timestamps have been recorded in the IANA Time Zone Database after previous FreeBSD releases were released. This affects many users in different parts of the world. Because of these changes, the data in the zoneinfo files need to be updated. If the local timezone on the running system is affected, tzsetup(8) needs to be run to update /etc/localtime. III. Impact An incorrect time will be displayed on a system configured to use one of the affected time zones if the /usr/share/zoneinfo and /etc/localtime files are not updated, and all applications on the system that rely on the system time, such as cron(8) and syslog(8), will be affected. IV. Workaround The system administrator can install an updated version of the IANA Time Zone Database from the misc/zoneinfo port and run tzsetup(8). Applications that store and display times in Coordinated Universal Time (UTC) are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Please note that some third party software, for instance PHP, Ruby, Java, Perl and Python, may be using different zoneinfo data sources, in such cases this software must be updated separately. Software packages that are installed via binary packages can be upgraded by executing 'pkg upgrade'. Following the instructions in this Errata Notice will only update the IANA Time Zone Database installed in /usr/share/zoneinfo. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Restart all the affected applications and daemons, or reboot the system. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:14/tzdata-2022a.patch # fetch https://security.FreeBSD.org/patches/EN-22:14/tzdata-2022a.patch.asc # gpg --verify tzdata-2022a.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all the affected applications and daemons, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 5dbd160076c0 stable/13-n250054 releng/13.1/ b7e7657b02f2 releng/13.1-n250005 releng/13.0/ 42f2f9f09cf1 releng/13.0-n244790 stable/12/ r371759 releng/12.3/ r371763 releng/12.2/ r371764 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmI5+6AACgkQ05eS9J6n 5cIwzhAAg91JwdZdUTzBofSoem2T4JzpdHQOdC+I6J8oH72PgAkyZo17FWVI9u/w t34euMJE+dPA48V3hO12fSXO9lgvxWJWTZF/tTiAibvdL9LqxLrGmWvZle7Bx+ne rdEXH+KmiWZhPB6cN9t7ZU35zM5UGbTc332xI7GnyeYS3tAnGnvKNYRwuiw1SBdc kpcOgpqg5F6jadzycZMwd/ovWY8+gRlj7JXhF+bbmK7GuH504uIzABZAGpoaiw2o 56YqK9qyW42nxc16QlxgSLIzVhl9XHBuQyHXIeLe/BPcIdqLCw73siumnKCo0ccJ AWCxCUjdb3fPuM5J+CwcmVJO1Qr2H+0KE+ntNqsyZg1iqDZkKcyW366bDIEU7qw8 Db4N7iaMkyG/uOjQHgpJX6YO8HjX1+2Bw2KRUF8sueYsVNHTsXs+8yp8093CMOY8 gvYFKACTziNiEkDN9PFmTTC+r7KzHXlFU9DK+C3nP0hZwd7jN1g5n6uJHfBX0gMx LN3VdKiu/dxukYJF1srSflq24G8sl0XxMCJ0LFgXSzofP45iG9qSJjvWwRAcxQ3k /FYwzY+sET+KcjeN3+F1PU/jAf6piWxjr+3FFvQWIOgGb3cgmjM/nlu0x/er7F1W 3e1iO8TB1Y6Gf7qYuvdMQmsn5jjCLpOShtYJrwYNLdSVa9K5Vx8= =Voiz -----END PGP SIGNATURE----- From nobody Sat Apr 16 13:04:56 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 1C14C7EECFB; Sat, 16 Apr 2022 13:04:59 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from mail.gundo.com (gibson.gundo.com [75.145.166.65]) by mx1.freebsd.org (Postfix) with ESMTP id 4KgYMG2f00z4vBl; Sat, 16 Apr 2022 13:04:58 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from webmail.gundo.com (variax.gundo.com [75.145.166.70]) by mail.gundo.com (Postfix) with ESMTP id 400A04C07A8; Sat, 16 Apr 2022 08:04:57 -0500 (CDT) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Date: Sat, 16 Apr 2022 13:04:56 +0000 From: Pau Amma To: freebsd-doc@freebsd.org, freebsd-announce@freebsd.org Subject: FreeBSD Handbook improvement survey Reply-To: pauamma@gundo.com User-Agent: Roundcube Webmail/1.4.8 Message-ID: X-Sender: pauamma@gundo.com Organization: The Cabal (TINC) Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4KgYMG2f00z4vBl X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=gundo.com; spf=pass (mx1.freebsd.org: domain of pauamma@gundo.com designates 75.145.166.65 as permitted sender) smtp.mailfrom=pauamma@gundo.com X-Spamd-Result: default: False [-1.90 / 15.00]; ARC_NA(0.00)[]; HAS_REPLYTO(0.00)[pauamma@gundo.com]; FREEFALL_USER(0.00)[pauamma]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[75.145.166.65:from]; R_SPF_ALLOW(-0.20)[+ip4:75.145.166.64/28:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; REPLYTO_ADDR_EQ_FROM(0.00)[]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_SPAM_SHORT(1.00)[0.999]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_IN_DNSWL_MED(-0.20)[75.145.166.65:from]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gundo.com,none]; MLMMJ_DEST(0.00)[freebsd-announce,freebsd-doc]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7922, ipnet:75.144.0.0/13, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N The FreeBSD Foundation contracted me to develop a prioritized plan for improving and updating the FreeBSD Handbook. For the first stage of this project, I have identified a number of issues needing improvement. To prioritize the issues, please tell me which are important to you personally. Specifically, please rate each of the items listed: critical, important, useful, neutral (or no opinion), counterproductive. If you chose "counterproductive", please explain why. If there are things you'd like changed that I haven't listed, please add them and rate them as above. Please respect the Reply-to and don't reply to all. At this stage I am focusing on the English version, so please answer based on that version's content, but translations may be updated to the extent that translation teams are available. I intend to close this survey on April 30 at 11:59:59pm UTC (see https://www.timeanddate.com/worldclock/fixedtime.html?msg=End+of+survey+answer+collection&iso=20220430T235959&p1=%3A for the equivalent in your timezone). To allow for delays email delivery, please try replying at least 90 minutes before the deadline. Main list of items with some annotations for context, in no particular order: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262068: change the example to a sound driver more likely not to be in generic than snd_hda or remove it altogether) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261536: document dma - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263317: reorder etcupdate steps in Handbook section 24.5 (https://docs.freebsd.org/en/books/handbook/cutting-edge/#makeworld) by moving the warning in 24.5.6.1 to the place in the procedure where users would need to perform it when applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263318: add freebsd-accessibility@ to https://docs.freebsd.org/en/books/handbook/eresources/#eresources-mail - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263319: add an accessibility section to the Handbook, per https://lists.freebsd.org/archives/freebsd-doc/2021-September/000479.html - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263320; fix errant references to /etc/X11/xorg.conf in https://docs.freebsd.org/en/books/handbook/x11/ and https://docs.freebsd.org/en/books/faq/#X11 (that goes beyond the Handbook, but I think it makes sense to tackle them together) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263321: add RAIDz2 and RAIDz3 to the ZFS chapter, including the note in 20.2.2 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261212: update the ZFS chapter for OpenZFS, if needed with 12.x-13.x split - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263322: follow-up to https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c (explain when and why to upgrade the bootloader) and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364 (documenting the boot partition) unless carlavilla deals with the latter - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192663: HAST and or CARP: while there, update for 12.x and 13.x - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220014: more generally make sure that only things needed early on get in /boot/loader.conf - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258264: unclear whether it can be loaded in rc.conf, needs an update to recent driver; I'd need help from someone who has a computer using an NVIDIA GPU to work on that one - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261025: Change ETSI to etsi2 for Austria Wifi example - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=121952: ipfw NAT no longer requires natd and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588: IPFW tables and dummynet if still applicable (see note 1 in costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227050: storage device labels, better coverage of GPT: if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223891: NFSv4 and NFSv4.1 if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219953: loading graphics drivers needed for suspend/resume at least for some laptops, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260994: KMS needs DRM drivers for suspend and resume even on console-only hosts. I'm not sure I can help with this, though. It depends on whether console-mode VMs can suspend under VirtualBox. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261814: typo: s/union to/union in/. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261813: mention smartphones presenting as USB disks, check smartphone when troubleshooting - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=180493: multiconsoles in loader.conf, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=183002: ditto, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=95408: serial console install if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=172370: Blu-Ray) if my HL-DT-ST DVDRAM GUA0N AL00 work as a Blu-Ray drive (DuckDuckGo hints it may) or someone who has one can help - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261944: Soft update and journaling for UFS - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257405: pool vs. zpool - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254191: exFAT and FAT32 using https://github.com/relan/exfat/blob/v1.3.0/fuse/mount.exfat-fuse.8 for exFAT (https://github.com/search?p=2&q=fat32+fuse&type=Repositories doesn't show anything promising for FAT32) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404: track ZFS resources linkrot - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240421: use geli attach before zpool import if device is geli-encrypted - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=146521: ping6 instructions for testing IPv6, since it and ping are different in 12.x. Since 13.x merged ping is supposed to be backward-compatible when invoked as ping6, no need for separate discussion. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255323: git vs. gitup and Game of Trees (got) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007: Refactor version list in FreeBSD Handbook intro (and other books as needed) for easier update; needs discussion of where it should go and which other books or articles should use it; see also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818 and https://reviews.freebsd.org/D31612 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257618: vm.bios.efi=1 in Advanced Settings to allow booting in a Parallels VM; I'll need help from someone with a Macbook (or other Macintosh) for that - In FreeBSD Handbook pre-installation tasks step 2 (https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-pre), merge "virtualization (Virtualization)" into a link and remove the anchor from the URL unless needed in the single-HTML version - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253874 (dd arguments) and s/Write the Image/write the image/ while there. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223997 (portrange sysctl tuning in https://docs.freebsd.org/en/books/handbook/config/#configtuning-kernel-limits): who knows about that? Did any later commits change the default/initial values? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253392 (boot_mute="NO" and other 13.x changes) needs discussion of where it would go - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252951 (chsh asks for user's password) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893 (smb.conf) unless "map to guest" should still be specified - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252423 memoryuse (add vmemoryuse) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252069 plasma5-plasma and gnome-shell in addition to the complete versions - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250927 (may need to experiment with no_radr and accept_rtadv, in which case see note 1 on costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246091 "pkg bootstrap" no longer needed, and it's all supported versions now, not 10 and later - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247568 (the Handbook part of ipf(7)) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263232 (clarify uses of GELI and UFS in installer chapter, add (Open)ZFS ~ encryption caveat) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263323: update https://docs.freebsd.org/en/books/handbook/boot/index.html#boot-synopsis if/as needed for ZFS and (U)EFI - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263324: Move/copy reference to virtualization in the installation chapter somewhere more obvious than preinstall step 2, like in the synopsis, with a reference to install images being usable for that as well - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263326: Add QEMU discussion in the FreeBSD Handbook virtualization chapter unless the audience is too small/specialized. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263327: In Linux Binary compatibility, Advanced Topics, link to debootstrap in the 10.5.1 note - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263328: Merge wiki Linux jails content into Linux Binary compatibility, debootstrap - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262689: track removal of i386-wine in https://docs.freebsd.org/en/books/handbook/wine/; while there, s/might want it do so/might want to do so/ in https://docs.freebsd.org/en/books/handbook/wine/#installing-wine-on-freebsd - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245512: Kazakhstan mirrors (If these mirrors are still current, which protocols do they use?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263329: Link to Development model book in FreeBSD Handbook Introduction, history - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248150: document using jail.conf instead of rc.conf, mention etcupdate - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263330: Extend the FreeBSD Handbook jails section to mention iocage - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263331Explain use of bectl (if using ZFS) in the updating FreeBSD section of the FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263332: Remove spurious "because" in ZFS Features and Terminology caution - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263333: Check for lingering 11.x (and earlier) and 12.2 references in the FreeBSD handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263334: Remove NIS section from FreeBSD Handbook if no longer in use. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263335: Add GPT discussion to FreeBSD Basics, Disk Organization in FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263336: Make sure all FreeBSD Handbook images including non-text screenshots have descriptions or text alternatives - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263337: Make sure all FreeBSD Handbook procedures have mouseless or keyboard-only equivalents - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263338: Style conformance pass over the whole FreeBSD Handbook, including removing uses of the second person - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263339: Proofread the whole FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263340: Make sure all procedures still work and update output text as needed Things others started/are working on: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255318 (if 0mp is, otherwise see https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c above) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262742 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259494 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262274 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204918 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260812 (Graham Perrin may have something in the works) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242984 is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254153 is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260183 carlavilla may have something in the works - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818 and https://reviews.freebsd.org/D31612 (gbe), which touches on some of the same issues as https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253453 and https://reviews.freebsd.org/D28622 (phk/debdrup) - need to review - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200803 (is it a manual page change, a doc change, or both?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241673 (gbe?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244156 (blackend?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247285 still applicable with the current doc-building toolchain (doceng, as discussed in IRC) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364 (documenting the boot partition) (carlavilla) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588 (is tmj@ still working on this?) Unsure of current completion status: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241683 is this (that is, the workaround using MIT Kerberos) still needed? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196343 ipsec gif setup: partly fixed, maybe completely - was https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260253 applied silently or is https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256725 a duplicate or related? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257481 (no images in epub) if still applicable - Review https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404 or otherwise move it forward -- #BlackLivesMatter #TransWomenAreWomen #AccessibilityMatters #StandWithUkrainians English: he/him/his (singular they/them/their/theirs OK) French: il/le/lui (iel/iel and ielle/ielle OK) Tagalog: siya/niya/kaniya (please avoid sila/nila/kanila) From nobody Wed Apr 20 20:44:10 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 24E7011E6B6F; Wed, 20 Apr 2022 20:44:19 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from mail.gundo.com (gibson.gundo.com [75.145.166.65]) by mx1.freebsd.org (Postfix) with ESMTP id 4KkCMP3scGz3HQX; Wed, 20 Apr 2022 20:44:17 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from webmail.gundo.com (variax.gundo.com [75.145.166.70]) by mail.gundo.com (Postfix) with ESMTP id 637D04C04D0; Wed, 20 Apr 2022 15:44:11 -0500 (CDT) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Date: Wed, 20 Apr 2022 20:44:10 +0000 From: Pau Amma To: freebsd-doc@freebsd.org, freebsd-announce@freebsd.org Subject: Follow-up to the FreeBSD Handbook improvement survey Reply-To: pauamma@gundo.com In-Reply-To: References: User-Agent: Roundcube Webmail/1.4.8 Message-ID: X-Sender: pauamma@gundo.com Organization: The Cabal (TINC) Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4KkCMP3scGz3HQX X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=gundo.com; spf=pass (mx1.freebsd.org: domain of pauamma@gundo.com designates 75.145.166.65 as permitted sender) smtp.mailfrom=pauamma@gundo.com X-Spamd-Result: default: False [-3.79 / 15.00]; HAS_REPLYTO(0.00)[pauamma@gundo.com]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[pauamma]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[75.145.166.65:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:75.145.166.64/28]; MIME_GOOD(-0.10)[text/plain]; REPLYTO_ADDR_EQ_FROM(0.00)[]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999]; RCVD_IN_DNSWL_MED(-0.20)[75.145.166.65:from]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gundo.com,none]; NEURAL_HAM_SHORT(-0.89)[-0.892]; MLMMJ_DEST(0.00)[freebsd-announce,freebsd-doc]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7922, ipnet:75.144.0.0/13, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N Some people had questions or comments following the initial survey announcement. I have tried to address them privately as they came, but here's a run down for anyone who wondered but was unsure whether to ask: Q: How do I match my ratings to items? A: Any way you're comfortable with, as long as I can figure out which rating is meant for which item from your reply. Two ways I know work (not limitative): rating on a line by itself under each item, and rating on a line by itself followed by a list of items it applies to. Note that no rating for a given item isn't the same as "neutral/no opinion". If you want that recorded as your rating, you must make it explicit or state what rating I should use for items you didn't rate. Q: How do I word my ratings? A: Use the ones I specified so I don't have to ask you what you meant by yours: - critical - important - useful - neutral (or no opinion) - counterproductive. If you answer "counterproductive", please explain why you think so. It may mean an assumption about how people make use of the FreeBSD Handbook or what for is incorrect, and that's definitely something I'd like to know, whether or not I can exploit it in this improvement contract. Q: Can you reformat your list of items to make it easier for me to read and process? A: Yes. See below, courtesy of fmt(1) after some manual linebreak addition. (I've kept the one-line-per-item from the forwarded email as well; answer whichever you're more comfortable reading.) The one thing I ask is that you don't rate items in answer to this email if you already did for the initial one. Q: Will there be a web-based survey form? A: I wasn't initially going to, in part due to privacy and accessibility concerns from relying on that alone, but enough have asked that I'm looking at SurveyMonkey as a possible alternate delivery method. I'm not making promises yet, because as I read the docs I may learn of limits that make using it impossible or impractical. If and when there's one up, I'll send another follow-up with the URL. As for the initial survey, feel free to add and rate items you'd like considered that I haven't listed. Thank you. Main list of items with some annotations for context, in no particular order: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262068: change the example to a sound driver more likely not to be in generic than snd_hda or remove it altogether) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261536: document dma - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263317: reorder etcupdate steps in Handbook section 24.5 (https://docs.freebsd.org/en/books/handbook/cutting-edge/#makeworld) by moving the warning in 24.5.6.1 to the place in the procedure where users would need to perform it when applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263318: add freebsd-accessibility@ to https://docs.freebsd.org/en/books/handbook/eresources/#eresources-mail - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263319: add an accessibility section to the Handbook, per https://lists.freebsd.org/archives/freebsd-doc/2021-September/000479.html - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263320: fix errant references to /etc/X11/xorg.conf in https://docs.freebsd.org/en/books/handbook/x11/ and https://docs.freebsd.org/en/books/faq/#X11 (that goes beyond the Handbook, but I think it makes sense to tackle them together) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263321: add RAIDz2 and RAIDz3 to the ZFS chapter, including the note in 20.2.2 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261212: update the ZFS chapter for OpenZFS, if needed with 12.x-13.x split - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263322: follow-up to https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c (explain when and why to upgrade the bootloader) and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364 (documenting the boot partition) unless carlavilla deals with the latter - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192663: HAST and or CARP: while there, update for 12.x and 13.x - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220014: more generally make sure that only things needed early on get in /boot/loader.conf - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258264: unclear whether it can be loaded in rc.conf, needs an update to recent driver; I'd need help from someone who has a computer using an NVIDIA GPU to work on that one - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261025: Change ETSI to etsi2 for Austria Wifi example - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=121952: ipfw NAT no longer requires natd and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588: IPFW tables and dummynet if still applicable (see note 1 in costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227050: storage device labels, better coverage of GPT: if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223891: NFSv4 and NFSv4.1 if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219953: loading graphics drivers needed for suspend/resume at least for some laptops, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260994: KMS needs DRM drivers for suspend and resume even on console-only hosts. I'm not sure I can help with this, though. It depends on whether console-mode VMs can suspend under VirtualBox. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261814: typo: s/union to/union in/. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261813: mention smartphones presenting as USB disks, check smartphone when troubleshooting - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=180493: multiconsoles in loader.conf, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=183002: ditto, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=95408: serial console install if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=172370: Blu-Ray) if my HL-DT-ST DVDRAM GUA0N AL00 work as a Blu-Ray drive (DuckDuckGo hints it may) or someone who has one can help - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261944: Soft update and journaling for UFS - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257405: pool vs. zpool - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254191: exFAT and FAT32 using https://github.com/relan/exfat/blob/v1.3.0/fuse/mount.exfat-fuse.8 for exFAT (https://github.com/search?p=2&q=fat32+fuse&type=Repositories doesn't show anything promising for FAT32) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404: track ZFS resources linkrot - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240421: use geli attach before zpool import if device is geli-encrypted - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=146521: ping6 instructions for testing IPv6, since it and ping are different in 12.x. Since 13.x merged ping is supposed to be backward-compatible when invoked as ping6, no need for separate discussion. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255323: git vs. gitup and Game of Trees (got) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007: Refactor version list in FreeBSD Handbook intro (and other books as needed) for easier update; needs discussion of where it should go and which other books or articles should use it; see also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818 and https://reviews.freebsd.org/D31612 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257618: vm.bios.efi=1 in Advanced Settings to allow booting in a Parallels VM; I'll need help from someone with a Macbook (or other Macintosh) for that - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263323: In FreeBSD Handbook pre-installation tasks step 2 (https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-pre), merge "virtualization (Virtualization)" into a link and remove the anchor from the URL unless needed in the single-HTML version - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253874: (dd arguments) and s/Write the Image/write the image/ while there. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223997: (portrange sysctl tuning in https://docs.freebsd.org/en/books/handbook/config/#configtuning-kernel-limits): who knows about that? Did any later commits change the default/initial values? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253392: (boot_mute="NO" and other 13.x changes) needs discussion of where it would go - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252951: (chsh asks for user's password) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893: (smb.conf) unless "map to guest" should still be specified - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252423: memoryuse (add vmemoryuse) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252069: plasma5-plasma and gnome-shell in addition to the complete versions - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250927: (may need to experiment with no_radr and accept_rtadv, in which case see note 1 on costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246091: "pkg bootstrap" no longer needed, and it's all supported versions now, not 10 and later - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247568: (the Handbook part of ipf(7)) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263232: (clarify uses of GELI and UFS in installer chapter, add (Open)ZFS ~ encryption caveat) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263323: update https://docs.freebsd.org/en/books/handbook/boot/index.html#boot-synopsis if/as needed for ZFS and (U)EFI - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263324: Move/copy reference to virtualization in the installation chapter somewhere more obvious than preinstall step 2, like in the synopsis, with a reference to install images being usable for that as well - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263326: Add QEMU discussion in the FreeBSD Handbook virtualization chapter unless the audience is too small/specialized. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263327: In Linux Binary compatibility, Advanced Topics, link to debootstrap in the 10.5.1 note - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263328: Merge wiki Linux jails content into Linux Binary compatibility, debootstrap - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262689: track removal of i386-wine in https://docs.freebsd.org/en/books/handbook/wine/; while there, s/might want it do so/might want to do so/ in https://docs.freebsd.org/en/books/handbook/wine/#installing-wine-on-freebsd - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245512: Kazakhstan mirrors (If these mirrors are still current, which protocols do they use?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263329: Link to Development model book in FreeBSD Handbook Introduction, history - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248150: document using jail.conf instead of rc.conf, mention etcupdate - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263330: Extend the FreeBSD Handbook jails section to mention iocage - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263331: Explain use of bectl (if using ZFS) in the updating FreeBSD section of the FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263332: Remove spurious "because" in ZFS Features and Terminology caution - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263333: Check for lingering 11.x (and earlier) and 12.2 references in the FreeBSD handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263334: Remove NIS section from FreeBSD Handbook if no longer in use. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263335: Add GPT discussion to FreeBSD Basics, Disk Organization in FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263336: Make sure all FreeBSD Handbook images including non-text screenshots have descriptions or text alternatives - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263337: Make sure all FreeBSD Handbook procedures have mouseless or keyboard-only equivalents - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263338: Style conformance pass over the whole FreeBSD Handbook, including removing uses of the second person - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263339: Proofread the whole FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263340: Make sure all procedures still work and update output text as needed Things others started/are working on: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255318: (if 0mp is, otherwise see https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c above) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262742 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259494 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262274 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204918 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260812: (Graham Perrin may have something in the works) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242984: is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254153: is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260183: carlavilla may have something in the works - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818: and https://reviews.freebsd.org/D31612 (gbe), which touches on some of the same issues as https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253453: and https://reviews.freebsd.org/D28622 (phk/debdrup) - need to review - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200803: (is it a manual page change, a doc change, or both?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241673: (gbe?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244156: (blackend?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247285: still applicable with the current doc-building toolchain (doceng, as discussed in IRC) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364: (documenting the boot partition) (carlavilla) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588: (is tmj@ still working on this?) Unsure of current completion status: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241683: is this (that is, the workaround using MIT Kerberos) still needed? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196343: ipsec gif setup: partly fixed, maybe completely - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260253: was it applied silently or is https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256725 a duplicate or related? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257481: (no images in epub) if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404: review or otherwise move forward -------- Original Message -------- Subject: FreeBSD Handbook improvement survey Date: 2022-04-16 13:04 From: Pau Amma To: freebsd-doc@freebsd.org, freebsd-announce@freebsd.org Reply-To: pauamma@gundo.com The FreeBSD Foundation contracted me to develop a prioritized plan for improving and updating the FreeBSD Handbook. For the first stage of this project, I have identified a number of issues needing improvement. To prioritize the issues, please tell me which are important to you personally. Specifically, please rate each of the items listed: critical, important, useful, neutral (or no opinion), counterproductive. If you chose "counterproductive", please explain why. If there are things you'd like changed that I haven't listed, please add them and rate them as above. Please respect the Reply-to and don't reply to all. At this stage I am focusing on the English version, so please answer based on that version's content, but translations may be updated to the extent that translation teams are available. I intend to close this survey on April 30 at 11:59:59pm UTC (see https://www.timeanddate.com/worldclock/fixedtime.html?msg=End+of+survey+answer+collection&iso=20220430T235959&p1=%3A for the equivalent in your timezone). To allow for delays email delivery, please try replying at least 90 minutes before the deadline. Main list of items with some annotations for context, in no particular order: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262068: change the example to a sound driver more likely not to be in generic than snd_hda or remove it altogether) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261536: document dma - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263317: reorder etcupdate steps in Handbook section 24.5 (https://docs.freebsd.org/en/books/handbook/cutting-edge/#makeworld) by moving the warning in 24.5.6.1 to the place in the procedure where users would need to perform it when applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263318: add freebsd-accessibility@ to https://docs.freebsd.org/en/books/handbook/eresources/#eresources-mail - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263319: add an accessibility section to the Handbook, per https://lists.freebsd.org/archives/freebsd-doc/2021-September/000479.html - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263320; fix errant references to /etc/X11/xorg.conf in https://docs.freebsd.org/en/books/handbook/x11/ and https://docs.freebsd.org/en/books/faq/#X11 (that goes beyond the Handbook, but I think it makes sense to tackle them together) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263321: add RAIDz2 and RAIDz3 to the ZFS chapter, including the note in 20.2.2 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261212: update the ZFS chapter for OpenZFS, if needed with 12.x-13.x split - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263322: follow-up to https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c (explain when and why to upgrade the bootloader) and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364 (documenting the boot partition) unless carlavilla deals with the latter - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192663: HAST and or CARP: while there, update for 12.x and 13.x - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220014: more generally make sure that only things needed early on get in /boot/loader.conf - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258264: unclear whether it can be loaded in rc.conf, needs an update to recent driver; I'd need help from someone who has a computer using an NVIDIA GPU to work on that one - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261025: Change ETSI to etsi2 for Austria Wifi example - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=121952: ipfw NAT no longer requires natd and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588: IPFW tables and dummynet if still applicable (see note 1 in costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227050: storage device labels, better coverage of GPT: if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223891: NFSv4 and NFSv4.1 if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219953: loading graphics drivers needed for suspend/resume at least for some laptops, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260994: KMS needs DRM drivers for suspend and resume even on console-only hosts. I'm not sure I can help with this, though. It depends on whether console-mode VMs can suspend under VirtualBox. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261814: typo: s/union to/union in/. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261813: mention smartphones presenting as USB disks, check smartphone when troubleshooting - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=180493: multiconsoles in loader.conf, https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=183002: ditto, and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=95408: serial console install if still applicable - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=172370: Blu-Ray) if my HL-DT-ST DVDRAM GUA0N AL00 work as a Blu-Ray drive (DuckDuckGo hints it may) or someone who has one can help - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261944: Soft update and journaling for UFS - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257405: pool vs. zpool - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254191: exFAT and FAT32 using https://github.com/relan/exfat/blob/v1.3.0/fuse/mount.exfat-fuse.8 for exFAT (https://github.com/search?p=2&q=fat32+fuse&type=Repositories doesn't show anything promising for FAT32) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404: track ZFS resources linkrot - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240421: use geli attach before zpool import if device is geli-encrypted - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=146521: ping6 instructions for testing IPv6, since it and ping are different in 12.x. Since 13.x merged ping is supposed to be backward-compatible when invoked as ping6, no need for separate discussion. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255323: git vs. gitup and Game of Trees (got) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007: Refactor version list in FreeBSD Handbook intro (and other books as needed) for easier update; needs discussion of where it should go and which other books or articles should use it; see also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818 and https://reviews.freebsd.org/D31612 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257618: vm.bios.efi=1 in Advanced Settings to allow booting in a Parallels VM; I'll need help from someone with a Macbook (or other Macintosh) for that - In FreeBSD Handbook pre-installation tasks step 2 (https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-pre), merge "virtualization (Virtualization)" into a link and remove the anchor from the URL unless needed in the single-HTML version - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253874 (dd arguments) and s/Write the Image/write the image/ while there. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223997 (portrange sysctl tuning in https://docs.freebsd.org/en/books/handbook/config/#configtuning-kernel-limits): who knows about that? Did any later commits change the default/initial values? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253392 (boot_mute="NO" and other 13.x changes) needs discussion of where it would go - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252951 (chsh asks for user's password) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893 (smb.conf) unless "map to guest" should still be specified - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252423 memoryuse (add vmemoryuse) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252069 plasma5-plasma and gnome-shell in addition to the complete versions - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250927 (may need to experiment with no_radr and accept_rtadv, in which case see note 1 on costing) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246091 "pkg bootstrap" no longer needed, and it's all supported versions now, not 10 and later - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247568 (the Handbook part of ipf(7)) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263232 (clarify uses of GELI and UFS in installer chapter, add (Open)ZFS ~ encryption caveat) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263323: update https://docs.freebsd.org/en/books/handbook/boot/index.html#boot-synopsis if/as needed for ZFS and (U)EFI - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263324: Move/copy reference to virtualization in the installation chapter somewhere more obvious than preinstall step 2, like in the synopsis, with a reference to install images being usable for that as well - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263326: Add QEMU discussion in the FreeBSD Handbook virtualization chapter unless the audience is too small/specialized. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263327: In Linux Binary compatibility, Advanced Topics, link to debootstrap in the 10.5.1 note - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263328: Merge wiki Linux jails content into Linux Binary compatibility, debootstrap - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262689: track removal of i386-wine in https://docs.freebsd.org/en/books/handbook/wine/; while there, s/might want it do so/might want to do so/ in https://docs.freebsd.org/en/books/handbook/wine/#installing-wine-on-freebsd - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245512: Kazakhstan mirrors (If these mirrors are still current, which protocols do they use?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263329: Link to Development model book in FreeBSD Handbook Introduction, history - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248150: document using jail.conf instead of rc.conf, mention etcupdate - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263330: Extend the FreeBSD Handbook jails section to mention iocage - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263331Explain use of bectl (if using ZFS) in the updating FreeBSD section of the FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263332: Remove spurious "because" in ZFS Features and Terminology caution - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263333: Check for lingering 11.x (and earlier) and 12.2 references in the FreeBSD handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263334: Remove NIS section from FreeBSD Handbook if no longer in use. - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263335: Add GPT discussion to FreeBSD Basics, Disk Organization in FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263336: Make sure all FreeBSD Handbook images including non-text screenshots have descriptions or text alternatives - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263337: Make sure all FreeBSD Handbook procedures have mouseless or keyboard-only equivalents - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263338: Style conformance pass over the whole FreeBSD Handbook, including removing uses of the second person - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263339: Proofread the whole FreeBSD Handbook - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263340: Make sure all procedures still work and update output text as needed Things others started/are working on: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255318 (if 0mp is, otherwise see https://cgit.freebsd.org/doc/commit/?id=7233fc956edc31002c2e8f38ce30dda6b972f24c above) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262742 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259494 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262274 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204918 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260812 (Graham Perrin may have something in the works) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242984 is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254153 is carlavilla still working on this one? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260183 carlavilla may have something in the works - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257818 and https://reviews.freebsd.org/D31612 (gbe), which touches on some of the same issues as https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260007 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253453 and https://reviews.freebsd.org/D28622 (phk/debdrup) - need to review - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200803 (is it a manual page change, a doc change, or both?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241673 (gbe?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244156 (blackend?) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247285 still applicable with the current doc-building toolchain (doceng, as discussed in IRC) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253364 (documenting the boot partition) (carlavilla) - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=116588 (is tmj@ still working on this?) Unsure of current completion status: - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=252893 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241683 is this (that is, the workaround using MIT Kerberos) still needed? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196343 ipsec gif setup: partly fixed, maybe completely - was https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260253 applied silently or is https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256725 a duplicate or related? - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257481 (no images in epub) if still applicable - Review https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257404 or otherwise move it forward -- #BlackLivesMatter #TransWomenAreWomen #AccessibilityMatters #StandWithUkrainians English: he/him/his (singular they/them/their/theirs OK) French: il/le/lui (iel/iel and ielle/ielle OK) Tagalog: siya/niya/kaniya (please avoid sila/nila/kanila) From nobody Tue May 3 11:38:36 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 619F31AB9644; Tue, 3 May 2022 11:38:39 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from mail.gundo.com (gibson.gundo.com [75.145.166.65]) by mx1.freebsd.org (Postfix) with ESMTP id 4Ksydn6m41z4mRR; Tue, 3 May 2022 11:38:37 +0000 (UTC) (envelope-from pauamma@gundo.com) Received: from webmail.gundo.com (variax.gundo.com [75.145.166.70]) by mail.gundo.com (Postfix) with ESMTP id 1A3804C12C1; Tue, 3 May 2022 06:38:37 -0500 (CDT) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Date: Tue, 03 May 2022 11:38:36 +0000 From: Pau Amma To: freebsd-announce@freebsd.org, doc@freebsd.org Subject: Handbook general directions survey (this will be the last on this topic for 2022, I promise) Reply-To: pauamma@gundo.com User-Agent: Roundcube Webmail/1.4.8 Message-ID: X-Sender: pauamma@gundo.com Organization: The Cabal (TINC) Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Ksydn6m41z4mRR X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=gundo.com; spf=pass (mx1.freebsd.org: domain of pauamma@gundo.com designates 75.145.166.65 as permitted sender) smtp.mailfrom=pauamma@gundo.com X-Spamd-Result: default: False [-3.66 / 15.00]; ARC_NA(0.00)[]; HAS_REPLYTO(0.00)[pauamma@gundo.com]; FREEFALL_USER(0.00)[pauamma]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[75.145.166.65:from]; R_SPF_ALLOW(-0.20)[+ip4:75.145.166.64/28:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; REPLYTO_ADDR_EQ_FROM(0.00)[]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; HAS_ORG_HEADER(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_IN_DNSWL_MED(-0.20)[75.145.166.65:from]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gundo.com,none]; NEURAL_HAM_SHORT(-0.76)[-0.757]; MLMMJ_DEST(0.00)[doc,freebsd-announce]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:7922, ipnet:75.144.0.0/13, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] X-ThisMailContainsUnwantedMimeParts: N Several people told me that the first survey felt overwhelming and daunting to answer, or was missing an essential aspect: where should the FreeBSD Handbook go. I believe that ranking known, specific pain points in order of urgency to fix is important, but I agree more is needed. With that in mind, I and the FreeBSD Foundation put together a higher-level survey, and made it web-based. Without further ado: https://www.research.net/r/freebsd-2022-handbook-revitalization-survey This survey will run until May 9, 2022 11:59:59pm UTC. As it and the first one complement each other, please considering answering it whether or not you answered the first one. Thank you all for your help. -- #BlackLivesMatter #TransWomenAreWomen #AccessibilityMatters #StandWithUkrainians English: he/him/his (singular they/them/their/theirs OK) French: il/le/lui (iel/iel and ielle/ielle OK) Tagalog: siya/niya/kaniya (please avoid sila/nila/kanila) From nobody Mon May 16 20:22:02 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 02CF91AD688E for ; Mon, 16 May 2022 20:22:03 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4L29dk6hyxz50Yy; Mon, 16 May 2022 20:22:02 +0000 (UTC) (envelope-from gjb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652732522; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=9GX6mxBHrnSvhW+EgpO/LclXscCATXQyXjymQy8Fjx4=; b=WIlhVYZr/a8f0j3MiqiHLgGWdfQuUztvJ0JaUu7mGLWuYfMiGMQcS97G/PoNt8PqNlt/ax n5b1gSerAmKO5E+DF86Wm/OT3mCUJq1/Mwl0kckphnEJZqwprvITTYIEI5bOgV4CYG8pMU j29f38P4dEvvTMy4XIPn9pMmkplNpLPRRSL+K2KXyiWoKqeCWzyfiqJVxAb5vY6no5bOtN vx8XRDlKdOdDc2AzZ8zHKSm7+5nloTp7Nh3p+X9SsG/zq0TByfFwgF/z92qJbgebptt68m vU/WlqWjzuFzxyrTtSATXcKS2I6GCRVlHPyPfsY02N1kXylp2VMIAhcMv9l9RQ== Received: by freefall.freebsd.org (Postfix, from userid 1237) id D48A11F185; Mon, 16 May 2022 20:22:02 +0000 (UTC) To: freebsd-announce@FreeBSD.org Cc: FreeBSD Release Engineering Team Reply-To: FreeBSD Release Engineering Team Subject: FreeBSD 13.1-RELEASE Now Available Precedence: bulk Message-Id: <20220516202202.D48A11F185@freefall.freebsd.org> Date: Mon, 16 May 2022 20:22:02 +0000 (UTC) From: Glen Barber ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652732522; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=9GX6mxBHrnSvhW+EgpO/LclXscCATXQyXjymQy8Fjx4=; b=B8Ecn4GPefc9KqayQr4AzFrLGAVG/oejKQwnLShj6gkfvtstxJKomwDuwjnjDYvUN5+dZm ckJAyAdQpJNnY+4Qm03oa145CFJscpNERlI+cpetOVPIV9hNS22e/7AyFKan9jNmRQMKVj eeI0iPSNzWRLbh1ArrcPxcfQszOnuTn9lnaCTji4HeL00KOFbJB5ZZDIF7z7Ypeo8FSOeJ sZa10XcbZ3MsdGSFn91+9jLxgNjyHE4VtCU3AxcJxc4DF7QfES3JLcVFYV4pSxkvArEYku 61r9oHpETjQ3Kyimkt1VggtdJ2FAbBHmrftnhPohugUgJMAjNoK9hEKdOWELjQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1652732522; a=rsa-sha256; cv=none; b=iyVBRuh3PLnh5xQ1yLaAz8mJG5dua8f5Rf3A/7mYM7GTuki8z5r3ay0voRvLxzfRmOaWvo X3Ho10wjaO08Zz9WRTvQ9yu0UxBLMOwa2CS2utKDJJwNnXc+05ipR7YI+dQVHmagbA9MzN 3jMH36osZMkeB8f2fGUpBwn8NM2UNNXhmToR/+ZuVQmgEecp2o35o3rYvyWP7zCvzF4cyl YJF/Jx0279CdDwMHI/BzbgrPDHoGTZ6f1eegwKkWScnXdHDRR1okHzg91vQzK2+liWU2Xh 4ruoCX2qC7DmpJ0leJZVAsgsHz8Biah1OF3NkRTS7mCpZ3HiEBTscLW6GcGvBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 FreeBSD 13.1-RELEASE Announcement Date: May 16, 2022 The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 13.1-RELEASE. This is the second release of the stable/13 branch. Some of the highlights: * OpenSSH has been updated to version v8.8p1. * OpenSSL has been updated to version 1.1.1o. * The use of FIDO/U2F hardware authenticators has been enabled in ssh, using the new public key types ecdsa-sk and ed25519-sk, along with corresponding certificate types. * The ice(4) driver has been updated to 1.34.2-k, adding firmware logging and initial DCB support. * The iwlwifi(4) driver along with a LinuxKPI 802.11 compatibility layer was added to supplement iwm(4) for newer Intel Wireless chipsets. * ZFS has been upgraded to OpenZFS release 2.1.4. * EC2 images are now built by default to boot using UEFI instead of legacy BIOS. * And much more...* For a complete list of new features and known problems, please see the online release notes and errata list, available at: * https://www.FreeBSD.org/releases/13.1R/relnotes/ * https://www.FreeBSD.org/releases/13.1R/errata/ For more information about FreeBSD release engineering activities, please see: * https://www.FreeBSD.org/releng/ Dedication The FreeBSD Project dedicates the FreeBSD 13.1-RELEASE to the memory of Bill Jolitz, co-creator of 386BSD, which formed the basis of FreeBSD 1.0. We stand on the shoulders of giants. Availability FreeBSD 13.1-RELEASE is now available for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64 architectures. FreeBSD 13.1-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded as described in the section below. SHA512 and SHA256 hashes for the release ISO, memory stick, and SD card images are included at the bottom of this message. PGP-signed checksums for the release images are also available at: * https://www.FreeBSD.org/releases/13.1R/signatures/ A PGP-signed version of this announcement is available at: * https://www.FreeBSD.org/releases/13.1R/announce.asc The purpose of the images provided as part of the release are as follows: dvd1 This contains everything necessary to install the base FreeBSD operating system, the documentation, debugging distribution sets, and a small set of pre-built packages aimed at getting a graphical workstation up and running. It also supports booting into a "livefs" based rescue mode. This should be all you need if you can burn and use DVD-sized media. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-13.1-RELEASE-amd64-dvd1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. disc1 This contains the base FreeBSD operating system. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-13.1-RELEASE-amd64-disc1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. bootonly This supports booting a machine using the CDROM drive but does not contain the installation distribution sets for installing FreeBSD from the CD itself. You would need to perform a network based install (e.g., from an HTTP or FTP server) after booting from the CD. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-13.1-RELEASE-amd64-bootonly.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. memstick This can be written to a USB memory stick (flash drive) and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-13.1-RELEASE-amd64-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. mini-memstick This can be written to a USB memory stick (flash drive) and used to boot a machine, but does not contain the installation distribution sets on the medium itself, similar to the bootonly image. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the mini-memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-13.1-RELEASE-amd64-mini-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD/arm SD card images These can be written to an SD card and used to boot the supported arm system. The SD card image contains the full FreeBSD installation, and can be installed onto SD cards as small as 512Mb. For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root, which it is strongly recommended to change the password for both users after gaining access to the system. To write the FreeBSD/arm image to an SD card, use the dd(1) utility, replacing KERNEL with the appropriate kernel configuration name for the system. # dd if=FreeBSD-13.1-RELEASE-arm-armv6-KERNEL.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD 13.1-RELEASE can also be purchased on CD-ROM or DVD from several vendors. One of the vendors that will be offering FreeBSD 13.1-based products is: * FreeBSD Mall, Inc. https://www.freebsdmall.com Pre-installed virtual machine images are also available for the amd64 (x86_64), i386 (x86_32), AArch64 (arm64), and RISCV architectures in QCOW2, VHD, and VMDK disk image formats, as well as raw (unformatted) images. FreeBSD 13.1-RELEASE amd64 is also available on these cloud hosting platforms: * FreeBSD/amd64 Amazon(R) EC2(TM): FreeBSD/amd64 EC2 AMIs are available in the following regions: af-south-1 region: ami-0033eb95c63dcc621 eu-north-1 region: ami-0dbd01db5b471fad9 ap-south-1 region: ami-08c539fc7a83d91e8 eu-west-3 region: ami-074f4dd46fce635c6 eu-west-2 region: ami-0d3eef799ebc2ee76 eu-south-1 region: ami-0917b885adf3db222 eu-west-1 region: ami-0e64f6a0b42cb6f89 ap-northeast-3 region: ami-020d163167af95f2a ap-northeast-2 region: ami-0dc13208a9b40d7be me-south-1 region: ami-000bb182cd3fd42c7 ap-northeast-1 region: ami-0c44bb221d55bad8e sa-east-1 region: ami-0c60553e783e0dd07 ca-central-1 region: ami-057d0f46c75d7e017 ap-east-1 region: ami-07ebaa9807ac2ae75 ap-southeast-1 region: ami-0dca4a0efb09eb1f8 ap-southeast-2 region: ami-0b59474519a4358f2 eu-central-1 region: ami-081067cef9944017a ap-southeast-3 region: ami-02288c1a43975d959 us-east-1 region: ami-0cf377776fddcf8ba us-east-2 region: ami-079dd76c503e258b6 us-west-1 region: ami-0092f02d35109a4da us-west-2 region: ami-08e0f4bcbfaef4846 These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/amd64/base/ufs/13.1/RELEASE AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B0928XNW6D FreeBSD/arm64 Amazon(R) EC2(TM): AMIs are available in the following regions: af-south-1 region: ami-0b88ad16b10b8954a eu-north-1 region: ami-022edfc883c5e833b ap-south-1 region: ami-00a8951e5e4c4f235 eu-west-3 region: ami-0b70befe65377c942 eu-west-2 region: ami-09820446b84cebdb9 eu-south-1 region: ami-0998809de4b26e442 eu-west-1 region: ami-0451d82dc5a6deb07 ap-northeast-3 region: ami-0ee68e6368686bd4e ap-northeast-2 region: ami-084add18bd7d78842 me-south-1 region: ami-0ae55941bc23cc897 ap-northeast-1 region: ami-09297d676f3164e65 sa-east-1 region: ami-0b2b3deca87c123d8 ca-central-1 region: ami-0233f5fe6eebc45bc ap-east-1 region: ami-07c0e6490de1417c5 ap-southeast-1 region: ami-039e2fb03ff221345 ap-southeast-2 region: ami-0fc54b0fd613491b6 eu-central-1 region: ami-04c332521ac0b5ed5 ap-southeast-3 region: ami-0863c7027ced36a41 us-east-1 region: ami-001e2fbfa9538bf0f us-east-2 region: ami-0b7615890476ffe8a us-west-1 region: ami-0ad9e6945e5ffffa3 us-west-2 region: ami-08fb436306bbc39d3 These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/arm64/base/ufs/13.1/RELEASE AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B09291VW11 * Google(R) Compute Engine(TM): Instances can be deployed using the gcloud utility: % gcloud compute instances create INSTANCE \ --image freebsd-13-1-release-amd64 \ --image-project=freebsd-org-cloud-dev % gcloud compute ssh INSTANCE Replace INSTANCE with the name of the Google Compute Engine instance. FreeBSD 13.1-RELEASE is also expected to be available in the Google Compute Engine(TM) Marketplace once they have completed third-party specific validation at: https://console.cloud.google.com/launcher/browse?filter=category:os&filter=price:free * Hashicorp/Atlas(R) Vagrant(TM): Instances can be deployed using the vagrant utility: % vagrant init freebsd/FreeBSD-13.1-RELEASE % vagrant up Download FreeBSD 13.1-RELEASE may be downloaded via https from the following site: * https://download.freebsd.org/ftp/releases/ISO-IMAGES/13.1/ FreeBSD 13.1-RELEASE virtual machine images may be downloaded from: * https://download.freebsd.org/ftp/releases/VM-IMAGES/13.1-RELEASE/ FreeBSD 13.1-RELEASE amd64 BASIC-CI images may be downloaded from: * https://download.freebsd.org/ftp/releases/CI-IMAGES/13.1-RELEASE/ For instructions on installing FreeBSD or updating an existing machine to 13.1-RELEASE please see: * https://www.FreeBSD.org/releases/13.1R/installation/ Support Based on the new FreeBSD support model, the FreeBSD 13 release series will be supported until at least January 31, 2026. This point release, FreeBSD 13.1-RELEASE, will be supported until at least three months after FreeBSD 13.2-RELEASE. Additional support information can be found at: * https://www.FreeBSD.org/security/ Please note that 13.0 will be supported until three months from the 13.1 release date, which is yet to be scheduled at the time of this writing. Acknowledgments Many companies donated equipment, network access, or human time to support the release engineering activities for FreeBSD 13.1 including: The FreeBSD Foundation Rubicon Communications, LLC (Netgate) Tarsnap NetApp Internet Systems Consortium ByteMark Hosting NextArray Sentex Data Communications New York Internet Juniper Networks NetActuate Department of Computer Science, National Chiao Tung University NLNet Labs iXsystems The release engineering team for 13.1-RELEASE includes: Glen Barber Release Engineering Lead, 13.1-RELEASE Release Engineer Konstantin Belousov Release Engineering Antoine Brodin Package Building Marc Fonvieille Release Engineering, Documentation Xin Li Release Engineering, Security Team Liaison Ed Maste Security Officer Deputy Colin Percival Release Engineering Deputy Lead Trademark FreeBSD is a registered trademark of The FreeBSD Foundation. ISO Image Checksums amd64 (x86_64): SHA512 (FreeBSD-13.1-RELEASE-amd64-bootonly.iso) = 20749fd0f2c93fa70913a08370c5c571565527883e246815bad1bff81b07abcdaf95b8774de544c2175e66a018291be9034c71fba9949a9c3b611e6303b4a132 SHA512 (FreeBSD-13.1-RELEASE-amd64-bootonly.iso.xz) = 0e2a347026cd34a88b4e8fcf21163c5b9e6bd24417201a30a04acb6cb5d5a04443c582352f73eeacfe3f0ad7edc487f48c94510fa5f85341d764563854826d05 SHA512 (FreeBSD-13.1-RELEASE-amd64-disc1.iso) = 259e034731c1493740a5a9f2933716c479746360f570312ea44ed9b7b59ed9131284c5f9fe8db13f8f4e10f312033db1447ff2900d65bfefbf5cfb3e3b630ba2 SHA512 (FreeBSD-13.1-RELEASE-amd64-disc1.iso.xz) = f746d1a3a04c0aec5638cf3f2d17570480535c15c013f59b7a8f801b663b02fd955333b67e02f2d3c60c34bbb110f6ebc6ef077ba2a2273ec5777d065f1a9bb7 SHA512 (FreeBSD-13.1-RELEASE-amd64-dvd1.iso) = 326c7a07a393972d3fcd47deaa08e2b932d9298d96e9b4f63a17a2730f93384abc5feb1f511436dc91fcc8b6f56ed25b43dc91d9cdfc700d2655f7e35420d494 SHA512 (FreeBSD-13.1-RELEASE-amd64-dvd1.iso.xz) = 15fa683aa462010c27a881505518c10dbeccd2dbb27e2000b4cd8add782b40c0535b042b5d1c6ead6d53cf26fefdf8e2f2fa9e753b51c2bbdea532c8a6c6fc13 SHA512 (FreeBSD-13.1-RELEASE-amd64-memstick.img) = 96bf96628a566cb33d736315dfb56e3076ab0d757ad6c94fa2235866007f7726dc42ac2b81abd7810ae40a945220088605dbf387ebed7d688a9b80dec5253247 SHA512 (FreeBSD-13.1-RELEASE-amd64-memstick.img.xz) = 2ac4f052c65e82566e351a969d75f7bcb9b06e95e1e82e16286dfc97ce5eb59324e366aca4709f9ff23005f988dfb4f394542734d0db35666fb906fda499ef7a SHA512 (FreeBSD-13.1-RELEASE-amd64-mini-memstick.img) = a519326bb0fcce5da4b86eb202894baafe12aa4f2d226c90f8db45aece731d0e54914340be84a2986c40fca81cc80b1bd6c21b0c3d9c0d25401c82ed9d2f756b SHA512 (FreeBSD-13.1-RELEASE-amd64-mini-memstick.img.xz) = 056ddd55e9a77516e52b2efc8299f96b4ba2ec0db7b7ed88adb70c38899127d0ad11f40cba8755d748d10d59bfc71d19593e0167a852b28e973fc5cf492c2166 SHA256 (FreeBSD-13.1-RELEASE-amd64-bootonly.iso) = 02e77c57bd0a306e3fc92296b3640433a3bd7e4ba39d82db94dfd885f5bb1f78 SHA256 (FreeBSD-13.1-RELEASE-amd64-bootonly.iso.xz) = ffb6def0b167d25d4ee1c8eea292bbd3ac8cf877555f41251ac0d140cee108c0 SHA256 (FreeBSD-13.1-RELEASE-amd64-disc1.iso) = 697d81653fa246b921ddfcf1d15562c55249cc727b11fa3e47f470e2cf2b6a40 SHA256 (FreeBSD-13.1-RELEASE-amd64-disc1.iso.xz) = e18907b6ec09e14c2065049873d28bf78682821903074e0e602e07f29075d347 SHA256 (FreeBSD-13.1-RELEASE-amd64-dvd1.iso) = 5b29c2cd5a604ad24810c994027ec13c9efc53778a307831f6181dfdaf02939f SHA256 (FreeBSD-13.1-RELEASE-amd64-dvd1.iso.xz) = 8b22dd325280c811725ca8178d8408d7a235161fbb1650b2a369b6e8acbaeaf8 SHA256 (FreeBSD-13.1-RELEASE-amd64-memstick.img) = f73ce6526ccd24dfe2e79740f6de1ad1a304c854bfcff03a4d5b0de35d69d4a0 SHA256 (FreeBSD-13.1-RELEASE-amd64-memstick.img.xz) = 1ad1c64546f27e7720690f7338be2314d0c3097549a3ee12e8d888388bf01a6f SHA256 (FreeBSD-13.1-RELEASE-amd64-mini-memstick.img) = 348f6541f3b6cc914504c34d035c7ff085baad99298cf646504dcecd4c9913c0 SHA256 (FreeBSD-13.1-RELEASE-amd64-mini-memstick.img.xz) = 8f0df8762fae588c457ce48bc34f617aae8a66723254aa143acadcec93933b8f i386 (x86): SHA512 (FreeBSD-13.1-RELEASE-i386-bootonly.iso) = d053aed51d3a025c8305f5fcbc98a97ddbb8a19bc3245720ffc51689dfa078fc56bfc06faf2b686ae4e44ce98be2d00a86bdcdc14d28bd848768000b085572c8 SHA512 (FreeBSD-13.1-RELEASE-i386-bootonly.iso.xz) = 4c2a11d63153e90df77709b01fb39249bfc4e59e1f87b37e137847d02d99fa382d742d38691785c8254475be365e4ae102830d8cb2ec5d0764565a3d775d0f2d SHA512 (FreeBSD-13.1-RELEASE-i386-disc1.iso) = 67339a0b66bbccf5fddddb0b6c770b4a66de37a2f3c31ed6c3a1f3e8c90726f2844d83fe003db81b07b2ce86bf7f0db5d234c53dbd2dfa1d9358e76659d323ff SHA512 (FreeBSD-13.1-RELEASE-i386-disc1.iso.xz) = b5e361dd46a31b4cfa3cdb0333e3508ca545319b11ff1dae186e0fd5bda0c1fa7b42010cc878f31bb45b818c57d749a7577d7a438c53b0ec846124c4886a20aa SHA512 (FreeBSD-13.1-RELEASE-i386-dvd1.iso) = 9f2d757c7cfd8522e97ac033e147fab8d989527203ac8489b07c55f8eb7081577501c22cc157287186920793bdf6f5c765877761149fe36ad04979e116b3668f SHA512 (FreeBSD-13.1-RELEASE-i386-dvd1.iso.xz) = 86e2e7ea397ae578079228c55ac13832ee3a18aeb05648e32cebf27858cb7f9f58fe5b37b476b4c4171f06ca4e2dedea5b00a5f611e9ebe47f5b2439a40031f3 SHA512 (FreeBSD-13.1-RELEASE-i386-memstick.img) = 22014edc22c91b4d47fdee9caf8871185307f8b9afaca3ab15596120f7e0302237ed526829a1bf663baaf4268cdeea8ab80f0e0c73ac5465b64f63f81be159a2 SHA512 (FreeBSD-13.1-RELEASE-i386-memstick.img.xz) = ef3c649482912eb1ca3f0289551af59b4a39be1615c172c0bd69ad0c70733fc5371cbe6b2f698e95dd30c3cc7930b064d9b759320c7ccc4a60f0c604a8fe2de4 SHA512 (FreeBSD-13.1-RELEASE-i386-mini-memstick.img) = 7b2a13f1b050f5f59a62f3c8ff4a46d01547bb899b55baba452899384aa2a12a756b842042669fd971e6fad01ca9de92fb65d7fd564ed419c8a82c2cc1d693d5 SHA512 (FreeBSD-13.1-RELEASE-i386-mini-memstick.img.xz) = d145cb3f07712243319169c88e0177633f1d2cdd10e15ffe4bd213e6efecfab2f2b344632e54e0bc0d6570abc904e630e8c4dd7b1cc2c581acbabe44e26275dc SHA256 (FreeBSD-13.1-RELEASE-i386-bootonly.iso) = 75e6d5edf3e1529fbc2c2479f6d5acf37e08073a497d0cec355c304171144ea2 SHA256 (FreeBSD-13.1-RELEASE-i386-bootonly.iso.xz) = 0ae74dc63fddcab27edad2e6a9544fecf8cf96cab545d645a28c5f8e1c8c26ab SHA256 (FreeBSD-13.1-RELEASE-i386-disc1.iso) = f93ef97ca6e49b97dd837ae9fb666054008deaccfc7b2d268d5e59755e18f317 SHA256 (FreeBSD-13.1-RELEASE-i386-disc1.iso.xz) = 489e611f7e022cddbb462fab3de00b73bb4cd97e6dc09490da22d2d63d5c4d90 SHA256 (FreeBSD-13.1-RELEASE-i386-dvd1.iso) = c72f36c94175c578d3fa8eb405223221e14a5f3656cc145f4e24c02ea9181c73 SHA256 (FreeBSD-13.1-RELEASE-i386-dvd1.iso.xz) = 6f9a397688e50fcb3e29d6de39fe18510b9261c415dc211a057db37aea195783 SHA256 (FreeBSD-13.1-RELEASE-i386-memstick.img) = 61eb856a555485f916b93f828a55e39f514cad1a93667b1a6cab098f71ec6a35 SHA256 (FreeBSD-13.1-RELEASE-i386-memstick.img.xz) = e31e560165d0bc30d9095a3847a52322340379709b81a6ea3f020f30b6d6efcd SHA256 (FreeBSD-13.1-RELEASE-i386-mini-memstick.img) = ac5495d827c734f10ffee20a29b79a5cca29dcbdbedb13b3f34ae71a5368eee2 SHA256 (FreeBSD-13.1-RELEASE-i386-mini-memstick.img.xz) = e5f1ddc04ae4f77a800b3bf4466be66bcf190cdcf259e6c384a94b5b00c3b576 powerpc: SHA512 (FreeBSD-13.1-RELEASE-powerpc-bootonly.iso) = 985235cc018fbbad8686be3ec599932a16a8f3cb1066762c49d232cf0a84120aa0cc90282a168f9728ae8d2d7b324799a725ab134b4e35aaacf1d8a321504ad7 SHA512 (FreeBSD-13.1-RELEASE-powerpc-bootonly.iso.xz) = 6819da51702e6f628c190bb925b275d0ddf785c180a7b41739488b4bb11da1c7ae851c1eda3afb824b61252a245183f585580a94ef153924d30ef4b77ddf8424 SHA512 (FreeBSD-13.1-RELEASE-powerpc-disc1.iso) = 5ce60031875b6436b7bdaa931225600e8e330fd21ee67c0bdbdd4e3545f8c1bda7fa575c9842a6862bce660e7b9a12d9cd153938ae9bfa8773fd7b65e0bb8733 SHA512 (FreeBSD-13.1-RELEASE-powerpc-disc1.iso.xz) = f845f2733be7f5de76a45afc2bff37be7bf532f0c0565676b90674a8dd69ec57a5accb98b759408e03c1741a71e93904e7caa660ec9ed7a9d7ffc9d71e411e79 SHA512 (FreeBSD-13.1-RELEASE-powerpc-dvd1.iso) = fa2ba008761a5d9e749e58a6ca522f2ce901e46dff0c09845a4ae93fff81586f6cbbcb9a7e06cde1e01129dce4777f3440e3c956fb183039491bf93619f5eef5 SHA512 (FreeBSD-13.1-RELEASE-powerpc-dvd1.iso.xz) = d52c9929819b481b6ad75e019083f16a3c49c269d9326c5278b1a7b7021231401974d41da35ce9423fec89dbc8e3500eb6ad8c689625ed7d5f846127364431ee SHA256 (FreeBSD-13.1-RELEASE-powerpc-bootonly.iso) = 6f3e933aaa5411975cb2f0a48d77d032b81f24926d9c4f27547757148f20e7be SHA256 (FreeBSD-13.1-RELEASE-powerpc-bootonly.iso.xz) = 151e61911cf3534a47ce580104002c283953d245224cef16fb29acb3c28cc4f9 SHA256 (FreeBSD-13.1-RELEASE-powerpc-disc1.iso) = 35d2d4e8ba5560169332761aa814a0c6fd83f5f2858b133233ad798d62beac0d SHA256 (FreeBSD-13.1-RELEASE-powerpc-disc1.iso.xz) = 26e5e4bc274c0bf1d6a13cf829fe5d2cb6dc429e71cbbebf41e8c2be6a69cb56 SHA256 (FreeBSD-13.1-RELEASE-powerpc-dvd1.iso) = b6c60cf1c9332a98592f3a9fa0746296bed7c16e0f4001ddae75b6c8c047452a SHA256 (FreeBSD-13.1-RELEASE-powerpc-dvd1.iso.xz) = c8845a505620171a1362c1d9d8841adabb632d9f2e5be15c755ae4a0476c2d6f powerpc64: SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-bootonly.iso) = 583e96737ae948999cdecb40606c0e12744a89a5bb7171c99fe2cac069aee2c19c85bf79a527dbe528b076d7df233effafae6285dd4a6f66f45f393049403219 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 2722fbffbd37883bd54c76cee768816cfd1bfbae680707cb965b9ba4aea35816cec6a835d4bb37f16e85dc1812a10135133e2e515a73f42e8a4b7db8387b9f14 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-disc1.iso) = 3b9a887777574bcdd8e11f5d8cfb598949a3917451c971d4add6f7c958e2d08bcf38d6e375e1bb65299e29fea24effbac82ab513b1e8d52318cd975f8752c4e0 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-disc1.iso.xz) = 57f56e4529e2cb156abd44bb67e115b9b039071ef4b55833d6f3d9d4a9a1e8d61c83490f70198887a987cb9a52b4f1cc1797eb2564758d8e82a1e0cd6a9f331e SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-dvd1.iso) = 3138b754588a053fc89de2a1bfffa0ec6d59edb2931d01c54dc6306561844396934190102601c0afdb4efdc623261dde00cc9b41a6b0ac8c201774f597997a95 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-dvd1.iso.xz) = f4848fe726b0b6242cbee4e6f180cc46ef1e9fd92cb8f6208308bf0718216b699eed26a76a7e1987c55ba8a5a26741507c0dc639f55a0ec8462aac69afff6c59 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-bootonly.iso) = fd616574267a556c545c2c553163c4073bbf7fb2f325a5ed0232cd76a656eaf2 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = 4cdaa7f047aac55495f1a9c7b079a72b68c46d5dc25f1a1ad2120b62e50e641a SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-disc1.iso) = 33a2f52d6a065853bde9b853095c3b6a3f728d55ad304bc27e06a992b1ac8b5b SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-disc1.iso.xz) = 863e7886f0f7394cff7a32ace89f040922c7f8ed9f65c575cf3ff7e3d683c2fa SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-dvd1.iso) = 34b794c16444d8bb734f5385f84f93e312c2721630ab1f56094cc956602da931 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64-dvd1.iso.xz) = 9fcaa94122c0ddf857d1d0a9e6d9f161c0b9fefa8bc2108f4a8024c60b386c9b powerpc64le: SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-bootonly.iso) = 4618ca80e2e7cf1b6b90d7bfaae6979bc2791868572fe3fdfa673da9f73dd9b80b37327209afa66f16e08abd5da16b41b9f9761920aef5a841cbf145d8ec1d69 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-bootonly.iso.xz) = 8e6811fe25df96fc093984b2aec97006fddb16d82fa67ec83e708db963ec563792d75309d5c152cbc122ffd00b732a5e043212282952f8d6c6e6595d536e81d3 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-disc1.iso) = 69840dcf47fbff22d9f2b917553022ffab0fb5f5035239962a52244f304d419250f453a4295d9058c71ee822fae7d0b75ff869abf258b14a1e1d9cfb76acca98 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-disc1.iso.xz) = 4e77ca8c92e23217c7acb5e370b6a00e450b6a2b99154d807c2a5b7d39f5eaa345a01129db3fac6a50ab79985533ac011f03ba86194a66669dc9ee81ae1b63a6 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-dvd1.iso) = 916598c46ffb1bb3cd92a446fef27df037800919a940451f6cf1053828431b2eaab1aed3c6bb5f6ed09fb7f34bd1902d0b2a438a408f2a77514550c27520da18 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-dvd1.iso.xz) = 51105b3efe216fbe70b42a503c91e79f2c1e9b6f06b4efa868e720f8e32832a4437cc3361d630cd3ee22c2c2f4a5dc295a7d9d7b045731887b7a94601f1ebeda SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-bootonly.iso) = 014ff51b7aea1e30d533b9e24905495caa31e6062e81eccbb7a7f6d44e903512 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-bootonly.iso.xz) = 34c632aeb4918c3677d3e755fe1f44c86c4f53f5e6e958eee4fe102081615c45 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-disc1.iso) = ffe7e086796423fc1faa304018519f88dc037484984500eed68625edba36e4da SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-disc1.iso.xz) = cc862991ab8bd654b2768264b5f9c470f28240ffad8b55aea4d0fbbe05bc36c3 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-dvd1.iso) = e3611bdb7bd1742197adda02cc83d5f54e039e0ace67df6f444d286fcdc2de1f SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpc64le-dvd1.iso.xz) = 2b9cd62d72a07d166cfc17c0918ee9254789bd66ae0dec1371290bd5213d6c8c powerpcspe: SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-bootonly.iso) = ee362261516a8e515fe1c38b68e08802d89a480d35a87fc4820642077421f9072b0f54d4c9c63c1cd25a91d49300672452669a9c5accdfede0f9602b11197652 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = 66060d0a8a5e7ff5cc73e9766a440b3064e6c001397d1efc20bfd732f070efb15f92dde46e7c9927686198569b4f8f41640451df83225d33a680a0a2460dbb01 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-disc1.iso) = 31d7a2311c9e621e8900bf369e91ae712e8bc1ae93c85c4588e4b3166956503241395047ee753fa73580df3a8588a46e00fa1c1d527982c470de706f82e73869 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = 1fdf22f9aacb9dbc06b05aa662c54b7bab0740a5bf0b08db26011ef5e1eaa0fc0a981f08b883f58730e0746fb09cc4a4778c906253f922cc7fe1888bc01fb914 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-dvd1.iso) = 2261ef6640289a7bbb6bc5745aa87327e0cca17b94f9b1825fe3f2e5afb38e00098ab199dba140b8170abb9e9464ad438bd59414e3551964777f5eab15511520 SHA512 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-dvd1.iso.xz) = a6322c7e6d979e6adfa2eed6921e813c4955bff1c202eda6bcad81088dd9af5f05c04c760ba8ca654f338490a02f27772b362189384a1102abc53508caa6d069 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-bootonly.iso) = ed5fd627afbf8478eaee2cf174852eea19c562a2486da44b1d8b79f23d81e81f SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = f800b4b94185d38a8e33029ad07b094508d00578bd32d1b6699830f52b4c3c18 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-disc1.iso) = 59791ff58a0db261858bae0da164de053271e3900eaf66237b564b811e1ff68a SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = 6c4b13fa3de6e3a800313db57159c17bc1b3d7bc0b1537fa88fe1264c2d13eda SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-dvd1.iso) = 064c5aa85962fd10311dec31802664c0fd207cff649940cd31be6e702f0df019 SHA256 (FreeBSD-13.1-RELEASE-powerpc-powerpcspe-dvd1.iso.xz) = c52309d94777136b867abd17af63666c26a7e085e23932f36661c112cd725272 aarch64 GENERIC: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-bootonly.iso) = 8a5cf91ab8de49df5799e2d9bf300ff5d1ba25a73b5ca1117151ac2040e905be4304afbc96864ee6d459ee883e94b007403e1d7da2f50975c1eb888ae9ab0ab1 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-bootonly.iso.xz) = 9bf01fb67fc948b18c3a6b784abe60edee3c003878088069eaebb3bbc6f89808b9f4b3041e32dea05375eba34f4f50a289c7c6e5d94e759b8e79cc11c0d23210 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-disc1.iso) = faf899551dff156de578f9f3b27aa2a1108f0b5903c415a78c9368508e0f41526f1704af291cdc5cab571a4a1766a59dd29206674d40b88cf9b5236db615287d SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-disc1.iso.xz) = 989269985ec99af11f8c13bd6a47c5449155d65232bab4114ff13fa5989f059a42fffcf51754915a8ac7bec0b64fb663a9140496c4f0d0ea0e2167f0e7742c6d SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-dvd1.iso) = b05950d0b17f1e355cf5d133809350a33305c714b159647e970d41bdbe4fb991bda17aba22fd9717fc2b8d8005ce96c98636a35a3725ac61033df24e0d75014e SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-dvd1.iso.xz) = 30fd0a083bd6644269f6f0f6eb3c0a1a5f47be04457ea555b3b1e1ce69033738debc93b639f65869dd7206a79d7090eb58f1d64778c63b379061de716d8a736f SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-memstick.img) = 19f3bb3352b827e6551fafafadb1d1f914905b811e0f2d94b805ee092d2857e07595d5663ba59521fc300da780e0624e13d3f95a7140c30375d01c6718e52d50 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-memstick.img.xz) = 847c48a09cca1e85692e069a9d806bc6ca6b3adb9fa4b333a7046be46bec36823f7fba82b48921c4dce932adc2fef313e4cfd12664d859edb30f074df38953ea SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-mini-memstick.img) = 8ed64addaa9eba97c3fb8da3fbb94caac84bff1eeea5e11930eab770a146172dafc85d09242b7dc6b3a6cdfc30abb017f9f34c9c47327bd5170c6df126e7f555 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-mini-memstick.img.xz) = 475a0a577e893517b6ec12b133b14f0f6e0214c208a5078fc28c4e495eb8b89d2c66914e8814279bef6d907e8c086ccd4547082065253e8f0c4f3b1b61b046a5 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-bootonly.iso) = 062b1cd8dd0f34e3e3b06d673d7f4eb28d3a179da4e654c9f7b7d00b10efa042 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-bootonly.iso.xz) = 7de7d4027de82f5a854e1d97ade8e1bfcb21b42d25982631443f104d2d4d9ef4 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-disc1.iso) = ae8f9139153f31b193fff267f4935a64706c3dfc5015b4a2662c5663b77b4173 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-disc1.iso.xz) = 956d62cbfd27504460372d7c41ded28844c5ee5475df6aab38d7fe8cd17a3d4c SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-dvd1.iso) = 40c2c6ad0292f19553677de5afdf3570a2d2e9cbf51b075824cefbddd22787b6 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-dvd1.iso.xz) = 26826c01a20a6d024767af34f79b0a446ace56de3758aacfc2a2e4ea3281391e SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-memstick.img) = 5da05c3c6deadeae5b8daf1c11459640bfa8896cad86f6577f8c03543e41ae7b SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-memstick.img.xz) = e0fc7a126aa13d5efefaa962c68a6513d8b89b2a1df17a7cd2209d5890c258f6 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-mini-memstick.img) = effde1db95f80640a03c845665f3af71a23d8d044e09a375145012ef49b6cc63 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-mini-memstick.img.xz) = 1fb56088c6baae35ba6b36923567c3a8ef865a4afd1c44af4baf8a486aecdb0b aarch64 RPI (3/4): SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-RPI.img.xz) = 761ca4f17da9b0da8a8b6418d0463152ba16147022b15549d7c8b1c3020a2f89c7d56c04cbc9bc1c5ec54dd4f563f7289313526aa0287e0afc43ecabd0f6e2f8 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-RPI.img.xz) = 442a0ccd9000f50a72c34c8c084279f4126d8c1c472373c8ebf113c81990d0d1 aarch64 PINE64: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINE64.img.xz) = 91886925a9d165d6fb8b5f8c5578b70419171de9585f5be700167c9db7c844cc005c4208085cf544ddf71c9004c4c7b10dc2f9f73a7be83ea95c040a7611ad73 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINE64.img.xz) = ef78c7437ddf09be86fca5a8137e7633f595fa403ab7de260e546c69d4cffbae aarch64 PINE64-LTS: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = 71a919677462d1acf18d2dcdb70f0bebe46048a4ab38156ea7e218c500371df60dfbacc29c5e78227a258c3cc0c084b5452a7a977fb7bb85807d3605b59e85c1 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = 066a16bef9b4234cdadafecbc2304c790804d0c846a05b02f54ec2ded37e9f43 aarch64 PINEBOOK: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINEBOOK.img.xz) = a0a6e6e7aa9345f2d310863e98b3f158fbf0fbfd18158fd7857873cc702eddf1c83291a962f9a54150b0e1adbb0427717b162f6ceb1f44284d08e83bf591c383 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-PINEBOOK.img.xz) = 15a0d22f037dbd29eeef364bc9fd52c0acdc054f38620de054b4ffc5e4160b6f aarch64 ROCK64: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-ROCK64.img.xz) = a489376a314bb666a6cc466ba854ba4e415cece469d974f94b1ab2a2a52beeff2df269e99701c020db3cbf33f6cc0c0627e87f007e6a5909b3b61ca762683988 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-ROCK64.img.xz) = 99286f2b97324aca1e2e8c978c7f6e01a24facb65f017be7b63ecefba312d3eb aarch64 ROCKPRO64: SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64-ROCKPRO64.img.xz) = 78578e096e71baea6f5e44a5729193d5ddebc75213c5287158acd28907e547efcc84afc9b61a21f6c03ce8b89eb90be871cd1fa07991e760b521ae4a85a59153 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64-ROCKPRO64.img.xz) = 7ed835f0a4415b3298142077c48b8eb37a45290265ba99a170a5b742f2d11ac5 armv6 RPI-B: SHA512 (FreeBSD-13.1-RELEASE-arm-armv6-RPI-B.img.xz) = 7caa13d9d45e19206eac81ae481e761744a92cca7b28144c2489d560d5f0c3a62f4c0a31ec85c2c63273931ccb0dd85f9d8924835d2c88f04b818f4ac99fa997 SHA256 (FreeBSD-13.1-RELEASE-arm-armv6-RPI-B.img.xz) = 9fdbde8aab2ee9414056660c4ff3d13d35a7a4da603ca9396385a2d2b15fbd10 armv7 GENERICSD: SHA512 (FreeBSD-13.1-RELEASE-arm-armv7-GENERICSD.img.xz) = b518d23ef446f9a81ca01baa3d4a10871e6df5e01d295361d002eb33716da5f486c15d464946f0918d8da93f459919eca743f2cde394dfed38d874a91ebb8c39 SHA256 (FreeBSD-13.1-RELEASE-arm-armv7-GENERICSD.img.xz) = d74427e3c484d99e8e57f3ba9490cdf4ebb000f8e63d373005a4794d65213148 riscv64 GENERIC SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-bootonly.iso) = e6bc4fa8c1304afb0af92a57c32bccb75276a2dcec02edbdb952550f425315addb2c4b2c4a3b40fde0de9d8f6448d18267657dadc755382f75d0c13084178092 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-bootonly.iso.xz) = 16fe27a442a8c5a9cc2e877798dbc28dea0be2a816d50dc8d0f3735acd2291057fa7bfdb659d169b1fb664e1147477ea091cc7253edb72002d2b2255784b4780 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-disc1.iso) = 672cf97a903959636a46c108e6bd7a2a4924bad681000e1067ac1169389a9f257fb86ea6827a5f1e9120f0562ebff773493d3d5a3402e1b88ad162d16a33e7f8 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-disc1.iso.xz) = 31e8f6b29a4ce5ddcfc9c4a8fa593bdb787720e1f49a1ab0a35744b254df825517df7ad66050c15e856b8dbb23137404d5506d7746ce7a6ccbe07bd8a827db84 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-dvd1.iso) = 1fe71b54a0382a96fc05daf1048ae59a69d1d90763980c2439303a19298a83273389f49b942b8c3ddd0dc50437464284bf2d2de5bcb29e5ced6c934c9fb19bd6 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-dvd1.iso.xz) = 1a0c2cebfd451cb977e2e9e420f1fc650ec849bc5421e015ee06c24a79a068ea1acfb3f3114e758bbc6c9364d1b5422e606caa0366620249e1d22640ce642a48 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-memstick.img) = ee6e69d66783dc5cd81726c48e3de366ab90afb10ed87b7cab55fd97f7e96addff25bf428c5e79ed936363ff50415eca8be8096565e2ae3af5e4a4a73a1b855e SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-memstick.img.xz) = 667445eaa25f220317a9e36369ce7a3006d7897a6765b91699c9312828d08bbaf1d48ed3c4beac64be3b9f68bed7db09474decd03cb397361487f1bd9b7be3f9 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-mini-memstick.img) = 39dce99defcfb2957b7e0eca5e6797b13d85119e97d0c4f3a9b4d539c2048d1e3766ab21c40a31cb36ca45202ed57f238edf1ab1abc71b116ebfafada2a63e48 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-mini-memstick.img.xz) = d98c658ac03fa728d7cbc53dfbb73074c823a7154c9dfd106832293d109ac2f5ccbc340abd02bb1fcacbe453e27dec86d7203f082c5c784a84982013065efc90 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-bootonly.iso) = 0da266778afc95d43732d124093c5e69c7a5505146fef6a12104b5cbc5f2f314 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-bootonly.iso.xz) = c0df1363a4ebc7021044ca19cdf24e50be716cf8c02c2f07ad07d59846bd9e49 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-disc1.iso) = fb3db6b10cc241667da48fe00e4cfa303a90ac63eda0c4ede0f54ece307a5bd4 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-disc1.iso.xz) = 2e18ea99f8dd38e1fcd3c9e87d0170b6b8540c76c4bab9dc8c5c1947765c53d0 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-dvd1.iso) = b21b39f9e63b87f9f4d869180103bf98bbfff9c1b9fec6400bac04769b479ae9 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-dvd1.iso.xz) = 53e08fd189d0f9a57a79660e47960515058dbb2f97c04fd9c24d161fd69fff0c SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-memstick.img) = 6fbff1a5de0bd751654832b10ed835035ed59928c3f145b0f56406104a08fa4a SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-memstick.img.xz) = 68011cd048189a201a451d21931cbe07e3e3ef4df3bf78911f4fd9355346c7b6 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-mini-memstick.img) = 45ac1a0d3cb1a138edda404cadcd6559963d77b5258e9f6b2e26c2acb4d49862 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-mini-memstick.img.xz) = 24058b9b7fbccaad30bc6044418a366bd161c9b5c904c0acf4bdc5ca65996b72 riscv64 GENERICSD: SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64-GENERICSD.img.xz) = 0d5de2f763ff5c5e93923a865445a196c9a8698bc6bc80959aa9c9a261e7fad56abf5e54d90e4a07a63aab68e07fa4f8a7e400616cb7457c7552ead2ad018b79 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64-GENERICSD.img.xz) = 7ee791f6eafa1ec50260d816289d36a19b08b8dac707071157a0457d923163cb Virtual Machine Disk Image Checksums amd64 (x86_64): SHA512 (FreeBSD-13.1-RELEASE-amd64.qcow2.xz) = 2971795a79ff28e38d4128c2c5068ee8fcbe02267feab5c0f1df31a366952e0eb7bcdbc13a2e16ef6d413dff89b96b89fb7d8f4e3785062b33353f9a4732a406 SHA512 (FreeBSD-13.1-RELEASE-amd64.raw.xz) = 9ef4438b716f0999cf2099e974fed3b570fc906fb00982107e0793e917fda213a63728c8aebe3c22efad19a3de5e4cd317296c3c75291c36e75b6d2aec33be80 SHA512 (FreeBSD-13.1-RELEASE-amd64.vhd.xz) = 46017ea461f9bf6eac0eb77c9836d4e696f0c7ff0a801e1041b575eff5dd7364337df8d077e5c71448711884732ca062b0d7184a05445f5dcfe8e4fada93fc3e SHA512 (FreeBSD-13.1-RELEASE-amd64.vmdk.xz) = 4a0ef2266f0df7803e96ebffaffa414399de802daf5f94cc6b93d5db1c39d4f7e0cd6a72ea3b5210f5a245cae640766af34f02f7303a1749a522134228f527ae SHA256 (FreeBSD-13.1-RELEASE-amd64.qcow2.xz) = 29f116ac556a6550ad943461663d659acb300cc25db5b1a15e1e9a4eb76ad209 SHA256 (FreeBSD-13.1-RELEASE-amd64.raw.xz) = 27d2094fe03d5f9c4cdcb694cddf2b1d7a652a0eee7f85eabcde2cde98ffe252 SHA256 (FreeBSD-13.1-RELEASE-amd64.vhd.xz) = d25f82f0f1953c207a76c05e4c37ede5f9fd8021759c2dc4eb49c86f3c5fac10 SHA256 (FreeBSD-13.1-RELEASE-amd64.vmdk.xz) = 3b9e26b50373b2b832aacfd9eb8877c1a1ad481ca7bebf79a092d7202476dcac i386 (x86): SHA512 (FreeBSD-13.1-RELEASE-i386.qcow2.xz) = 26eacce6523c5b49dbf2ce096fadc97ed9a52158203a85d9e0047a42c7c9d1003ed623127b2c9405bd6eabce2df85ccd772c9e4ee6f8e05c3c32d42bbef32a41 SHA512 (FreeBSD-13.1-RELEASE-i386.raw.xz) = f74bc4f3245064c1dd094ef8c2e4d147683ebf67645f3c6dca016d637f924de8675e2a09ea2278e451e6284e61c12a7196d9eb23a0457aad0e4a22f803144454 SHA512 (FreeBSD-13.1-RELEASE-i386.vhd.xz) = fbe9979fb8ec6dfa7490fca9d613b4fb87d7c29a64c6ab4a5acdfa3d0442daf60b0f1c6f931aa56299027dea4d57e228faf89573c36345f09a5a86fe05acb9c5 SHA512 (FreeBSD-13.1-RELEASE-i386.vmdk.xz) = 3b41ef77c87a0bb4bbcf7fd29ee579d47179e518f0aab2706893f836600b05f672306422cfda138841953e3ab25e10a9b04361cb88d54f23a72a9714abcfb578 SHA256 (FreeBSD-13.1-RELEASE-i386.qcow2.xz) = 0c7aa18da0d95624204270704f1a6630b5954dd1e999d0b57637c263378532e9 SHA256 (FreeBSD-13.1-RELEASE-i386.raw.xz) = 83392357f0734402f00cfae2e07a3ee9375a8a471de80ea77116e14a8acf6da1 SHA256 (FreeBSD-13.1-RELEASE-i386.vhd.xz) = d9025f14328cf9a6742a74f68e8291a8048b58978c5b6a638c075c30269fd842 SHA256 (FreeBSD-13.1-RELEASE-i386.vmdk.xz) = 9a6f1604a296680c0c9b7512d371fe88d939a970161e096c9e0529044f136917 aarch64 (arm64): SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64.qcow2.xz) = 0f1d6949e736be4ca243e75759e8883709da9bc4ca073502f65cf0f53ce6cc6807bc64039ec001473fb134039b08e2cfb63d7fb55785770bff89b6081b5bb4e4 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64.raw.xz) = e63cb689c02c25f55806f8742e6cbd60ef9145c4254daa2dc888a2fcaec7753e96c44d3d382695fe979645a07fef1d739c2f0da8989ee605807ed388bf3965c7 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64.vhd.xz) = 783c9c20a8132d38620c2a3aff54b64851d13f9ee286d4cd47f016a20ccec6d648a2c76b3174907b4b8a8a50b210ae2ed7967523d6469bad1a567b8ac398c316 SHA512 (FreeBSD-13.1-RELEASE-arm64-aarch64.vmdk.xz) = 1bca1e3cc542e91ee9a20c3759522ecbf62d87addfec091716af37db36739f12ab7a940306fcdcd843734cc5d16952234073b4e39e3b7397947beae6904bd260 SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64.qcow2.xz) = a96abc63cb8767137a2e42042552f41e7679d2a94c8c2041a67f9034664a0a5e SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64.raw.xz) = 947deb0f7f3011e72519c6c82da72a3e86b547cebf898ba8d92312f1ad7363fb SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64.vhd.xz) = 14fe2367be20ee9ff8fff494c2855fc544ac69142187fbce071b6ce63c1e027a SHA256 (FreeBSD-13.1-RELEASE-arm64-aarch64.vmdk.xz) = d185c36d70622a9f25040fec95442e2265fc3b1ecdff61bc2e341cb4b2fcfdf0 riscv (riscv64): SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64.qcow2.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64.raw.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64.vhd.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527 SHA512 (FreeBSD-13.1-RELEASE-riscv-riscv64.vmdk.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64.qcow2.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64.raw.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64.vhd.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275 SHA256 (FreeBSD-13.1-RELEASE-riscv-riscv64.vmdk.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275 amd64 (x86_64) BASIC-CI: SHA512 (FreeBSD-13.1-RELEASE-amd64-BASIC-CI.raw.xz) = 1080ac29ff543910812e60aeb7270994be0bd80ca7b204e20291c5e4ef1f5e4e3c5e244e0df6bbe158cc74ef19549a15cc7f15285622ce4910aca4133dba9df0 SHA256 (FreeBSD-13.1-RELEASE-amd64-BASIC-CI.raw.xz) = c775c306287ef347bb322a653bc6ef0bf14e580deabec45b29e87270d669db0f Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation! https://www.FreeBSDFoundation.org/donate/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjRJAPC5sqwhs9k2jAxRYpUeP4pMFAmKCrVcACgkQAxRYpUeP 4pPa1g//VkWAbrN57pvZzG3vesDSU5hCfjHU25zQRNbsVQ695iW5eulXK3nwrIF3 YFH+Z9xwR8HGQz/ltQD3yZAs9XGa/z3wjmDP6RHwppIfgrcM12/+XuSbZnGoZr54 Sx8ocgXFNQr7WTICRDGmg9WQWcgflclSDWKZEpk2PORy4IpncEeGh1rxLR1E54Z6 HcPJZwJedFbjnK3SJs/MejL1JtbJrhagtJpE7WbBTidFme/dhHGQpc2UjpZA7osv MIL0j9baUs7U+IO7r7GfLtpRyS/ABfJihuJUeJyzqTIK5pg1CMV3iyQO+hkGeoz7 hjz3OrDwPQs/vlARUhZAOBiW1kYApgzXajXV2fOL7DvBBD+w4bga+8ull2rJow/g Jve1wc9HcbGSV5pa04UDqikTdj9eHCmLlWaNIrP/yi1hYWbb2AKHOhh2n331M3W0 A7oGWyBWvXCytJ3Pvb7VWCzI7oI6MTCD4RT+JGiRNlCLi3BfS6QG53BWTpj2CywP fzPUTNJNzcfhFxkDP52fPfEIWtKD2EdoxCevMxObXeCxTIevTJ5wvvS+Eile2e7D EElplakYygaq1cPr0Bd2jcvNxLwIPAQHHzm1q1HSpTE7DAUnUK6k4KB3fRYftN+z 5F3jAjL2S6f/xKyoiNuODB2PlXGkTsfxqLQBlNKBUkFB6MXE6ZY= =G+UD -----END PGP SIGNATURE----- From nobody Sat Jun 11 15:42:37 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 8C09D85300F for ; Sat, 11 Jun 2022 15:42:37 +0000 (UTC) (envelope-from salvadore@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LL2CK3fCZz3L7R; Sat, 11 Jun 2022 15:42:37 +0000 (UTC) (envelope-from salvadore@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654962157; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=vS03l+AbRVT1Dq6P76jUioSN7ZcE6alq+/M5Ba4O0Z8=; b=qCZd/nD040JqX7odUB24oQE1owTHMCt33sUriYN5dW+4xpNOyijjUj8cdBNC/Cg1R8l8fq FbHGBkF+HzGShYa4G9L8tbqL6cWiKelLMhm/qz0TBhYcAQ3MEZyx33iHgNieRKAZ1fv9CW Ctth+DCLm8+iTnKAY7UGO9fFEPAQI/oinkS7ngoocAxcqMvj3uL/i+ZRff3MWvPKEKJ40h zeqqTrJFHngPZ4a7OrFW5yB0T63w2kuIgLNc/I5W8idb6ya4drQneccveXiodMRb+jlZVa VTCwJADScC2B0TNjAozlJx4akjR17pBCGRcxG5rVAgLNs8ThC0fU90TJemTV6g== Received: by freefall.freebsd.org (Postfix, from userid 1472) id 65242464F; Sat, 11 Jun 2022 15:42:37 +0000 (UTC) To: freebsd-announce@FreeBSD.org Subject: FreeBSD Quarterly Status Report - First Quarter 2022 Message-Id: <20220611154237.65242464F@freefall.freebsd.org> Date: Sat, 11 Jun 2022 15:42:37 +0000 (UTC) From: Lorenzo Salvadore ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1654962157; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=vS03l+AbRVT1Dq6P76jUioSN7ZcE6alq+/M5Ba4O0Z8=; b=Tr8mT/fVf4A/kjJ4BOosKMLlOBhy7Mmo7x11gxA2H88YVf6FSefqB9bIdAjV2FhqqYsD7S NnlgVHdeAwOqEYEeutGGRql/gcw5rmbQpx5q+KIEG6OFxlpeTMSKdZKfSm4f5fI91bqUNL J2rEo0FcbVue205ozhKpEO1f3kLV5USeU0Qzlfcs1d76pwvMK3+CMLPb5Z4Us0/fnyBqPo 4AH3SBrccP9LWq3bqq6t1X1MHXvWEMdxBn1T1iP4aHbEJIgdT2CNNJRDdl6cbX/6RzZzPD kvFtp9lZD8KvqynSnzHjt3sLhUhdLIIVh3GYQ0ka1i82DyRU28DFkdrmODLfig== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654962157; a=rsa-sha256; cv=none; b=wt8Bln9WEMxoSks8ml9ap+ce8uaRgCiKFt6/TujwURl7gxaj79T3o7xGzrUeQrT+Saxv2B W5UQ7MxhfPhw2q15PqhbPkqdCIGMpZXw0SeNAb/ijcga5GQIg0s/hAiOTAo3sQdQrQPEt+ MvLmcKNGuDKrKXYlV8cvX3+x6vbddtOTpcUP2/tb4jgClZaC92HL8yYRWzeSRJBFwd2K6l cwrpIqrWsuoiERD6SrlGmIn1UNo6uDqqyTGEXCJ+ZGxGmfoIKvQv1im/2YSfmXKqcG2ROx vEtjwOkrfK0Sc5Hp7BUV4Lis9dHLUw20ZNTPuPxNaRaLzxHaFL29wQg4ihVrvA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org FreeBSD Quarterly Status Report First Quarter 2022 As things are yet again settling into a new normal, it’s once again time for a status report for the FreeBSD Project. You may have noticed that this report is also a little on the late side, and it’s with regret that it’s taken this long to get to it - however, thanks to a few kind souls who’ve stepped up to the plate, in addition to the folks on the team who do things quietly in the background, future reports should hopefully be more on time. So let’s get some introductions in order, as yours truly is delighted to accept a hand from Pau Amma who already has been helping with reviews for a while, Lorenzo Salvadore who is stepping up to get some tooling in place to make it less of a chore to make the reports, as well as Sergio Carlavilla who is stepping up to help with all the work that can’t be easily automated. This report covers a very diverse set of topics including but not limited to accessibility, system boot speed-up, an implementation of GEOM union, changes to the WiFi situation, and many other things. We hope you’ll enjoy reading it! Daniel Ebdrup Jensen, on behalf of the status report team. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ A rendered version of this report is available here: https://www.freebsd.org/status/report-2022-01-2022-03/ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Table of Contents • FreeBSD Team Reports □ FreeBSD Foundation □ FreeBSD Release Engineering Team □ Cluster Administration Team □ Continuous Integration □ Ports Collection • Projects □ FreeBSD Accessibility □ Boot Performance Improvements • Kernel □ ENA FreeBSD Driver Update □ A New GEOM Facility, gunion □ Realtek Wireless driver support □ Intel Wireless driver support and LinuxKPI 802.11 compatibility layer □ Kernel Crypto changes to support WireGuard • Documentation □ Documentation Engineering Team • Ports □ KDE on FreeBSD □ Elsewhere □ FreeBSD Office Team □ lang/gcc* ports need some love and attention □ PortConfig □ Wifibox: Use Linux to drive your wireless card on FreeBSD • Third Party Projects □ helloSystem □ Containers and FreeBSD: Pot, Potluck and Potman □ Fpart and fpsync ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Team Reports Entries from the various official and semi-official teams, as found in the Administration Page. FreeBSD Foundation Links: FreeBSD Foundation URL: https://www.FreeBSDFoundation.org Technology Roadmap URL: https://FreeBSDFoundation.org/blog/technology-roadmap/ Donate URL: https://www.FreeBSDFoundation.org/donate/ Foundation Partnership Program URL: https://www.FreeBSDFoundation.org/ FreeBSD-foundation-partnership-program FreeBSD Journal URL: https://www.FreeBSDFoundation.org/journal/ Foundation News and Events URL: https://www.FreeBSDFoundation.org/ news-and-events/ Contact: Deb Goodkin The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting and promoting the FreeBSD Project and community worldwide. Donations from individuals and corporations are used to fund and manage software development projects, conferences, and developer summits. We also provide travel grants to FreeBSD contributors, purchase and support hardware to improve and maintain FreeBSD infrastructure, and provide resources to improve security, quality assurance, and release engineering efforts. We publish marketing material to promote, educate, and advocate for the FreeBSD Project, facilitate collaboration between commercial vendors and FreeBSD developers, and finally, represent the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity. Here are some highlights from the Foundation for the first quarter of 2022. Fundraising Efforts As promised, we updated our fundraising meter for 2022. So far, we’ve raised over $84,000 towards our 2022 goal of $1,400,000. We’d like to thank our individual and corporate donors for supporting our efforts this year. We’d also like to give a big shout out to our Gold Sponsor, Facebook, Silver Sponsors, VMware and Tarsnap, and the companies that provide free hosting for the Project: Bytemark, 365 Data Centers, NYI, NextArray, Sentex Data Communications, and the Computer Science Department at NCTU. You can find out how we spent your donations by reading about what we supported in Q1, in this report, and our Spring Newsletter. If you haven’t made a donation this year, please consider making a donation now at https://freebsdfoundation.org/donate/. We also have a Partnership Program for larger commercial donors. You can find out more at https://freebsdfoundation.org/our-donors/ freebsd-foundation-partnership-program/ OS Improvements During the first quarter of 2022, 372 src, 41 ports, and 16 doc tree commits were made that identified The FreeBSD Foundation as a sponsor. # This represents 16, 0.4, and 5% of the total number of commits in each repository. You can read about Foundation-sponsored projects in individual quarterly report entries: • Crypto changes for WireGuard • Intel Wireless driver support Here is a small sample of other base system improvements from Foundation developers this quarter that do not have separate report entries. riscv: Add support for enabling SV48 mode SV48 is intended for systems for which a 39-bit virtual address space is insufficient. This change increases the size of the user map from 256GB to 128TB. The kernel map is left unchanged for now. For now SV48 mode is left disabled by default, but can be enabled with a tunable. Note that extant hardware does not implement SV48, but QEMU does. • In pmap_bootstrap(), allocate a L0 page and attempt to enable SV48 mode. If the write to SATP doesn’t take, the kernel continues to run in SV39 mode. • Define VM_MAX_USER_ADDRESS to refer to the SV48 limit. In SV39 mode, the region [VM_MAX_USER_ADDRESS_SV39, VM_MAX_USER_ADDRESS_SV48] is not mappable. Add v3 support to CTF tools CTF, the Compact C Type Format, is a representation of type information most often contained within ELF binaries. This type information is helpful for probing tools like DTrace. Recent work by Mark Johnston allows different Dtrace providers like the FBT (Function Boundary Tracing) provider to work with version 3 of CTF. FreeBSD on the Framework Laptop Two Foundation staff members, Ed Maste and Mark Johnston, as well as a few developers and community members now each have access to Framework laptops, which are designed to make hardware upgrades, repairs, and customizations straightforward for the average user. The goal of this work is to ensure that the experience running FreeBSD on the laptops matches the stability that FreeBSD users expect. Recent improvements and fixes include: • Making audio switch appropriately between speakers and the headphone jack when headphones are plugged in or unplugged • Fixing bug 259230, which would cause a Framework laptop to reboot or power off when the touchpad was used. • Adding the Tempo Semiconductor 92HD95B HDA codec ID • Temporarily fixing stalled usb enumeration, bluetooth, and S3 resume. The temporary fix is to avoid attaching to several newer Intel controllers, which require firmware to be loaded, which is different from that implemented by ng_ubt_intel and iwmbtfw, so they are not usable yet. • Avoiding a 16 second boot delay, by probing the TSC frequency earlier. This lets us use the TSC to implement early DELAY, limiting the use of the sometimes-unreliable 8254 PIT. You can follow news about FreeBSD work on the Framework laptop at: https:// wiki.freebsd.org/Laptops/Framework_Laptop. Continuous Integration and Quality Assurance The Foundation provides a full-time staff member and funds projects to improve continuous integration, automated testing, and overall quality assurance efforts for the FreeBSD project. Supporting FreeBSD Infrastructure The Foundation provides hardware and support for the Project. At the time of writing, the server that will become the new Australian mirror has arrived in Australia, has a fresh FreeBSD install and will shortly join the cluster. FreeBSD Advocacy and Education Much of our effort is dedicated to Project advocacy. This may involve highlighting interesting FreeBSD work, producing literature, attending events, or giving presentations. The goal of the literature we produce is to teach people FreeBSD basics and help make their path to adoption or contribution easier. Other than attending and presenting at events, we encourage and help community members run their own FreeBSD events, give presentations, or staff FreeBSD tables. The FreeBSD Foundation sponsors many conferences, events, and summits around the globe. These events can be BSD-related, open source, or technology events geared towards underrepresented groups. We support the FreeBSD-focused events to help provide a venue for sharing knowledge, working together on projects, and facilitating collaboration between developers and commercial users. This all helps provide a healthy ecosystem. We support the non-FreeBSD events to promote and raise awareness of FreeBSD, to increase the use of FreeBSD in different applications, and to recruit more contributors to the Project. We are continuing to attend virtual events and began planning the June 2022 Developer Summit. Check out some of the advocacy and education work we did last quarter: • Committed to hosting a FreeBSD Workshop at SCALE 19x and serve as a Media Sponsor - July 28-31, 2022 in Los Angeles, CA • Participated in the FLOSS Weekly Podcast - January 5, 2022 https://twit.tv/ shows/floss-weekly/episodes/662 • Sent out the 2021 Impact Report showcasing how we supported the Project last year. https://freebsdfoundation.org/blog/ 2021-freebsd-foundation-impact-report/ • Hosted a stand at FOSDEM 2022 - Videos from the stand can be found at: https://youtube.com/playlist?list=PLugwS7L7NMXxwqIRg1PlhgzhNRi1eVdRQ • Participated in the Open Source Voices Podcast - Episode to be aired in late April [note from status report team: the episode has indeed be aired and is now available at https://www.opensourcevoices.org/29; unfortunately, there is and will be no transcript.] • Began planning the June 2022 FreeBSD Developers Summit taking place virtually, June 16-17, 2022 https://wiki.freebsd.org/DevSummit/202206 • Held a new FreeBSD Friday - How to Track FreeBSD Using Git Pt. 2 https:// youtu.be/Fe-dJrDMK_0 • Presented at the St. Louis Unix User Group on March 9, 2022 https://ow.ly/ 1QXn50Ivj75 • Served as Admins and were accepted as a mentoring organization for the 2022 Google Summer of Code • Held an Office Hours session on Google Summer of Code. https://youtu.be/ x-4U1xurmBE • Hosted a booth at the virtual Open Source 101 conference on March 29, 2022 • New blog posts: □ RAID-Z Expansion Feature for ZFS In the Home Stretch □ What’s Ahead for FreeBSD and the Foundation in 2022 □ Work with FreeBSD in Google Summer of Code • New How-To Guide: An Introduction to FreeBSD Jails • New FreeBSD Journal Article: Contributing to FreeBSD ports with Git We help educate the world about FreeBSD by publishing the professionally produced FreeBSD Journal. As we mentioned previously, the FreeBSD Journal is now a free publication. Find out more and access the latest issues at https:// www.FreeBSDfoundation.org/journal/ You can find out more about events we attended and upcoming events at https:// www.FreeBSDfoundation.org/news-and-events/. Legal/FreeBSD IP The Foundation owns the FreeBSD trademarks, and it is our responsibility to protect them. We also provide legal support for the core team to investigate questions that arise. Go to https://www.FreeBSDFoundation.org to find more about how we support FreeBSD and how we can help you! ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Release Engineering Team Links: FreeBSD 13.1-RELEASE schedule URL: https://www.freebsd.org/releases/13.1R/ schedule/ FreeBSD 13.1 Release Information URL: https://www.freebsd.org/releases/13.1R/ [link added by status report team as this quarterly status report is being published after 13.1-RELEASE has been released] FreeBSD releases URL: https://download.freebsd.org/ftp/releases/ISO-IMAGES/ FreeBSD development snapshots URL: https://download.freebsd.org/ftp/snapshots/ ISO-IMAGES/ Contact: FreeBSD Release Engineering Team, The FreeBSD Release Engineering Team is responsible for setting and publishing release schedules for official project releases of FreeBSD, announcing code freezes and maintaining the respective branches, among other things. During the first quarter of 2022, the Release Engineering Team completed work on, and submitted to the developers the 13.1-RELEASE schedule. This will be the second point release from the stable/13 branch. As of this writing, three BETA builds have been run, with at least two RC builds before the final release, currently scheduled for April 21, 2022. We look forward to another consistently stable release at the end of this cycle, as well as many more to come for other branches moving forward. Additionally throughout the quarter, several development snapshots builds were released for the main, stable/13, and stable/12 branches. Sponsor: Rubicon Communications, LLC ("Netgate") Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Cluster Administration Team Links: Cluster Administration Team members URL: https://www.freebsd.org/administration /#t-clusteradm Contact: Cluster Administration Team FreeBSD Cluster Administration Team members are responsible for managing the machines the Project relies on to synchronise its distributed work and communications. In this quarter, the team has worked on the following: • Improved web service performance and security □ Moved some critical services to newer machines □ Swept all services to ensure the support of TLS v1.2 and v1.3 and disable v1 and v1.1 □ Enabled dual-stack certificates for the primary FreeBSD web services. ECDSA and RSA certificates, preferring ECDSA, discussed with secteam@, benefit the project in favor of security and performance matter. • Infrastructure improvements at primary site □ Evicted some very old hardware □ Moved cluster internal services to newer hardware ☆ Build host ☆ Parts of LDAP, kerberos, DNS and NTP • Installed an additional aarch64 package builder □ ampere3.nyi.freebsd.org □ Identical specs to ampere[12].nyi.freebsd.org • Moved ftp0.nyi.freebsd.org to an aarch64 machine. • Main distributed mirror site, download.freebsd.org, enhancements □ Updated offline documentation (PDF and HTML) in the mirrors. The old directory /doc is now on ftp-archive; it contains files prior to the Hugo/Asciidoctor migration. □ Moved ports INDEX files to distributed mirror, download.freebsd.org □ Removed /ftp from the canonical URLs of files on download.freebsd.org. Old URLs are still valid. • Cleanup of Handbook/Mirrors section Much stale information; now there is more info about the official mirrors and locations. Former official mirrors are now named 'Community mirrors'. • Ongoing day to day cluster administration □ Cluster refresh □ Replacing failed disks □ Babysitting pkgsync Work in progress: • Improve the package building infrastructure • Review the service jails and service administrators operation • Set up powerpc pkgbuilder/ref/universal machines • Search for more providers that can fit the requirements for a generic mirrored layout or a tiny mirror • Work with doceng@ to improve https://www.freebsd.org and https:// docs.freebsd.org • Improve the web service architecture • Improve the cluster backup plan • Improve the log analysis system • Set up Australia mirror • Hardware refresh ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Continuous Integration Links: FreeBSD Jenkins Instance URL: https://ci.FreeBSD.org FreeBSD CI artifact archive URL: https://artifact.ci.FreeBSD.org FreeBSD Jenkins wiki URL: https://wiki.freebsd.org/Jenkins Hosted CI wiki URL: https://wiki.freebsd.org/HostedCI 3rd Party Software CI URL: https://wiki.freebsd.org/3rdPartySoftwareCI Tickets related to freebsd-testing@ URL: https://preview.tinyurl.com/y9maauwg FreeBSD CI Repository URL: https://github.com/freebsd/freebsd-ci dev-ci Mailing List URL: https://lists.freebsd.org/subscription/dev-ci Contact: Jenkins Admin Contact: Li-Wen Hsu Contact: freebsd-testing Mailing List Contact: IRC #freebsd-ci channel on EFNet The FreeBSD CI team maintains the continuous integration system of the FreeBSD project. The CI system checks the committed changes can be successfully built, then performs various tests and analysis over the newly built results. The artifacts from those builds are archived in the artifact server for further testing and debugging needs. The CI team members examine the failing builds and unstable tests and work with the experts in that area to fix the code or adjust test infrastructure. During the first quarter of 2022, we continued working with the contributors and developers in the project to fulfil their testing needs and also keep collaborating with external projects and companies to improve their products and FreeBSD. Important changes: • DTrace tests are running with KASAN now. • Fixed and resumed the powerpc64le test jobs. Retired jobs: • The jobs of main branch on mips* were removed. Work in progress and open tasks: • Designing and implementing pre-commit CI building and testing (to support the workflow working group) • Designing and implementing use of CI cluster to build release artifacts as release engineering does • Collecting and sorting CI tasks and ideas here • Testing and merging pull requests in the FreeBSD-ci repo • Reducing the procedures of CI/test environment setting up for contributors and developers • Setting up the CI stage environment and putting the experimental jobs on it • Setting up public network access for the VM guest running tests • Implementing using bare metal hardware to run test suites • Adding drm ports building tests against -CURRENT • Planning to run ztest tests • Adding more external toolchain related jobs • Improving maturity of the hardware lab and adding more hardware under test • Helping more software get FreeBSD support in its CI pipeline (Wiki pages: 3rdPartySoftwareCI, HostedCI) • Working with hosted CI providers to have better FreeBSD support Please see freebsd-testing@ related tickets for more WIP information, and don’t hesitate to join the effort! Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Collection Links: About FreeBSD Ports URL:https://www.FreeBSD.org/ports/ Contributing to Ports URL: https://docs.freebsd.org/en/articles/contributing/# ports-contributing FreeBSD Ports Monitoring URL: http://portsmon.freebsd.org/ Ports Management Team URL: https://www.freebsd.org/portmgr/ Ports Tarball URL: http://ftp.freebsd.org/pub/FreeBSD/ports/ports/ Contact: René Ladan Contact: FreeBSD Ports Management Team The Ports Management Team is responsible for overseeing the overall direction of the Ports Tree, building packages, and personnel matters. Below is what happened in the last quarter. Before we start with the usual statistics, portmgr is happy to announce it has successfully restarted its lurker program. The first two lurkers are pizzamig@ and se@; they will learn about the inner workings of portmgr and bring in new ideas. Portmgr also started having bi-weekly meetings, some public results are: * restarting the lurker program * fixes to ports going backwards in version * dropping DragonFlyBSD version checks in bsd.port.mk * dropping deprecation notes from ports transitively using Python 2.7 Currently we have over 46,800 ports in the Ports Tree. There are currently 2,700 open ports PRs of which 680 are unassigned. The last quarter saw 9,403 commits to the main branch by 157 committers and 683 commits to the 2022Q1 branch by 63 committers. Compared to last quarter, this means a slight drop in activity to the main branch and a slight increase in the number of open PRs. No new committers joined during the last quarter, portmgr took koobs@' commit bit in for safekeeping because of a lack of recent commits. The cluster administration team has provided portmgr with a third aarch64 builder; it is being used for package builds. Things that happened in git: * Two new USES were introduced: elfctl to change an ELF binary’s feature control note minizip to get the correct library dependency on minizip * Two keywords got removed: fcfontsdir (now handled by USES=fonts) glib-schemas, it has been replaced by a trigger * Default versions that changed: Lazarus switched to 2.2.0 PHP switched to 8.0 * Some upgrades to major ports: Chromium 100.0.4896.60 Electron 13.6.9 Firefox 99.0 Firefox ESR 91.8.0 Gnome 41 KDE Frameworks 5.92.0 ** KDE Plasma 5.24.4 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Projects Projects that span multiple categories, from the kernel and userspace to the Ports Collection or external projects. FreeBSD Accessibility Links: Accessibility wiki page URL: https://wiki.freebsd.org/Accessibility List introduction, goals, audience, and ground rules URL: link:https:// lists.freebsd.org/archives/freebsd-accessibility/2021-October/000000.html Contact: Pau Amma Contact: FreeBSD accessibility discussions Over the past several months, I’ve started putting together tools and resources to help make the FreeBSD ecosystem (more) accessible to people with disabilities: • a mailing list • a set of wiki pages including resources and a categorized wish list • tooling including a searchable accessibility Bugzilla keyword and an accessibility Phabricator group I need all the help I can get with: • specifying, designing, implementing, and testing the items on the wishlist • adding to the wishlist in areas were have little or no experience or for things I missed • moving beyond software and documentation to processes and culture ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Boot Performance Improvements Links: Wiki page URL: https://wiki.freebsd.org/BootTime OS boot time comparison URL: https://www.daemonology.net/blog/ 2021-08-12-EC2-boot-time-benchmarking.html Contact: Colin Percival Colin Percival is coordinating an effort to speed up the FreeBSD boot process. For benchmarking purposes, he is primarily using an EC2 c5.xlarge instance as a reference platform and is measuring the time between when the virtual machine enters the EC2 "running" state and when it is possible to SSH into the instance. This work started in 2017, and as of the end of December 2021 the FreeBSD boot time was reduced from approximately 30 seconds to approximately 10 seconds. During 2022Q1, further improvements have shaved more time off the boot process, taking it down to roughly 8 seconds Two major issues remain outstanding: 1. The first time an EC2 instance boots, dhclient takes about 2 seconds longer than normal to get an IPv4 address. The cause of this is unknown and requires investigation. 2. IPv6 configuration includes two one-second-long sleep(1) invocations, one from /etc/rc.d/netif and the other from /etc/rc.d/rtsold. It might be possible to simply remove these; but care is needed to avoid progressing too far in the boot process before IPv6 addresses are configured. Input from IPv6 experts is required here. Issues are listed on the wiki page as they are identified; the wiki page also has instructions for performing profiling. Users are encouraged to profile the boot process on their own systems, in case they experience delays which don’t show up on the system Colin is using for testing. This work is supported by Colin’s FreeBSD/EC2 Patreon. Sponsor: https://www.patreon.com/cperciva ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Kernel Updates to kernel subsystems/features, driver support, filesystems, and more. ENA FreeBSD Driver Update Links: ENA README URL: https://github.com/amzn/amzn-drivers/blob/master/kernel/fbsd/ ena/README Contact: Michal Krawczyk Contact: Dawid Gorecki Contact: Marcin Wojtas ENA (Elastic Network Adapter) is the smart NIC available in the virtualized environment of Amazon Web Services (AWS). The ENA driver supports multiple transmit and receive queues and can handle up to 100 Gb/s of network traffic, depending on the instance type on which it is used. Completed since the last update: • Add IPv6 layer 4 checksum offload support to the driver • Add NUMA awareness to the driver when the RSS kernel option is enabled • Rework validation of the Tx request ID • Change lifetime of the driver’s timer service • Avoid reset triggering when the device is unresponsive Work in progress: • Prototype the driver port to the iflib framework • Tests of the incoming ENA driver release (v2.5.0) Sponsor: Amazon.com Inc ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ A New GEOM Facility, gunion Contact: Marshall Kirk McKusick The gunion facility is used to track changes to a read-only disk on a writable disk. Logically, a writable disk is placed over a read-only disk. Write requests are intercepted and stored on the writable disk. Read requests are first checked to see if they have been written on the top (writable disk) and if found are returned. If they have not been written on the top disk, then they are read from the lower disk. The gunion facility can be especially useful if you have a large disk with a corrupted filesystem that you are unsure of how to repair. You can use gunion to place another disk over the corrupted disk and then attempt to repair the filesystem. If the repair fails, you can revert all the changes in the upper disk and be back to the unchanged state of the lower disk thus allowing you to try another approach to repairing it. If the repair is successful you can commit all the writes recorded on the top disk to the lower disk. Another use of the gunion facility is to try out upgrades to your system. Place the upper disk over the disk holding your filesystem that is to be upgraded and then run the upgrade on it. If it works, commit it; if it fails, revert the upgrade. The gunion(8) utility is used to create and manage an instance of a gunion. Further details and usage examples can be found in the gunion(8) manual page. At this time, gunion(8) is available only in 14.0. Sponsor: Netflix ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Realtek Wireless driver support Links: rtw88 status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Rtw88 rtw89 status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Rtw89 Contact: Bjoern A. Zeeb While the Intel Wireless driver update project is the main driver behind the work to bring support for newer chipsets and eventually newer IEEE 802.11 standards support, there is also an ongoing effort to support more drivers. The next two drivers in the (already longer) queue are Realtek’s rtw88 and rtw89. While the initial driver porting efforts for rtw88 and rtw89 happened on personal time, the LinuxKPI integration has to be done more and more along the Intel wireless driver work and so thanks are also due to The FreeBSD Foundation. The rtw88 driver has started to work on some machines with less than 4GB of main memory and was committed to the FreeBSD git repository for broader testing. While our version of the driver is aware of these limitations, the problem is currently assumed to be outside the driver in the interactions with LinuxKPI and busdma. The rtw89 driver has happily started to send packets and has problems receiving frames at this point. Further investigation will happen as soon as rtw88 is sorted out and it is expected that rtw89 will then also timely follow into FreeBSD’s git repository. The currently known requirements to compile both drivers have mostly gone into stable/13 and releng/13.1 already. For the latest state of the development, please check the referenced wiki pages and follow the freebsd-wireless mailing list. Sponsor: The FreeBSD Foundation (partly) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Intel Wireless driver support and LinuxKPI 802.11 compatibility layer Links: iwlwifi status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Iwlwifi Contact: Bjoern A. Zeeb The Intel Wireless driver update project aims to bring support for newer chipsets along with mac80211 LinuxKPI compat code. The dual-licensed Intel driver code was ported in the past for the iwm(4) native driver; using the LinuxKPI compat framework allows us to use the driver directly and gives support to all the latest chipsets, with only minor local modifications. Some of the changes made while porting the driver to FreeBSD were kindly incorporated into the upstream Linux driver already. During the first quarter work continued with about 70 commits. Updating the driver and firmware reduced differences to the Linux version and gave us bugfixes and improvements. Changes to the LinuxKPI 802.11 compatibility layer were made to avoid firmware crashes and possible panics for users along with other improvements. Auto-loading support for LinuxKPI PCI drivers was comitted. This means that iwlwifi(4) will now load automatically during boot if a supported card is detected without any user interactions. Considering the current state of the driver and the next release a decision was made that iwm(4) supported chipsets will continue to attach to iwm(4) for now and only newer and otherwise unsupported chipsets will use the iwlwifi(4) driver. This is likely going to change in CURRENT as soon as iwlwifi(4) provides better support than iwm(4). The code was merged to the stable/13 branch and the current state will be shipped with the upcoming 13.1-RELEASE. In addition to The FreeBSD Foundation thanks need to go to all users who have been testing and reporting back or are patiently waiting for the next update. For the latest state of the development, please follow the freebsd-wireless mailing list. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Kernel Crypto changes to support WireGuard Contact: John Baldwin During the last quarter, I continued my work to improve the FreeBSD WireGuard driver. On the FreeBSD side, I added support for the XChaCha20-Poly1305 AEAD cipher. I also added a dedicated API to support [X]ChaCha20-Poly1035 on small, flat buffers. Finally, I added an API wrapper for the curve25519 implementation from libsodium. For the WireGuard driver, I wrote a series of patches which updates the driver to use crypto APIs such as those mentioned above in place of internal cipher implementations. The series also includes a fix to avoid scheduling excessive crypto tasks as well as a few other small fixes. This series is pending review. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Documentation Noteworthy changes in the documentation tree, man-pages, or new external books/ documents. Documentation Engineering Team Link: FreeBSD Documentation Project Link: FreeBSD Documentation Project Primer for New Contributors Link: Documentation Engineering Team Contact: FreeBSD Doceng Team The doceng@ team is a body to handle some of the meta-project issues associated with the FreeBSD Documentation Project; for more information, see FreeBSD Doceng Team Charter. No new documentation commit bit was granted during the last quarter, and only one commit bit was safe kept. Several tasks were completed related to the doc tree during the last quarter: • Fix some issues in the translation workflow with PO files and Weblate related to the po4a program. More info here. • Update offline documentation (PDF and HTML). The old directory /doc is now on ftp-archive; it contains files prior to the Hugo/Asciidoctor migration. • Remove Google Analytics from documentation and website. • Add last modified information to the documentation and website pages. • Tag FreeBSD docset for 13.1-RELEASE. • Add the first Indonesian translation to the doc tree. FreeBSD Translations on Weblate Link: Translate FreeBSD on Weblate Link: FreeBSD Weblate Instance The translation workflow with Weblate is more mature at this point. Several issues were fixed between PO files and po4a program. We welcome everyone to try our Weblate instance to translate a few documents. The first Indonesian translation was added to the FreeBSD project. We thank Azrael JD for the contribution, and we are looking forward to seeing more Indonesian translations. Q1 2022 Status • 12 languages (1 new language) • 142 registered users Languages • Chinese (Simplified) (zh-cn) • Chinese (Traditional) (zh-tw) • Dutch (nl) • French (fr) • German (de) • Indonesian (id) - Added • Italian (it) • Norwegian (nb-no) • Persian (fa-ir) • Portuguese (pt-br) • Spanish (es) • Turkish (tr) We want to thank everyone that contributed, translating or reviewing documents. And please, help promote this effort on your local user group, we always need more volunteers. FreeBSD Website Revamp - WebApps working group Contact: Sergio Carlavilla Working group in charge of creating the new FreeBSD Documentation Portal and redesigning the FreeBSD main website and its components. FreeBSD developers can follow and join the working group on the FreeBSD Slack channel #wg-www21. The work will be divided into four phases: 1. Redesign of the Documentation Portal Create a new design, responsive and with global search. (Complete) 2. Redesign of the Manual Pages on web Scripts to generate the HTML pages using mandoc. (Work in progress) 3. Redesign of the Ports page on web Ports scripts to create an applications portal. (Work in progress) 4. Redesign of the FreeBSD main website New design, responsive and dark theme. (Not started) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Changes affecting the Ports Collection, whether sweeping changes that touch most of the tree, or individual ports themselves. KDE on FreeBSD Links: KDE FreeBSD URL: https://freebsd.kde.org/ KDE Community FreeBSD URL: https://community.kde.org/FreeBSD Contact: Adriaan de Groot The KDE on FreeBSD project packages the software from the KDE Community, along with dependencies and related software, for the FreeBSD ports tree. The software includes a full desktop environment called KDE Plasma (for both X11 and Wayland) and hundreds of applications that can be used on any FreeBSD machine. The KDE team (kde@) is part of desktop@ and x11@ as well, building the software stack to make FreeBSD beautiful and usable as a daily-driver graphics-based desktop machine. KDE Qt Patch Collection The Qt Company did not release Qt 5.15 updates under Open Source licenses in 2021, leaving the Open Source 5.15 version lagging behind the proprietary release. Qt 6 is released under an Open Source license, but for the world of Open Source software that requires Qt 5, there is still a need for updates. The KDE Community fills that need by maintaining a curated set of patches — generally backported from Qt6 — to maintain the Open Source version of Qt 5. FreeBSD ports now use this KDE Qt Patch Collection, rather than the outdated last Qt 5.15.2 release from the Qt Company. This landed both in main and the last quarterly branch for 2021, since it brings important bugfixes. KDE Stack • KDE Plasma Desktop (all the /plasma5- ports) was updated to 5.23.5 at the start of the year. Since this happened very shortly after quarterly was branched, this was MFH’ed. The long-term-support release 5.24 landed mid-february. The FreeBSD ports do not stick to LTS releases, and will follow the regular release schedule. 5.24.3 landed on schedule in March. • KDE Gear (the collection of KDE libraries and applicatious outside of the Frameworks and Plasma Desktop groups) was updated to 21.12.1 and MFH’ed. Monthy releases landed as well: 21.12.2 in February. • KDE Frameworks have a monthly release cadence, so 5.90 landed in January, 5.91 in February and 5.92 in March. • KDE PIM currently does not support Contacts stored in a Google account because Google has changed the available REST API. • astro/kstars received its regularly scheduled updates. • deskutils/kalendar was updated. It has now reached the 1.0 stage. • deskutils/kodaskanna was added to the ports tree. It is a simple QR-code scanner for the desktop. • deskutils/latte-dock is an alternative launcher for use in KDE Plasma Desktop and other environments. It was updated to 0.10.7 as part of its monthly releases. • devel/okteta, an editor and viewer for binary data, was updated to 0.26.7, a regular bugfix release. • graphics/digikam, the digital photography manager, was updated to 7.6.0. (Thanks Dima Panov) • graphics/kf5-kimageformats has a new option enabling libheif and HEIC support. • graphics/kontrast was added to the 'accessibility' category. This is a tool for checking color-combinations (e.g. for a website) for sufficient contrast and readability. • graphics/krita was updated to the next big release, Krita 5. (Thanks Max Brazhnikov) • lang/kross-interpreters was fixed for Ruby 3. (Thanks Yasuhiro Kimura) • sysutils/plasma5-discover was updated to resolve some denial-of-service bugs in KDE infrastructure. • www/falkon was updated. After a two-year wait, a new release of the KDE web browser built on Qt WebEngine (itself a wrapper around Chromium internals) arrived upstream and in ports. • x11/plasma5-plasma-workspace now can properly edit login and account information. Related Applications • devel/qtcreator was updated to version 6. A new versioning model has been introduced by upstream, so this will now jump by major release number regularly. (Thanks to Florian Walpen) • irc/quassel was updated. Quassel is a distributed IRC client (think of it as your own personal IRC bouncer). • misc/tellico was updated. Tellico is a "collection manager", for instance collections of books, music, stamps, or FreeBSD releases. • net-im/nheko was updated. This is one of a dozen Matrix clients available in the ports tree. Elsewhere • archivers/7-zip is the preferred tool for dealing with 7zip files; this affacts KDE applications that work with archives (like archivers/ark). We would like to thank makc@ for stewarding that update. • devel/libphonenumber has bi-weekly updates to chase the exciting world of telephony details. • graphics/poppler was updated to version 22.01. This version requires C17, which pushes a number of consumers to the newer C standard as well. Most consumers were fixed in advance. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Office Team Links: The FreeBSD Office project URL: https://wiki.freebsd.org/Office The FreeBSD Office mailing list URL: https://lists.freebsd.org/subscription/ freebsd-office Contact: FreeBSD Office team ML Contact: Dima Panov Contact: Li-Wen Hsu The FreeBSD Office team works on a number of office-related software suites and tools such as OpenOffice and LibreOffice. Work during this quarter was focused on providing the latest stable release of LibreOffice suite and companion apps to all FreeBSD users. During the 2022Q1 period we pushed maintenance patches for the LibreOffice 7.2 port to the quarterly branch and brought the latest, 7.3, releases and all companion libraries such as MDDS, libIxion and more to the ports tree. Also we are still working on the Boost WIP repository to bring the latest Boost library to the ports. We are looking for people to help with the open tasks: • The open bugs list contains all filed issues which need some attention • Upstream local patches in ports Patches, comments and objections are always welcome in the mailing list and Bugzilla. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ lang/gcc* ports need some love and attention Links: GCC Project URL: https://gcc.gnu.org GCC 11 release series URL: https://gcc.gnu.org/gcc-11/ Contact: toolchain@FreeBSD.org Contact: Gerald Pfeifer After about two decades of maintaining FreeBSD’s lang/gcc* ports, the time came to hand over the baton and mostly step back. Alas the baton essentially dropped to the floor, despite multiple calls for help. Here are a few specific tasks looking for help: • Upgrade GCC_DEFAULT in Mk/bsd.default-versions.mk from 10 to 11, including fixing the (luckily minor) fall out of an -exp run: https:// bugs.freebsd.org/bugzilla/show_bug.cgi?id=258378 • Three changes to work through with upstream GCC (requires src expertise, not ports): □ upstreaming lang/gcc11/patch-gets-no-more □ upstreaming lang/gcc11/patch-arm-unwind-cxx-support □ https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256874 • We have removed the unmaintained lang/gcc9-devel and lang/gcc10-devel ports, alas kept lang/gcc11-devel and lang/gcc12-devel which would be good to see if not weekly, then somewhat regular updates. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ PortConfig Links: Repository portconfig URL: https://gitlab.com/alfix/portconfig/ Contact: Alfonso Sabato Siciliano (upstream) Contact: Baptiste Daroussin (port) FreeBSD provides the Ports Collection to give users and administrators a simple way to install applications. It is possible to configure a port before the building and installation. PortConfig is an utility for setting the port options via a Text User Interface. As each terminal has different properties PortConfig can be customized via environment variables to set up the User Interface, for example: menu size, theme, borders, and so on; each feature is documented inside the manual. Further, if a port has a specific 'pkg-help' file, PortConfig will show a Help button to open a "popup" with help information. FreeBSD provides thousands of ports therefore it is not feasible to test PortConfig for each use; please report any problem. Alfonso would like to thank Baptiste Daroussin for the port, suggestions, help, and testing for this utility and its library. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Wifibox: Use Linux to drive your wireless card on FreeBSD Links: Project GitHub Page net/wifibox port Contact: PÁLI Gábor János Wifibox is an experimental project for exploring the ways of deploying a virtualized Linux guest to drive wireless networking cards on the FreeBSD host system. There have been guides on the Internet to suggest the use of such techniques to improve the wireless networking experience, of which Wifibox aims to implement as a single easy-to-use software package. • bhyve(8) is utilized to run the embedded Linux system. This helps to achieve low resource footprint. It requires an x64 CPU with I/O MMU (AMD-Vi, Intel VT-d), ~150 MB physical memory, and some disk space available for the guest virtual disk image, which can be even ~30 MB only in certain cases. It works with FreeBSD 12 and later, some cards may require a recent 13-STABLE though. • The guest is constructed using Alpine Linux, a security-oriented, lightweight distribution based on musl libc and BusyBox. • Configuration files are shared with the host system. The guest uses wpa_supplicant(8) so it is possible to import the host’s wpa_supplicant.conf(8) file without any changes. • When configured, wpa_supplicant(8) control sockets could be exposed by the guest, which enables use of related utilities directly from the host, such as wpa_cli(8) or wpa_gui(8) from the net/wpa_supplicant_gui port/package. • Everything is shipped in a single package that can be easily installed and removed. This comes with an rc(8) system service that automatically launches the guest on boot and stops it on shutdown. • A workaround is supplied for laptops to support suspend/resume. Wifibox has been mainly tested with Intel chipsets so far, and it has shown great performance and stability. Therefore it might serve as an interim solution until the Intel Wireless support becomes mature enough. It was confirmed that Wifibox works with Atheros chipsets too, and feedback is more than welcome about others. Support for Broadcom chipsets is not yet complete, that is currently a work in progress. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Third Party Projects Many projects build upon FreeBSD or incorporate components of FreeBSD into their project. As these projects may be of interest to the broader FreeBSD community, we sometimes include brief updates submitted by these projects in our quarterly report. The FreeBSD project makes no representation as to the accuracy or veracity of any claims in these submissions. helloSystem Links: Documentation URL: https://hellosystem.github.io/ Contact: Simon Peter Contact: #helloSystem on irc.libera.chat, mirrored to #helloSystem:matrix.org on Matrix What is helloSystem? helloSystem is FreeBSD preconfigured as a desktop operating system with a focus on simplicity, elegance, and usability. Its design follows the “Less, but better” philosophy. Q1 2022 Status • Version 0.8.0 of helloSystem is under development and test □ helloSystem 0.8.0 will be based on FreeBSD 13.1-RELEASE □ Experimental Live ISOs using FreeBSD 13.1-BETA3 are available □ Initial support for running Linux AppImage files using an optional Debian runtime □ Initial support for the AppImage format in the user interface □ Improved reliability and performance of mounted archives by using fuse-archive □ Various bugfixes Installable experimental Live ISO images are available at https://github.com/ helloSystem/ISO/releases/tag/experimental-13.1. Contributing The project appreciates contributions in various areas. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Containers and FreeBSD: Pot, Potluck and Potman Links: Pot organization on github URL: https://github.com/bsdpot Contact: Luca Pizzamiglio (Pot) Contact: Stephan Lichtenauer (Potluck) Contact: Michael Gmelin (Potman) Pot is a jail management tool that also supports orchestration through Nomad. As a result of production testing in a real-world cluster deployment, pot and related projects received stability improvements for controlling the pot lifecycle (i.e., pot prepare/start/stop). Various attributes and commands have been developed to improve support of nomad orchestration and batch jobs (e.g., change dns config during clone, ability to disable tmpfs, new last-run-stats command). A new pot release will follow soon. Potluck aims to be to FreeBSD and pot what Dockerhub is to Linux and Docker: a repository of pot flavours and complete container images for usage with pot and in many cases nomad. Many of the core images like Nomad, Consul and Vault that can be used to build a private cloud and orchestration platform, but also e.g. Prometheus or PostgreSQL Patroni, have reached a stable status over the last quarter and are in production use now. To make navigating the evolving pot ecosystem easier, most project resources have been centralized in a dedicated github project: https://github.com/bsdpot There, we plan to release ansible playbooks that allow easily creating a FreeBSD based orchestration environment from scratch based on all these tools. As always, feedback and patches are welcome. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Fpart and fpsync Links: Project site and documentation URL: https://www.fpart.org Development URL: https://github.com/martymac/fpart Port URL: https://www.freshports.org/sysutils/fpart Contact: Ganael Laplanche What is fpart ? Fpart is a filesystem partitioner. It helps you sort file trees and pack them into bags ("partitions"). It uses FreeBSD’s fts(3) implementation (GNU/Linux builds can also use it as an option), which makes it crawl filesystems very fast. A hook facility is provided to trigger actions on the partitions produced. What is fpsync ? Fpsync is a companion script that uses fpart under the hood to parallelize rsync(1) or cpio(1) jobs, making it a simple but powerful data migration tool. Those jobs can be run either locally or remotely (using SSH). Fpsync is often used by researchers and cloud providers where lots of data need to be moved and clusters are available to speed up transfers. Q1 2022 Status Both tools continued to evolve and saw several bugs fixed; see the changelog. Also, a user reported a major bug regarding our fts(3) implementation, which ignores readdir(3) errors. I have reported the bug in our Bugzilla: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262038 It should be merged soon (hopefully). Last but not least, fpart has been referenced in the French Government’s 'SILL' . Contributing If you are interested in contributing, have a look at the TODO list. Any contribution is welcome, more especially in the field of unit testing. From nobody Sat Jun 18 07:20:48 2022 X-Original-To: announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F368B85D073 for ; Sat, 18 Jun 2022 07:21:00 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: from mail-ej1-f44.google.com (mail-ej1-f44.google.com [209.85.218.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LQ6lJ15tRz3k7J for ; Sat, 18 Jun 2022 07:21:00 +0000 (UTC) (envelope-from core-secretary@freebsd.org) Received: by mail-ej1-f44.google.com with SMTP id o7so12402494eja.1 for ; Sat, 18 Jun 2022 00:21:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=Oi53C36C58Vky5Jd0kB3/AftZKD6JJGMaxYun3alY5o=; b=K3DKXFkgy8io+2MVfUGcRvzt83Cz+sVPydlJM7ph6ICrSSDy8oWtjYgxaSRjD8zdNQ GM59PvmqW81bcaJp+2sGZOlo9nDpDUarwunbd7aUgdFLYpYFjSs+cOZmSor2kJ0a+v2a r3A20uy8lxBUcKqfgpgXmLLmEXgJaCpj1Xwe4VPNrzkA3UgMfq6X85K6DeiKq4wo6ueC iA+pxmjA1hAGxyfxP7yhHaWGgftNKHEslVMpClS777C+lvqUEsx2kpPKL3PrEdQhaP2k 8Ps9dpqVEpeOX6UXZAeOPPJmRFD0nxzvoNOc+8cM5++YKWMsatMutCsW5QDRDDaf4HBO 4oWw== X-Gm-Message-State: AJIora/dXtpgeiRZY4yh88oSxUwOL3H/amBhtYWlshBD1Yd+1L3ia91n tJxOb4dld/FHeUcJ0OtY55RtX11EI64+CSnLDcAjBb2FCculih931fJsZVagJKKIMwfN0utJPEg 7oV0jNeNImybdqZDBUq6RcQ5ssXOkXp83C9xRYJbLTBAF6JkN5hmzwaw+tYo6EOOCtk56p+PakH vhpAc= X-Google-Smtp-Source: AGRyM1tOmx8VFWr89GABstHIAP1ZbLNVaq3hPlxa8l1XPaeAhCPCIbNwcGJ+wMYKWgKcHfOy7OT5FQ== X-Received: by 2002:a17:906:794e:b0:711:da52:c6c1 with SMTP id l14-20020a170906794e00b00711da52c6c1mr12989710ejo.463.1655536852567; Sat, 18 Jun 2022 00:20:52 -0700 (PDT) Received: from mx.bofh.network (mx.bofh.network. [185.244.36.28]) by smtp.gmail.com with ESMTPSA id w7-20020a056402070700b0042db87b5ff4sm5232442edx.88.2022.06.18.00.20.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 18 Jun 2022 00:20:51 -0700 (PDT) Received: from smtpclient.apple (ip-217-105-29-47.ip.prioritytelecom.net [217.105.29.47]) by mx.bofh.network (OpenSMTPD) with ESMTPSA id a29c0346 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Sat, 18 Jun 2022 07:20:48 +0000 (UTC) From: FreeBSD Core Team Secretary Content-Type: multipart/signed; boundary="Apple-Mail=_B78B7BE9-ADB3-46E7-B427-7A0D242E1DBE"; protocol="application/pgp-signature"; micalg=pgp-sha512 List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\)) Subject: New FreeBSD Core Team Elected Message-Id: <89BF18CB-EC85-4041-ABE6-403B075B46E3@freebsd.org> Date: Sat, 18 Jun 2022 09:20:48 +0200 To: announce@freebsd.org X-Mailer: Apple Mail (2.3696.100.31) X-Rspamd-Queue-Id: 4LQ6lJ15tRz3k7J X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=softfail (mx1.freebsd.org: 209.85.218.44 is neither permitted nor denied by domain of core-secretary@freebsd.org) smtp.mailfrom=core-secretary@freebsd.org X-Spamd-Result: default: False [-4.60 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; HAS_ATTACHMENT(0.00)[]; TO_DN_NONE(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all:c]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_SHORT(-1.00)[-0.997]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MID_RHS_MATCH_FROM(0.00)[]; TO_DOM_EQ_FROM_DOM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.95)[-0.948]; FREEFALL_USER(0.00)[core-secretary]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.95)[-0.951]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[announce@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[209.85.218.44:from]; MLMMJ_DEST(0.00)[announce]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.218.44:from]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N --Apple-Mail=_B78B7BE9-ADB3-46E7-B427-7A0D242E1DBE Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Dear FreeBSD Community, The FreeBSD Project is pleased to announce the completion of the 2022 = Core Team election. Active committers to the project have elected your = Twelfth FreeBSD Core Team. Baptiste Daroussin (bapt) Benedict Reuschling (bcr) Ed Maste (emaste) Greg Lehey (grog) John Baldwin (jhb) Li-Wen Hsu (lwhsu) Emmanuel Vadot (manu) Tobias C. Berner (tcberner) Mateusz Piotrowski (0mp) Let's extend our gratitude to the outgoing Core Team members for their = service over the past two years (in some cases, many more) : George V. Neville-Neil (gnn) Hiroki Sato (hrs) Warner Losh (imp) Kyle Evans (kevans) Mark Johnston (markj) Scott Long (scottl) Sean Chittenden (seanc) The Core Team would also like to thank Allan Jude (allanjude) for = running a flawless election. To read about the responsibilities of the Core Team, refer to https://www.freebsd.org/administration.html#t-core Regards, Moin (bofh), Core Team Secretary --Apple-Mail=_B78B7BE9-ADB3-46E7-B427-7A0D242E1DBE Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEES2Tp4L3ps+zAa1xm2MjIO0nybxcFAmKtfNBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDRC NjRFOUUwQkRFOUIzRUNDMDZCNUM2NkQ4QzhDODNCNDlGMjZGMTcACgkQ2MjIO0ny bxfH6xAAo3irxbYziq+S9KuPu94B0vLJHD7VyY9E3wl4S5k0Zo3puRXvbSHFOWPE j41RbJoETfiQl9JnRkJPt6sjqAzdlP0riOcpUTXAlx6lPueaN8fVx1X8heJP9t5z 1K6O0rf7yO6H1jiihpLeGENRmk6ClfHII0ssLqfdaF0dngM3JwbqiW//i4p99tCB RAJ3tw/7dW6RHU//CR8i+O9SoQVBJwMMO2gfcPNUCpNfhHIm9cYtnRWTlbd+Ms6l ew2LWQagDEaLO58mv/VSpvB9l39ojQhjtAuKFujFcvzGQMG5XqHYBOB+P3kK5K4s IQBqlSrX7A+eWj6KdyaJu4pNcbwDhRS3V5J0CqoNqedUo45kH6SCo63W9atHFiP/ 8WBfPdQyKtTXDAHjcblM/qQHly4C6I/Yc4aNDOkcenSDGMpdymcZnMLfn/YVPiB1 MLx2s2csrAZYExvm09WoGv52/+7Ziwdeq6KKPosXPvRn9h4w48Bi2J/yMVjz8oL+ RJCNjY79R336reY6XLFKEuLMAeqEEDNZI0DVCCviHLt4B32ERuKl9bEvXGNjAD3Y E2oKCasHz5OFIGqjtCalTyx/LzMenGQwvEWS46Grt9RZJUvhN0OXHccHvdIOyxHR NQaRt436cToKl1AkU5yZJ+xY/70rpB0RmQg/FqRWr2tCZDbMzq4= =aVTS -----END PGP SIGNATURE----- --Apple-Mail=_B78B7BE9-ADB3-46E7-B427-7A0D242E1DBE-- From nobody Mon Aug 8 21:30:48 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M1qBK2jcfz4YCwg for ; Mon, 8 Aug 2022 21:30:49 +0000 (UTC) (envelope-from salvadore@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M1qBK2Rqvz3xBR for ; Mon, 8 Aug 2022 21:30:49 +0000 (UTC) (envelope-from salvadore@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1659994249; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gXWe/CxpRoBpbu6t8DEMSob1zm2H86CyCB29WkrdZcY=; b=O93F6odW3XO9RUqSO7CvjWVjftHTIGXXqobLbMp92e/TSV2kah2ImJ7S4ySEvp4RYM1lgi ju7UVbRmkHngYKecCCW3GUjOGSvRuotpnti9/hKXIRGDsP1+gqsSwBqxGwk3TGTv6N4BuH vuEksk2Ja1djDD4ROeO7RHFA+N7EIBBVpOF3jNnjbPIStOfyjLmnkSAkBh4csNXRi+NAQ7 TLM7+apQVhfyDwyMXBXO2sYqf9VcRS078yFepYWPNo1dYvk6KYHrPD2Vd8wLeFV0R86Q5l /sK60YoaYwaqMj+y8tVdQOCXNzFLj1bAR+tF+auFU6kaGTuwIV3vGL4c1ywSXA== Received: by freefall.freebsd.org (Postfix, from userid 1472) id CDB91138EB; Mon, 8 Aug 2022 21:30:48 +0000 (UTC) Date: Mon, 8 Aug 2022 21:30:48 +0000 From: Lorenzo Salvadore To: freebsd-announce@freebsd.org Subject: FreeBSD Quarterly Status Report - Second Quarter 2022 Message-ID: List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline; filename="report.txt" Content-Transfer-Encoding: 8bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1659994249; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gXWe/CxpRoBpbu6t8DEMSob1zm2H86CyCB29WkrdZcY=; b=B2+EMUTmGnX26ncDWFZWNQ4McvowfIRRQ5QzbOym54y/5PIkDfcBXPxNSQMNhxJl6KkMwb rDF23QNISrYrqU3prCBkXkYzJ16at/UZeywSfVwsqKwqwI5qMjfBS/gZXWGenl7+S2ufHf AEU+kg+Zr8Wbg2Ey3hvMKQ/jYOuzd8VGZHPvo0quqzNZkY0RZ+Xb+hqk3eDn68/eoBcOek MMcAN1bj7JmmUuaZpSzXG7eiA5jtxOHQG192MRv4GugOYT9i2/l3dMmzDnUnTBBtcr/7iE IoNbrcg33QABIba2ZOWewe1hxJ58twKsdoYzZaZu2q+fvuG4aucLOYgtgKhZeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1659994249; a=rsa-sha256; cv=none; b=ckpM8q7dEOPwphS+n9elX+1X5r7gNoPEzIx1dr/WDfa80ip/3Oz78Ux1ajcjnr3OSs9CBr kw7/Wtat65HsQ7AQbu6nyiO32T/97Oi+bk5Yczr1RJrCi8lSIQT5aaKmdcsrG5o8yFjjW8 jNHoATssrGhTUF1WSlAaR+Uvu/3QNiIAxCAJt8LY8Gxj+gAzl8wruIO4TEgWfBjstR029F MfkvrOpx81Rh1L45NZH61yKwjWxvNbKQffb6XwX1UKgdo/35DssVzPKyLRntj6C2fIyVjI CRJnxQ79MJi1jZow09cPf4DprJYdqU8OVngK023Oqsw4Q41EoIiIBp1tw4VkEw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N FreeBSD Quarterly Status Report Second Quarter 2022 Here is the second quarterly report of 2022, with 26 reports included. This quarter the quarterly team managed to publish the report much faster and, hopefully, with much fewer mistakes. If however you notice some errors, please report them so that we can correct them and also add some automatic checks in our tools to prevent them in the future and stay as efficient as possible in the pubblication process. We would also like to remind you that if for any reason you need more time to submit a quarterly report, the team will wait for you, but please warn us so that we are aware that some report is still missing. Many thanks to all those that have chosen to share their work with the FreeBSD community through the quarterly reports. Lorenzo Salvadore, on behalf of the status report team. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ A rendered version of this report is available here: https://www.freebsd.org/status/report-2022-04-2022-06/ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Table of Contents • FreeBSD Team Reports □ FreeBSD Core Team □ FreeBSD Foundation □ FreeBSD Release Engineering Team □ Cluster Administration Team □ Continuous Integration □ Ports Collection • Projects □ Linux compatibility layer update □ go on FreeBSD riscv64 □ FreeBSD on Microsoft HyperV and Azure • Userland □ Ongoing work on LLDB multiprocess debugging support □ ZFS support in makefs(8) □ Base System OpenSSH Update □ pf status update • Kernel □ ENA FreeBSD Driver Update □ New Bluetooth® configuration daemon: blued □ OpenVPN DCO □ Wireless updates □ Shared page address randomization • Architectures □ NXP DPAA2 support □ Medium-sized superpages on arm64 and beyond • Documentation □ Documentation Engineering Team • Ports □ KDE on FreeBSD □ Elsewhere □ GCC: updating GCC_DEFAULT and other improvements □ Valgrind - Numerous bugfixes and updates for 13.1 / 14.0 □ Pantheon desktop on FreeBSD □ Feature Complete Port of Intel’s igt-gpu-tools ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Team Reports Entries from the various official and semi-official teams, as found in the Administration Page. FreeBSD Core Team Contact: FreeBSD Core Team The FreeBSD Core Team is the governing body of FreeBSD. The twelfth FreeBSD Core Team was elected by active developers. The core.12 members are: • Baptiste Daroussin (bapt, incumbent) • Benedict Reuschling (bcr) • Ed Maste (emaste, incumbent) • Greg Lehey (grog) • John Baldwin (jhb) • Li-Wen Hsu (lwhsu) • Emmanuel Vadot (manu) • Tobias C. Berner (tcberner) • Mateusz Piotrowski (0mp) On June 10th the outgoing core.11 and incoming core.12 teams held a handover meeting, and the new Core Team was announced on Jun 18. The current Core Team secretary, Muhammad Moinur Rahman (bofh), will step down after the appointment of a new Core Team secretary and handover tasks completes. In this quarter, src commit bits of Kornel Dulęba (kd) and Dmitry Salychev (dsl) have been approved. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Foundation Links: FreeBSD Foundation URL: https://www.FreeBSDFoundation.org Technology Roadmap URL: https://FreeBSDFoundation.org/blog/technology-roadmap/ Donate URL: https://www.FreeBSDFoundation.org/donate/ Foundation Partnership Program URL: https://www.FreeBSDFoundation.org/ FreeBSD-foundation-partnership-program FreeBSD Journal URL: https://www.FreeBSDFoundation.org/journal/ Foundation News and Events URL: https://www.FreeBSDFoundation.org/ news-and-events/ Contact: Deb Goodkin The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting and promoting the FreeBSD Project and community worldwide. Donations from individuals and corporations are used to fund and manage software development projects, conferences, and developer summits. We also provide travel grants to FreeBSD contributors, purchase and support hardware to improve and maintain FreeBSD infrastructure, and provide resources to improve security, quality assurance, and release engineering efforts. We publish marketing material to promote, educate, and advocate for the FreeBSD Project, facilitate collaboration between commercial vendors and FreeBSD developers, and finally, represent the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity. Fundraising Efforts First, I’d like to send a big thank you to everyone who gave a financial contribution to our efforts. We are 100% funded by your donations, so every contribution helps us continue to support FreeBSD in many ways, including some of the work funded and published in this status report. Our goal this year is to raise at a minimum $1,400,000 towards a spending budget of around $2,000,000. As I write this report, we’ve brought in under $200,000 towards that goal. So, we obviously need to step up our effort of fundraising. It’s by far the hardest part of my job. I’d much prefer talking to folks in our community on how we can help you, help create content to recruit more users and contributors to the Project, and understand challenges and painpoints that individuals and organizations have in using FreeBSD, so we can help improve those areas. Asking for money is not on that list. We support FreeBSD in five main areas. Software development is the largest area we fund with six software developers on staff who step in to implement new features, support tier 1 platforms, review patches, and fix issues. You can find out some of the work we did under OS Improvements in this report. FreeBSD Advocacy is another area that we support to spread the word about FreeBSD at conferences, in presentations online and in-person, tutorials and how-to guides. We purchase and support hardware for the FreeBSD infrastructure that supports the work going on in the Project. Virtual and in-person events are organized by the Foundation to help connect and engage community members to share their knowledge and collaborate on projects. Finally, we provide legal support to the Project when needed and protect the FreeBSD trademarks. If you haven’t made a donation this year, please consider making one at https:/ /freebsdfoundation.org/donate/. We also have a Partnership Program for larger commercial donors. You can find out more at https://freebsdfoundation.org/our-donors/ freebsd-foundation-partnership-program/ OS Improvements During the second quarter of 2022, 243 src, 62 ports, and 12 doc tree commits were made that identified The FreeBSD Foundation as a sponsor. This represents 10.6, 0.7, and 4.5% of the total number of commits to each repository. Sponsored Work You can read about some of the Foundation-sponsored work in individual quarterly report entries. • Base System OpenSSH Update • Ongoing work on LLDB multiprocess debugging support • Wireless Status • ZFS support in makefs Other ongoing sponsored work is described here. • FreeBSD Wireguard Improvements The aim of the Wireguard project is to improve support for the FreeBSD Wirguard kernel module. The work by John Baldwin involved adapting the module to use FreeBSD's OCF rather than Wireguard's internal implementations. It also involved adding new ciphers and API support. The latest upstream release incorporates this work. • Openstack on FreeBSD OpenStack is a cloud system for different types of resources like virtual machines. However, OpenStack only unofficially supports FreeBSD as a guest system. That means users can spawn FreeBSD instances on the open cloud platform, but it is not currently possible run OpenStack on FreeBSD hosts. The goal of this project is port OpenStack components so that FreeBSD can function as an OpenStack host. • Bhyve Issue Support The Foundation recently signed a new contract for Byhve support. This contract will allow John Baldwin to dedicate time to Bhyve as issues arise, especially security issues. • Handbook Improvement Exploration Under sponsorship from the Foundation, Pau Amma wrapped up a mini-project to explore how the Handbook can be improved. A survey was sent out and the results will be shared soon. Continuous Integration and Quality Assurance The Foundation provides a full-time staff member and funds projects to improve continuous integration, automated testing, and overall quality assurance efforts for the FreeBSD project. Supporting FreeBSD Infrastructure The Foundation provides hardware and support for the Project. A new Australian mirror was brought online by the Cluster Administration team. If you are a FreeBSD user in Oceania or southeast Asia, please let us know if download speeds for installer images and packages has improved. With your donations, the Foundation purchased new hardware to repair two PowerPC package builders, one for little endian packages (powerpc64le) and the second for big endian packages (powerpc64, powerpc). The new hardware just arrived at the data center and will be installed soon. Expect lots of PowerPC packages in the near future. FreeBSD Advocacy and Education Much of our effort is dedicated to Project advocacy. This may involve highlighting interesting FreeBSD work, producing literature and video tutorials, attending events, or giving presentations. The goal of the literature we produce is to teach people FreeBSD basics and help make their path to adoption or contribution easier. Other than attending and presenting at events, we encourage and help community members run their own FreeBSD events, give presentations, or staff FreeBSD tables. The FreeBSD Foundation sponsors many conferences, events, and summits around the globe. These events can be BSD-related, open source, or technology events geared towards underrepresented groups. We support the FreeBSD-focused events to help provide a venue for sharing knowledge, working together on projects, and facilitating collaboration between developers and commercial users. This all helps provide a healthy ecosystem. We support the non-FreeBSD events to promote and raise awareness of FreeBSD, to increase the use of FreeBSD in different applications, and to recruit more contributors to the Project. We are continuing to attend virtual events and planning the June 2022 Developer Summit. In addition to attending and planning virtual events, we are continually working on new training initiatives and updating our selection of how-to guides to facilitate getting more folks to try out FreeBSD. Check out some of the advocacy and education work we did last quarter: • Secured our booth and nonprofit sponsor status for All Things Open, October 30-November 2, 2022, Raleigh, NC. • Finalized our booth and workshop at Scale 19x in Los Angeles, CA on July 28-30. The FreeBSD workshop will be held Friday,Jul 29, 2022 and you can visit the Foundation at booth 502. • Confirmed our Silver Sponsorship of EuroBSDcon 2022, September 15-18, Vienna, Austria • Sponsored and helped organize the June 2022 FreeBSD Developer Summit, June 16-17, 2022. Videos are available on the FreeBSD Project YouTube channel. • Celebrated FreeBSD Day June 19, 2022 and throughout the following week. • Secured our Friends level sponsorship of COSCUP, July30-31, Taiwan • Published the FreeBSD Foundation Spring 2022 Update • New Blog Posts □ Let’s Talk About Foundation Funding □ New Board Member Interview: Cat Allman □ Welcome FreeBSD Google Summer of Code Participants □ FreeBSD Foundation Work in the 13.1 Release □ Foundation Elects New Officers, Interviews Outgoing Board Members □ Help Us Celebrate FreeBSD Day All Week Long • New and Updated How-To and Quick Guides: □ Networking Basics: WiFi and Bluetooth □ Audio on FreeBSD □ Installing FreeBSD with VirtualBox (Mac/Windows) - Video Guide □ An Introduction to the FreeBSD Operating System - Video Guide □ Installing a Desktop Environment on FreeBSD - Video Guide □ Installing a Port on FreeBSD - Video Guide We help educate the world about FreeBSD by publishing the professionally produced FreeBSD Journal. As we mentioned previously, the FreeBSD Journal is now a free publication. Find out more and access the latest issues at https:// www.FreeBSDfoundation.org/journal/. You can find out more about events we attended and upcoming events at https:// www.FreeBSDfoundation.org/news-and-events/. Legal/FreeBSD IP The Foundation owns the FreeBSD trademarks, and it is our responsibility to protect them. We also provide legal support for the core team to investigate questions that arise. Go to https://www.FreeBSDFoundation.org to find more about how we support FreeBSD and how we can help you! ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Release Engineering Team Links: FreeBSD 13.1-RELEASE schedule URL: https://www.freebsd.org/releases/13.1R/ schedule/ FreeBSD 13.1-RELEASE announcement URL: https://www.freebsd.org/releases/13.1R/ announce/ FreeBSD releases URL: https://download.freebsd.org/releases/ISO-IMAGES/ FreeBSD development snapshots URL: https://download.freebsd.org/snapshots/ ISO-IMAGES/ Contact: FreeBSD Release Engineering Team, The FreeBSD Release Engineering Team is responsible for setting and publishing release schedules for official project releases of FreeBSD, announcing code freezes and maintaining the respective branches, among other things. During the second quarter of 2022, the Release Engineering Team completed work on the 13.1-RELEASE cycle. This is the second release from the stable/13 branch. Throughout the release cycle, three BETA builds and six RC (release candidate) builds have occurred, moving the final release date from April 21, 2022 to May 16, 2022, as some last-minute issues were identified. We thank all FreeBSD developers and contributors for testing the 13.1-RELEASE, reporting problems, and being diligent with proprosed changes as the cycle progressed. Additionally throughout the quarter, several development snapshots builds were released for the main, stable/13, and stable/12 branches. Sponsor: Rubicon Communications, LLC ("Netgate") Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Cluster Administration Team Links: Cluster Administration Team members URL: https://www.freebsd.org/administration /#t-clusteradm Contact: Cluster Administration Team FreeBSD Cluster Administration Team members are responsible for managing the machines the Project relies on to synchronise its distributed work and communications. In this quarter, the team has worked on the following: • Installed a new mirror in Sydney, Australia hosted by IX Australia • Fixed CI cluster hardware failure • Set up a new internal monitoring system • Regular cluster-wide software upgrades • Regular support for FreeBSD.org user accounts Work in progress: • Work with the PowerPC team to improve the package builders, universal, and reference machines. • Plan Hardware refresh, and fixing misc failures in each sites • Improve the package building infrastructure • Review the service jails and service administrators operation • Working with doceng@ to improve deployment of https://www.freebsd.org and https://docs.freebsd.org • Improve the web service architecture • Improve the cluster backup plan • Improve the log analysis system We are looking for an additional full mirror site (five servers) in Europe. See generic mirrored layout for our needs. Offers of additional single-server mirrors (see tiny mirror) are always welcome too, especially in Europe. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Continuous Integration Links: FreeBSD Jenkins Instance URL: https://ci.FreeBSD.org FreeBSD CI artifact archive URL: https://artifact.ci.FreeBSD.org FreeBSD Jenkins wiki URL: https://wiki.freebsd.org/Jenkins Hosted CI wiki URL: https://wiki.freebsd.org/HostedCI 3rd Party Software CI URL: https://wiki.freebsd.org/3rdPartySoftwareCI Tickets related to freebsd-testing@ URL: https://preview.tinyurl.com/y9maauwg FreeBSD CI Repository URL: https://github.com/freebsd/freebsd-ci dev-ci Mailing List URL: https://lists.freebsd.org/subscription/dev-ci Contact: Jenkins Admin Contact: Li-Wen Hsu Contact: freebsd-testing Mailing List Contact: IRC #freebsd-ci channel on EFNet The FreeBSD CI team maintains the continuous integration system of the FreeBSD project. The CI system checks the committed changes can be successfully built, then performs various tests and analysis over the newly built results. The artifacts from those builds are archived in the artifact server for further testing and debugging needs. The CI team members examine the failing builds and unstable tests and work with the experts in that area to fix the code or adjust test infrastructure. During the second quarter of 2022, we continued working with the contributors and developers in the project to fulfill their testing needs and also keep collaborating with external projects and companies to improve their products and FreeBSD. Important completed tasks: • Fixed the hardware failure issue of the CI cluster Work in progress tasks: • Designing and implementing pre-commit CI building and testing (to support the workflow working group) • Designing and implementing use of CI cluster to build release artifacts as release engineering does • Testing and merging pull requests in the FreeBSD-ci repo • Simplifying CI/test environment setting up for contributors and developers • Setting up the CI stage environment and putting the experimental jobs on it • Organizing the scripts in freebsd-ci repository to prepare for merging to src repository • Updating documents on wiki Open or queued tasks: • Collecting and sorting CI tasks and ideas • Setting up public network access for the VM guest running tests • Implementing use of bare-metal hardware to run test suites • Adding drm ports building tests against -CURRENT • Planning to run ztest tests • Adding more external toolchain related jobs • Improving maturity of the hardware lab and adding more hardware for testing • Helping more software get FreeBSD support in its CI pipeline (Wiki pages: 3rdPartySoftwareCI, HostedCI) • Working with hosted CI providers to have better FreeBSD support Please see freebsd-testing@ related tickets for more WIP information, and don’t hesitate to join the effort! Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Collection Links: About FreeBSD Ports URL:https://www.FreeBSD.org/ports/ Contributing to Ports URL: https://docs.freebsd.org/en/articles/contributing/# ports-contributing FreeBSD Ports Monitoring URL: http://portsmon.freebsd.org/ Ports Management Team URL: https://www.freebsd.org/portmgr/ Ports Tarball URL: http://ftp.freebsd.org/pub/FreeBSD/ports/ports/ Contact: René Ladan Contact: FreeBSD Ports Management Team The Ports Management Team is responsible for overseeing the overall direction of the Ports Tree, building packages, and personnel matters. Below is what happened in the last quarter. The number of ports is slightly above 30,000. The last quarter saw 9,137 commits by 151 committers on the "main" and 589 commits by 61 committers on the "2022Q2" branch. At the time of writing, there are 2,700 open ports PRs of which 682 are unassigned. Compared to the previous quarter, there was a slight decrease in commit activity and a constant number of PRs. Note: Freshports appears to overcount substantially. This quarter’s ports count was derived differently and is not comparable with the previous quarter’s. During the last quarter, portmgr welcomed back salvadore@ but also said goodbye to seven ports committers due to lack of activity. In its bi-weekly meetings, portmgr discussed the following topics: * the future of ca_root_nss * feasibility of the base system providing certain .pc files * ways to deal with incompatibilities in kernel module ports on minor version upgrades of the base system Following a discussion among developers, portmgr decided to grant all documentation and source committers approval to fix any documentation-related error in the Ports Tree which does not affect its functionality. The following changes were made to the Ports Tree during 2022q2: * pkg got updated to version 1.18.3, Firefox to version 102.0 and Chromium to version 103.0.50060.53 * Default versions of GCC, Lazarus, Python and Ruby got updated to respectively 11 (powerpcspe keeps version 8), 2.2.2, 3.9, and 3.0. * Two new USES were added, gstreamer to support ports based on GStreamer plugins and pytest to help testing with pytest. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Projects Projects that span multiple categories, from the kernel and userspace to the Ports Collection or external projects. Linux compatibility layer update Contact: Dmitry Chagin Contact: Edward Tomasz Napierala < trasz@FreeBSD.org> The goal of this project is to improve FreeBSD’s ability to execute unmodified Linux binaries. Current support status of specific Linux applications is being tracked at the Linux app status Wiki page. Implementation of the Y2k38 Linux project is mostly finished; all '*_time64()' system calls are committed. The state of the arm64 Linux emulation layer was brought to the state of the amd64 Linux emulation layer: i.e., implemented the vDSO, machine dependend futexes, signals delivery. The thread affinity system calls were modified to implement Linux semantics. In total, over 50 bugs were fixed; glibc-2.35 tests suite reports less than 80 failed tests. All changes in the Linux emulation layer are merged to the stable/13 branch. Initial support for fancy Linux system call tracing has been added to libsysdecode and kdump. There is ongoing work to make tracing more syscalls work. Sponsor: EPSRC (Edward’s work) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ go on FreeBSD riscv64 Links: golang Home Page URL: https://github.com/golang/go FreeBSD riscv64 github repo URL: https://github.com/MikaelUrankar/go/tree/ freebsd_riscv64 FreeBSD riscv64 golang issue URL: https://github.com/golang/go/issues/53466 Contact: Mikaël Urankar Contact: Dmitri Goutnik Work has been done to port go on FreeBSD riscv64 which builds and passes all run.bash tests, including cgo (tested under QEMU and on Unmatched). A pull request is created upstream and the proposal has been added to the active column of the proposals project and will be reviewed at the weekly proposal review meetings. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD on Microsoft HyperV and Azure Links: Microsoft Azure article on FreeBSD wiki URL: https://wiki.freebsd.org/ MicrosoftAzure Microsoft HyperV article on FreeBSD wiki URL: https://wiki.freebsd.org/HyperV Contact: Microsoft FreeBSD Integration Services Team Contact: freebsd-cloud Mailing List Contact: The FreeBSD Azure Release Engineering Team Contact: Wei Hu Contact: Li-Wen Hsu The 13.1-RELEASE image on Azure Marketplace has been published. Work in progress tasks: • Automating the image building and publishing process • Building and publishing ZFS-based images to Azure Marketplace □ The taks will be benefited by merging of ZFS support of makefs(8) and release(7) ☆ https://reviews.freebsd.org/D23334 ☆ https://reviews.freebsd.org/D34426 ☆ https://reviews.freebsd.org/D35248 • Building and publishing Hyper-V gen2 VM images to Azure Marketplace □ Blocked by https://bugs.freebsd.org/264267 The above tasks are sponsored by The FreeBSD Foundation, with resources provided by Microsoft. Wei Hu and his colleagues in Microsoft are working on several tasks sponsored by Microsoft: • Fixing booting issue on Hyper-V gen2 VM in Azure □ https://bugs.freebsd.org/264267 • Porting Hyper-V guest support to aarch64 Open tasks: • Update FreeBSD related doc at https://docs.microsoft.com • Support FreeBSD in Azure Pipelines • Update Azure agent port to the latest version • Upstream local modifications of Azure agent Sponsor: Microsoft for work by Wei Hu and others in Microsoft, and for resources for the rest Sponsor: The FreeBSD Foundation for everything else ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Userland Changes affecting the base system and programs in it. Ongoing work on LLDB multiprocess debugging support Links: Moritz Systems Project Description URL: https://www.moritz.systems/blog/ multiprocess-support-for-lldb/ Progress Report 1 URL: https://www.moritz.systems/blog/ implementing-non-stop-protocol-compatibility-in-lldb/ Contact: Kamil Rytarowski Contact: Michał Górny According to the upstream description, "LLDB is a next generation, high-performance debugger. It is built as a set of reusable components which highly leverage existing libraries in the larger LLVM Project, such as the Clang expression parser and LLVM disassembler." FreeBSD includes LLDB in the base system. The previous sponsored projects improved LLDB, to make it a credible debugger for the base system, although it still has a few limitations compared to the contemporary versions of GNU GDB. This project started in April 2022. It aims to implement full support for debugging multiple processes simultaneously. At the start of the project, LLDB featured very limited support for multiprocess debugging. The client featured support for debugging multiple independent processes simultaneously via maintaining multiple connections to different server instances. Thanks to our earlier work, the server was able to process fork(2) and vfork(2) calls and either detach the newly forked child and continue tracing the parent process, or detach the parent and follow the child (equivalent to GDB’s follow-fork-mode setting). Once the project is finished, LLDB will be able to trace an arbitrary number of forked processes simultaneously (equivalent to GDB’s detach-on-fork off). Full support for the multiprocess extension to the GDB Remote Serial Protocol will be implemented, as well as partial support for the non-stop extension that will enable multiple processes to be resumed and stopped independently. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ ZFS support in makefs(8) Links: Mailing list post URL: https://lists.freebsd.org/archives/freebsd-hackers/ 2022-May/001128.html makefs(8) code review URL: link:https://reviews.freebsd.org/D35248 release(7) code review URL: link:https://reviews.freebsd.org/D34426 Contact: Mark Johnston makefs(8) is a utility, originating in NetBSD, that creates file system images entirely in userspace. It is a useful component of a toolchain to build virtual machine (VM) images since it does not require any special privileges, unlike the approach of formatting a character device, mounting the fresh file system, and copying files onto it. Moreover, makefs can create reproducible images and aims to minimize resource consumption. Currently, FreeBSD’s makefs can build UFS, cd9660, and msdos (FAT) file system images. Recent work enables the creation of ZFS images by makefs. This makes it easier to build ZFS-based VM images. makefs' ZFS support includes the ability to create multiple datasets, with each mapped to a directory in the input file hierarchy. Many ZFS features are not supported however, as the implementation provides only what is needed to get reproducible root pools. Follow-up work enables the creation of ZFS-based VM and cloud images by the release(7) framework, using this new makefs extension. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Base System OpenSSH Update Links: OpenSSH URL: https://www.openssh.com/ OpenSSH 8.9 release notes URL:https://www.openssh.com/txt/release-8.9[https:// www.openssh.com/txt/release-8.9] OpenSSH 9.0 release notes URL:https://www.openssh.com/txt/release-9.0[https:// www.openssh.com/txt/release-9.0] Contact: Ed Maste OpenSSH, a suite of remote login and file transfer tools, was updated from version 8.8p1 to 9.0p1 in the FreeBSD base system. It has not yet been merged to the stable/13 and stable/12 branches. I anticipate doing so in July. NOTE: OpenSSH 9.0p1 switches scp(1) from using the legacy scp/rcp protocol to using the SFTP protocol by default. The -O flag is available to use the previous protocol instead. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ pf status update Contact: Kristof Provost Contact: Reid Linnemann < rlinnemann@netgate.com> Ethernet pf recently grew support for filtering on Ethernet layer. See the 2021q2 pf_ethernet report. Since then the Ethernet layer filtering has been extended with: • anchor support • ability to look into the layer 3 header, for matching with source/ destination IP(v4/v6) addresses • table support for IP address matching • direct dispatch to dummynet • pass Ethernet layer packets directly to dummynet, rather than tagging the packets and relying on layer 3 to handle dummynet Dummynet pf recently started being able to use dummynet for packet scheduling. This support has been extended and improved, and is now believed to be ready for production. One notable fix is that reply-to/route-to’d traffic is now subject to dummynet scheduling as well. Last match timestamp pf now tracks when a rule was last matched. Similar to ipfw rule timestamps, these timestamps internally are uint32_t snaps of the system "wall time" clock in seconds. (See time(9).) The timestamp is CPU local and updated each time a rule or a state is matched. Sponsor: Rubicon Communications, LLC ("Netgate") ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Kernel Updates to kernel subsystems/features, driver support, filesystems, and more. ENA FreeBSD Driver Update Links: ENA README URL: https://github.com/amzn/amzn-drivers/blob/master/kernel/fbsd/ ena/README.rst Contact: Michal Krawczyk Contact: Dawid Gorecki Contact: Marcin Wojtas ENA (Elastic Network Adapter) is the smart NIC available in the virtualized environment of Amazon Web Services (AWS). The ENA driver supports multiple transmit and receive queues and can handle up to 100 Gb/s of network traffic, depending on the instance type on which it is used. Completed since the last update: • Upstream of the ENA driver v2.5.0, which included: • Improvement to the reset routine handling, • Extension of the timer service lifetime in order to be able to detect more hardware failures, • Fix logic for verifying the Tx request ID, • Fix IPv6 L4 checksum offload handling for the Tx, • Add NUMA awareness to the driver. • Internal review of the upcoming ENA driver release (v2.6.0), including: • Further reset handling improvements, • Code cleanup and style fixes, • Logging improvements, • Fix to the retrieval of the ENI metrics. Work in progress: • Testing of the upcoming ENA driver release (v2.6.0). Sponsor: Amazon.com Inc ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ New Bluetooth® configuration daemon: blued Links: blued git URL: https://git.lysator.liu.se/kempe/blued Contact: Mail: kempe@lysator.liu.se IRC: kempe@libera.chat Introduction The blued utility provides an IPC interface that lets an unprivileged user connect to and use Bluetooth devices in a user-friendly way and supports secure simple pairing (public-key cryptography and if the device allows it man-in-the-middle protection). What is blued? There are three parts to blued: a library, a daemon and a command line utility. The library abstracts away bluetooth details, the daemon manages Bluetooth devices and the command line utility lets users list or scan for Bluetooth devices, pair with a device, or unpair from one. The command line utility communicates with the daemon via a UNIX socket. Unlike bthidd and hcsecd, blued supports secure simple pairing and provides an IPC. To get a HID device to work, bthidd is still needed. A script is provided to pair a Bluetooth device and appropriately configure bthidd so it just works and reconnects without user intervention. Once pairing has proven stable and bugs have been ironed out, the plan is to integrate bthidd with/into blued in some way to have HID devices automatically start functioning when paired without the use of an external script. A long-term goal is to provide a graphical user interface that can list devices and provide a simple one-click setup to connect them. Installing and using blued v0.1 You need the optional src component installed in /etc/src. First, make sure you have working Bluetooth drivers loaded as explained in the FreeBSD handbook. To test blued, fetch the blued v0.1 source code. Then compile it, patch your FreeBSD kernel with the patches in kernel_patches, and recompile the hci module as explained in README. I have primarily tested blued on FreeBSD 12.3, but my patches applied cleanly on 13.1 when I tested. I am not supplying a port at the moment, but it is possible to run the software straight from the build directory or run "make install" that will install all needed files. Both blued and bluecontrol use capsicum and blued can be configured to drop its root privileges. For more information, refer to the Running blued section of README. Helping out Testing I have only tried this software with my own mouse and realise that a sample size of one single bluetooth device is pretty small. I’m expecting issues and am greatly looking forward to feedback from others! In case of trouble, output from /var/log/debug.log and /var/log/messages as well as a traffic dump from "hcidump -x" while trying to pair will help with troubleshooting. Contributing If you want to get involved with the code and submit patches, you’re welcome to visit the repository on Lysator’s Git. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ OpenVPN DCO Links: D34340 URL: D34340 OpenVPN wiki URL: OpenVPN wiki Contact: Kristof Provost OpenVPN DCO (or Data Channel Offload) moves OpenVPN data packet processing into the kernel. Traditionally OpenVPN uses a tun(4) interface to transmit and receive packets. In this setup received packets are received by the kernel, passed to the OpenVPN application for decryption, then passed back into the kernel for network stack processing. This requires several transitions between kernel- and userspace, and naturally imposes a performance cost. The new if_ovpn OpenVPN DCO offload driver performs the encryption/decryption entirely within the kernel, improving performance. Initial performance testing shows throughput improved from around 660Mbit/s to around 2Gbit/s. The userspace OpenVPN code also requires modification to use the new if_ovpn offload driver. This is expected to be part of a future 2.6.0 OpenVPN release. Sponsor: Rubicon Communications, LLC ("Netgate") ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Wireless updates Links: Intel iwlwifi status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/ Iwlwifi Realtek rtw88 status FreeBSD wiki page URL: https://wiki.freebsd.org/ WiFi/Rtw88 Realtek rtw89 status FreeBSD wiki page URL: https://wiki.freebsd.org /WiFi/Rtw89 Contact: Bjoern A. Zeeb The overall project aims to bring support for newer chipsets to FreeBSD currently using LinuxKPI compat code backed by native net80211 and kernel code. In addition the aim is to continue work towards supporting newer wireless standards. During the second quarter 40 commits went into FreeBSD CURRENT. With more users trying multiple drivers support time has also gone up. An earlier version of the Intel iwlwifi-derived wireless driver shipped in 13.1-RELEASE bringing this work into a first FreeBSD release. The iwlwifi driver and firmware were since updated in CURRENT and stable/13 again as part of ongoing development. Changes in files shared with the upstream Intel Linux version of the driver are now less than 400 lines. Lately a longer-standing problem for older chipsets was (hopefully) solved allowing iwm(4)-supported cards to work with iwlwifi(4) again after almost three months. The main focus for the project until the end of the year will most exclusively be getting us to contemporary speeds. On April 1st, using the same LinuxKPI infrastructure built mostly with the iwlwifi work, Realtek’s rtw88(4) driver got comitted into CURRENT. Due to an issue with DMA the next weeks a workaround was developed and put into the tree so users no longer have to patch the kernel. The driver still needs a tunable set in loader.conf for machines with more than 4GB of physical memory. This tunable allowed the driver to be merged to stable/13 in June followed by further updates in CURRENT and stable/13. As the USB parts for rtw88 based chipsets are prepared to be included in Linux, work has started (needing more time) to prepare FreeBSD to be able to support the USB parts as well. During the last months Realtek’s rtw89 has already been compiling and remains a work in progress to run stably and associate before it can be enabled in CURRENT. Thanks to all the users for testing and reporting back, patiently waiting for the next update, bugfix, or just a reply from me. It is a great pleasure to work with you! Keep sending the bug reports to me, but remember that your thanks should go to the FreeBSD Foundation for making most of this possible. For the latest state of the development, please follow the freebsd-wireless mailing list and check the wiki pages. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Shared page address randomization Links: D35392 D35393 D35349 Contact: Kornel Duleba Contact: Marcin Wojtas The shared page is an R/X page that is mapped into each process by the image activator. It stores the signal trampoline, as well as other metadata e.g. information needed to implement user space timecounters. Previously it was mapped at the top of the process virtual address space. With the described changes its address will be randomized. We plan to turn the feature on by default for 64bit binaries, across all architectures. Currently the patches are under review and await approval. Sponsor: Stormshield ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Architectures Updating platform-specific features and bringing in support for the new hardware platform. NXP DPAA2 support Links Change history Tree Contact: Dmitry Salychev Contact: Bjoern A. Zeeb Some of the NXP SoCs (LX2160A, LS1088A) are shipped with DPAA2, the second generation of the data path acceleration architecture. It allows to dynamically configure and wire packet processing "objects" (DPNI for a network interface, DPMAC for media access controller, etc.) together to form a network-on-a-chip. During the last quarter the driver started working well enough to be used on SolidRun' Honeycomb LX2 (ACPI test platform) and Traverse Technologies has produced a FreeBSD preview for (their) Ten64 (used as FDT test platform). The driver is still work-in-progress, but is getting close for a review to get the first version into the tree for everyone to benefit from it. WIP: • FDT MDIO support. FreeBSD currently lacks support for the SPF parts. • Driver resources de-allocation to unload dpaa2.ko properly. • Bug fixes and improvements. TODO: • CPU affinity for DPIOs and DPNIs. • Cached memory-backed software portals. • Bottlenecks mitigation. • Further parts (DPSW, DCE, etc.) supported by the hardware. Sponsor: Bare Enthusiasm :) Sponsor: Traverse Technologies (providing Ten64 HW for testing) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Medium-sized superpages on arm64 and beyond Contact: Eliot H. Solomon Contact: Alan L. Cox The 64-bit ARM architecture’s page table descriptor format contains a flag called the Contiguous bit. This tells the MMU that it can cache an aligned, physically contiguous group of 16 page table entries which have identical permissions and attributes using only 1 TLB entry. The Contiguous bit, as well as the conceptually similar Svnapot extension to the RISC-V architecture, allows for the use of 64 KiB superpages. These medium-sized superpages can bring to smaller memory objects the address-translation speedup typically associated with more traditional 2 MiB superpages. This project focuses on bringing support for medium-sized superpages to FreeBSD. So far, we have modified the arm64 pmap code to automatically utilize 64 KiB superpages by detecting physically contiguous page table entries and promoting them using the Contiguous bit. Now, we are working to adapt the kernel’s superpage reservation module to support 64 KiB reservations in addition to the current 2 MiB ones. Adding medium-sized reservations will allow the virtual memory system to explicitly allocate pieces of memory which fit the requirements for superpage promotion, rather than just hoping that they occur by chance. Our goal is to accomplish this in a general way that makes it possible to specify multiple arbitrary power-of-two reservation sizes, making it easier to take advantage of hardware features on other architectures like Ryzen’s PTE Coalescing, which transparently merges groups of 4 KiB page table entries into medium-sized superpages. Sponsor: Department of Computer Science, Rice University ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Documentation Noteworthy changes in the documentation tree, manual pages, or new external books/documents. Documentation Engineering Team Link: FreeBSD Documentation Project Link: FreeBSD Documentation Project Primer for New Contributors Link: Documentation Engineering Team Contact: FreeBSD Doceng Team The doceng@ team is a body to handle some of the meta-project issues associated with the FreeBSD Documentation Project; for more information, see FreeBSD Doceng Team Charter. During the last quarter, Graham Perrin (grahamperrin@) and Pau Amma (pauamma@), were granted documentation commit bits. Several items are pending and in discussion: • Mirroring the Website and Documentation portal with the GeoDNS infrastructure of the project. • How to handle Trademarks in the documentation. • Remove outdated translations from the Website and Documentation portal. FreeBSD Translations on Weblate Link: Translate FreeBSD on Weblate Link: FreeBSD Weblate Instance Q2 2022 Status • 12 languages • 152 registered users (9 new users) Languages • Chinese (Simplified) (zh-cn) • Chinese (Traditional) (zh-tw) • Dutch (nl) • French (fr) • German (de) • Indonesian (id) • Italian (it) • Norwegian (nb-no) • Persian (fa-ir) • Portuguese (pt-br) • Spanish (es) • Turkish (tr) We want to thank everyone that contributed, translating or reviewing documents. And please, help promote this effort on your local user group, we always need more volunteers. FreeBSD Website Revamp - WebApps working group Contact: Sergio Carlavilla Working group in charge of creating the new FreeBSD Documentation Portal and redesigning the FreeBSD main website and its components. FreeBSD developers can follow and join the working group on the FreeBSD Slack channel #wg-www21. The work will be divided into four phases: 1. Redesign of the Documentation Portal Create a new design, responsive and with global search. (Complete) 2. Redesign of the Manual Pages on web Scripts to generate the HTML pages using mandoc. (Work in progress) 3. Redesign of the Ports page on web Ports scripts to create an applications portal. (Work in progress) 4. Redesign of the FreeBSD main website New design, responsive and dark theme. (Not started) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Changes affecting the Ports Collection, whether sweeping changes that touch most of the tree, or individual ports themselves. KDE on FreeBSD Links: KDE FreeBSD URL: https://freebsd.kde.org/ KDE Community FreeBSD URL: https://community.kde.org/FreeBSD Contact: Adriaan de Groot The KDE on FreeBSD project packages the software from the KDE Community, along with dependencies and related software, for the FreeBSD ports tree. The software includes a full desktop environment called KDE Plasma (for both X11 and Wayland) and hundreds of applications that can be used on any FreeBSD machine. The KDE team (kde@) is part of desktop@ and x11@ as well, building the software stack to make FreeBSD beautiful and usable as a daily-driver graphics-based desktop machine. The notes below describe mostly ports for KDE, but also include items of import to the entire desktop stack. KDE Stack KDE Gear releases happen each quarter, KDE Plasma updates once a month, and KDE Frameworks have a new release each month as well. These (large) updates land shortly after their upstream release and are not listed separately. • astro/kstars latest release 3.5.9. • deskutils/grantleetheme got an entry in UPDATING because of some unusual changes to the installed structure of the port. • deskutils/kalendar joined the KDE Gear releases. • devel/okteta updates to the binary (and octal and hexadecimal) data viewer and editor. • finance/kraft needed specific build-fixes for newer KDE Frameworks. • games/gcompris-qt expanded, new releases, and now supports more image formats (needed for some activities). • graphics/digikam no longer needs a SQL server during the build. • graphics/krita was updated to 5.0.5, likely the last 5.0 version. • math/labplot has a huge number of new features in recent releases, well worth looking at if you need any kind of data-plotting. • net-im/ruqola was updated. This is a Qt-styled Rocket chat application. • www/falkon joined the KDE Gear releases. Related Applications • archivers/quazip was updated. • deskutils/semantik updated. • devel/py-qt5-pyqt updated so that the port now pulls in DBus as well. DBus is needed by nearly all desktop Qt applications, including those written in Python. • devel/qcoro had build issues on certain FreeBSD versions, resolved. • devel/qtcreator updated with each new release. • devel/qt5 had its infrastructure updated in ports so it does not produce strange error messages during de-installation. • graphics/ksnip and related libraries updated to recent releases. • Matrix clients Nheko (net-im/nheko) and Neochat (net-im/neochat) were updated following releases and library bumps. • x11/rsibreak updated; helps prevent injury while writing long quarterly reports. Elsewhere • devel/appstream update supports more application-information. • devel/cmake prefers generic python3 over versioned-python3, if users have multiple python3 ports and lang/python3 installed. • devel/dbus updated. • graphics/poppler updated several times. • graphics/ImageMagick (both 6 and 7) updated several times. • multimedia/gstreamer updated. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ GCC: updating GCC_DEFAULT and other improvements Links: GCC Project URL: https://gcc.gnu.org GCC 11 release series URL: https://gcc.gnu.org/gcc-11/ Contact: Contact: Gerald Pfeifer Contact: Lorenzo Salvadore Contact: Piotr Kubaj • salvadore@ worked on the upgrade of GCC_DEFAULT in Mk/ bsd.default-versions.mk from 10 to 11, opening bug reports based on antoine@'s exp-runs and fixing some: many thanks to all those that helped with this task. The GCC_DEFAULT update from GCC 10 to GCC 11 has now been committed by gerald@ and happened in time for the next quarterly branch. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258378 • pkubaj@ switched GCC bootstrapping to use Link Time Optimization for GCC itself for GCC 11 and newer by introducing a new option enabled by default. Building with LTO_BOOTSTRAP enabled requires significant amounts of memory and time. How much resources are actually needed depends on your configuration (e.g. are you building from ports or with poudriere? What is your architecture?). To give an idea, a user reported needing 5 GiB of tmpfs, while in PR 265254 a need of about 130 GB of memory is estimated due to an excessive amount of processes spawning (see also https://gcc.gnu.org/ bugzilla/show_bug.cgi?id=106328). Consider disabling LTO_BOOTSTRAP in favor of STANDARD_BOOTSTRAP (or disabling BOOTSTRAP altogether) in case that is a problem. • pkubaj@ also added lang/gcc12 and lang/gcc13-devel ports and updated lang/ gcc9 to 9.5. • Help is still needed with these three changes to work through with upstream GCC (requires src expertise, not ports): □ upstreaming lang/gcc11/patch-gets-no-more □ upstreaming lang/gcc11/patch-arm-unwind-cxx-support □ https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256874 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Valgrind - Numerous bugfixes and updates for 13.1 / 14.0 Links Valgrind Home Page URL: https://www.valgrind.org/ Valgrind News URL: https://www.valgrind.org/docs/manual/dist.news.html Contact: Paul Floyd A quite significant number of bug fixes have been made to Valgrind on FreeBSD over the past few months. In particular, the i386 version has largely 'caught up' with its bigger brother amd64. The devel/valgrind-devel port has been bumped up to 3.20.0.g20220612,1 which includes all of the following changes. If you use Valgrind regularly please swtch to valgrind-devel. Here is a list of changes since the release of Valgrind 3.19.0 (which is the version available with the devel/valgrind port). • incorrect signal resumption if a signal arrives when Valgrind is saving the carry flag for a syscall • fixed reading DWARF debuginfo from PT_LOADs generated by lld post version 9, which splits the RW segment into two parts, this affects mainly shared libraries (.so files) • on i386 implement correctly the management of thread GDTs which was limiting applications to only ever creating 8192 threads • make the first page of the 'brk' invalid for addressing • analysis and cleanup of the regression test suite and in particular tweak the i386 leak tests to not detect possible leaks due to left over pointers in ECX. • make coredumps readable by lldb • improve the setting of errno by C allocating functions • fix building of Valgrind with llvm-devel (15.0.0) For FreeBSD 13.1 / 14.0 there are • syscall wrappers for funlinkat, copy_file_range, swapoff, shm_open2 • add K_INFO handling to fcntl • add handling for new auxv entries • added some default suppressions for DRD and Helgrind There is now an initial version of vgdb invoker support - this allows vgdb to use ptrace to force valgrind to poll for gdb commands. This is not yet available in the ports versions. That does not leave much in the way of outstanding issues. I expect that 14.0 and newer versions of llvm will keep on requiring support. Apart from that there is • some small problems with error messages getting the correct source information • better core dumps (low priority) • TLS (thread local storage) handling for Helgrind (difficult if not impossible) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Pantheon desktop on FreeBSD Links: elementary OS URL: https://elementary.io Development repository URL: https://codeberg.org/olivierd/ freebsd-ports-elementary Contact: Olivier Duchateau The Pantheon desktop environment is designed for elementary OS. It builds on GNOME technologies (such as Mutter, GNOME Shell, GTK 3 and 4) and it is written in Vala. The goal is to have a new desktop for users. Some features are not well supported, but we can have full session. The repository contains Mk/Uses framework elementary.mk, official applications, and curated ports which depend of x11-toolkits/granite (total of 56 new ports). I have submitted several patches, especially: • x11-toolkits/granite7 • devel/libgee update to 0.20.5 bug #262893 • sysutils/bamf update to 0.5.6 bug #264203 Open tasks • Add support of user settings (it is very Ubuntu-centric) • Finish porting wingpanel-indicator-power (power management) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Feature Complete Port of Intel’s igt-gpu-tools Links: FreeBSD Wiki Project Page URL: https://wiki.freebsd.org/ SummerOfCode2022Projects/ ImprovingTheLinuxKPICompatibilityLayerForTheFreeBSDGraphicsStack Status Reports URL: https://cdaemon.com/tags/gsoc2022 Contact: Jake Freeland Intel’s igt-gpu-tools serves as a generic testing suite for drm drivers on Linux. The igt-gpu-tools suite is separated into tests and tools that target kms, memory management, and command submission. The utility provides low-level reporting for transparent tracking of kernel changes and efficient debugging of modern drm drivers. Porting the project to FreeBSD could introduce greater stability in future releases of FreeBSD’s LinuxKPI-driven drm drivers. A proper kms-driven testing suite could also increase code output and bring the FreeBSD desktop experience up to speed with the Linux codebase. The project officially started under FreeBSD’s Google Summer of Code program on June 13, 2022. My adapted code can compile with non-FreeBSD compatible snippets removed. The plan is to reimplement these stripped components in a POSIX compliant fashion. Notable incompatible code includes: debugfs, libkmod, libprocps, Linux performance events, and Linux userfaultfd. If you would like to assist in the porting of libkmod or libprocps into the ports tree, don’t hesitate to contact me. When the FreeBSD compatible code is complete, I will run the modified igt tests using a host of graphics processors on FreeBSD 14.0-CURRENT. If all is well, the project’s diff will be submitted into the ports tree. Sponsor: FreeBSD Google Summer of Code From nobody Tue Aug 9 22:18:42 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SC631wsz4YLrT for ; Tue, 9 Aug 2022 22:18:42 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SC62TBhz461s; Tue, 9 Aug 2022 22:18:42 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083522; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=aLgW25i6GTtS9CglYNG81+E+GvKchsRjuCOL3+YNyns=; b=ahi3z4F9XOfDMofhHECZIZkRbkZLQDPC3uyub6vhM9d9Mc0z0WccjvAs/d5oxaa6WzT+j+ U1uFqRUhOuVTR8ohX7S7D24R1HLj1thgSjwdaPOr3jPr56zBUcp5fAEN03P77occ624OHQ egjx8lESBVGEZKQGQ6HVt+zX6SUMQPcCrUb3BCouhQH0TJBTeK66oZUXG4bdmsfTrhT0A7 OhTaPLYm4Piy2Yv0+XHdnzMkv1h2XlLhunrMdwn9yBkQJ78JJQhm9DnIC3lPhGtlbaS4KN KNCE2rADNh4igGGNqYt+pEIZSGMCf8KrKIfXQN0H+3SUicFZ+RIZnEZzKNrpbw== Received: by freefall.freebsd.org (Postfix, from userid 945) id 2F8D7171D3; Tue, 9 Aug 2022 22:18:42 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:16.kqueue Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220809221842.2F8D7171D3@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:18:42 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083522; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=aLgW25i6GTtS9CglYNG81+E+GvKchsRjuCOL3+YNyns=; b=OUYaEUzbCmbW+YAAPcQ/X1TsBpvrvKq3/OcurVEV9Q6IpdnfIXNWWt5P9Cw14ihvsaoaTM 5QMH4oCYNu8Xmq8WsTGLe8wX6efsf/lHixzlfhUJaB4vrWcbOkqu7zR7MkbtFHWqLYAcrm hm+zxmD12sRaVCajSHk96MRC/7gz6o71hUIeNif83os3h4gOIidBZUEPxYT+lXAGoea5Lq 6UsSjW1GwH3VrAKs3pXsj9lCEbc5k3Yl0rkTwKg3ia+x8ecxkw3mvAUdg+FpQM9VCmtMB+ F9qIxvi0u8nSNF2+lRQ+yF64QG5QmCiDsqfYgp4NzPo1Cwn24FLaSNZse8knag== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660083522; a=rsa-sha256; cv=none; b=wPTTU+esEVPNrH3hxOpHf1oF0IfUMPkx4ZIowdT5mkapM5AW2SNBrSQttf9mvgNjZBqKHY VgNTAbgEAvAr2b252cyUXnv1n5tq0+unShvl/OijoeyJhwcxbs8gSTJ9glxoGGc4BO0r8b I2V9AZEwK0pM5m/rNrJcXDaztiRQ+gZd6bIqBcwHdlcjyf8u51X+1W8KZrq130BApYPonb h3D2x71/zJ81WlPf1mlxMZbY6A+WQT1UOdI6iHshjdpEVrwd0coaNiur6bmBxwY5SyJH2s K0i2/HogMei8iXQhkFaUgLi/5nEcsEtPmEuCoBPqPDj4VOMouEOYktwOBfzVbA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:16.kqueue Errata Notice The FreeBSD Project Topic: kevent(2) timers fire too often Category: core Module: kqueue Announced: 2022-08-09 Affects: FreeBSD 13.1 Corrected: 2022-06-08 00:42:21 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:01:21 UTC (releng/13.1, 13.1-RELEASE-p1) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background kevent(2) is a system call which provides a generic method of notifying the caller when a caller-specified event happens or a condition holds. One use for kevent(2) is to wait for a specified timeout to elapse. This is implemented by the EVFILT_TIMER filter type. II. Problem Description In FreeBSD 13.1, periodic events of type EVFILT_TIMER will return at only half of the requested frequency, following the first event. III. Impact The bug may cause misbehaviour in software that makes use of periodic kevent(2)-based timers. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:16/kqueue.patch # fetch https://security.FreeBSD.org/patches/EN-22:16/kqueue.patch.asc # gpg --verify kqueue.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 129112f80d2b stable/13-n251040 releng/13.1/ c48048ebdbed releng/13.1-n250150 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyzyYACgkQ05eS9J6n 5cIBnQ//edGaUR3lij2DjA6b4sxEVMk+Kss9AL8ZOP+QYnClCT0fyKRPPtW4xGn9 gxlbGpfhCORVgf/V+Hi9FqB1hjdBdnByPOK+p2kKdNDMivQqD75Awlxw3w/YjTTI xBkErCIhcoo5vGh4xlTI76UYY2r02Lxl1uH5lj7AOwwTCEwkUdCSOoi4226O6mo8 AKAErHNVtO0m3NmXW8qtfs9LwAaim6rVpyAYFK1HO0xBQIvMMkES91/iytKDkkLV XImuOwlDnk+ql6uRrqpCaIk3313+X0k3fvaEX3hpgbDPni8qiCeFsI3wOahZjPdq 59bmrV9HKpNoalB74HsYD3SgG4v0lj8MXOPSNpAcZ9YgK77CZ6V+2WoVTNkvHVCY x5FuBGG2VQy2k7cNZYlyjNZKvPGi+lluJXPmGt0slI9QRXZhYZrjgyRlXfC5AQy8 P+vNt+bzGrvdrjUZ4UoV/csvvntNHB3lLH8vT/mb+UuE9VqKUWHVXadeXugRUP18 xE+48oivScLf4FAFwjIJg5nRlvFafuzwjdiO+KWcgbnsLDfITfx0Ok6q68VDuMii ZjzOzKKGPmBwuWJsu9WF4mL2kmyWzCJmSvpioEwHLw59Gbz7p4J7YXQDiZKgKX4e j9AAI1M7i82y5n9PEKPa/sA7lvyZVJgqAwsDtVWnPQAhrJ+kvWE= =dwL5 -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:18:52 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SCJ2X30z4YLtF for ; Tue, 9 Aug 2022 22:18:52 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SCJ263pz46Xj; Tue, 9 Aug 2022 22:18:52 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083532; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=yKR1cJtrVecpwxPAN+v49z1c28Eh3SIuDhgEeWvQZJM=; b=hsYx8RfVKGMmVUHFukYSHo7KiZ6GcAxOdmWtIn5kzNVaUa5HjEOLxHLzGRoSTJUhZ/3t7F Q3NZ6dcMlSQhVEhykYTq3bl9Q6ceK3FTwkzB196B+WhxJb6QBbAuisTMeO14+V4aFPM8X2 IIw8DbvhRkeqK7MRnbqW8GtQoPOb8pJgSAW12Y1Jk20mQfbYr/Vq2zrzRiCd7Xh4134DE/ Gseuw75BWzNFmRXwXnAIZkltn5hOejoAFBaAKi4AA6QH5jDHP43mxXWUT8jrGnF67gsGh8 JcagyrATgpr8C3z0cxHKgLb5iQ756B3FCPG3aNv72UpCPNNlW7D+UHgO8db5OQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id 2E95717390; Tue, 9 Aug 2022 22:18:52 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:17.cam Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220809221852.2E95717390@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:18:52 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083532; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=yKR1cJtrVecpwxPAN+v49z1c28Eh3SIuDhgEeWvQZJM=; b=ScAuUVEn7OnLQCI04NvPyOaPYyTg3ajgrY//DOdoc0I1RxWimtHQefykqLQ8Q4gcU17KCe GBv6Kjn/c7yGMj8aVZfKJ4fdpGiBSinZ1lSHmC2XeDuKCzDh7r4781CNZkwf4h8aZjcwG1 YKEfKRsBj90WC8NAII3Vj6GUBJYEkC9MAApj6NJkHQNTLlg3w2FGxbSDeDgos/azUfo/pf ktWpGIbNRObNdC1cHKA2LOr2fqopekGxs614UsCjHOff4EJ5sd/pKAiQrXE+e+ZU5eiwO/ wwzaVdSfUUi7mCEiDRElVkWuiLExYi0Ul/tQf8WtZpM79I60E2KJAjH8rcg6Lw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660083532; a=rsa-sha256; cv=none; b=Z+Jan8k1F2Ys70Pw1FtPumYjYiqaCxLwnpg3B4nlbCmDqTwCQxLOWTgWmYFdQ7ERl07f0G n1zaKYRfLAaP9zs4gG77sRqmveZMWgiRwN6ecndzowNl0YUVsqYuzRpb9EDuLu6cLGRjwQ 4JJTjqtzNYHKMgoQ/1josFrANJlJIcfYXmxmjdAy/dtNK6Gn3rlTPgq1agV8jbtfm69TeZ HGKfWekGreCL5FxmpGZeE192H3zAYe2Omdbyz7IUdY+Jj+stz6gVfQjliOv47k5LsK8m4a REZZsWRWPH0u2id7lc61M8yAGdIuJYE3HWVj3aN6o9mjvGVOvel3qeZk4qsjjg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:17.cam Errata Notice The FreeBSD Project Topic: Kernel memory corruption during SCSI error recovery Category: core Module: cam Announced: 2022-08-09 Affects: All supported versions of FreeBSD. Corrected: 2022-05-03 20:32:45 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:01:20 UTC (releng/13.1, 13.1-RELEASE-p1) 2022-08-09 20:00:26 UTC (releng/13.0, 13.0-RELEASE-p12) 2022-05-04 01:04:43 UTC (stable/12, 12.3-STABLE) 2022-08-09 19:59:40 UTC (releng/12.3, 12.3-RELEASE-p6) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background CAM (Common Access Method) is a FreeBSD kernel subsystem which handles various aspects of storage device management. Among other responsibilities, it handles device error recovery and can automatically retransmit commands to peripheral devices when a transient error is encountered. II. Problem Description When a CAM-managed device responds to a command with an error condition, CAM may automatically retry the command following some error recovery protocol. For instance, it may send a SCSI START UNIT command to the device before retrying the failed command. In this case, an in-memory copy of the original command is preserved for a later retry. However, a specific portion of the command state was not saved correctly, and upon a retry this could lead to memory corruption. III. Impact The bug can cause kernel panics or other system-level misbehaviour. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:17/cam.patch # fetch https://security.FreeBSD.org/patches/EN-22:17/cam.patch.asc # gpg --verify cam.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 84849cfd1dc0 stable/13-n250673 releng/13.1/ db8082886fd8 releng/13.1-n250149 releng/13.0/ 5430423b6d63 releng/13.0-n244803 stable/12/ r372069 releng/12.3/ r372378 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n 5cIECxAAo+zofqG4H2ZTffIBo3YElCbB8pkXty/ZnW0+3cA+JWcYtpC+5UoKw68q wBN+fL8174tzkzsrN3ZZcmtd28NtlmNYpUbCQCji90K8CSSRibsa+IdGxRDkiTAL s/bHpn4Txyi+XiIDFVABWDuUf3rNxVqgmnWorMTnffukUkXxDYGbwTD4J9eaahhH eEG/iW/O8KL34Asb4Pg/KoY8TAp8U3ojd+/XrLkLHHm1VyAqiW7cYVLcKFFDArT0 NUdqI/B329Jk4qy/FDqbturLGQyxpkeAnB1ARLaQ/DvNQNxoLLv2MbS2/92JiR/y pWrIz0brUp/zrtH5qEQxrvutHKch2CfQnansBs4d/atCyYQsrfTt+1QTpcbqdFJv L0ysPjuHYuFnizjospjaRJfNYQMUK64q5BBJeymNTMpXjYz2SG1K6BlsU001i51o tCXTfFJ35GjIJqiXL8K7aCiu0L8HFJ8zHIGBJv8gB8q/kNlDCCluks5nBGwktboM 91WhbskyR/5en5drBB1RxXYsYDYcJiwDENLmTHyJK/9v55tRlsu6yMUb3sxwV5+G YC4z/GYEBfj5u/ttb0ILZX2eBHx/kIae0wW9x2ch6njOiSp1tcujEH74OIw1a4ja fOfWZsBjB23rIawn3eDLVnLtE9l1ljIsvy2rbVf4xNxxl3x68ZM= =Ujr3 -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:18:56 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SCP0VYjz4YM1x for ; Tue, 9 Aug 2022 22:18:57 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SCN6zg2z46ql; Tue, 9 Aug 2022 22:18:56 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083537; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=HyrXXkHLP9wfut7ZgyO3NUrrfou1pPFmCucwMBq2zF0=; b=lye/VLWGn9r0NXoQwA5WI/oo1IgibHfyI4CdVtj8NUvRV4gJY4cmttrTkXMB3DWn77mn6b Q43t7bud5QVon+591SgZejywAbvb5mcdFvVTZDSWomdBfCDcJvXxRCWquFP3kh+kQnUNst tVOE7jTi45pB5l3MZTOlAWGTjwETgi2HGrNaTqmW7oUGa9ZWVMlfMBjUyXuJ89kaFOyROw +24XPSUUurNjmxmYRVaK/eSick9pbX9pTKIqSNmN4Eowawy9WJ7nPTWPMVFzJec5zJUdzm L3Rg7CKl/sHoqAlh3hdx+x0l/+iVMw2HvaI0oZPAzglkHwej2lzHJ7D6j6+QTw== Received: by freefall.freebsd.org (Postfix, from userid 945) id D7567171D4; Tue, 9 Aug 2022 22:18:56 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:18.wifi Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220809221856.D7567171D4@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:18:56 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083537; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=HyrXXkHLP9wfut7ZgyO3NUrrfou1pPFmCucwMBq2zF0=; b=Tez4qYDoo5eH0hep1L18oBSXd/Pil3xn486mzD5jGnyhr84NvqXzAZmEELta15YlIAIYIc CqKEavRL+tO0Zj5j5ou+/8orpo3I3iNpGBXB/oGCIFSlmvJaI1a/PJZ+deFaPxmhypQFie pKGXtR0zsHDq0hTFtV1CMetY5pRe9XOpoDvjZwf9GQUUpewvMT+G3yc8rAQizAU6N+/RPJ YzU8PFHsUXpHzVv/U1HsckJCmspIqRQWmbe6Ne0MAKFIQR6zVpV9kYGxHY2f8RhV0Nf4ep PphwkndkhC8RjyFCMJz/baQcsidC/mA8BcVOviTRsVbA1B569EDYp6A6ycdwwg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660083537; a=rsa-sha256; cv=none; b=B78v4aKTL9uLv+LMfbXwnxeFTfvav3GmDmtCKrqFMhi35YE2vED6r0JXBu0SYWUOb7BeR6 2sWflq5uglFfeWW8yvndS3COtefcXEUfAWoE+Ii6Ve1qQftS1lo9e7sgfny4qPy5FMwE4X tda9A+n1B/6MM20bc/7TjPwp2O7on1+ZterQU4UVSzwIYd6MXJ3irofLuCK7gBlsRbL2SK qSMi8D6y0NtiYcaDX5rxM7Ot8Kpd9s3HSfbrT3I3k+iScDWwem7FZKs6s3e+e4UhPk8Q5K DdAh6BJDFK2Sn0Jp/55UxHYqEBs34RET0HoMsc+oFQnOqaVOOypBc+REeB61kw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:18.wifi Errata Notice The FreeBSD Project Topic: WiFi patch update Category: core Module: net80211 Announced: 2022-08-09 Affects: FreeBSD 13.0 Corrected: 2022-08-09 20:11:00 UTC (releng/13.0, 13.0-RELEASE-p12) Note: The corrected date and patch revision above (p12) are specific to the 13.0-RELEASE version published via freebsd-update. The revision details in the table below reference the git repository information, which was correct at the time of the original WiFi patch. For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD's net80211 kernel subsystem provides infrastructure and drivers for IEEE 802.11 wireless (Wi-Fi) communications. II. Problem Description FreeBSD-SA-22:02.wifi included a number of improvements to net80211 data validation. Some of these changes were not included in the patch provided for FreeBSD 13.0 and via freebsd-update. The changes were included in the git repository. III. Impact The interface affected by the missing change is only available to the superuser. The superuser may be able to cause kernel crash. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +5min "Installing errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:18/wifi.patch # fetch https://security.FreeBSD.org/patches/EN-22:18/wifi.patch.asc # gpg --verify wifi.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- releng/13.0/ 0d1db5c3257e releng/13.0-n244782 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n 5cIYBA//VQCS16TK3QcOXDznzTi66YqL5GvCklVWzk52la+D0cIazzNKKWLwuJAF bAB9c+jjff0IU6J80/QNdTEvXBjw4HZ5CsniXEUbWMmQOdFh1c9mgW8q6W8PV+R9 DYn7ROO/d8s71Kh8FQh9KzguCYsiSHm8gwfwSzi1bxfBp6J2Af2A/q/4KO7/mN/U Eltgr3AikjqvLm5vo985Fbv2ExH9Xm3rZcc3UggutyNFAtl4X4N/1Pux5msR38sp FIzveVKtu2kuQ9jqOceABZfaxCCXRwl5i/MibOdfZb3+JIdjDSnuH6fjVmVT3Qys 4LFnokEFNtSn04z6VJHmtryqIuByVWWSyyFFpm65pKtpvxzEP+Wrql208U7k+r7A gi1vZVcJpZ5eLEdPgmE7T4IjfuonK0DvVkJlWIigmrFn2n4ss1cyQiNJYyujDDQB sCcC3HZoy8DE4RBzpfEWDjsoqQXzJ81o3TfnNr69alSVAmMRzcQjH8z6syApuq+0 RmyHMCfgKnbPCtgQj0si8VRDtMfgqJsTqHsTks6NiL6csQUTtgYc37MgErLsUR05 4XnfxvslAketx9BvWqgF6eIXnGoJsCopzVKOttxdqpyV1AzanZzl0q+wEBp8WND0 Jpzhtmar9Pxq9wcRNNx8as5b5IyH1zp4/0FqztGsLgHluazYPbk= =W4Fk -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:19:02 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SCV6GJvz4YM9b for ; Tue, 9 Aug 2022 22:19:02 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SCV4LNTz47MD; Tue, 9 Aug 2022 22:19:02 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083542; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=me1hIiuc5vZQq/XIdIMiWrA2gTsxU0icVEN6uKJI8/Y=; b=Hg1k/LYreUhFPG/hZJB+3efAudoqTKjO0LVDnHjCzXdKLJS/6xQZGo9Nl8ug8LE1Td/zVm gTPOLVo2a4hXjaWxMLd8L7av7755KG/AydCukvBMeIYIUidBnXsLkg8Y7dWR7GW9m9FYwP cQdfAoVXRre5xfGxQMPZicENHz6YJZOdteA6YONNy2fdv/PrDVf/wfMLzy2dZrdtmBoB5E 09H0UJaTMkx4hbhqF0d3at5AkL0Bl6CCaQIm9b3SY2vO8HoR1vxygu4cTCj30F+G4pxY0L P1LzaFB7VhqgVbERQMbIJdlmtS9b5gOTjkCmaa8Bq+uvP9DiE1mJ8qzYmMFzIA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 7717C17160; Tue, 9 Aug 2022 22:19:02 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:19.pam_exec Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220809221902.7717C17160@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:19:02 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660083542; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=me1hIiuc5vZQq/XIdIMiWrA2gTsxU0icVEN6uKJI8/Y=; b=cGPaw8RJIHT6jfYJR62VLj7wwpIeANVW9pkTg9w6Zn+X5dy7hNF1ns2dA7tH4e3ca24pli ZkHWwx5tzjevgXGMhdrFVMnpzZ0cqE9y+ulVrB5v08y0CuyQUnQ18YB5OBZBdPYQ6Ija2X M9QVsZHMUYatfsQDOuHqeVKcwNMCc0H6s/T0/kfdF1PR0kCC6cecInrHEmNtsNykOd/yoP jF9tzOkgtIV75VY2bjjZbXBmbFrf99a2cihZ5tx56ggvvc6cKyYRBhel+sBeIs1IAW88Pk OT/MHfg5pjRYYAXvJWJzWRWlz4NQIPkwsvGX66ZAemAD5N00P21iNMq1OzqulQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660083542; a=rsa-sha256; cv=none; b=jrwpn+FTlv9zm51IhWoGID/QIHGLtM0jZ3yBQZUpkZAKo4iIJP9l5QJQwdMmsNaVeSHVs3 K0sXFTB7qLjUhatU+UG4VExSxRGpG/QHUTQWoysw9lQIhxViboHZGkJpkaQy1agCetOcuW sE/fo4wBwQPTqmI0cZ9cwOOGi0XbZCIxXty4/5yXEu2Ihz+q36EUey73ds9kF8+8aCZZE9 fGnB0AUaxY3ECq5XhVoc/l2x31IRU/dj16CXdHgkO8aB27vNzQxRSi0XX6cP85ZE/JHlYj +a5V53F5BZ/jJvXG5QLyfG7hBosk8Ntf+jWPrHjiInVm5leeyc9L0fY1/h+J8g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:19.pam_exec Errata Notice The FreeBSD Project Topic: NULL pointer dereference in pam_exec(8) Category: core Module: pam Announced: 2022-08-09 Affects: FreeBSD 13.0 and later Corrected: 2022-06-24 09:09:59 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:01:22 UTC (releng/13.1, 13.1-RELEASE-p1) 2022-08-09 20:00:25 UTC (releng/13.0, 13.0-RELEASE-p12) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background pam_exec(8) is a pam(3) module for delegating PAM service functions to an external program. When used for authentication, it can pass the user's authentication token to the external program. II. Problem Description When pam_exec(8) is used for authentication with the `expose_authtok' option and an application calls pam_setcred(3), it attempts to expose an already stored authentication token. It is incorrectly assumed that there always is such a token stored, which leads to dereferencing a NULL pointer if this isn't the case. III. Impact It is impossible to reliably use pam_exec(8) for authentication with the `expose_authtok' option, that is necessary to have the external program check credentials. In most scenarios, authentication will fail because of a crash caused by the NULL pointer dereference. IV. Workaround No workaround is available, however systems not using pam_exec(8) for authentication are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:19/pam_exec.patch # fetch https://security.FreeBSD.org/patches/EN-22:19/pam_exec.patch.asc # gpg --verify pam_exec.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ ea80848e1c06 stable/13-n251487 releng/13.1/ 26db194f3db1 releng/13.1-n250151 releng/13.0/ 277c0c4d2512 releng/13.0-n244802 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0cACgkQ05eS9J6n 5cJs9Q//WY8wGjWIUpmQ2Z/R9aHp7+MsFXiJ+bmwiYeX7bAWDC5uienqML62ir7y Lqnx6B0Njkn8VmV+6/R6ACCXyNbg+zSXbecOFAkclB3x65CZbOAmgvtUYKCuSdGl EzGTBOoVPIr3aowpMsnc7MULF5WXxsDfb+mqT1MIo5gmsxIIulHwui0AnPzOhmH2 gUeuA5CIsZk+QgJetAg28K0fB4pbKquX82sSiDbfMK+MrXOVugSTHDq1w+01LbW/ YKNSo+kkMw+NmDBD46ibrMDJCVucdwpGISDzhJNALnUudLb8f7cbF/NN1Cd14zxA P8qY7CHmkSUVtREDGcvJ4TYIXtvCuT5iUaWymDkN1URu6MM0Ixa6JkG8yYBMi802 Vg7/I2Z0I6F0oeDISmFGvF1Kic50sWL7pnPTpoNudI8RhRJzvNQpE67oF1IIdsEy Ij8aCRbkhirtlETUFmJw7YOWRVnMs9peahimmHVZ0bVwBG5eWuLb/7mSXtSvnUeD Af7U0Z82GHtb0vyFvc1zJcQa+nvkQGzEPsBTC8PxYdba1ZK5zJ9JW3cuSmJYW6jW Jao/8DvRQa0PrQe4ahy2xqa/ImYTr9RMaIT+x8ArRm4glfMZNDtbLjfgh0ebRGn+ Fhh1DS7URCijOwsK9pM1mX7zaROINyyXpGNhnzd2SJsH9p31VaE= =JZ5O -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:35:25 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZQ26PPz4YRT3 for ; Tue, 9 Aug 2022 22:35:26 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SZQ1gxKz3LyN; Tue, 9 Aug 2022 22:35:26 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084526; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=YswOvJxnYtdaZZYzevfxWJLI07NFwkw26DXChuzGysU=; b=bSiOuJ+THcHjzyrp6N7jJQVEWCQ+FR9cxL+GMRLvUnu+IwJS1YrcTe10QXP/MVuCyON1qd VJgoq4JARPkudGHLjDADXFhp7XaLJyPOiqAii03Q8WveEFKiPyuQOXCsKQeKIYWpJ0rAAX FY0FplG9bHWKguetsW136oZQ7rDYS8vzjfXqrcH2LZvnqOKO7IZykUgUGvrwzokXRqWVUI IIqa3Ffu1ioTU/DKt4dOT5On3TZ9s6pYY7TRgb4I9Fibe+9I+ZuejbNGSXn8nBMRHbK4Ub cpsnGIMJ5llkvZCr/H0ZDrFbSv9S2PcLnsAV14+y9+G2CTZcTc9kxkfUCXobvg== Received: by freefall.freebsd.org (Postfix, from userid 945) id F36CF17168; Tue, 9 Aug 2022 22:35:25 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:09.elf Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220809223525.F36CF17168@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:35:25 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084526; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=YswOvJxnYtdaZZYzevfxWJLI07NFwkw26DXChuzGysU=; b=AWhMv9cx0kqgt2gn54v5C16c3kVt/DefoMVMef5sCGI6uTwesmBYhSvPGLjIFNAB6+iG7z L8bMEJMH2qNk4mR8vDhxAZ1CR/+9Kccb6qYzW6h3XDE/FOLM8CUgAzXDUqt+Y+dt9QbcdV WBENJLpXTVuOrrvuBjfxyzVJ6JNT2sRZE9BmauhWE0iw2YxRId8OG7dj0Kispo+MOiG7FE EPWLAGSWHr+CaG4C5DOtawVM/LSukBidQVxEsUrwYYKOaGUk0ObVkRIOzbXbl4IXcBWn/Y DFXemr6aH4X15FOSvJC3rRQ7G8shrph8Y/j1cUOfwdPgsogMJV3SYgwBRGX79g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660084526; a=rsa-sha256; cv=none; b=RhFbr+M6W/OS3d7RK0a/2XfuIB1TNQB1/a4TnpgJvfyTMwlqcOTzhYhUQjsgIvZt/epdyS OMUxJ+2nMvMHZO5cGzR7aqa7d7AUqRYEj5rUsa+5R8wzuAFKh2l4XKKQdWgPMMjgMOgZxG irFsQl2qvntgJ2iEmXYck/HB/DNyjnpwB2EH4VJELk279+eG3vQZmJeDufPyl9pK9A39iz iOnDdsM8y41m8WDVjvfs9JOe8O0MF3hepjDvkJrOV7x+yMr5MbGPxinwhkTVgCswwnMYTH KoTa9UG8cfhyziH9eOYHsDjB4gmdhZF1zJZdzehzr24mIDDDoSeGD3ScDP1h0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:09.elf Security Advisory The FreeBSD Project Topic: Out of bound read in elf_note_prpsinfo() Category: core Module: kernel Announced: 2022-08-09 Credits: Josef 'Jeff' Sipek Affects: All supported versions of FreeBSD. Corrected: 2022-08-09 19:47:32 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:00:43 UTC (releng/13.1, 13.1-RELEASE-p1) 2022-08-09 19:59:14 UTC (releng/13.0, 13.0-RELEASE-p12) 2022-08-09 19:57:35 UTC (stable/12, 12.3-STABLE) 2022-08-09 19:59:47 UTC (releng/12.3, 12.3-RELEASE-p6) CVE Name: CVE-2022-23089 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Process information known as "prpsinfo" is written when dumping core of a process as an ELF note. The sbuf family of functions allows one to safely allocate, compose and release strings in kernel or user space. II. Problem Description When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. III. Impact An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash. IV. Workaround The system administrator can workaround this issue by disabling coredump. This can be done by adding: kern.coredump=0 to /etc/sysctl.conf and run `service sysctl start`. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is required after applying the fix. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:09/elf.patch # fetch https://security.FreeBSD.org/patches/SA-22:09/elf.patch.asc # gpg --verify elf.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 8a44a2c644fc stable/13-n252079 releng/13.1/ 69a456c0b60b releng/13.1-n250152 releng/13.0/ 056ffc74a769 releng/13.0-n244804 stable/12/ r372376 releng/12.3/ r372380 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n 5cJ6tw//VycxB1Il6TKajIo9VQE5lN1M/h1j0fbyUokXWpcGH/+iGl4sLkxtrFuv Ekjshp9AezGgSIWCEdcwx8ck3LUeU0kVhAjcJjI/p+YfSWcWlLTQk13/Z3FsF6pv EK1VjKDiMpZHbddbkvY2q4JKIdO2UXgBYwtshvwHL+Y8Ev2cxvJdQfwtclf+N0Q6 Shgf25XPqkrG9vCJ30ldlJs902PoHKyGUOqU0+4741rcaZBjeF26RQPOXT+z4yQz RpVQvyQ01OnXgXO8X+7hoW83m3C7hNz5KnmX5YLMQCBUgYjBk4edeOlnq1wnRTtW k0qPdkIa5Rj8Yq8k+VP3PMiKezXOmxrmXUV16j64KZM9+r0eNPYx0C8sgkLZSrRe osk57jIYtI0M7fTVNlhMY7uCLFaK3xHb+/Md+ExpCs79ZbH+CxgnU+HPyIIVV4zX RhDRAh/w/MVKcHJM7y2TM6VDDhiLNqWeV9ruMj92ZnkB+QnRqrah53JUlo8PQcFn oDfe/pSGhchpjwyhwHoXTBQNQjUlbm/7iC95D0UdtfuH2eFcSdDq6aWMO5amxui0 Kkm+nswlYIpJsq3Addu2pEEhh2DHIwF9wiz8DKFJ1et+BF+GW+V4XKvXSd8sO7j3 19GK3xtf9cGnYYoPBpNSxuFLP+zcb+1gXTX+N9gG1EqQfXdjMtI= =lK0G -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:35:31 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZX0Sc7z4YRfb for ; Tue, 9 Aug 2022 22:35:32 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SZW6lngz3MZw; Tue, 9 Aug 2022 22:35:31 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084532; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=PLggPPiTmTIGc61O9vC2bsdgFhLKovXCqaSFsOIwp34=; b=u2ow+gZBAfIzkvFMYSGOscKTPC5GL/MrtSUKAJUL0xUgNi9RBZ6jiqfFD2zk9qRf83Z+4F qRVKtxY0DEn4t1oqM0uM9mpFEGdWFkgi+CRTuocV+XOSIBrvfMJA67V4tfnn/NGX4Pknjz DmAyQU/3I6B4b6kjZLxw/WlAsseqYW/p2b/xu+52B8/DbFxUDqnluT9XITcc2onOPRzZHT 9mr8OVbn86qu+3SW7uZN3EpmTqJNUDiisiqi1WsvDFkJpCPqq8tfURCfDUUkFPCl90d8kE +gCUsa5wA995U1n4aImMvESXcl5RYDx2ZZYk1GCNDeTHjcVmmIn4X+5DqIcY2Q== Received: by freefall.freebsd.org (Postfix, from userid 945) id C4E5E173A5; Tue, 9 Aug 2022 22:35:31 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:10.aio Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220809223531.C4E5E173A5@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:35:31 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084532; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=PLggPPiTmTIGc61O9vC2bsdgFhLKovXCqaSFsOIwp34=; b=NPAebEGKKEkrD6W9kcRJoaK1rjJWAUJKbE43vTiD6kHQYoM1bTqkZ4Tns3J3uy7qGqm9DU eAJX+poxjT9C4W8aDIB5Ak4s8opSTW2eIieohDZQ+ZEF/0PFAwCHBLO1oMT2L7z3ufigXQ MPg2rQjfk+j/pVPmHmmqwfHBrH2nNRVXGUsAb602aASYHW0rATddI37okYy5UEZ0GwjJG+ T4HyT1JoLSm94yQypbl89Js+oGRIXRqOYcv2coiHhuR+NFVGUQCi3FoK4MYWKZDdheS6NY v7Y1S1njGq8Zzw7NGQw3ToCMm05oJhkbBptYVT1cNiMC/JUC+AYcQtDVW/Ml1Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660084532; a=rsa-sha256; cv=none; b=KNhV6/81moAB9BeaN+MBW3QJGWheO1lwijl80KW9bXp8OB+KXbaPKktgbVBXPciMfP1O4P mWMBoLqVnpNp8tglhx1feBThL5ehOOLN1Qzjj2hIM5WSrX0t3PGABwVRU+qyQ+ecrDcLm1 DU7zRsyma5vMdQbGGeoeIit/mQ3SGxKd7mXTjUTMVVjZa2VUXqZoloJNNujR686ALgoNVv NgFjxgJM1Guf1wAPxJQlBFcXtNuvJqNFn2UxnyrJ32IObZlKRGIVuqMoEtXP9tTQHvB9Hs j4ArxJaV92/ZFuGKhO/1jNCXorU4pQ0nXeuWpLSTgdjzTWOfDQcEpeharDUq4Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:10.aio Security Advisory The FreeBSD Project Topic: AIO credential reference count leak Category: core Module: kernel Announced: 2022-08-09 Credits: Chris J-D Affects: FreeBSD 12.3, FreeBSD 13.0 Corrected: 2021-10-01 00:32:22 UTC (stable/13, 13.0-STABLE) 2022-08-09 20:00:24 UTC (releng/13.0, 13.0-RELEASE-p12) 2022-06-27 17:27:50 UTC (stable/12, 12.3-STABLE) 2022-08-09 19:59:44 UTC (releng/12.3, 12.3-RELEASE-p6) CVE Name: CVE-2022-23090 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD's aio(4) subsystem implements asynchronous I/O. II. Problem Description The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case. III. Impact An attacker may cause the reference count to overflow, leading to a use after free (UAF). IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 12.3] # fetch https://security.FreeBSD.org/patches/SA-22:10/aio.12.patch # fetch https://security.FreeBSD.org/patches/SA-22:10/aio.12.patch.asc # gpg --verify aio.12.patch.asc [FreeBSD 13.0] # fetch https://security.FreeBSD.org/patches/SA-22:10/aio.13.patch # fetch https://security.FreeBSD.org/patches/SA-22:10/aio.13.patch.asc # gpg --verify aio.13.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 9499d3c1e40d stable/13-n247480 releng/13.0/ c864c8cf08a9 releng/13.0-n244801 stable/12/ r372172 releng/12.3/ r372379 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n 5cI0ZBAAi90yUPtPxBcshN+DldO6WSuQEWBE5XU+7Ivesns80PMF+QuQ9S/YfurC I0LNfjGe48Q4/CIfixLf3Xsari9IBmHpUPvJS3+TaoxrOLRTLv2uTCZl6mGj1iqL H4ufrtMCbaA830EAKlEfCfI6eY8eDJpKh+he86adW3qNPWewTKGeEK8Mi4st009F DcCcHquy+IC2DnZaeoO+dttKyMoyEJgvo8F0oej8Jg7OBPdW6yTuabutQkuxSur/ JChz+Gn0tKj9qtN6023T/JvDXBKsQVlURbGofHhcm5JkpFFVd0A4+2MLbAO24gJa fnYRJDaWbRHvF0joy3qbZWZ/a3iHHC+yq7jupHoOkP7yULUQRftoj2kdPPZic6eQ XcyZE3rKgk7CHJq1ofg/Ye6WTgEghWjUlp5yrTniL+uWp6YuSVZNKPvXweDpi45M segQvlLoDWG3GEhaRyvaeBkA4v1lLucdkLQCM9bAFPhq5S27lcHPf9r4jiWBR5HB yQKddJZGa5lzsiYhKfX+pJ4rQa3QPN7N1NRygXDp4WRcPCqV3r4owZNJs6rsPkVM c0+wyGZhv4jH8lRrludMeXkiusoYOHEE+hslA+xU3M+19ak7W3DkJZKvEZQgBMNs bobKi/rl0GmAJthxd+vLXmdRK8g50RhPP+Fq80eLct151DDBdd0= =7sbf -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:35:35 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZb3m6mz4YRt6 for ; Tue, 9 Aug 2022 22:35:35 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SZb30JCz3MvR; Tue, 9 Aug 2022 22:35:35 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084535; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=LfBVSNQ0it1+f/r4SteoTFtVidc6Tr3hYyRi93Xkc2M=; b=Zky5XoWZJnz27dABNNI2n+vBCmviGtGoKkCXpEO++4s1Hv6LhkBwiTZLJ7/hhc3bhM3D7A eFDEcRdcsmLj/8uE7+K1dzZ4LP5kQmCeoMIaIOg/C1QtwZrPIOK9GprgMWqXeBqGSJ5RsR FN8/ag/MV0E4DBWQ+R8QD64DjsDwfDZ7xXvtDBPkqD3d6/qg9XtOMD1iqQb63jcMpxXJhy glj/CWo8+5/OKOs9qj+qI8jnYPD+UkPgbY2qpL9D1Y4v0vz7HSdgkUCwxQ811ByTrImHs1 E5fNpahVLahFNUMjhnYsfPUzkdCV1NO1IMjK2uhDHU0pUb+YV9JkKSR5K3GsRQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id 4BC8617336; Tue, 9 Aug 2022 22:35:35 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:11.vm Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220809223535.4BC8617336@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:35:35 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084535; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=LfBVSNQ0it1+f/r4SteoTFtVidc6Tr3hYyRi93Xkc2M=; b=tF+7VNTEvbS94VCuavpo29yx+Eu8euMH2dmgvoKYd1TnXhh6IgqVXVkP0/gdCugyvSpP0M /d9nN2oU91V1gkXX1fZn4s/be7KQvFAmhQeSWVbm8xQUd86v4snfZ/LszxzmExotElcoK1 rcdilxi63pTuEKUTy4MmFNCnVjFj++3zlHaXdDATpehjybA6xGIfQEs3pR0FMq8Ybudlth Y2VZG/Bc5auAtH/I52ug4ESqN+lZqMHHICk+iJ0bzI2zWXbQPvAIMLf5/Q2sX6/BgiDsMB sJAj0WJgqdHGzmi+JJahy7pXduazNT2IveCebIsBN6OlawlZ4nlMYMr5JcW4Rg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660084535; a=rsa-sha256; cv=none; b=kibS1CpTM2E69Md53V9hnEN4Hb+3EZbPKOpKe2blO75V+s3cb6F4QXwbnuFWpt2XQc/0C+ 6dte4M8gj9jjvDLVAtpPXuv/nYwXSDo9rNXYxpuVw9DmpctVrX3GpIJu52PCODmyh06Dlp /Uon1nSkh6LLwhpY/jupuG9SYqQunaL+Z9xE5MgEd/llFZH5gtJdmqGx6ZxMv4AntoFPNH qe+KGXvgA6Wcy4WdRrPm36lK17C5gSFfgYbrimqjg0bUMzaIkjer6cka5Nqo1hugJdA3Qq kmMrdhCNiUc92d8ae2oyMXI8lrRUGkzSQ/lCn5MCTFkIf//Tb4CzCpbRttQneg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:11.vm Security Advisory The FreeBSD Project Topic: Memory disclosure by stale virtual memory mapping Category: core Module: vm Announced: 2022-08-09 Credits: Mark Johnston Affects: All supported versions of FreeBSD. Corrected: 2022-08-09 19:47:40 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:01:00 UTC (releng/13.1, 13.1-RELEASE-p1) 2022-08-09 19:59:49 UTC (releng/13.0, 13.0-RELEASE-p12) 2022-08-09 19:57:38 UTC (stable/12, 12.3-STABLE) 2022-08-09 19:59:48 UTC (releng/12.3, 12.3-RELEASE-p6) CVE Name: CVE-2022-23091 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Memory mappings shared between processes are a feature of the FreeBSD virtual memory system. They may be established by unprivileged processes with the mmap(2), fork(2), and other system calls. II. Problem Description A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause. III. Impact An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel. IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:11/vm.patch # fetch https://security.FreeBSD.org/patches/SA-22:11/vm.patch.asc # gpg --verify vm.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 3ea8c7ad90f7 stable/13-n252080 releng/13.1/ 0c88ecaa1255 releng/13.1-n250153 releng/13.0/ dd349089ff92 releng/13.0-n244805 stable/12/ r372377 releng/12.3/ r372381 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n 5cK+mQ//V5ZGy6Hx4dfngafOWuSnC/5usXbu69iKnHQONPVZoVO72ZZKbm1fyMn7 HlDyAfhEtYuh67JNROH7KJUf3lPeHQUd/rfSbTv8usXhxeAu09/kWi74/kviDLd5 5Ocaja6DSN457c4gd6Lght1IrzDjnrL/oR8sHf7QWP0UAPjzi9CAcN5R90e7UP0u J5/w76zl4ApGu4na3CNi3OTCf4xOf4ncosOXFyZHOAsnbyXjjl0qp17MtxDpsvNn xAXOF3PvtFsO8r2MyLqRkcvPZE3n1LNvAPaI5jlVaXS6Nw7enZMqokj8XLmiUxcg FXipr9nhdL+Rihj3JjIY3uSXv7x+ZacET9cM03a9LlI7kSzfuWA+hkiDExfITJZ5 jJFqZ+PV+TvNqXfeatnOC9o2iyW0tAj7j1JPO3NEowdJSh/cpgzDfniDhm5dMA7G TTFyxCrX5ZwhbPgHwKdb6J6oVYc0v8Rlnbb4bIpIeFO/OP0QwAU0f/GnxCeTEoXn 0s26Azsi2l31HKhSha7KVz66IWCdyBjwGApC2lNM9G2zKlD4NXEr976mG9WA09wS jUM290y1uj2igdfq6gcgno37c6xQiAypDpOnOCGAL0+sbPT5ak7y/NFDFppR0uB4 x7USiGEonMNswkKHtaOf7df6RAwNQZG7F+ADwtaMlC/C+c6hlUk= =WXZW -----END PGP SIGNATURE----- From nobody Tue Aug 9 22:35:40 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZj0zWPz4YRmY for ; Tue, 9 Aug 2022 22:35:41 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2SZj0JzSz3N9X; Tue, 9 Aug 2022 22:35:41 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084541; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=zvZj2P75YII4T/vBzSCrwWRXkfaeqKmdx6X+pkF34Jw=; b=pGe2nKY2qL14oF08ZWA/JVuFBZif+wgZuzeVsFgZdF1ASfFA9pQkRB4iW0DvdKjdk3pRNh IOvHLFQtknc/xwd5dx3oKMsMkioWWBL+MOEbCw4+BRqgQHO4FX+cXQyOMxkRvDYqhjg4me uT0mjuvPuoly2Fj9F8rGXCE9bfdfPDM0IAb1CwEXKQ6XVEI7lrvGoz9uNJKMS3IxcsCHq1 H0IqoYgRguqp9txwMfY8xGF8r08fByyEvds8MWqmwrv4Gsaw3oj5SGJHSCRguzgLAlCisz U9Rbbf3zIRwyzNGO2dRU5aG9mR+Cj0Ij9i+0AliZk63g8jwFFSd8u2cfn4Td6g== Received: by freefall.freebsd.org (Postfix, from userid 945) id D67341716F; Tue, 9 Aug 2022 22:35:40 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:12.lib9p Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220809223540.D67341716F@freefall.freebsd.org> Date: Tue, 9 Aug 2022 22:35:40 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660084541; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=zvZj2P75YII4T/vBzSCrwWRXkfaeqKmdx6X+pkF34Jw=; b=kWMx5suVss8FpAWr8ZIudyq3jmcI/6zPF4l9hqGJ4+/m9W/l4gEoiLZGi5ii1JFO5KOVso /GqXBuUrxCwm0z3KOewT/GBzCWstB+aunfGqcNjbjxhVQ88JLHE6jJGWYhHPQtn7ekNDdF cRHn7+XdrY4iit4ctE5ShB0/n+f89Zpetvq0nQdei6GQi9/7orbDgtdmzCeDnJyPD4iebI fp2TgwGxnT0YH3Yy+20UlmVyFo2gjkw4OJZFqfsgca0CrRG7Wg0yk6vzpRih7gwhIGVNgC nxoXNR9RqQo0gXxHKtDA0v7gewy8H31SyJqbJDnqKno2l1x+jdb3EK30Re4AsA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660084541; a=rsa-sha256; cv=none; b=u7xqX7NQfS5WHiq317L6/KRWWBdlwCchxcui4GM171jkWjIhzZSxAEFVEu/5eNnNpR9FI+ YA7k66PnI6aH60ICV9+t8ACuwxywkMhSAdmAIifU+UWHKi6C1t4/DgSZfmNDdB7MD8PUBV UJ/ZeliXGeiY5q1rK+Yy+cn0m2TzvxjoKVi1zTHb+0XsyFn44hUnGUQobZdPzOgSR6PnsJ 2cKcnQ7hSFqrb8gUZHClMDsF6AtvSUwZoVDBNlZHevWjq4VnAwJHCOB9DH/KKnh0HSoVX1 3jS1l1K51gTSyCGgQTwamuI1J4MBM/fr+/Tp3yfD/xJP6rVR3i3eMNGMpBxyjg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:12.lib9p Security Advisory The FreeBSD Project Topic: Missing bounds check in 9p message handling Category: contrib Module: lib9p Announced: 2022-08-09 Credits: Robert Morris Affects: FreeBSD 13.0 and 13.1 Corrected: 2022-08-09 13:33:14 UTC (stable/13, 13.1-STABLE) 2022-08-09 20:01:13 UTC (releng/13.1, 13.1-RELEASE-p1) 2022-08-09 20:00:03 UTC (releng/13.0, 13.0-RELEASE-p12) CVE Name: CVE-2022-23092 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background lib9p provides an implementation of the 9p file system protocol. It is used by bhyve(8) to provide guest access to a host file system tree via the virtio-9p device model. The FreeBSD base system does not contain any other users of lib9p. II. Problem Description The implementation of lib9p's handling of RWALK messages was missing a bounds check needed when unpacking the message contents. The missing check means that the receipt of a specially crafted message will cause lib9p to overwrite unrelated memory. III. Impact The bug can be triggered by a malicious bhyve guest kernel to overwrite memory in the bhyve(8) process. This could potentially lead to user-mode code execution on the host, subject to bhyve's Capsicum sandbox. IV. Workaround No workaround is available. Systems not using bhyve's virtio-9p device model are not affected. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and restart any VMs utilizing virtio-9p devices. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:12/lib9p.patch # fetch https://security.FreeBSD.org/patches/SA-22:12/lib9p.patch.asc # gpg --verify lib9p.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart restart any VMs utilizing virtio-9p devices, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ c536045c51da stable/13-n252071 releng/13.1/ 7dfe949791e7 releng/13.1-n250154 releng/13.0/ 70a2cf7bb2e0 releng/13.0-n244806 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1IACgkQ05eS9J6n 5cI0vxAAoIkoKbB7T2cGS3k4sNM0SCB8/akhccPCVLgDc5aNnCJSD21gSWVY//Qc IoxNgYBiP5Y0t2f8y6pzE4f9IuNRwhiLMAVgNHJgf7oRvsQyUAAqv+kXiXuutYQm qYZOYM6vYk7bw6yLPwyS1S0QPWFZraBA3wRxAXLn3NcU3blKc6psPPqLuqfdR+0a 13s305/lw1uoaMYHtlS5S4rcnZm9uLPVMQZL6NMVtkLjRbuN2vUrZy81zSHVGQUN RAN8qAPXjeD22a5gy7ZIqgt07OjYn331rAPPIpNtADU0vaYzVUkwrilY8ogIIJH2 Be2NPmqbZEWTHFYcOQHWW/16rDXYXx7ZfvHHYzsrId+9G97I/nTMmN8dPeUJTtgh syG6DSsbrYmssfGDXFX/nTdKDcT5UkNE3W3er7+RwQ54d9SlUwuY5SyycPJNBDim 018+Gb3GobScJGwSID+DyYEHxaj9e0WmLC6tpm8ZBlZnUTrdBqxEX+xhfxsm0Yds dPVXHICXebgXzHs9RO5s4eNa+miu3W8QRkbyLmL8ReUHwsWSLS5p91hgOheHji4e 0vO5T99f11+lp1FFw9iLlpo09klsN26nGTJ4/XXtlCjD85GIJINR7JI/Fg1NRF4N S5CmUPVutyvzGPkrNVUI9QwL/O0CEg55KTiqtQKjgjCCHhChZ+0= =ILeT -----END PGP SIGNATURE----- From nobody Wed Aug 10 04:44:25 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2cm96TDYz4Y98N for ; Wed, 10 Aug 2022 04:44:25 +0000 (UTC) (envelope-from security-officer@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M2cm95x8xz3RWf for ; Wed, 10 Aug 2022 04:44:25 +0000 (UTC) (envelope-from security-officer@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660106665; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=P7vkqHo5+W8rmaZ2dn0pILL6mZaVmX+vU/MTUxT5YAY=; b=CFl7+gWj3qzGki2bAIXLnWbeeAbQzZ7BSsipMASqg0Mz5APVnC5TPz9wCvSVFxqln7VMcy 0sQogYBGZzLGmMqrlFTZNzoddknJ78vtHnmnlIQDjqbXenNQoo71JvawbSCoH/u8oFmcre i9xEJQBdqA4K6eh0y8TXVqQ2K7Ut5vr8Y1qGPRpDVfhEqK9ccUQ3x4eDNAok1jGUgiQ8gb +8aB0WFW1rt8e3Crkp8BXi8Pz5qyVe5c3M68sy2id9UW7C3GgVGzgjPb4KLvJdg3VcdyZ2 eu3jwHKiIoOma1cbSkt5lKeimkPRUjzAlCKSLB9xCW2KBbKJtwAJGloCjlypvQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id AFCD917DA7; Wed, 10 Aug 2022 04:44:25 +0000 (UTC) From: FreeBSD Security Officer To: freebsd-announce@freebsd.org Subject: FreeBSD 13.0 end-of-life Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220810044425.AFCD917DA7@freefall.freebsd.org> Date: Wed, 10 Aug 2022 04:44:25 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660106665; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=P7vkqHo5+W8rmaZ2dn0pILL6mZaVmX+vU/MTUxT5YAY=; b=pp37CmMrrlt7WMkk74REoGxEWmmOjvwsS8nn5rOGFNtmYAw6crO0s5yHIyHpiT3/1RShNk RsDBIIO1UtyocbaJF/XrS0FdqIJxT6mfD7ICSZZ94TwiYLVW/XBpr9bai8J16vIy4CNqde bbeC8oaLLANEERxkT3nCauMI3+Pe64fnkAHVnpIpFCXWKaEXsLoix4CEuztJPUXOn4KvfL p45TWSJDEquKjQwOcKO06l/HRKIne3UPzWDG7A4voLRViyIuhSMBHUX5qHnNojeqLuvBGC L23MYSXLZD14L0Gcw9RnlLs2z8X480hoFHiFyJQWBBfQNKp9foE4qK/yRkwevg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660106665; a=rsa-sha256; cv=none; b=BqYKfk/XQxeCz5CriZuNvaMLx+6OA1JSJYzCfSi+iorYZlaS9nRKz6AyLHaKNeSZLp1xIl akZCWSuaSkT/Or4dHnATODROIOYH3MnnmD9f3p5v8+1IiLKXK+bnITlIxmDRv+TLXmx7GY WtU0rc3if+KwZt5v67ifXIfokF46Oi85edlStcKkCj6OYhoV9cXRsdbk0SqAZ9Jrfft8Gb YNP+zR0U/+sTcrzlNja83kiDOich4MBYpMIlaKUcHlNP4PnHOv3Ng+bsEDT3P1ZpAHfdIt lLGc5IDZXysIX9jWhpqhGydOBPPMlJqlORuHEoFDXLnNwwGSdX38wwoAiDneOg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Dear FreeBSD community, On August 31, 2022, FreeBSD 13.0 will reach end-of-life and will no longer be supported by the FreeBSD Security Team. Users of FreeBSD 13.0 are strongly encouraged to upgrade to a newer release as soon as possible. After August 31, the supported branches and releases and their expected end-of-life dates are: +--------------------------------------------------------------------------+ | Branch | Release | Release Date | Expected EoL | +-------------+--------------+-------------------+-------------------------+ | stable/13 | N/A | N/A | January 31, 2026 | +-------------+--------------+-------------------+-------------------------+ | releng/13.1 | 13.1-RELEASE | May 16, 2022 | 13.2-RELEASE + 3 months | +-------------+--------------+-------------------+-------------------------+ | stable/12 | N/A | N/A | June 30, 2024 | +-------------+--------------+-------------------+-------------------------+ | releng/12.3 | 12.3-RELEASE | December 7, 2021 | 12.4-RELEASE + 3 months | +--------------------------------------------------------------------------+ Please refer to https://security.freebsd.org/ for an up-to-date list of supported releases and the latest security advisories. - -- The FreeBSD Security Team -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLzNtUACgkQ05eS9J6n 5cLscw/7BfrhNZab0V4txtncldV/6mGYCyn2Zxq8TpiNPUFt5Wj7hCZl/xNVr2tp qV0qffnFnz4UDOVCJ1oPo3tZrEY+MGuLLulO43JktDpFw+MDGdJ8EAzP05wJYQBg anuhtmHVmnmFXSUZAzDmNjxcMzWuk+OM8hixm0HsZe8CYVet7zKHjo6fQuLxNYFN zHdZ2Zmw8doG7BS2q9KKxI4zx3fHeLB1YgH92h8zAc6UEwTTpi1Sa4kopOOfQznF VjrcWgxmJe4jU9B19ObUz4CTmcUlnXbKnLmzbVm1QLu2iWWiaDCTe4z7pBXHWI7t sGBEcB/PO3bFSwmFV02HP3GunX8OI2YdzIg9gj5lWSfma5cg/asMx8pSIi/U8NLh kpoQ4GgCQNFKgOJ2fgBP+q88K794U+s8HUtRvAqhOB/mW3LyospYm0DzZwlyJy4B IAsC4Rl2hHZUMZVcL4fRpI3ckxk10IVJPBNLdfHMe6ZC/GcEzDQrg4eW2NmauPwT exazPWIDUpDxmnSfNZOhaR+XI6g4OeizTwsV/oD9JB//edOR66KAPoMhpshTZTHG 8qjdStNDrnhdHgtP0eztGEfhAC/9SWVG5sALJK9YqG0eI00oyagFOB5p9fS6k4xL lKJnl03fdzZPb+oovFOX9h7Jo9r7cseVosKjYQUAiCg+KXnK808= =/h5B -----END PGP SIGNATURE----- From nobody Tue Aug 30 23:57:45 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MHPPk11f7z4bbhT for ; Tue, 30 Aug 2022 23:57:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MHPPk0Ftpz3sq9; Tue, 30 Aug 2022 23:57:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661903866; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=sIHi9GsWRxzp/BDx8H1lVHANtMbAy82Wy9Qm9eg40Us=; b=tf7VlzXfUlQ7m1+8bFsX/l3PWDMzGbgjIwhhyD8Llk00z5knurOTRcseDlvCeF6LBOEuNl FqF4KfTtJ6KtFJr6hoK/8nfrRuf6pND8O8MmJg4gvKnVJUrRTiwTaydXh4552vzibhWldI 9opfp4Xl69+fnw422ZVLgoayWbLRdTQisslXOGhwlIYft2iogOiAHfLJEF6H8NIeco1ItX 0cIPMMkUqHxAJMHdL4gaJvTXpD8Dgysdj3G4bdrdxXb7nnPgAEiGy3zJaxb55/IW/e+Fbv e+a15DJaW0E9cjdjHktQILJqcLRntc6NKd5nvOVIJzrzwqfgTT3ADT34U75oPQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id E248E10E2E; Tue, 30 Aug 2022 23:57:45 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:20.tzdata Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20220830235745.E248E10E2E@freefall.freebsd.org> Date: Tue, 30 Aug 2022 23:57:45 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661903866; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=sIHi9GsWRxzp/BDx8H1lVHANtMbAy82Wy9Qm9eg40Us=; b=Qfvb+RZBHi63mbmTp/1JNs+Ysq3npLjnJWx9mpsckUsD8h8HIcSIl8v4aebcFePjTh8hKs 2CkGEeq/n3oJYwVUZGfk8BvLn8G7Tlpjsj8BRefPnPVpaiQmhUcrEh1+sT+n5ZfJFx8+px AfUCj5DOKVPXS9Ef0Rnzz6IggFHlOSkij+W5FM8BRRNBBaI1szGEMt8Pzhw8IUFnLi/tSz 5eGX4TdGEwUV7EjaH9eYSWx3miml727MKpkbgk65Dqu1sSH/HHae6IHRldnxbaYbMcaMoQ L5FnCcLXEsXA7XGyVt75ElRGeN3gYRRNi+6AcxhECBQ5XdKjE+WC+XoWZb8Lnw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1661903866; a=rsa-sha256; cv=none; b=F72Y2Lj0+xsJZmP2lGLvgV6IhzM2/Nr8ZrJ+mPwUl1iH54e3oFu9W5EsUiP8VjBJk7eQH6 wvJ2XaueP4dA6V5joV/xaI4NhKQ4wavan9Rk2KgSFBlJjDqNMIo3bTnJinVVDEP+0JJjWe TejvNUfF0jz14V2zrDnfU6ii0lGZ3upGSfEkARoegDJtetW66XWhEjJ1TYj5Ymwwp0dMsd LDJH+lKOvHUQoL5zSqDSyfQvMyFvuhC7q3tWo/k/Cj2hV5nP59yP1OxGMCOZTYXFBVigwH 5Zu4BxF+hrwamUZdl+KJHXp22zu8xUN+PQqVF/B8A0A18HsWDdaor8/Ra9utNQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:20.tzdata Errata Notice The FreeBSD Project Topic: Timezone database information update Category: contrib Module: zoneinfo Announced: 2022-08-30 Affects: All supported versions of FreeBSD. Corrected: 2022-08-17 01:48:01 UTC (stable/13, 13.1-STABLE) 2022-08-30 23:02:48 UTC (releng/13.1, 13.1-RELEASE-p2) 2022-08-30 23:01:22 UTC (releng/13.0, 13.0-RELEASE-p13) 2022-08-17 01:56:52 UTC (stable/12, 12.3-STABLE) 2022-08-30 23:16:54 UTC (releng/12.3, 12.3-RELEASE-p7) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The IANA Time Zone Database (often called tz or zoneinfo) contains code and data that represent the history of local time for many representative locations around the globe. It is updated periodically to reflect changes made by political bodies to time zone boundaries, UTC offsets, and daylight-saving rules. FreeBSD releases install the IANA Time Zone Database in /usr/share/zoneinfo. The tzsetup(8) utility allows the user to specify the default local time zone. Based on the selected time zone, tzsetup(8) copies one of the files from /usr/share/zoneinfo to /etc/localtime. A time zone may also be selected for an individual process by setting its TZ environment variable to a desired time zone name. II. Problem Description Several changes to future and past timestamps have been recorded in the IANA Time Zone Database after previous FreeBSD releases were released. This affects many users in different parts of the world. Because of these changes, the data in the zoneinfo files need to be updated. If the local timezone on the running system is affected, tzsetup(8) needs to be run to update /etc/localtime. III. Impact An incorrect time will be displayed on a system configured to use one of the affected time zones if the /usr/share/zoneinfo and /etc/localtime files are not updated, and all applications on the system that rely on the system time, such as cron(8) and syslog(8), will be affected. IV. Workaround The system administrator can install an updated version of the IANA Time Zone Database from the misc/zoneinfo port and run tzsetup(8). Applications that store and display times in Coordinated Universal Time (UTC) are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Please note that some third party software, for instance PHP, Ruby, Java, Perl and Python, may be using different zoneinfo data sources, in such cases this software must be updated separately. Software packages that are installed via binary packages can be upgraded by executing 'pkg upgrade'. Following the instructions in this Errata Notice will only update the IANA Time Zone Database installed in /usr/share/zoneinfo. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Restart all the affected applications and daemons, or reboot the system. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:20/tzdata-2022c.patch # fetch https://security.FreeBSD.org/patches/EN-22:20/tzdata-2022c.patch.asc # gpg --verify tzdata-2022c.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all the affected applications and daemons, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ f7cb47731675 stable/13-n252124 releng/13.1/ e86b610b8744 releng/13.1-n250157 releng/13.0/ 707cecae4e34 releng/13.0-n244809 stable/12/ r372409 releng/12.3/ r372461 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmMOoGgACgkQ05eS9J6n 5cKipg/6Axbh9KTIXF/Z/KZtna+2/Fvs4zIvV1PnT/6VJge9JrPShRtKuTOHE7at 8tFFFLplDV3uGF3PxJ0vB66sd5A7VchS8UDJoyrr8Q1kfOGlMge5W3UQbHp4u4II DCRlvocXIv7SygmfWlrQg5Ia6c2CmIa13BcMcxNv8tu/TShsJZD8AUtu/sF01xZh RaPQE5Y0dMErQx1FpGrxcxqw5DVNz6utpxeGgz8SU/bMRUs17u9HbktiPdDpJVzh gw26DfMJS9CflrTBF1RKmCj6934ghz6fbHqnw7IrcnLjaitVsVqgktFjgmUje9OH JyCvY5ysAYEQD74HxncvgiJ3OjkQ/EYTwdL2lfTZRiWqQjncfFHchZ2ioIslR84e 3NQlJYxosvWa/NIFxclR69I8d9outXRkClAEQo5tgjOPF7Q1F4TzH38IN7YMrwK7 G9N2qXO6+GQo0E2yVmqQbam9KIRsyy9rf5Yp14Lc0P9GFiD0bMok0/C1zfE+Qi9U Y0lM7vtNFg7QM2Gi9OOhaCWJscDDf4OfuxaCWhh8Mq3cNrdaCY56t0SzPKmgF7qY sZPRpI6YXv9+m9c8V+sklPituTMXa2maGzSYJNTOWhDNmf4Ah1YvxbMWhoxI0hsF nSgCr/LQh0c+dTXthIW1fYv4mt5uXXNg5uMs0mIfncLin3syJ7s= =DcSW -----END PGP SIGNATURE----- From nobody Tue Aug 30 23:58:03 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MHPQ41vLPz4bc1L for ; Tue, 30 Aug 2022 23:58:04 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MHPQ35w6hz3tsg; Tue, 30 Aug 2022 23:58:03 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661903883; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=6rssDb3T9BBX2U+/3k1dpfkKUxPhuPclLo5guXBvpSk=; b=Z48vygqLyz5Pu1LBzrS5YnsXxI5Jb5wfOfTCCfzp6oIpP7/Dd0lTobCG2fItM2FJ8MQ0GT RiXH9O8tkLSeTXlACrbhotyHLRuqCuMAOzAh+WaaiSMuUIM9xNbh43cC5rqrCDA4Bb3cxG bSoglyGJKBrPJtEhQ4utoyAd9oUIDYT8FXx3pa+ExxMK/Oldpk940wj0m8ihT1/EZ1iEZC 9SiMsdmIg6BMc+YbxGDcxT8ccoUlaQWR1GJwMZILUrn2LnhrMT4ngLOkdNE26DTl7yN+Ij 5rb1UJaDuv5I9pPUxECeP85EWcetFzj4eTTUggCTuCeym9akTtq0z57YQQ2Zdg== Received: by freefall.freebsd.org (Postfix, from userid 945) id AFE3310DAB; Tue, 30 Aug 2022 23:58:03 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:13.zlib Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20220830235803.AFE3310DAB@freefall.freebsd.org> Date: Tue, 30 Aug 2022 23:58:03 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661903883; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=6rssDb3T9BBX2U+/3k1dpfkKUxPhuPclLo5guXBvpSk=; b=hNCLOEwheesf0WaCExZk11RvRRCG3NTDfnyek99UyS9S4bJQm62lfWkPh5edsodOxP4FYs HzZYdWyJkF6UmsqqYHCGKMwVx4/rm7tcGM3BhWT24vglDysU53vhbfAdQoqwiXhY1xALQY 8IcSc7k1q5TcYrYZl17xzyPKx+jPOBIzMnZV8mY3l0cmQcT+0a2mEpQrLAzx98NMpz29v+ IsRoJz+ggaGCL/NTn7wqENT7QqIAb2mXkdYVhKjEjXgn71jtA6OMXqrmUVEYhN11eY7+Fq Ey17EYlCwqQeoeFpwta8D2Zul3PalrPNABuAOQRfblF8WpYCvr5i2zSELuI37w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1661903883; a=rsa-sha256; cv=none; b=wVg2prmwl7tGpbfZyUDpFhpIG0DjO2cKeblKTekh4zYvO9eRDeLkhLFzrkis+Al+LKDyLJ Ek7TIYRz32KytY7hAnAo5JwcP5xWThs29izvHWsM7eQrqZozKD/gby/sJBa6cTvdokXNjI Zf2YrImjYBTSz8Ed1Dswl5IkFp8f4wxmxoS3p8CUteTP2Rlb+/Xar1sl7gPo1fIs/k7vaM hduT86Es/gQezWdvJ9huAJpmvJUflOvK3yNQk5yygVN5lplycp7Wyg1NhQvIFNa5Bfzqg+ zRU0MqJxatFAIEKumRlGesK02iFY5kEnXs0cWyG3Sx0rGJEen+4+9+fLS2gFLw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:13.zlib Security Advisory The FreeBSD Project Topic: zlib heap buffer overflow Category: contrib Module: zlib Announced: 2022-08-30 Credits: Evgeny Legerov of @intevydis Affects: All supported versions of FreeBSD. Corrected: 2022-08-09 14:40:35 UTC (stable/13, 13.1-STABLE) 2022-08-30 23:02:48 UTC (releng/13.1, 13.1-RELEASE-p2) 2022-08-30 22:57:49 UTC (releng/13.0, 13.0-RELEASE-p13) 2022-08-09 14:45:04 UTC (stable/12, 12.3-STABLE) 2022-08-30 23:16:45 UTC (releng/12.3, 12.3-RELEASE-p7) CVE Name: CVE-2022-37434 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background zlib is a software library implementing compression and decompression. It is used in various places in the FreeBSD kernel and userland. II. Problem Description zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. III. Impact Applications that call inflateGetHeader may be vulnerable to a buffer overflow. Note that inflateGetHeader is not used by anything in the FreeBSD base system, but may be used by third party software. IV. Workaround No workaround is available, but applications that do not call inflateGetHeader are not vulnerable. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and restart daemons if necessary. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:13/zlib.patch # fetch https://security.FreeBSD.org/patches/SA-22:13/zlib.patch.asc # gpg --verify zlib.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all daemons that use the library, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 10cc2bf5f7a5 stable/13-n252073 releng/13.1/ 289231c9634a releng/13.1-n250156 releng/13.0/ 77cd23716ffb releng/13.0-n244808 stable/12/ r372370 releng/12.3/ r372460 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmMOoG4ACgkQ05eS9J6n 5cIITA//WMND8i3L8agw4QBMZTmL8M6bbbKK+eua7bhH4MNxguruULwcWNoHvhuO +ebgomd4cWlPfY2TJcpd9OCXCjuMGMLvwE6XmPlGzW5DuMdD893wWPdsYJtDK+6p yMSihFyZP+ELWFbLeO3SFedRRKBQiDEmO3X2oOR1Ukj5wjsUOFPv0/dLphyBiq3t 3tn/0O9NfAmyONvHSozoVs34MIFC9Qc/8oxlp5wKjomFn6OifPRwNu4yeWDfVL/c 11IwotsKNTR6QNckdNBwbFC2NwdWfl8Tqv7gbJ3PhXDlzCDC5hOQoIeOol3Nf8et 9+FjCr9y/jTH0tzEHCgevO3U711UZYIu2s+STHTlJRNly/n+2CMG+YOn1XkKtu6A 4x4Pw+YRHl5VesQCNcJOkwVwRiyrirp5yOaaUPhSKo0teykypgV/WS9Z1U0VVfGP xgxJ7ElcT2HoNiz06QUSG374dPyEBKqoZTo/g2tJ0mL17JLW7IAtlUpIHzU475YR 1itARL0z7O3bbUa/h35LxRTCxT2Ojt0qZO9WsS4dIraz2gb8QbHkgUXETnLAx9Ih UwaPrLGkzqpMjkQFASDS+LeacFOZARdxT/tUFwTRCQI27Aujl1OJzy7t0drL5I9f pO529OH4plSsT0x4j89tAUZxIHB2RQet94777vP4T0J5UcBegxc= =y87U -----END PGP SIGNATURE----- From nobody Fri Oct 21 09:20:29 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MtzTV18Ldz4fw7r for ; Fri, 21 Oct 2022 09:20:30 +0000 (UTC) (envelope-from salvadore@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MtzTV0SLdz3HMX for ; Fri, 21 Oct 2022 09:20:30 +0000 (UTC) (envelope-from salvadore@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666344030; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SSWHsdNyW4P6abdSBASBod10O2bKf3hcWhbm7nPDq0M=; b=nK8meQOldcwlZ7kSdgWq18oO89w+NKCL0xDEnhM/iQj++TSisOKUnl3YqrJU2JFsuwbaYW y67C8V29g3Ot5BEK4JfvY508Vqbtlyz53p7nb1yZFq0e8r0zlvNAStOLrv90+1QvcdMoAW 6SDztF/WOnVRKC5LUonZuRcZTLY1GJyo6ka015rAM5Uh+L91nK7mL0FwKttBTthT+9QqjF KAT+lS/IXqeabejaIZpZa3SZYmxEq///ecM6McNsjL04bzeqmJlbBVyTstpVdqRoV2hRp5 nuibPDCLBfy3ZEiCA3VhUQQ9D14dmpCi2xUVdsM39UDZtl+AWkOJXpp4f3fA5w== Received: by freefall.freebsd.org (Postfix, from userid 1472) id EF5F21AD49; Fri, 21 Oct 2022 09:20:29 +0000 (UTC) Date: Fri, 21 Oct 2022 09:20:29 +0000 From: Lorenzo Salvadore To: freebsd-announce@freebsd.org Subject: FreeBSD Quarterly Status Report - Third Quarter 2022 Message-ID: List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline; filename="report.txt" Content-Transfer-Encoding: 8bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666344030; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SSWHsdNyW4P6abdSBASBod10O2bKf3hcWhbm7nPDq0M=; b=gcG2ttjPwXNQX9TU1UlhjU0Bf6LV5HsUz0s/UrraBQ3BpCZIUH3tC4qSalncJApnYDRLUV 2r797XMRTJkNI7r1TZfXL9XGIT3OqJG865Mz8mdXUUZ/iNBDnzVvAE/V5dH6Ni3n+5yfIm FiGDGQQWsWnPy/qrjld9VB2X7c/EN60KYtS6CWIwAEz6W6VnrcjAyvqeAEa3fCaMgHOnfn LP9ydV6CQg37Tj9p44DOwYSu465crSpjR7kuCw6OPjrc+DLnvdnPjcwM76lk+ywXFgJZlJ 8VQ8e/2WcclR85El2JyB65WnWHbOQfw5kpqfjZGxrgbwdIocyWbDfnX9VH146Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666344030; a=rsa-sha256; cv=none; b=DB9eClC25VP3hqa88n1YPmnZkWnfy9EHYHVvT0m/G5I2ov7kZZ0FiH3tQZW91yKkG6md/z nBdPD3KuHfSTjL7VzDgGR4CQzqnTqcErzAawZCFkl9PCGU75pcI8toawxCTYxTZZJGnGjX xy8ufibC/Jr/e+iimz/Ofq1Ecjz2jPKIT9tmwoXPmj56pEWBi5t9cv7398fQ38dK0rSykc cCRq7tc3I2cf7sk/J0+FL/7X7XrcEzub3ImzWcKYlMMgg5iXfAg1FSbQpluyJ5HAoNXXNi igZULI2MDWV2o/GsaH5Mavo0dnHf5YO0IKOs1VnOiQPWzg7InRU3ygtxnS45Ow== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N FreeBSD Quarterly Status Report Third Quarter 2022 Here is the third quarterly report for year 2022, with 24 reports included, which is slightly fewer than last quarter. I notice that in the past we had quarters with many more reports: often more than 30, sometimes even more than 40. Thus I would like to encourage all of you to submit reports: reports are useful to share your work, to find help, to have more eyes reviewing your changes, to have more people testing your software, to reach a wider audience whenever you need to tell something to all of the FreeBSD community and in many other cases. Please do not be shy and do not worry if you are not a native English speaker or if you are not proficient in AsciiDoc syntax: the quarterly team will be glad to help you in whatever you need. On the other hand, if you really do not have anything to report, then maybe you might like to join one of the interesting projects described below, or you might be inspired from one of them to do something new, thus having something to report in the future. We wish you all a pleasant read. Lorenzo Salvadore, on behalf of the status report team. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ A rendered version of this report is available here: https://www.freebsd.org/status/report-2022-07-2022-09/ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Table of Contents • FreeBSD Team Reports □ FreeBSD Core Team □ FreeBSD Foundation □ FreeBSD Release Engineering Team □ Cluster Administration Team □ Continuous Integration □ Ports Collection • Projects □ OpenStack on FreeBSD □ FreeBSD as a Tier 1 cloud-init Platform • Userland □ bhyve debug server enhancements □ Rewrite of pjdfstest □ Ongoing work on LLDB multiprocess debugging support □ DTrace: Instruction-level dynamic tracing • Kernel □ ENA FreeBSD Driver Update □ wtap(4) enhancement □ Intel wireless towards 11ac □ More wireless updates □ Enabling Snapshots on Filesystems Using Journaled Soft Updates • Architectures □ FreeBSD/Firecracker • Documentation □ Documentation Engineering Team • Ports □ Calendar-data: License added □ KDE on FreeBSD □ GCC: New maintainer, GCC 12.2 and more □ sysutils/lsof major upgrade • Third Party Projects □ Containers and FreeBSD: Pot, Potluck and Potman ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Team Reports Entries from the various official and semi-official teams, as found in the Administration Page. FreeBSD Core Team Contact: FreeBSD Core Team The FreeBSD Core Team is the governing body of FreeBSD. Completed Items New Core Team Secretary All members of the Core Team express publicly their gratitude to Muhammad Moinur Rahman (bofh) for serving as the Core Team Secretary for the past two years. The Core Team approved Sergio Carlavilla (carlavilla) as the new Core Team secretary. Procedure to handle GDPR deletion request The Core Team has reviewed the procedure to handle GDPR deletions requests with help from Foundation lawysers. The document is currently being written and will be published after completion. New Privacy Policy The Core Team is working closely with the FreeBSD Foundation to update the Privacy Policy to properly align with current laws and practices found on similar websites such as ours. Bruce Evans memorial plaque The Core Team unanimously votes to allow the memorial plaque for Bruce Evans mentioning him as co-founder of FreeBSD. EuroBSDCon core team office hour On Friday, September 16, the new Core Team presented at EuroBSDcon 2022 Developer Summit. The Core Team introduced themselves and talked a bit about their plans for this term. There were discussions, Q & A, and suggestions from the attendees about the details. Commit bits Core approved reactivating the source commit bit for Konrad Witaszczyk (def@). Right now Konrad is working at Cambridge University, where he is responsible for developing CheriBSD. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Foundation Links: FreeBSD Foundation URL: https://www.FreeBSDFoundation.org Technology Roadmap URL: https://FreeBSDFoundation.org/blog/technology-roadmap/ Donate URL: https://www.FreeBSDFoundation.org/donate/ Foundation Partnership Program URL: https://www.FreeBSDFoundation.org/ FreeBSD-foundation-partnership-program FreeBSD Journal URL: https://www.FreeBSDFoundation.org/journal/ Foundation News and Events URL: https://www.FreeBSDFoundation.org/ news-and-events/ Contact: Deb Goodkin The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting and promoting the FreeBSD Project and community worldwide. Donations from individuals and corporations are used to fund and manage software development projects, conferences, and developer summits. We also provide travel grants to FreeBSD contributors, purchase and support hardware to improve and maintain FreeBSD infrastructure, and provide resources to improve security, quality assurance, and release engineering efforts. We publish marketing material to promote, educate, and advocate for the FreeBSD Project, facilitate collaboration between commercial vendors and FreeBSD developers, and finally, represent the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity. Fundraising Efforts First, I’d like to send a big thank you to everyone who gave a financial contribution to our efforts. We are 100% funded by your donations, so every contribution helps us continue to support FreeBSD in many ways, including some of the work funded and published in this status report. We support FreeBSD in five main areas. Software development is the largest area we fund with through staff developers and contractors who implement new features, support tier 1 platforms, review patches, and fix issues. You can find out some of the work we did under OS Improvements in this report. FreeBSD Advocacy is another area that we support to spread the word about FreeBSD at conferences, in presentations online and in-person, tutorials and how-to guides. We purchase and support hardware for the FreeBSD infrastructure that supports the work going on in the Project. Virtual and in-person events are organized by the Foundation to help connect and engage community members to share their knowledge and collaborate on projects. Finally, we provide legal support to the Project when needed and protect the FreeBSD trademarks. Our goal this year is to raise at a minimum $1,400,000 towards a spending budget of around $2,000,000. As we enter the last quarter of 2022, our donation total sits at $167,348, so we still need your help. If you haven’t made a donation this year, please consider making one at https://freebsdfoundation.org /donate/. We also have a Partnership Program for larger commercial donors. You can find out more at https://freebsdfoundation.org/our-donors/ freebsd-foundation-partnership-program/ OS Improvements During the second quarter of 2022, 300 src, 36 ports, and 13 doc tree commits were made that identified The FreeBSD Foundation as a sponsor. Some of that work has dedicated report entries. • FreeBSD as a Tier I cloud-init Platform • Intel wireless towards 11ac • LLDB multiprocess debugging support • OpenStack on FreeBSD • Snapshots on Filesystems Using Journaled Soft Updates The other sponsored work is challenging to concisely summarize. It varies from complex new features to various bug fixes spanning the src tree. Here is a small sample to give a flavor of last quarter’s work. • 240afd8 makefs: Add ZFS support This allows one to take a staged directory tree and create a file consisting of a ZFS pool with one or more datasets that contain the contents of the directory tree. This is useful for creating virtual machine images without using the kernel to create a pool; "zpool create" requires root privileges and currently is not permitted in jails. makefs -t zfs also provides reproducible images by using a fixed seed for pseudo-random number generation, used for generating GUIDs and hash salts. makefs -t zfs requires relatively little by way of machine resources. • 36f1526 Add experimental 16k page support on arm64 Add initial 16k page support on arm64. It is considered experimental, with no guarantee of compatibility with userspace or kernel modules built with the current 4k page size. Testing has shown good results in kernel workloads that allocate and free large amounts of memory as only a quarter of the number of calls into the VM subsystem are needed in the best case. • 1424f65 vm_pager: Remove the default pager It's unused now. Keep the OBJ_DEFAULT identifier, but make it an alias of OBJT_SWAP for the benefit of out-of-tree code. • a889a65 eventtimer: Fix several races in the timer reload code In handleevents(), lock the timer state before fetching the time for the next event. A concurrent callout_cc_add() call might be changing the next event time, and the race can cause handleevents() to program an out-of-date time, causing the callout to run later (by an unbounded period, up to the idle hardclock period of 1s) than requested. Bhyve Issue Support The Foundation contracted John Baldwin to dedicate time to Bhyve as issues arise, especially security issues. Here is a summary of his 2022q3 work on that contract. • bb31aee bhyve virtio-scsi: Avoid out of bounds accesses to guest requests. • 62806a7 bhyve virtio-scsi: Tidy warning and debug prints. • 7afe342 bhyve e1000: Sanitize transmit ring indices. • c94f30e bhyve: Validate host PAs used to map passthrough BARs. • 16bedf5 pci: Add helper routines to iterate over a device’s BARs. • baf753c bhyve: Support other schemes for naming pass-through devices. • fa46f37 bhyve e1000: Skip packets with a small header. • e7439f6 bhyve xhci: Cache the value of MaxPStreams when initializing an endpoint. RISC-V Improvements At the end of the quarter, the Foundation contracted Mitchell Horne to add and improve support for RISC-V hardware. Mitchell will also perform general maintenance such as fixing bugs, handling reports, providing review for new code changes, and improving source code legibility and documentation. Continuous Integration and Quality Assurance The Foundation provides a full-time staff member and funds projects to improve continuous integration, automated testing, and overall quality assurance efforts for the FreeBSD project. You can read about CI activities this quarter in a dedicated entry. FreeBSD Advocacy and Education Much of our effort is dedicated to Project advocacy. This may involve highlighting interesting FreeBSD work, producing literature and video tutorials, attending events, or giving presentations. The goal of the literature we produce is to teach people FreeBSD basics and help make their path to adoption or contribution easier. Other than attending and presenting at events, we encourage and help community members run their own FreeBSD events, give presentations, or staff FreeBSD tables. The FreeBSD Foundation sponsors many conferences, events, and summits around the globe. These events can be BSD-related, open source, or technology events geared towards underrepresented groups. We support the FreeBSD-focused events to help provide a venue for sharing knowledge, working together on projects, and facilitating collaboration between developers and commercial users. This all helps provide a healthy ecosystem. We support the non-FreeBSD events to promote and raise awareness of FreeBSD, to increase the use of FreeBSD in different applications, and to recruit more contributors to the Project. We are continuing to attend events both in person and virtual as well as planning the November Vendor Summit. In addition to attending and planning virtual events, we are continually working on new training initiatives and updating our selection of how-to guides to facilitate getting more folks to try out FreeBSD. Check out some of the advocacy and education work we did last quarter: • Held a FreeBSD Workshop and Staffed a booth at Scale 19x in Los Angeles, CA on July 28-30. You can read more about our participation in the SCALE19X Conference Report • Sponsored and attended COSCUP, July 30-31, Taiwan • Attended the EuroBSDCon Developer Summit and sponsored and attended EuroBSDcon 2022, September 15-18, Vienna, Austria • Sponsored and Presented at the Rocky Mountain Celebration of Women in Computing, September 29-30, 2022. Slides from Deb’s presentation can be found here. • Published the FreeBSD Foundation Summer 2022 Update • Continued our participation in Google Summer of Code as both an admin and mentors. Interviews with some of the Google Summer of Code Students can be found here. • Introduced a new FreeBSD Resources page that allows for search by type of subject, type of content and difficulty level. • New Blog Posts: □ Guest Post: FreeBSD in Science □ Advocating for FreeBSD in 2022 and Beyond □ August Foundation Fundraising Update □ Sharing Dual-Licensed Drivers between Linux and FreeBSD • New and Updated How-To and Quick Guides: □ FreeBSD Quick Guide: Video Playback on FreeBSD □ Binary Package Management on FreeBSD We help educate the world about FreeBSD by publishing the professionally produced FreeBSD Journal. As we mentioned previously, the FreeBSD Journal is now a free publication. Find out more and access the latest issues at https:// www.FreeBSDfoundation.org/journal/. You can find out more about events we attended and upcoming events at https:// www.FreeBSDfoundation.org/news-and-events/. Legal/FreeBSD IP The Foundation owns the FreeBSD trademarks, and it is our responsibility to protect them. We also provide legal support for the core team to investigate questions that arise. Go to https://www.FreeBSDFoundation.org to find more about how we support FreeBSD and how we can help you! ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD Release Engineering Team Links: FreeBSD 12.4-RELEASE schedule URL: https://www.freebsd.org/releases/12.4R/ schedule/ FreeBSD 13.2-RELEASE schedule URL: https://www.freebsd.org/releases/13.2R/ schedule/ FreeBSD 14.0-RELEASE schedule URL: https://www.freebsd.org/releases/14.0R/ schedule/ FreeBSD development snapshots URL: https://download.freebsd.org/snapshots/ ISO-IMAGES/ Contact: FreeBSD Release Engineering Team, The FreeBSD Release Engineering Team is responsible for setting and publishing release schedules for official project releases of FreeBSD, announcing code freezes and maintaining the respective branches, among other things. During the third quarter of 2022, the Release Engineering Team continued providing weekly development snapshot builds for the main, stable/13, and stable/12 branches. Additionally, the schedules for the upcoming 12.4, 13.2, and 14.0 release cycles were published on the Project website. Sponsor: Rubicon Communications, LLC ("Netgate") Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Cluster Administration Team Links: Cluster Administration Team members URL: https://www.freebsd.org/administration /#t-clusteradm Contact: Cluster Administration Team FreeBSD Cluster Administration Team members are responsible for managing the machines the Project relies on to synchronise its distributed work and communications. In this quarter, the team has worked on the following: • Added additional storage to the CI system. It will help store more artifacts. • VuXML deployed in all official mirrors. It speeds up the pkg audit functionality. • A new (and additional) monitoring system is in place. • A few old and faulty machines were decommissioned. • Moved several services to newer hardware. • Regular cluster-wide software upgrades • Regular support for FreeBSD.org user accounts • Regular disk and parts support (and replacement) for all physical hosts and mirrors. Work in progress: • git infra: Add --filter support. • Work with the PowerPC team to improve the package builders, universal, and reference machines. • Site audit at our primary site: inventory of spares and other miscellanea occupying space in our cabinets. • Discussions with Juniper about a donation of new switches for our primary site. • Plan for a large scale network upgrade at our primary site. • Cluster refresh (more extended project). Most cluster machines are running FreeBSD 13-STABLE or 14-CURRENT as of 2022-09-30. Only a handful of machines are still on FreeBSD 12-STABLE. We are looking for an additional full mirror site (five servers) in Europe. See generic mirrored layout for our needs. Offers of additional single-server mirrors are always welcome too, especially in Europe. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Continuous Integration Links: FreeBSD Jenkins Instance URL: https://ci.FreeBSD.org FreeBSD CI artifact archive URL: https://artifact.ci.FreeBSD.org FreeBSD Jenkins wiki URL: https://wiki.freebsd.org/Jenkins Hosted CI wiki URL: https://wiki.freebsd.org/HostedCI 3rd Party Software CI URL: https://wiki.freebsd.org/3rdPartySoftwareCI Tickets related to freebsd-testing@ URL: https://preview.tinyurl.com/y9maauwg FreeBSD CI Repository URL: https://github.com/freebsd/freebsd-ci dev-ci Mailing List URL: https://lists.freebsd.org/subscription/dev-ci Contact: Jenkins Admin Contact: Li-Wen Hsu Contact: freebsd-testing Mailing List Contact: IRC #freebsd-ci channel on EFNet The FreeBSD CI team maintains the continuous integration system of the FreeBSD project. The CI system checks the committed changes can be successfully built, then performs various tests and analysis over the newly built results. The artifacts from those builds are archived in the artifact server for further testing and debugging needs. The CI team members examine the failing builds and unstable tests and work with the experts in that area to fix the code or adjust test infrastructure. During the third quarter of 2022, we continued working with the contributors and developers in the project to fulfill their testing needs and also keep collaborating with external projects and companies to improve their products and FreeBSD. Important completed tasks: • Expand the artifact storage space for adding more types of artifacts and longer retention period. • Present Testing/CI Status Update in EuroBSDcon 2022 Developer Summit • Add main-powerpc-images and main-powerpcspe-images Work in progress tasks: • Designing and implementing pre-commit CI building and testing (to support the workflow working group) • Designing and implementing use of CI cluster to build release artifacts as release engineering does • Testing and merging pull requests in the FreeBSD-ci repo • Simplifying CI/test environment setting up for contributors and developers • Setting up the CI stage environment and putting the experimental jobs on it • Organizing the scripts in freebsd-ci repository to prepare for merging to src repository • Updating documents on wiki Open or queued tasks: • Collecting and sorting CI tasks and ideas • Setting up public network access for the VM guest running tests • Implementing use of bare-metal hardware to run test suites • Adding drm ports building tests against -CURRENT • Planning to run ztest tests • Adding more external toolchain related jobs • Improving maturity of the hardware lab and adding more hardware for testing • Helping more software get FreeBSD support in its CI pipeline (Wiki pages: 3rdPartySoftwareCI, HostedCI) • Working with hosted CI providers to have better FreeBSD support Please see freebsd-testing@ related tickets for more WIP information, and don’t hesitate to join the effort! Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Collection Links: About FreeBSD Ports URL:https://www.FreeBSD.org/ports/ Contributing to Ports URL: https://docs.freebsd.org/en/articles/contributing/# ports-contributing FreeBSD Ports Monitoring URL: http://portsmon.freebsd.org/ Ports Management Team URL: https://www.freebsd.org/portmgr/ Ports Tarball URL: http://ftp.freebsd.org/pub/FreeBSD/ports/ports/ Contact: René Ladan Contact: FreeBSD Ports Management Team The Ports Management Team is responsible for overseeing the overall direction of the Ports Tree, building packages, and personnel matters. Below is what happened in the last quarter. Currently there are just over 30,500 ports in the Ports Tree. There are currently just under 2,800 open ports PRs of which 750 are unassigned. The last quarter saw 9,137 commits by 151 committers on the main branch and 589 commits by 61 committers on the 2022Q3 branch. Compared to two quarters ago, this means a slight increase in the number of ports, but also a slight increase in the number of (unassigned) ports PRs and a slight decrease in the number of commits made. In the last quarter, we welcomed Felix Palmen (zirias@) as a new ports committer, welcomed back Akinori MUSHA (knu@), and said goodbye to Olli Hauer (ohauer@). We also welcomed Luca Pizzamiglio (pizzamig@) as an official member of portmgr. Some large changes in the Ports Tree were made during the last quarter: • "Created by" lines have been removed from the top of each Makefile, as a lot of those were outdated. • WWW: has been moved from each pkg-descr into each Makefile as a variable; the below write-up is from Stefan Eßer (se@) who did the work: The description of a port’s functionality should end with the URL of a web page that provides further information, such as best practices for usage or configuration. This information can be displayed with pkg query -e for installed packages or pkg rquery -e for available packages. The URL used to be appended to the end of the ports' pkg-descr files, with the prefix "WWW: ", so that tools could extract the URL from the description. Over time, many of these URLs have become stale, since port updates generally change only the Makefile, not the pkg-descr file. By moving the definition of these URLs into the Makefiles, maintainers are more likely to update the URL along with other port changes, and tools have easier access to them. The URLs are now assigned to the WWW macro in the Makefile and can be queried with make -V WWW in the port directory. Tools that process the description contained in the package files still work because the "WWW: " lines at the end are generated from the WWW values in the Makefiles. During EuroBSDCon, portmgr@ had a discussion about improving the situation for kernel module packages. Various possibilities have been discussed. The following happened under the hood: • one new USES, "vala", was added. • The default version of Go got bumped to 1.19 • CMake is now a meta-port • Initial support for Qt 6 was added, at version 6.3.2 • Vim no longer installs a system-wide vimrc • A number of major ports got updated: □ pkg 1.18.4 □ Chromium 106.0.5249.91 □ Firefox 105.0.1 ☆ Firefox ESR 102.3.0 □ KDE Applications 22.8.1 □ KDE Frameworks 5.98 □ Rust 1.63.0 □ SDL 2.24.0 □ Xorg server 21.1.4 (overhaul) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Projects Projects that span multiple categories, from the kernel and userspace to the Ports Collection or external projects. OpenStack on FreeBSD Links: OpenStack URL: https://www.openstack.org/ OpenStack on FreeBSD URL: https://github.com/openstack-on-freebsd Contact: Chih-Hsin Chang Contact: Li-Wen Hsu OpenStack is an open-source cloud operating system for different types of resources like virtual and bare-metal machines. Users can spawn FreeBSD instances on the open cloud platform, but it is not currently possible to run OpenStack control plane on FreeBSD hosts. The goal of this project is to port key OpenStack components so that FreeBSD can function as an OpenStack host. Academic and industrial research groups have been evaluating CHERI-enabled Morello boards since mid-2022. A resource orchestration platform like OpenStack can improve the speed and cost of provisioning, managing, and recycling those boards. Starting in January 2022, Chih-Hsin Chang has been working to port several OpenStack components to run on FreeBSD, including: • Keystone (identity service) • Glance (image service) • Placement (resource tracking and inventory service) • Neutron (networking service) • Nova (compute service) Some of the items are still under heavy development. For instance, due to the design of Neutron, the DHCP servers are placed inside Linux network namespaces. It is necessary to find an alternative, e.g. vnet, on FreeBSD and adapt it. Most of the time the porting strategy is to make as small of an impact as possible by working around obstacles. But something like oslo.privsep deserves a true porting. oslo.privsep is rooted in Linux capabilities to do the privilege separation work. Right now we just bypassed any Linux capabilities-related operation inside oslo.privsep. So there is plenty of hackish spots in the source code and configurations currently. All of these along with the building and installation steps will be collected in the project repositories. In Q4 Chih-Hsin plans to focus on porting Neutron and Nova in order to complete the VM lifecycle operations. The highlights include: • DHCP integration • FreeBSD bridge driver/agent • Bhyve + Libvirt integration Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ FreeBSD as a Tier 1 cloud-init Platform Links: cloud-init Website URL: https://cloud-init.io/ cloud-init Documentation URL: https://cloudinit.readthedocs.io/en/latest/ cloud-init ongoing refactorization URL: link:https://github.com/canonical/ cloud-init/blob/main/WIP-ONGOING-REFACTORIZATION.rst Contact: Mina Galić cloud-init is the standard way of provisioning servers in the cloud. Unfortunately, cloud-init support for operating systems other than Linux is rather poor, and the lack of cloud-init support on FreeBSD is a hindrance to cloud providers who want to offer FreeBSD as a Tier 1 platform. To remedy the situation, this project aims to bring FreeBSD cloud-init support on par with Linux support. The broader plan is to lift support across all BSDs. The project deliverables include completing an extraction of certain networking classes, implementing ifconfig(8) and login.conf(5) parsers, implementing IPv6 configuration, creating devd.conf(5) rules for Azure, and FreeBSD Handbook documentation about productionizing FreeBSD. On the way there, any BSD-related bugs found in modules and documentation will also be fixed. People interested in helping with the project can help with testing new features and fixes through net/cloud-init-devel, which will be updated on a weekly basis. Further, people with access to, and experience with, OpenBSD and NetBSD are also highly welcome to help. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Userland Changes affecting the base system and programs in it. bhyve debug server enhancements Links: link: Wiki project page link: Differential Contact: Bojan Novković The goal of this project was to enhance the functionality of bhyve’s debug server. Several existing features related to single-stepping are tied to Intel-specific VM mechanisms, which severely impairs bhyve’s debugging functionality on other x86 platforms. The first goal dealt with extending single-stepping support to AMD hosts. The second goal was to add support for hardware watchpoints using the guest OS’s hardware debugging registers. The project was carried out under Google’s Summer of Code program and was finished around the end of July. The project’s wiki also contains detailed documentation regarding several implemented mechanisms. The changes can be summarized as follows: • Support for placing software breakpoints inside virtual machines on AMD platforms, • Support for single-stepping virtual machines on AMD platforms, • Support for placing hardware watchpoints inside virtual machines on Intel and AMD platforms. Any feedback, comments and discussions are welcome and would be greatly appreciated. Sponsor: Google Summer of Code ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Rewrite of pjdfstest Links: Github URL: https://github.com/musikid/pjdfstest Blog URL: https://musikid.github.io/blog/rewrite-pjdfstest/ Contact: Alan Somers Back in 2007, Pawel Jakub Dawidek wrote pjdfstest, a POSIX file system conformance test tool. He originally wrote it to validate the port of ZFS to FreeBSD, but it has subsequently been used for other file systems and other operating systems. This year, Sayafdine Said rewrote it under Google’s sponsorship. The new version has several improvements: • More configurable, for better use with other file systems. • Much faster, largely thanks to said configurability. • Better test case isolation, making failure easy to debug. • No longer requires root privileges for all test cases. • Test cases can be run in a debugger. • More maintainable, less duplication. There are still a couple of lingering PRs to complete, but we expect to wrap those up and add pjdfstest to the ports collection soon. From there, it will be used both by /usr/tests for ZFS and UFS, and by external developers for other file systems. Sponsor: Google Summer of Code ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ongoing work on LLDB multiprocess debugging support Links: Moritz Systems Project Description URL: https://www.moritz.systems/blog/ multiprocess-support-for-lldb/ Progress Report 1 URL: https://www.moritz.systems/blog/ implementing-non-stop-protocol-compatibility-in-lldb/ Progress Report 2 URL: https://www.moritz.systems/blog/ full-multiprocess-support-in-lldb-server/ Contact: Kamil Rytarowski Contact: Michał Górny According to the upstream description, "LLDB is a next generation, high-performance debugger. It is built as a set of reusable components which highly leverage existing libraries in the larger LLVM Project, such as the Clang expression parser and LLVM disassembler." FreeBSD includes LLDB in the base system. The previous sponsored projects improved LLDB, to make it a credible debugger for the base system, although it still has a few limitations compared to the contemporary versions of GNU GDB. This project started in April 2022. It aims to implement full support for debugging multiple processes simultaneously. At the start of the project, LLDB featured very limited support for multiprocess debugging. Currently, the server is already able to monitor multiple processes using the multiprocess extension to the GDB Remote Serial Protocol. The work on implementing the client-side counterpart for this protocol is ongoing. Once the project is finished, LLDB will be able to trace an arbitrary number of forked processes simultaneously (equivalent to GDB’s detach-on-fork off). Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ DTrace: Instruction-level dynamic tracing Links: Wiki article URL: https://wiki.freebsd.org/SummerOfCode2022Projects/ InstructionLevelDynamicTracing Final code review URL: https://reviews.freebsd.org/D36851 Contact: Christos Margiolis Contact: Mark Johnston kinst is a new DTrace provider that allows for arbitrary kernel instruction tracing. The provider is currently implemented only for amd64, but we plan to port it to other architectures in the future as well. kinst probes are created on demand by libdtrace, and a probe can be created for nearly every instruction in the kernel. Probes take the form of: kinst::: where "module" is the kernel module containing the named function, "function" is the kernel function to be traced, and "offset" is the offset to a specific instruction. Omitting "offset" causes all instructions in the function to be traced. Omitting "module" causes DTrace to search all kernel modules for the function. For example, to trace the second instruction in amd64_syscall(), first determine the offset of the second instruction: # kgdb (kgdb) disas /r amd64_syscall Dump of assembler code for function amd64_syscall: 0xffffffff809256c0 <+0>: 55 push %rbp 0xffffffff809256c1 <+1>: 48 89 e5 mov %rsp,%rbp 0xffffffff809256c4 <+4>: 41 57 push %r15 The offset is 1. Then, to trace it: # dtrace -n 'kinst::amd64_syscall:1' A new "regs" keyword was also added to the D language, providing read-only access to CPU registers at the point where the probe fired. For example, to trace the contents of the frame pointer (register %rbp on amd64) when the kinst::amd64_syscall:1 probe fires: # dtrace -n 'kinst::amd64_syscall:1 {printf("0x%x", regs[R_RBP]);}' kinst works similarly to the FBT (function boundary tracing) provider in that it places a breakpoint on the target instruction and hooks into the kernel’s breakpoint handler. It is more powerful than FBT since it can be used to create probes at arbitrary points within a function, rather than at function boundaries. Because kinst has to be able to trace arbitrary instructions, it does not emulate most of them in software but rather causes the traced thread to execute a copy of the instruction before returning to the original code. Planned future work includes porting kinst to additional platforms, especially arm64 and riscv, and developing tooling that can use kinst to trace calls to inline functions using the kernel’s debugging symbols. Sponsor: Google, Inc. (GSOC 2022) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Kernel Updates to kernel subsystems/features, driver support, filesystems, and more. ENA FreeBSD Driver Update Links: ENA README URL: https://github.com/amzn/amzn-drivers/blob/master/kernel/fbsd/ ena/README.rst Contact: Michal Krawczyk Contact: David Arinzon Contact: Marcin Wojtas ENA (Elastic Network Adapter) is the smart NIC available in the virtualized environment of Amazon Web Services (AWS). The ENA driver supports multiple transmit and receive queues and can handle up to 100 Gb/s of network traffic, depending on the instance type on which it is used. Completed since the last update: • Upstream of the ENA driver v2.6.0 and v2.6.1, included: □ Fix for the performance degradation after reset issue on 6-gen instances, □ Fix of the false netmap assertions with KASSERT enabled, □ Code cleanup and style fixes, □ Logging improvements, □ Fix to the retrieval of the ENI metrics. Sponsor: Amazon.com Inc ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ wtap(4) enhancement Links: Add sta, hostap and adhoc mode to wtap wlan simulator Contact: En-Wei Wu Contact: Li-Wen Hsu Contact: Bjoern A. Zeeb wtap(4) is a net80211(4) Wi-Fi simulator introduced by Monthadar Al Jaberi < monthadar@gmail.com> and Adrian Chadd in 2012. It originally supported 802.11s mesh mode and was used for verification. During the 2022 Google Summer of Code, En-Wei had been working on bringing sta, hostap, adhoc and monitor modes to it. The work also covers adding basic tests for net80211(4) with wtap(4), written in atf(7). For more details, please check the project wiki page. Sponsor: Google Summer of Code Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Intel wireless towards 11ac Links: Intel iwlwifi status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/ Iwlwifi Contact: Bjoern A. Zeeb The ongoing project aims to support the latest Intel wireless chipsets on FreeBSD using LinuxKPI compat code backed by native net80211 and kernel code. In addition work is on the way to support 11n and 11ac standards in the LinuxKPI 802.11 compat code and fill gaps for mostly 11ac in the native net80211 wireless stack. For the Intel iwlwifi wireless driver there were no major updates in the last months. We updated the firmware to the latest publicly available version and fixed some of the most visible bugs. Work is also on the way to support the D3 power saving code. LinuxKPI compat code also got some improvements and fixes which at times were only observable on certain generations of iwlwifi chipsets. Changes in net80211 and LinuxKPI compat code for 11n and 11ac have little public visibility so far in order to not break basic support. Updates to constants based on newer 802.11 standards and other changes without user-visible effect were merged, and functional changes will follow in the coming months, initially hidden behind compile-time or runtime options. Improvements and updates were largely merged back to stable/13 for the benefit of the users tracking this branch and to help with more testing. For the latest state of the development, please follow the freebsd-wireless mailing list and check the wiki pages. Sponsor: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ More wireless updates Links: Bjoern’s Wireless Work In Progress landing page URL: https://people.freebsd.org /~bz/wireless/ Realtek rtw88 status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Rtw88 Realtek rtw89 status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Rtw89 MediaTek mt76 status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Mt76 QCA ath11k status FreeBSD wiki page URL: https://wiki.freebsd.org/WiFi/Ath11k Contact: Bjoern A. Zeeb Currently development is mostly driven by Intel’s iwlwifi driver again (see other report). As the saying goes ''each one helps the other'' so has work on Realtek’s rtw89 driver helped find a bug in LinuxKPI bothering iwlwifi users. For this status report the topic is mostly more drivers, which do need more LinuxKPI support. Various work in progress: • Realtek’s rtw88 PCI is in-tree as-is and after a fruitful discussion with Hans Petter Selasky at EuroBSDCon work on LinuxKPI USB support for the rtw88 USB WiFi dongles will continue. • Realtek’s rtw89 driver was committed to main but is not connected to the build yet. Scanning already works but packets are not yet passing. Having the driver in-tree already eased testing for users having that chipset in order to identify more unimplemented LinuxKPI bits (some of which will help the other drivers as well) and reduced work for me. • The next drivers to probably hit the tree will be based on MediaTek’s mt76 driver (for 7921 and 7915) which I have compiling and started testing. • Based on requests I am also working on ath11k to support STA mode given some vendors seem to ship Laptops with those chips. While some of this clearly benefits from work sponsored by The FreeBSD Foundation for iwlwifi and newer standard support, a lot of this is just free-time work. If you are interested in any of these drivers I would greatly appreciate if some more hands would help with one or the other. This could be regularly testing updates to main, writing documentation and updating wiki pages, tracking PRs, trying out patches, helping with work on individual LinuxKPI bits with or without 802.11 work, or simply debugging problems with individual drivers and/or chipsets. If you are interested in helping with any one of the above, please drop me an email. For the latest state of the development, please follow the freebsd-wireless mailing list and check the wiki pages (as soon as they exist). ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Enabling Snapshots on Filesystems Using Journaled Soft Updates Links: Milestone 1 Core Changes URL: https://reviews.freebsd.org/D36491 Contact: Kirk McKusick This project will make UFS/FFS filesystem snapshots available when running with journaled soft updates. The UFS/FFS filesystem has the ability to take snapshots. Because the taking of snapshots was added after soft updates were written they were fully integrated with soft updates. When journaled soft updates were added in 2010, they were never integrated with snapshots. So snapshots cannot be used on filesystems running with journaled soft updates. Snapshots became less important with the support for ZFS on FreeBSD since ZFS can take snapshots quickly and easily. However there remain two instances where UFS snapshots are still important. The first is that they allow reliable dumps of live filesystems which avoids possibly hours of down time. The second is that they allow the running of background fsck. Similar to the need for scrub in ZFS, fsck needs to be run periodically to find undetected disk failures. Snapshots allow fsck to be run on live filesystems rather than needing to schedule down time to run it. This project has two milestones: 1. enable snapshots when running with journaled soft updates and ensure that they can be used for doing background dumps on a live filesystem. This milestone should be completed by the end of 2022. 2. extend fsck_ffs to be able to do a background check using a snapshot on a filesystem running with journaled soft updates. This milestone is expected by Q3 of 2023. Sponsored by: The FreeBSD Foundation ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Architectures Updating platform-specific features and bringing in support for the new hardware platform. FreeBSD/Firecracker Links: Firecracker VM Contact: Colin Percival Firecracker is an open source "microVM" developed by Amazon Web Services; it is designed for the needs of "serverless" compute environments and has a particular focus on security and minimalism. Starting in June 2022, Colin Percival has been working to port FreeBSD to run in the Firecracker environment, with significant assistance from other FreeBSD developers. As of this quarterly report, a set of patches are pending review which collectively add the needed support to make FreeBSD functional in a patched version of Firecracker. In Q4 Colin intends to finish committing the relevant patches to FreeBSD, release a kernel and disk image so other FreeBSD users can experiment with Firecracker, and update and merge Firecracker patches which add PVH boot support (used by FreeBSD). This work has already produced "spinoff" benefits in revealing ways to speed up the FreeBSD boot process; due to its low overhead and minimal environment, Firecracker is an excellent context to work on this. This work is supported by Colin’s FreeBSD/EC2 Patreon. Sponsor: https://www.patreon.com/cperciva ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Documentation Noteworthy changes in the documentation tree, manual pages, or new external books/documents. Documentation Engineering Team Link: FreeBSD Documentation Project Link: FreeBSD Documentation Project Primer for New Contributors Link: Documentation Engineering Team Contact: FreeBSD Doceng Team The doceng@ team is a body to handle some of the meta-project issues associated with the FreeBSD Documentation Project; for more information, see FreeBSD Doceng Team Charter. During the last quarter: • 0mp@ stepped down as Doceng’s Secretary, fernape@ joined as the new Secretary. Doceng would like to thank 0mp@ for his service. • eadler@'s doc bit was taken in for safekeeping per his request. • A git commit message template was added for the doc repository. Items pending and in the discussion: • Remove outdated translations from the Website and Documentation portal. FreeBSD’s Documentation Project Primer The FDP was expanded with information on trademark handling. Porter’s Handbook: • The documentation on porting Haskell programs was updated. • The move of WWW from pkg-descr to Makefile was documented. • Qt 6-related documentation has been added following the import of the library in the ports framework. FreeBSD Translations on Weblate Link: Translate FreeBSD on Weblate Link: FreeBSD Weblate Instance Q3 2022 Status • 12 languages • 148 registered users □ Gasol Wu joined the Chinese translation team. □ Alvaro Felipe Calle joined the Spanish translation team. Languages • Chinese (Simplified) (zh-cn) (progress: 8%) • Chinese (Traditional) (zh-tw) (progress: 4%) • Dutch (nl) (progress: 1%) • French (fr) (progress: 1%) • German (de) (progress: 1%) • Indonesian (id) (progress: 1%) • Italian (it) (progress: 4%) • Norwegian (nb-no) (progress: 1%) • Persian (fa-ir) (progress: 3%) • Portuguese (pt-br) (progress: 16%) • Spanish (es) (progress: 15%) • Turkish (tr) (progress: 2%) We want to thank everyone who contributed, translating or reviewing documents. Please, promote this effort in your local user group, we always need more volunteers. FreeBSD Manual Pages Portal Contact: Sergio Carlavilla The Manual Pages Portal has been redesigned to use mandoc(1) for rendering. A portal preview is available. Feedback has been collected and addressed where possible. There are some remaining non-blocking issues. Doceng@ would like to move forward with the migration to this new portal. Thanks to all of those who reviewed it and provided feedback. FreeBSD Website Revamp - WebApps working group Contact: Sergio Carlavilla Working group in charge of creating the new FreeBSD Documentation Portal and redesigning the FreeBSD main website and its components. FreeBSD developers can follow and join the working group on the FreeBSD Slack channel #wg-www21. The work will be divided into four phases: 1. Redesign of the Documentation Portal Create a new design, responsive and with global search. (Complete) 2. Redesign of the Manual Pages on web Scripts to generate the HTML pages using mandoc. (Complete) 3. Redesign of the Ports page on web Ports scripts to create an applications portal. (Work in progress) 4. Redesign of the FreeBSD main website New design, responsive and dark theme. (Not started) ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Ports Changes affecting the Ports Collection, whether sweeping changes that touch most of the tree, or individual ports themselves. Calendar-data: License added Links GitHub calendar-data repository URL: https://github.com/freebsd/calendar-data Contact: Stefan Eßer Contact: Lorenzo Salvadore Contact: Warner Losh The port deskutils/calendar-data contains calendar files for the BSD calendar program and is maintained by se@. The data for this port lives in a GitHub repository, which at the moment is maintained mainly by salvadore@. About two years ago, the calendar files in the base repository were removed from there and a new repository was created on GitHub; see also this Phabricator review about the creation of the associated port. This improvement allows calendar files to be updated independently from the base system. Unfortunately, when the repository was created, it was forgotten to add a license to it. The issue has been solved this quarter with this pull request submitted by salvadore@ and merged by imp@. Since the data originally came from the src repository, the same licence applies. If in the past you have contributed to the calendar files with different licensing assumptions, please inform us so that we can license your contributions accordingly or remove them. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ KDE on FreeBSD Links: KDE FreeBSD URL: https://freebsd.kde.org/ KDE Community FreeBSD URL: https://community.kde.org/FreeBSD Contact: Adriaan de Groot The KDE on FreeBSD project packages the software from the KDE Community, along with dependencies and related software, for the FreeBSD ports tree. The software includes a full desktop environment called KDE Plasma (for both X11 and Wayland) and hundreds of applications that can be used on any FreeBSD machine. The KDE team (kde@) is part of desktop@ and x11@, building the software stack to make FreeBSD beautiful and usable as a daily-driver graphics-based desktop machine. The notes below describe mostly ports for KDE, but also include items that are important for the entire desktop stack. Qt6 Landed The big news in the KDE ports is not directly KDE-related. Qt6 has landed, which prepares us for the next generation of Qt-based applications. It is now possible to have USES=qt:6 to select the new Qt version. Some ports have been flavorized to make use of the new version. KDE itself is not affected: the upstream work on KDE Frameworks for Qt6 is not yet completed. Most of the KDE Frameworks will compile with Qt6, but that is not important for FreeBSD ports yet. With devel/qt6 you get Qt 6.4.0, released at the end of the quarter. KDE Stack KDE Gear releases happen every quarter, KDE Plasma updates once a month, and KDE Frameworks have a new release every month as well. These (large) updates land shortly after their upstream release and are not listed separately. • KDE Frameworks 5 is now at version 5.98 (latest monthly release from September 2022). • KDE Gear is now version 22.08.1 (update for September 2022). • KDE Plasma is now version 5.24.6 (update for July 2022). Note that KDE Plasma 5.25 has been released upstream, but is waiting on fixes before it can land in the ports tree (for example, this KActivityManager bug in KDE’s bug-tracker). Related Ports • accessibility/qt5-speech now supports multiple backends, as well as no-backends, for speech synthesis. • devel/cmake was reorganized, so that devel/cmake is now a metaport that installs devel/cmake-core and the rest of the CMake suite. (Thanks to diizzy@) The CMake ports were also updated to version 3.24, with attendant changes in ports all over the tree. • net/qt5-network has improved compatibility with libressl. • x11/plasma-wayland-protocols was updated in advance of KDE Plasma Desktop updates in the next quarter. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ GCC: New maintainer, GCC 12.2 and more Links: GCC Project URL: https://gcc.gnu.org GCC 11 release series URL: https://gcc.gnu.org/gcc-11/ GCC 12 release series URL: https://gcc.gnu.org/gcc-12/ Contact: Contact: Lorenzo Salvadore • salvadore@ adopted all existing ports corresponding to supported versions of gcc, namely: lang/gcc10, lang/gcc11, lang/gcc11-devel, lang/gcc12, lang/ gcc12-devel and lang/gcc13-devel. At the moment -devel ports are updated weekly, unless a build failure makes it impossible. Of course, in the latter case, the build failure is fixed and/or reported upstream as soon as possible. • GCC 12.2 has been released. Traditionally, FreeBSD waits for the release of the second minor version of GCC to use it as default GCC version, so that most of the software needing to be compiled with GCC has already been ported to the latest major version. Thus, work has started to update the default GCC version to version 12. Thank you very much to antoine@ who has already run the first exp-run and to all the contributors, maintainers and committers involved in the process. https://bugs.freebsd.org/bugzilla/ show_bug.cgi?id=2659548 • Discussion about LTO keeps going with many different points of view. If interested, you can read the latest contributions to the topic: lang/gcc11: Needs build time warning for /tmp consumption and lang/gcc11: build gets stuck. Reminder: LTO_BOOTSTRAP is an option enabled by default. If you build the port on your machine and its resources consumption is not acceptable, disabling this option will get you a lighter compilation. • jbeich@ submitted a patch to expose non-default -stdlib=libc++ support, which has been successfully committed to all relevant ports (gcc >= 11). link: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=265962 • diizzy@ refreshed the mirrors list in the MASTER_SITE_GCC variables, also removing ftp mirrors. The main GCC site is used as fallback. link: https:// reviews.freebsd.org/D36372 • Help is still needed with these three changes to work through with upstream GCC (requires expertise with the GCC sources and upstream, not with the ports framework): □ upstreaming lang/gcc11/patch-gets-no-more □ upstreaming lang/gcc11/patch-arm-unwind-cxx-support □ https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256874 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ sysutils/lsof major upgrade Link: lsof project repo URL: https://github.com/lsof-org/lsof Contact: Larry Rosenman sysutils/lsof had a major upgrade to no longer look in /dev/kmem for data, and to use the userland API. This took a long time to hit the tree, but is finally done. It fixes lsof(8) to work with ZFS again for the first time since 13.0-RELEASE. This will make maintenance much easier going forward. To the kernel folks: if you make changes that break lsof, please submit a GitHub pull request to https://github.com/lsof-org/lsof. Please test any changes to the interfaces that lsof uses and make sure they still work. These all should be userland interfaces now, but please test. My thanks to Warner Losh , Mateusz Guzik , and Ed Maste for help getting this major change landed. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Third Party Projects Many projects build upon FreeBSD or incorporate components of FreeBSD into their project. As these projects may be of interest to the broader FreeBSD community, we sometimes include brief updates submitted by these projects in our quarterly report. The FreeBSD project makes no representation as to the accuracy or veracity of any claims in these submissions. Containers and FreeBSD: Pot, Potluck and Potman Links: Pot organization on github URL: https://github.com/bsdpot Contact: Luca Pizzamiglio (Pot) Contact: Stephan Lichtenauer (Potluck) Contact: Michael Gmelin (Potman) Pot is a jail management tool that also supports orchestration through Nomad. During the last quarter, pot 0.15.3 was released. It contains a number of improvements like mount-out to remove or unmount a previously mount-in folder or filesystem, signal and exec commands, better jail lifecycle handling, and many bug fixes. A new version of the Nomad driver, nomad-pot-driver 0.9.0, was also released with signal and exec support and stability fixes. Potluck aims to be to FreeBSD and pot what Dockerhub is to Linux and Docker: a repository of pot flavours and complete container images for usage with pot and in many cases Nomad. Since the last status report, many changes were committed, including many fixes and improvements to core images like grafana, postgresql-patroni or loki. Additionally, all images have been rebuilt for FreeBSD 13.1 and 12.3 and to include the current quarterly versions of the packages being used. Last not least, Luca held the pot implementation and ecosystem talk How far a naive FreeBSD container implementation can go at EuroBSDCon 2022. As always, feedback and patches are welcome. From nobody Tue Nov 1 22:20:46 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24Gk5vbmz4gBRH for ; Tue, 1 Nov 2022 22:20:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24Gk5Klmz3V2n; Tue, 1 Nov 2022 22:20:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341246; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=bUcbDYswDopL+cuVjFCivtF2rOZip3/CdnqfJQRZ5EA=; b=brljIKIdtxdPJx9KATGnk1YSLXtimXZmJywUehN98NRa3ziCLQSkeSGY2fHX9uVa8tHjWX j+CRB8RX90xsxN79FYfXWB43Xa+EznCIgJRGcc1Z51Envug8simImf7s4xHZpvZwnCIhIY H0JKa/0vjfFdvC6BfD0DGG81QbaUEdse0AGEE23gdDxzFrcSEpDh8Noq54kUyitZ6vY0sr lC6Dqg1RyXUdiEx3iCKbawcKToSe2/ZPGFZzpKxu5nHShZ63JcsKsWJvJz1q779p5X0tRD 9ZdR6Gancf50/YgtI+D8cEaddZk13O4CPZXfNtaAPEfIfHLaANO7zUVsbeuc/Q== Received: by freefall.freebsd.org (Postfix, from userid 945) id AB5483910; Tue, 1 Nov 2022 22:20:46 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:21.zfs Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222046.AB5483910@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:20:46 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341246; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=bUcbDYswDopL+cuVjFCivtF2rOZip3/CdnqfJQRZ5EA=; b=cnmNy2IK5Sfe6kOlDD5f9roTqU4LecmLHFBHzBVbQdZ7bGp94DZPDAmSZG3Xka5zfiYcYG MF5YLvzrsb4jklWCiWvHTrj3lMTYgXDlvKu2A94/uTpIhBpa2NNQjFBfqPYAq/wkGcsGab GaKUHEh2usZMZuqItoJbzFLMcTO0HjLGI1D/cecJckaZ6XrDZxXxtnEv3CzRqeVfHcBol9 EuGfZMuxqEmi8kuaPbwPZ/BQDISv0CtuLXq2G+ECSYsWso0JMU2prD6QfJB6r4y6f579Lx O92yAuYL8QU1kGinJbUG2XmP10dYSjc1rOwEyQx0BVz19Vga1JtC6fDQ2N/AsQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341246; a=rsa-sha256; cv=none; b=jg3x8f/FacOnPO0Vmbs5N1TL/Qrpo/2SRGymJpOVOM56u8slic4MBs1/wvKcNFGLvsvR0a oYsZ+JhET1uJYFKPXz1HuZkf8ZWuty1imG4NW4cB++b/LsmqFtE7h7ZD5JXP2A4NSFnhY5 f1L7qaA8V+WlsiOXuNpUf6WAOST98N65U8F3aUpRRPdEgZwxxRMPFfId/jn5BHbw7oOdZh Vq5Y/D4Hi9b3fIvDy+LtaMrjZE+Z/rV7Dn7tF/eOOpwHGfYuLlEvUtLju6XhXaWkK8+5+y ADcFbC3aNQLbj3eQ1icnTgx014na3FCfkNUJxzGr36qwPD19m070flRzJXYQdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:21.zfs Errata Notice The FreeBSD Project Topic: ZFS B-Tree use-after-free Category: contrib Module: zfs Announced: 2022-11-01 Credits: Richard Yao and Coverty Static Analysis Affects: FreeBSD 13.1 Corrected: 2022-10-04 15:52:45 UTC (stable/13, 13.1-STABLE) 2022-11-01 18:03:25 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ZFS is one of several filesystems available on FreeBSD. ZFS supports many advanced features, including checksumming, transparent compression, and snapshots. II. Problem Description The B-Tree implementation in ZFS contains a heap use-after-free bug. When removing entries, the node memory is freed before it is removed from the tree, and the remove operation itself requires modifying the memory containing the node. This creates a race window when one thread is removing data from the B-Tree and another is performing an allocation. In the case the removing thread loses the race, it will corrupt the B-Tree. III. Impact The use-after-free can cause system instability or data corruption. Systems with debug kernels may sometimes detect this issue after a kernel memory corruption has happened. When they do, they will trigger a kernel panic to protect the system from further damage. The following is printed to dmesg at the time of the panic: panic: VERIFY3(zfs_btree_find(tree, value, &where) != NULL) failed... IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and then reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r now 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:21/zfs.patch # fetch https://security.FreeBSD.org/patches/EN-22:21/zfs.patch.asc # gpg --verify zfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ f193a24ec570 stable/13-n252634 releng/13.1/ 8838c650cb59 releng/13.1-n250167 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhlpgACgkQ05eS9J6n 5cJtMQ//aZXPrFWqJxVIn87FtHClwKykAaWWcN+iuT4wTVss0OTbaFc1k+UBPf+9 wdjmt6Io9xUK4FT5TcMIyzF6I7XaxG/up8572NPUQp+eOa4AI8862QLLF7pi26RT Fyb+Ywjsw1d30NXcTE4+K5UMUgISFVFkor9d07wWd7sQwU/o4bzHBWFSFSI18l70 zsjyN3wrLQaSHmBb6kZ7OrycBc52Rw00segXCJGxLEpiViPSC5HY6DJYdWyn0bNM 1xvG3DkYQDBWGNQgWB6ldOM5nmOqY6zSPFTK9byqOwz6CHmfRYqmLpx3czuAO3U6 PpsTYG7PKpFBviP99jg6XsEYigoMHaHIcBzUSP+DYYO9JlyrzRmbQ6MIkRN+YD59 1CK0n7+WuQpjBXgFmIEKtM2xJ4sh+aQxdV4SwIEmMTAaNs4PFivNzEgwpj4Txh+q aUbY6l9O2H8ERvFokF94/ea5ahOhVaTgaipN2O92rvldiy3zTqv5DP3hX4tU1oaG n0s57pn/uF+aYVMtzk1opNpZdqH8AkKX1Q7Opha/IEvnk48Njgbwtf9HVEeo65Ec njvc63PZel0cbzk6ZA4BS7BX3UtSHURmFOjiRUV1DI9yUsLXuEbM0LtH3Zpgyzr0 7U+YHLB4z3LxdK9ZuWo2uSCF/5iVyyjGSdOGuu2ISJis+vp9PCg= =9c/T -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:20:50 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24Gp4VsCz4gBYF for ; Tue, 1 Nov 2022 22:20:50 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24Gp3tkFz3VPR; Tue, 1 Nov 2022 22:20:50 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341250; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=rflbUHbWvwq6LNZEF2KPgNlztAHlSf8dLqb38aUMFZk=; b=EriWKNNcec2so8hzifSMs31GQ9oh4dTwNir2pP8xch1Wq2FS1VCYh3zu36/+x8vqU4M47J jvc6batKrxQxx0SKwfGIcgHeBa5WXBB/4hYiqV1lTa6J7e6qF+XY+2Psy0/zp1js473dii Ow5nLZIqO3ZTqB78jd6rtqHYHU/Y3cYKoL5N45zAf61a1dYBdXJYBn3dReASaEvKjuslwA 7yNFRLFCtKbUSBvQygg37kSJ/ef9RTvv694f5htCBU6GGWiqb2nQh8z0TiL0GpeW10mJV5 HlArVDRQvDcWmDCN0oqYobf9TzGFAxN1MJVEVH0pR5ZZIXCMduWlJXFZdbNHeQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id 7396F3831; Tue, 1 Nov 2022 22:20:50 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:22.tzdata Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222050.7396F3831@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:20:50 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341250; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=rflbUHbWvwq6LNZEF2KPgNlztAHlSf8dLqb38aUMFZk=; b=uTsNvGlUoWg2W6pE7+H0yXp+9+B/iomQ9MwUBKbsj+Xx3UdlxXEbfsie5OIUecJOdpBfq6 y8CFkhUaTwlPHEZJ65r2Az8nvgLNFkFglhlR7uzQqzn4zm0rEjaGxNaivDN7/k5xT4Ilr8 mN+ZeGaw3SWZoIZRwHF+io2k5BwRpFzoXaA0gOdL6I+TA2iqm/swvaFx/69Sn7dpIIDuXX Gr/QEDRboU2xQu9JIVzczmKkGUHFdHZpucAb/+pcw/CGNvCWh5LvGT0eHhcjHwpLBAOdY/ qqr8/8l9PCuWMnbRGnUkYCoOpdQ0RbOTHb4g2hGwnXe0QdW3XBK8GmHSYqi0mg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341250; a=rsa-sha256; cv=none; b=cp4dmAoN77oFueSD8xJc19WymLOLNapFErDbTuV0r4+dlG0fGILxtM2pujI8mf6FCuj+cD F2fSuiYtR0zPKD7XuQ/c+ZAsjM/gAGLzh4t39C2D51bo+eC8lEdMl4o3c6N4VReAKuDXtW 2JGkOv/7jZOo2W07KhspR6i7HphbHYB8FNnKbnXpUE13DZOiy39I6uWuvvfscbnKQMs+Ul Ihx3dj+U4eL/OUMCQZNO1G54HxE2Jdv9VG1BvMnTdv4A75LzBUFpzqzpplbhnX5/cQIGiZ YS2tT6Bbd1K/iLRErif3/pfHAeM303aV2m0B8tlRVF8iRwPhTkLikHL+EOMt7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:22.tzdata Errata Notice The FreeBSD Project Topic: Timezone database information update Category: contrib Module: zoneinfo Announced: 2022-11-01 Affects: All supported versions of FreeBSD. Corrected: 2022-11-01 01:06:25 UTC (stable/13, 13.1-STABLE) 2022-11-01 18:03:24 UTC (releng/13.1, 13.1-RELEASE-p3) 2022-11-01 01:07:17 UTC (stable/12, 12.4-STABLE) 2022-11-01 20:35:42 UTC (releng/12.3, 12.3-RELEASE-p8) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The IANA Time Zone Database (often called tz or zoneinfo) contains code and data that represent the history of local time for many representative locations around the globe. It is updated periodically to reflect changes made by political bodies to time zone boundaries, UTC offsets, and daylight-saving rules. FreeBSD releases install the IANA Time Zone Database in /usr/share/zoneinfo. The tzsetup(8) utility allows the user to specify the default local time zone. Based on the selected time zone, tzsetup(8) copies one of the files from /usr/share/zoneinfo to /etc/localtime. A time zone may also be selected for an individual process by setting its TZ environment variable to a desired time zone name. II. Problem Description Several changes to future and past timestamps have been recorded in the IANA Time Zone Database after previous FreeBSD releases were released. This affects many users in different parts of the world. Because of these changes, the data in the zoneinfo files need to be updated. If the local timezone on the running system is affected, tzsetup(8) needs to be run to update /etc/localtime. III. Impact An incorrect time will be displayed on a system configured to use one of the affected time zones if the /usr/share/zoneinfo and /etc/localtime files are not updated, and all applications on the system that rely on the system time, such as cron(8) and syslog(8), will be affected. IV. Workaround The system administrator can install an updated version of the IANA Time Zone Database from the misc/zoneinfo port and run tzsetup(8). Applications that store and display times in Coordinated Universal Time (UTC) are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Please note that some third party software, for instance PHP, Ruby, Java, Perl and Python, may be using different zoneinfo data sources, in such cases this software must be updated separately. Software packages that are installed via binary packages can be upgraded by executing 'pkg upgrade'. Following the instructions in this Errata Notice will only update the IANA Time Zone Database installed in /usr/share/zoneinfo. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install Restart all the affected applications and daemons, or reboot the system. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 13.1] # fetch https://security.FreeBSD.org/patches/EN-22:22/tzdata-2022f.13.patch # fetch https://security.FreeBSD.org/patches/EN-22:22/tzdata-2022f.13.patch.asc # gpg --verify tzdata-2022f.13.patch.asc [FreeBSD 12.3] # fetch https://security.FreeBSD.org/patches/EN-22:22/tzdata-2022f.12.patch # fetch https://security.FreeBSD.org/patches/EN-22:22/tzdata-2022f.12.patch.asc # gpg --verify tzdata-2022f.12.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch -E < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all the affected applications and daemons, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 46d324ec6502 stable/13-n252892 releng/13.1/ 0bcdf24a7cf3 releng/13.1-n250165 stable/12/ r372688 releng/12.3/ r372694 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhl5cACgkQ05eS9J6n 5cLCHg/5AX0d3XNjxGdEhrn8d9xFEtnV75WJKJ+o+jHUCfYNnTD1EJY3Q9EbIoWT +52Qgcr8HVTZKxKaMoEaR8iDMNwzYbQ1PZrRlXbE8Iant4ULw4cgctIaxtNtUMSM wRJatQ1LjXp9VjdLv8BCn1jXoVFstUjonLskQ8tNOUrvF1APGgXZRC/B+kt/gs1L 9b2Qs5vZ4e1ycfFiQyw1+ACpQjFB/s4XaN1BQx5JdFBpK8uhg4/LaxMIKA5Fmixh xNb+VJ6kCxi0swTzsqKnU67OM5k4Dl+loz82d5X3imB4EZmJ6Pv7e9XX2EfGpQXz 5ABxbEzAqN7GCRmCV86dZYThLJiw+vCJnAyX5hXsFup09UpInN7xzrlJ7BiRZ254 CBtPmj0d6tedkUahG0/GxgU8zl8L3MU/Mwbvg8wHcejciTrjcj94TZBRUxq88E+8 DHEMsumzSAmD73CWrpUG6KsdtmA55opKodqeCwSG7zmzibaMKYabPJ/4Yq7kZNnq 58uiMLwk2CYwZfbqEHdbUP96G7BxINY1rMHq72kbZ02PzYkFA2vDFM84EqZq1F9B +ET3Nkucx0FIVhd/zU5cYKuvC7+REXpIxy0SagVumBMgNiREeRwgVC7mghCuM3Vy DC40UWQBY4SHzU+LpKiagArRJZVPMMA2zbSyp7BkS546oAaHn1Y= =TNmt -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:20:56 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24Gw51mYz4gBf2 for ; Tue, 1 Nov 2022 22:20:56 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24Gw3LBmz3Vxb; Tue, 1 Nov 2022 22:20:56 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341256; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=8CODW9CEecnEAJzH5x48vL7KJ8MK3ZTLLtDfmwWIPKY=; b=KxEHkdGlLVcIKlvV9J22nJ2R8yrO5NNUQRh7b80csurrOM0HvP+bVxH5rrHW67sv+uiLGM QtjPskVNBFO69o6agSFQnRG1FZ+T2oj6oWSzKcd8POduTP5jwUSD97wkS4rKN5LxVqrDWc r3uapZ0cEnsdubftdQ6lE1Dkk3miAKZOe5eZzxjvc10RJIDnh0cXLrGGtuzAZxIz28trzp K7tYkkkAdPpq2hVC9zqC0m3n/s4rXSUYq/aZS/Z1x7Q8Q4CAq7FdRoHCcrSsdEs5YP7/74 zHB8gbXA8RAw8La+zJmj6IkKX7tgI9NO6iEU51nyUqcFaLPoSC+n77NVgKtRiA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 5B3923A05; Tue, 1 Nov 2022 22:20:56 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:23.vm Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222056.5B3923A05@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:20:56 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341256; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=8CODW9CEecnEAJzH5x48vL7KJ8MK3ZTLLtDfmwWIPKY=; b=UjLsMWzTnps0RPyAsK5Cvq4xThrQjEPbdvj4LIBU066yOuSdT/LzX5azWDYyXaTSrrDqki AmLEhXJnZsfEC1mJTOfeyEWNHOvzmPuLwv3ouulIVpjTar4yK0qoNDkKXQjd+L3nQQdBOt 3tvHgTzTzhm5L1DmkFIp+VoCAPyT69eUJLcm1Eg/WWzHz5crGSk6ERB0/ocdo22nz8rKA2 aHHLNdvoKJYcTdFmRUP7S85OJiKJJSHQqUdQe7+NRUC6yHWMxc7orYQPvq/0uW5Bj0o5FN OsJ+P1yqQ+xNkJgBSOVNWWMV04HQS9k8grcLAtXyehYfCKvxF1le1OZbUQ3C9g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341256; a=rsa-sha256; cv=none; b=Qle43uxNj0JmxNCeZsM+pD7VNyTRUhPz8I8Vm46M4kEifd7J4cyFEYPm6B5rJQVNtulZb3 ao8JxNsxHJ/X6lO4whQO4WCFBfP+IUyuq5ophsUB7+cWzDc9+VFZZnwNQ4HkZcpCf0HymT xrmAOn6CdalE//BRdRFu9hhLWw1aEC+jEuIMtfKHzq+LLlrwZf2y8uRALwTCKCJ8CQ70MG g2iAK38gU4DN5xSd6iElryme79b8bHItSWegwUVQk7/zbDsxDfo/d1CBiNuFF5fHmeALhD UJmAs5dZElhp8iPx63XKrhhfO84bedH2VXDjppY20XiyC8iF5xttQabPWMUx+A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:23.vm Errata Notice The FreeBSD Project Topic: Memory pages become unreclaimable Category: core Module: vm Announced: 2022-11-01 Affects: FreeBSD 13.1 Corrected: 2022-10-12 13:49:25 UTC (stable/13, 13.1-STABLE) 2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The FreeBSD kernel's VM subsystem manages system memory. Among other responsibilities, it provides a page allocator and maintains a pool of free pages. When this pool is depleted, the VM reclaims allocated pages from a set of page queues. II. Problem Description In certain workloads, allocated pages are not enqueued as they should be, causing them to become unreclaimable when free memory is scarce. In some situations the memory may become available again following restarts of services (e.g., database servers) which are triggering the bug. III. Impact System memory could become inaccessible to the page daemon, resulting in less memory available for caching. In some cases this can result in out-of-memory process kills. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +5min "Installing errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:23/vm.patch # fetch https://security.FreeBSD.org/patches/EN-22:23/vm.patch.asc # gpg --verify vm.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 6094749a1a5d stable/13-n252707 releng/13.1/ 4867d7d34dfd releng/13.1-n250160 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhlqQACgkQ05eS9J6n 5cKKfg//f+YhLk47E5Bk/KZ07ONQ7xN0W9YZyz1P4iLc85LIaszC8+L8auwM+uR4 ufvo4ToDzbDq0v+2mHUdgQ7CVylOzAb114z8ZFADHhlBJeft5pdzm+/R3wfqADbm VL2I6uqjsQiH41umNgZQtyQh15LBWUlvrDd7r5dGVMzU0+VXNTngP58Jn7kqiUPg jwUQk6l/PPRLRGqX5RJHoz8traCLsd7i+58/FPyaofrtrwl97uxtcbBEcPvcXsrL yTnTcyPHnR8lqgmNXExcOPxfMBFz0sXgfDIXebnEP+inMx4gF2U3CBJuTCww8NWV M4R7bj1HjWw8WZV1dZUFB73qx4r51iKanYQsqFVEWl7KnhQL6zG8nCt4iPR0wiKJ x7qIRGtXCgzZieg0fQnsNjSdjjiIQmLCOq6BTmG1X5tcLF7hAM8D42RFGSbvLhNU cGP/1Gd1iK72VqBRCSHKhZi79//YA8lI+f3b7ORMB9Q5cmy9l0A0nMO2EpBdc7x/ 0VGSXMaVaegaKGb3vXteVvmqtHAWg2NiBMgUHb3oMEXdbjsymmgkCsTciuiYDLxQ Y/XdbtMHZi7VpZNS3Qt6wIpAEhSDxYsgf2+7/22Ni09Awn5H2/F3DCeo0dU8hWR1 gksYdLbwRI+By8hguqALkpC1lP/M8Hc/HBrEiG6OqY+OvZr43OA= =n7Mz -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:21:00 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24H05Pqmz4gBfL for ; Tue, 1 Nov 2022 22:21:00 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24H03xyXz3W4L; Tue, 1 Nov 2022 22:21:00 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341260; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=ZIrql5A8ZSm2F5fIMnXptBJS5NYuYpuy5AIqLrTkiqU=; b=c/0O+FSfpICxJjN/YkoQh+mE+15U/fx00yrv0vpmVvUkI28497QYxRrReQjH81ZOzLcPme RbHRu8P4GwAi67L5g9nhDehYrKtE6uIXJx11YytL1liUAADMcc+c2nQMQWV8W8Fv/Z43zJ RfxD4lOu6p4kUGtaEFrF3NNXJTlO1L3t+uYjd5ZTMWP+MqnFOjcx3jNBMnawgUDpUJka3G cOBtgTKMaRUc2K0lMAIXDm28+J+iyuVdrtVSROnTDxqYti4PMW6EjJf9oA2YKdCHL7mtIW 6Py6YPuUsNymESVfemjFYBZpxL2ChbPOXTSlWNyTi1jIdQHM5i+FDvTTxFVqsQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id 756D63A86; Tue, 1 Nov 2022 22:21:00 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:24.zfs Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222100.756D63A86@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:21:00 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341260; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=ZIrql5A8ZSm2F5fIMnXptBJS5NYuYpuy5AIqLrTkiqU=; b=aEqe8UJ88oeuetNHRCKRbFfE4rHfKBuRIk+NsGSSDxn/n3s3+Y01XVSgRkEiQk8e52S3+U it6DSgu72khB6+0j/CyMqYEyw5a4sCN4cPTeap80mj2mgj8NpAvssnYJwQ1Q8XoqcGiOa0 OZIM2xhHQzL8NaHOiJ8kZ9qT5RxtSG6sEwRZG/vihM+v44J5GTgDnDIg28JEopsn6ACa5B eNMVoseKsCTwRkuSrVSUtMNqA0q9zC2txLLLLtMIY8VoxBcLWvcf9D/lAgiRIZBmNnelD9 5oTYqjdhw0BIp0wNcDHiTApJ55KbHQ3XkcMa8OcZ3/E7K+BB++pLwtS5D03SDg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341260; a=rsa-sha256; cv=none; b=m7V8AuLxpzHYPmKCiwNJBM/GOEIkutKHM7Pdd/IdoQlKq7boNwgvOiWm3smLm0GJI1xkDU rzSVKQ0xLI6vKfMlp0zS2XRQgNqEAb/sXJFqkwg5/Gv99HX8kK8wiDvsydj0cAREiAlO99 eh1Za44FkUq536Ndi4JLxwuBSZG0HPhvGzXI2l4HQAYt5TAyWDeClsLRH7jCoOuu221mFs MUGl1J87orboVlc7eg4OCYGHoF8w20oX22MkJpyC8j7FIDb13MlC0BqvW3JRkJHpLAimHY Vp44RoHg8xBdzC4KECybVaeImi6udF6S78VsHqZ+0iUrvybsopmb8gJZpyw1Zg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:24.zfs Errata Notice The FreeBSD Project Topic: ZFS snapshot directories not accessible over NFS Category: core Module: zfs Announced: 2022-11-01 Affects: FreeBSD 13.1 Corrected: 2022-10-27 12:00:01 UTC (stable/13, 13.1-STABLE) 2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ZFS is one of several filesystems available on FreeBSD. ZFS supports many advanced features, including checksumming, transparent compression, and snapshots. Snapshots of a ZFS dataset can be accessed through a hidden directory, .zfs/snapshots, located in the root of the mounted dataset. II. Problem Description A kernel regression caused all dataset snapshot directories to become inaccessible over NFS. Any attempt to access individual snapshots would return an error message mentioning a stale file handle. III. Impact Workflows which rely on ZFS snapshots being accessible over NFS are broken. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +5min "Installing errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:24/zfs.patch # fetch https://security.FreeBSD.org/patches/EN-22:24/zfs.patch.asc # gpg --verify zfs.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 562c9ac58c76 stable/13-n252848 releng/13.1/ 7ab877cb3f9d releng/13.1-n250159 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhlqQACgkQ05eS9J6n 5cJZcg/+MejjhAq/rpPema1jiqGkD8eTRTw+zmufvqBKwnLdZycwndza2su7xpD+ 30dbVVcY5Suhr5mElt5C6mdU+YCrqLG9o1zAI9QX7hx3PsnqIMBzudgK9TkjtK2n WiG36PvA+rSIdjE8jw2quv9LMLycRiSevQGWDiD4rGm7JLdet2XH4ioHy1v3rPWe kB4365zSmPGi4fLalpEFYD6pid2kbS0gUZvhxrEAoy11WFwT+upjdlfD0aJDsoTo 8wvZ1hvoHGYjsmYXLSKmJXO+6J0pTnI5QuohySi0RYUEFtws1IlD+JIxWUdP8ejh ODPX2mDpP3ySl26HbTzCViJkd3z87F9hV8jaxo57azrD9kYpsWLq/UtsB2Fr2hcA tYFCvqQ7fftx6Pf5xLOQvQTqwlFpx6M+EoWUV8RKa11jdMv6ndbMuZoY0j99iuYD qEqi4T08b10SeI7aueOJZGuEYAab5ZcULgA1OOmmetIyAZccGcbvDqUajNabS+QC QKgHNi94ZVJbEyFTQ9cnZBFn1/Bet9pC9Yj/5qtVsN9a5cKD0t1TEeXWZtZ+Qkm8 V73qmq3qty2QfPqw7spVykIUzHlOyongMGNQx0sPHDDy5UucFtv6Itj6o/nlhuo1 veecgamjvnPzROzCTe/UVbp7tliv6fpTHDc/T+ewQwF03xJoA1Q= =8q+F -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:21:05 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24H53LC9z4gBWr for ; Tue, 1 Nov 2022 22:21:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24H51r96z3WRk; Tue, 1 Nov 2022 22:21:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341265; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=vmL32uRfY83t+njQ/RySMq6bsr3xxGphJe4gxd3k/Wc=; b=Cn9GErWE7RebPrVbLZkA4QcTmCeJWUplaQJ+s0B6ju+8gQQWdHskyNw7VAQS8MyG+vPMwf CSG2NyMRxgPj8kwH2kVZrSZRB6ipECVmWPnPNwYnqO4tCYmYLC7WW1omNR+savPVKgzTST 98wO8/Ce45qW74t8jnbbWbujPm9h5FCpKU0N32XZPRcpjFUTaK0a5xVNgLLBINae7ZLGcG 0/vChpd7gjNkFDNSWTSFKwYDZDQeQKFuVtGreVSFjz1H0AxahHvTfNWLt6vow77wUU4+VY IRPHNg0riOH6fQfFtWsO0JR3s8tz6UkA4JXSOTzQ+f3yWIBBsUNc3EXxAQTb/Q== Received: by freefall.freebsd.org (Postfix, from userid 945) id 267AA3A06; Tue, 1 Nov 2022 22:21:05 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:25.tcp Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222105.267AA3A06@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:21:05 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341265; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=vmL32uRfY83t+njQ/RySMq6bsr3xxGphJe4gxd3k/Wc=; b=OGBBNMvRVw3f64oXIMJ13kkNm30GZ/ixtvj3gaTnBzA/Cng2b2jpdFW4WSU+WJsueaDhlX dP+JY6UE/s3c5Rst8O9JSWnGZlHknC7ZQRYnC9bz6qbG1yjdOB7+iikSZ51rzsZcfG75QI pZyrNrjkT1GtTws7Tq2BgXhj+cC54Xoc+Yt35zFLVsKyW4WqDmR1h4bR4r3jhZ/ZT+Z2n6 SkZaWy8vl5IFCiWm6UaivmNp9YxcBYPt0dPP4O4BeHIEgsuUqT/ZDPhzeqmcro9Hvui7VI zP80C1PPIj0H/KAf7hDm4weJfDTMu3UbOfDqz8+T7ICEUze3yJcdk3cqsHlSMw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341265; a=rsa-sha256; cv=none; b=WssHbnbzNhkjLWt+QTj6f9CzG2mZ/VTPrYcUFT9J328LqzR3z5cR/LJ0Otipp6DrKhfY8p VudNtRs7I2fNG21QzYvuTwOgYk8uXTZxuQMXNcPIn+G+o2AYjTdqtYOH7FO2xoiA3rD+cH TcJa3VTa3kVj4ToySuGCAt82i46QIHG6T4KVeWLjq+PZHdcA6V/oh5Hz1u2VwyO16fswG6 Gq0auOegWMoTjWE6jd8qo3xjPZb8cPsKyn4XU50GWCpqJ6NyQep0EcnuR5+l7A4d84SXbW pkMzLCv4izU2222nz9Nny0DF3p3D7IzwTMBeNA3tMFK3SaRWdm6v/SuqnmgcBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:25.tcp Errata Notice The FreeBSD Project Topic: Possible data corruption with TCP SACK retransmissions Category: core Module: tcp Announced: 2022-08-28 Credits: Richard Scheffenegger Affects: FreeBSD 13.1 Corrected: 2022-09-14 01:28:03 UTC (stable/13, 13.1-STABLE) 2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background TCP supports an enhancement that allows faster recovery and retransmission of data when loss is discovered called Selected Acknowledgements (SACK). SACK allows a TCP sender to communicate more information about which segments are lost. During a SACK episode a TCP sender will reduce its rate to avoid causing congestion on the network. II. Problem Description A change made to make TCP more resilient and effective when handling loss recovery by SACK, could lead to connection interruption when incoming ACKs suddenly no longer contain SACK blocks. III. Impact This can lead to correct data being placed at the wrong offset in the stream in a non-deterministic manner. This can result in termination of the TCP connection by the application or in the worst case silent data corruption. IV. Workaround Disable SACK globally by setting the net.inet.tcp.sack.enable sysctl to 0: # sysctl net.inet.tcp.sack.enable=0 Note that this will only affect new connections. Thus, either persist the setting in /etc/sysctl.conf and reboot, or ensure that any critical connections are restarted after modifying the sysctl setting. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is required for these changes to be applied. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install A reboot is required for these changes to be applied. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:25/tcp.patch # fetch https://security.FreeBSD.org/patches/EN-22:25/tcp.patch.asc # gpg --verify tcp.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 2b8ee332b938 stable/13-n252399 releng/13.1/ dd35207e2025 releng/13.1-n250162 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhmIQACgkQ05eS9J6n 5cLiKA/+NSB8VRq7tjXC0+MFQAPEL9YUtQYyRfn8u3YywHli/6RTeTQPKfd6BnvK T1clrnVFgp97QG948WAQ7ehct1GRAlrOagVHP0DnQqqQnTmoIVO0vyMVlQ1ONcAY GO3VxZfEUJhbtcSLIdT03RG3Y+lK7R4Bs6mplkBUpVGOtrhtdmNBULgC8N1HiwHg wJJpr/9/EMPqGXVtm1MzvgeKH4SIfNsDoiS4W90g1CepsPWylY+vsVjPhXR74gxz peNHKFQM7SpTm1hc9YqwjyU5qFExq/O+je273sykyld6ZcJCpKe50+dE8D+gHpu6 6CwiLb+uDQcF3RN9ofunRDvpYdtl1muT2/zQQ6yJ6DWJzvWpav+PTA4gEeDj8b+b eu8wR7IoSPAHxqnGrvmB1EVn1tvFLF/mtcsrE1fdGviNf5LI/P5OYgZ6pkHaEJoN NNnhPWZlteFsXYvD+Rz6rlhM86wE2/5Zj88oR36K6xUtbUimmES4NOU82q9MFMPU nzOqflNf194o71ZbjdJK1gIemijRP90helrhGNHMBVdRM6UD/MywL349jIDzwp7Y V3Jlpd+yU6K5Yuw5+nG7Z6oEJTwQI7vKNkEg6xnjpaaH47NaijGZDFb3SXvvCW4e f/x3Y7sMPIRJIaKxKIbcRodeGChkkMZDEQ69OyuxBeP6Xo6OKOg= =GANq -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:21:09 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24H95DF5z4gBbF for ; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24H92kYFz3WQq; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341269; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=Tl8bqFf1oNwIKyo7qFtDkxa7XfVLUJ+RdPIYKSZJYno=; b=Tdc6SqTWpDpSPwLNxDq2ki75j0U690uyYb0S3uor8zC72MFilojOygtgJ0658gblhqVSHw kl5gd1+HTw46xD9/XVctvAWWYlMi9ET/yAkW5FIlflt51R6mjXOpw5ppY3Yw9yJq+qsK+9 EXzj1WWSFp7sMwnmxdYm7c88guRK4xN84p4NvQucmVUmP2ustAASFG1F11O82JnbL1NCpO dzg5uwloAcHxevT5LCU/3+46I3s2r+mdpTZLSzFCxjtLe/z/Csf6btHkAFcceshwXP6JUB AumeUtq0swelK6ztrVWz3Ilm5veKPLPYTz+2IZB+zkiVRyZR+LVwCuljbZEs5A== Received: by freefall.freebsd.org (Postfix, from userid 945) id 4D2C5399E; Tue, 1 Nov 2022 22:21:09 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:26.cam Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222109.4D2C5399E@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:21:09 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341269; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=Tl8bqFf1oNwIKyo7qFtDkxa7XfVLUJ+RdPIYKSZJYno=; b=AdZNpB6+lf+lIlo4J4GLKvDGp9hyc6VwvthlOQSxQUZIOtXqecjriPDCjA+iS0GQVc4Ojb UIbazFpVPYcq4oinLK6u685ezwQ3hcGhTpZtU+AO02lGerxqTi33tBoIkYjQCe3XSAJLtA RKYEHJcXTqyAGBch0UsxwwOjMWS2/SXiu8xVj1fpJSEJuSCf304VjzjCA2ziyTJot2lANo 8rtHfT3h4tHiCXCb48H0ISLz6JWLYLS3r5hZu20E41hZlrxWKdkMt/7tEgTpg3h3bFKguE wusIjSZmc0+0eQo5FcBOwtdFDmG/XIP+B39xoxqaxOJsDdeBO9/kUeY/jU9Jmg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341269; a=rsa-sha256; cv=none; b=X/A2X8B2/3YIx+faBBYnvak90mXGJYk6rmFuFxa4Ndv+3589ewrabAw5BGqvvMAGSZZwF/ Fv6Vu1cFpnIls5g5ielk9DAu8i4O7NSSCLGfr4GcMUz028PwYMeUQZe2vzi5PbRQo9uJ6w Jc4SAbGMzxcKvoWCpY7XusxBAPhEsC/u8XIyNqGctmoxAqclJ3oWH5Vohd/Xy7Kxccx4UD ugXOCO3xaszb+95K+AXWR6VT/umpw01SuXmzTuRnQ91uFnzWQoDyBc4gK0gW+0KZ2IM+Ih 7szTLMGJKwE7ceMqGTgHemaxN/BHHAI2+nTqOO6zwo48ETiCtA7QHM4WQfBtHQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:26.cam Errata Notice The FreeBSD Project Topic: CAM ioctl(2) compatibility breakage Category: core Module: cam Announced: 2022-11-01 Affects: FreeBSD 13.1 Corrected: 2022-10-13 00:44:16 UTC (stable/13, 13.1-STABLE) 2022-11-01 13:28:11 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background CAM (Common Access Method) is a FreeBSD kernel subsystem which handles various aspects of storage management. Various CAM components expose an ioctl(2) interface to userspace. II. Problem Description A backwards-incompatible change to the CAM ioctl interface was made. Partial compatibility support for the old version of the interface was provided, but it was incomplete. In particular, CAM periph drivers did not handle the old version of the CAMGETPASSTHRU ioctl. III. Impact Software applications which make use of the CAM ioctl(2) interface may fail to work following an upgrade to FreeBSD 13.1. IV. Workaround Affected applications can be recompiled on FreeBSD 13.1. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +5min "Installing errata update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:26/cam.patch # fetch https://security.FreeBSD.org/patches/EN-22:26/cam.patch.asc # gpg --verify cam.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 16d4c1de7b40 stable/13-n252721 releng/13.1/ fff5c5fe911e releng/13.1-n250161 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhmLEACgkQ05eS9J6n 5cJRzQ//XtqKLesa2RAQiFgGcWeBjbmSqz+0zriFkfZxHyp4VgORXVwOrqUJrO6M SX4TnZ5a+ElbZd1yulSB7JgHSV7ZWh/ltSTUIIGAg+514YtfwhrzJ8ID3Kt01lA2 KGJMaKZOlyLihbaeIyJm1IvgjFi24QxDRLA479PhtZjjMlrVhm49PLum2TDR7qwr j44pisNGqhxgA6C6YZW4XaNDJ4kISOFjYPmlKLC6qi7i8vsPXJNzgrZq6zJscomh fvk7Th3/1p65+KNSK26aJbmxqvgJDRJHyCXseAYylxyISvuoVmvWrgDFYmwCgfy0 /VNsnxDRPvx+tpGvLyWBGcb5slUg/+j8JxK1pgV5xRUQ30CGP42jQWGMmIna3Lud pv6Q1jhvcZWKC7kuZIdyzj/UgeQPwGw8qLax4DSSvysMU7YDkBwE3l4909eZElkG okitdWuWeHnz//CC6dtJE2mGmgoIFUr/uKro2TMV5a6/97A/1CFULydc8dd4objV YHaXEda1scMzq8GevfDFhji2gqg7tZ4eB7M0VVSgMBjcHkbIldpgtm1wKRNDBXPP rbvi0aKr1GcrBp19Jeuaz6rxGEzvsxEhBC5lW8hIBiYQEaMK6OJrzkJEiUGQCHPl JrynKvzC6dHnFKFhVfZaG1SZ2wS7hXnV0Y1LnNjPwK9zrJJJcgc= =KqXj -----END PGP SIGNATURE----- From nobody Tue Nov 1 22:21:12 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N24HD67Xjz4gBjB for ; Tue, 1 Nov 2022 22:21:12 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4N24HD5cR8z3WrZ; Tue, 1 Nov 2022 22:21:12 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341272; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=v63A4Fk8Q9Em3yHxl28Eww1uSUiMDFrzxNgO0t93Jno=; b=rf/WUgXj4uaZcFQKG8Wa8fO0rx/uiqUmOwvlxvwi9OdjrI3oYoF9//sw61RpQPOsDC/CV1 ZuQW4xizuIkUaxvNBuPn+hHozBUEvdmlIBisaqlVYlD/+ghzpJbJNQ2KmRh/OjpSStbJbZ ZngqGnvC74TtbHKbjI1/Xps45W+6QPrzo04X+NXYMVOgi0roFIuW16u8vZcXYEOap0kees rNv955lKXu+KsrXQa9ykWn8oZsqNc65BD0clMiYI8U2i5yqwIGoiln9lLqmXZ/OJ44sPxV eE9TMv+ArQfgMYqzTnEhi7QvxrXGwwmp7bsaEhTzZW4bSheGPCXDJVPTckTQvA== Received: by freefall.freebsd.org (Postfix, from userid 945) id A8C583913; Tue, 1 Nov 2022 22:21:12 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:27.loader Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221101222112.A8C583913@freefall.freebsd.org> Date: Tue, 1 Nov 2022 22:21:12 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1667341272; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=v63A4Fk8Q9Em3yHxl28Eww1uSUiMDFrzxNgO0t93Jno=; b=ebuyS90aKcee7gd1qPWaXq49MJ8N8WQwuB/l4E62RxGe90juTK1YqWhzprFLpDdtUa5ZAP lsM496V2li21ZpL0rY7PNiRfSLjVV72FPQrSz76JJqAGyV3Cux4hT0UctjPe2bIpfGkPb9 /bWtMlioNB+U6lquGS1CjTh4aVbl09PuNFbaaLzX0z+vsOyL/6+Op6LYWKkyQp+xIWIDPN 92VlgzXEi5UPYWZaV4SyFLoUEYWw88op/CqsaiKfVJJPL/FNcD0aYJszRYI5/YieJdKwOh g00FZRnntlPGPWVH6pek5JwrhT3FiDJsrsENIgH2x3onUhScEUn4ug74BMWSYg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667341272; a=rsa-sha256; cv=none; b=SxRECY8MT47v8kxxO2wZ+14cL2K8HuecfxHgay4t3Eb2EA/TbDiYVw/gOgvBvTT3gr9vRF XqOr2UkrcBYKkFasNiaTElLSzIzoJ62pomA4q/UVym3e9glgsGGusqDDlY9nKj6fY4AKnV RNMm2oleCDw6+9Ag2JfuuORMaGn9MOBxFj6mz23sMCaQel/sNBTVjQNBMn+34td3JGhxmU Sv1SkSnXsFswobBhYWgvrydWFuoH/FUzdZfZC0dxixQQ/qmGJPhHwWktrM0l6veJWsNadq DQUv0wtlR900bSZxEgv+pIrAfEYhXgcvUs5uJmACSvnc2rfqeyOGgAV8/ZwjCg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:27.loader Errata Notice The FreeBSD Project Topic: UEFI loader failing to boot older amd64 kernels Category: core Module: loader Announced: 2022-11-01 Affects: FreeBSD 13.1 Corrected: 2022-10-14 03:06:13 UTC (stable/13, 13.1-STABLE) 2022-11-01 18:03:25 UTC (releng/13.1, 13.1-RELEASE-p3) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The UEFI loader is the first stage of the FreeBSD boot process on UEFI systems. Loader is responsible for loading the boot configuration, kernel and modules, and handing control off to the kernel. II. Problem Description As of FreeBSD 13.1, the UEFI loader on amd64 systems will detect if the kernel it loaded is capable of being relocated to a different physical address than the historical load address. This detection relied on an ELF symbol lookup that was not correctly filtering symbols based on their type, which caused a false positive result for older amd64 kernels. III. Impact The UEFI loader would relocate the kernel to a different physical address than expected, and the resulting kernel would fail to boot. IV. Workaround This problem can be worked around by entering the loader prompt and issuing the command: `copy_staging enable`. Non-amd64 systems are not affected. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. The UEFI system partition will need to be updated with the new loader.efi. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:27/loader.patch # fetch https://security.FreeBSD.org/patches/EN-22:27/loader.patch.asc # gpg --verify loader.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 2b31059ea701 stable/13-n252746 releng/13.1/ 1ee7e4ba70e1 releng/13.1-n250166 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmNhmMsACgkQ05eS9J6n 5cIuFQ/+LdOLKHA1cCH70lEAIwbDjP3S+WPRcv/jdXl8h8447ZzKMcavy8/sTPRF k91YVngHozGASdFfF4RrYf0kx1/hNhNMOaBQbZKdsEniKAOroiT+gjLCid5ZDoMJ AQ8P3FohL+53Au8u96F4Shoq8y6zNx61twbZU4dh2rQh3pXjqcEa9fs21dcopmwQ ssozddGqZeFhqYzvq47ZnBeny/M2vHtxkckbNZd616zCKTUuOGsdNb0kDqcxybZj tQYQ9dZGbb96LFf2U/3lyhkrk9HK3zl/vdtbJYPvmN/6paCQYzjAxNgbYHJy3ABY 52+BbIeVqjHUffve+Jj0F3RWUGYmXeQ3nNPHCVQR801y0p39bH0nQAN03asHPzMb wzIzDHXNMcs2qps3ZEBRarOgUOTVzaa90oZXQibp5xqqHyprf4LLOtjXFHSBui7f AaK7NtEdlM8SbQ2+rSYPj4BTkn2b7wSBUcMA5dJMyqXmFUWx/K8OSnUwz+3ZCCPX gx6zJxkfCmU9/DI/fN3w6SZvBDATleH6KJEsp8lCIw73ODhpYZgLNdMp8QqPRBoz mT/j5zYDmONswHlgJ1Er9hivTGsW3H/vftn5Ct2kJgOkViFspUaVTcLgxhc5xKAC PE2/JaHgfndyi8MdJY0WIylnVzquid+RkOPYaSAMaGA37Ios/XI= =yeiP -----END PGP SIGNATURE----- From nobody Wed Nov 16 03:17:46 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NBpBy68r8z4hMrp for ; Wed, 16 Nov 2022 03:17:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NBpBy5ZlHz47hP; Wed, 16 Nov 2022 03:17:46 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668568666; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=wzo2GBiDzNBsBElCWRQ2b8Psk/jCRpqJ3KvsJI4PKjk=; b=ug9DpeuuaLoCAz52SdeeNzNDUfhG+dRk2JDJWXMcuMOwttWyqIQ8CMvbB2x+ld82r7MAS/ 1zDpSXcxetHkNwdCY+HJGVs+ClI79fNS9uNnNum6CfvuA1kCtrrOdo5/dc6BwFtoES/P3m u8m8MaYFUoMRvqzjIviFSiRsgC8XWF/S9Kwpw2D155rSgSMdz0zmrfovYvKJPnO1vw0D+L 822BU0aSXSBLB907XJhFTO5FjyW87sDW41LZInY9znQ2wr700zV6/ZaxQhFa+xZFMxIB6V uwonCbzHO2iqIShi4WgEAjNiLwpF+1j7WYyC9Wpaw2c2oGd70BzImgIxZ72tlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668568666; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=wzo2GBiDzNBsBElCWRQ2b8Psk/jCRpqJ3KvsJI4PKjk=; b=YBJvrMKpeDDwesKoCIrMtzI3ZXJENH/+eZpp+WlONriw0vtFfoXw8T+UDF5UlqnUHuaoW0 l3f0j490/9zTq62HiPQUka9FJHAEIdzVlGtlNT2e7LgGPAycaIYSIawK7INJxspUBpjWDH o1MhcJXT0bzIT3an+Nr9T4uIsEvkU5nFGZKnu7BugudWV9eCxNsW1z5bxL5KqdUsPjQHs0 CAQOBLQCXotZ637vFq/yHBTySe1jF98z9T86MrUCodC7hS/hTHdGYOjRf0MkfYfVRFQj9T cJRN3DE9/sTbKiKhx+iAqZCwvJLDsJyTxG1dTc6+7FKmMhXMthKrlWql+65XHA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1668568666; a=rsa-sha256; cv=none; b=JMgVXEib2YmP7GzNtFqtDFhNtFDwlsGx9NL2q6uXlC5ehI2Z7qQLAWfGjkcH3c9amD15o5 P6sckQGHU18nf22yhbHNJjfE/EHNvD/skKA1pf+VA2G0VHmPSxbrRVouT9AWvOnoic4GN+ YfbWUs5hLvnJPGMy0g18rSee7i4QgBh7SDDOqAJAMICvXHCMctnMuq6HtbfTkZIQZ1JAQG TLTnWOWxNElFMwn0dCTVdMrvXhoMsjIHcvguKsTyUgm+3a0LtUqiQ8eyefdFVlHIrhxOGq +ImKtziyD49gP9QSuJmiWERcF3RbBU2+vBF2kb1B3uHNt2lujWxnvtHgxc57nA== Received: by freefall.freebsd.org (Postfix, from userid 945) id B059020A28; Wed, 16 Nov 2022 03:17:46 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:14.heimdal Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20221116031746.B059020A28@freefall.freebsd.org> Date: Wed, 16 Nov 2022 03:17:46 +0000 (UTC) X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:14.heimdal Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in Heimdal Category: contrib Module: heimdal Announced: 2022-11-15 Affects: All supported versions of FreeBSD. Corrected: 2022-11-15 21:15:35 UTC (stable/13, 13.1-STABLE) 2022-11-16 01:50:27 UTC (releng/13.1, 13.1-RELEASE-p4) 2022-11-15 21:16:56 UTC (stable/12, 12.4-STABLE) 2022-11-16 01:47:57 UTC (releng/12.4, 12.4-RC2-p1) 2022-11-16 01:40:21 UTC (releng/12.3, 12.3-RELEASE-p9) CVE Name: CVE-2019-14870, CVE-2022-3437, CVE-2022-42898, CVE-2022-44640, CVE-2021-44758 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Heimdal implements the Kerberos 5 network authentication protocols. A Key Distribution Center (KDC) is trusted by all principals registered in that administrative "realm" to store a secret key in confidence, of which, the proof of knowledge is used to verify the authenticity of a principal. II. Problem Description Multiple security vulnerabilities have been discovered in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC. - - CVE-2022-42898 PAC parse integer overflows - - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour - - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors - - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec - - CVE-2019-14870 Validate client attributes in protocol-transition - - CVE-2019-14870 Apply forwardable policy in protocol-transition - - CVE-2019-14870 Always lookup impersonate client in DB III. Impact A malicious actor with control of the network between a client and a service using Kerberos for authentication can impersonate either the client or the service, enabling a man-in-the-middle (MITM) attack circumventing mutual authentication. Note that, while CVE-2022-44640 is a severe vulnerability, possibly enabling remote code execution on other platforms, the version of Heimdal included with the FreeBSD base system cannot be exploited in this way on FreeBSD. IV. Workaround No workaround is available, but only systems using Kerberos are affected. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is recommended. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install A reboot is recommended. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch # fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch.asc # gpg --verify heimdal.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all daemons that use the Kerberos, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ d0b6550173d2 stable/13-n253097 releng/13.1/ a1e014e89282 releng/13.1-n250170 stable/12/ r372752 releng/12.4/ r372755 releng/12.3/ r372753 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmN0Ud0ACgkQ05eS9J6n 5cKIKA//bRccdsoilKJvyQw9RazwJ0HENGbPF1RdjyG1nmMsp5wG+rqAdnN0LF8p SgEqfZjCx+KXNJBkzblKzduFK9VQ211dbjouwd/BVCbMYemUIs1DqobF6uvYnMbn vhQ2lUtZ46WbgvjXOcfsHakmCV2V2kCzBFsCKCQFPcYSch5n9gGW+I4cfewF8+fB +sjvhz7MDyLaCVB3UpxPUIMc3w/G18zzyhHdhuJOaCrCjf00Mt4Er40ICr+IkRy5 PpwdX60yvwk3uxzzMyIC5zcS3CD6qFUOaSIXfEuGWGl7Wo7MjoCXECE1sbwLVat8 K1FJtNIADZJkURzkgjvp9rHQHwZFkLMawrkyik4apHgGsY2pXktZGhcw/qN2BNNn uo3HILrjbYK5eU5zLU17FS9X5qTurIcqdVJCIklvjNqW7DAuN3K1I9ryat4w5sST ToW5LpLtP9DoI9M9Bh3Mqba629iuXRmQ6LZ6p9EGSFr2i7e3VDEcvMxkGO6Sh8M3 w67FpqWzeQ1RT2q2YL013emKq6C+oYDjMDDejAqH2Wwwae/7yQiNnXBqvokIXmi4 KLupHptt0CPFPOFBLloxXBPenYu/49SRWeUoxBqspQuvCY708j1mUntaVtAFm/ax QElUUEEmcuJhsBzTzBnS82oe7IRwv3NQm55zkOn+DQZ2HjV/GaY= =jmOK -----END PGP SIGNATURE----- From nobody Wed Nov 30 00:46:00 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NML9P0Zlzz4j2bq for ; Wed, 30 Nov 2022 00:46:01 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NML9P05m3z47Xr; Wed, 30 Nov 2022 00:46:01 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769161; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=w6KDHn3E2A8Xa2AQiCUv1Hl/I3U/ccaaMRsMejP6CLo=; b=EebI3OvGcLV4lYvp3cR7B3yGnxe59k9U5RstcjzC+tjh6c8kaiZ3s+ck2pur8Ol4P3W2bx LUetWDOyks+pscxQkulcuuinND4e48Run8ca0g4slVGXXQuYjZtb5s9xs1RWOPpeKPm2lx csMoRKzPbAhnhJi8bZbPkqOQCA5n6l2jZpS6sWMdkN9WOlZ+wTNn6Fos1WlpQVTn3mbCS1 C643XKt6lZGpyLU7Ci+dXwAfcO7XNaeRdXbnXADyIbmGO15k6SpYlD5wk26m/BWjqGzH5+ UI/LGjtpt84ISxgRXxx98OjECtqI84Ps7f/9hb59Byxvm8F1Ma4K825UeZbA3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769161; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=w6KDHn3E2A8Xa2AQiCUv1Hl/I3U/ccaaMRsMejP6CLo=; b=UzUWevVDdET9tDAwhqctMRTfX202kbfoYf4c3KZzqL+pywshctqV/7O5PZB/P6ps2esr5R altj9etAltutSjKLD5yXwOCZ7cAoZckRyqO7odV2BUEr3bAw5vSnnta7/qm33YToEtzcrw LxrQv464F/yks5kDuHA13qaRuhauO3HAPbQ2yTdVxl7Mwhx9WBcogGknCdyIcP56cZ5YuV kCA4mMO69jM3lGmO83axN+xt4g90OcRIWh5UfADWYq6VRkzoOqikAnXLuEKfUMvoeeZoEc 1PqsprOIGGJqvuFmoPK5YVZ/4fBr+Dzoo3YPb8k9CB7Cut8uUVmwatpTU+Ce0Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1669769161; a=rsa-sha256; cv=none; b=Sm+AGxdzy4bLizqGgT2hhbFRica6vRCGTlwNWkzfjQOyS133DREQ1o+dWWtNb2rTWyb2jw nJDGnreUZOaEKC3n0FcXoGli8NrgcJiC0cEhHdXoH4PpjHVRJCZxnqw1n6HxDOJ1xirt/D 75Y2fI5Zqec09/BD5G347/8YMKZySbk5saHWtdf9C2uFoORvNuniQGLwP/avr/e4fZaFvd U48emST7mfTrbWvafg6HRswofw6UlnajDBW8bKItA8pG0T0737LbvS0IDzaGWDGgfvdY4/ a2aM873Z6L7b6sKkB088AFTQQwN6P+BUl9bIFu9qhwPXsaSq7Hpyu5Ji7KV6hw== Received: by freefall.freebsd.org (Postfix, from userid 945) id E47221C598; Wed, 30 Nov 2022 00:46:00 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:15.ping Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20221130004600.E47221C598@freefall.freebsd.org> Date: Wed, 30 Nov 2022 00:46:00 +0000 (UTC) X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:15.ping Security Advisory The FreeBSD Project Topic: Stack overflow in ping(8) Category: core Module: ping Announced: 2022-11-29 Credits: Tom Jones Affects: All supported versions of FreeBSD. Corrected: 2022-11-29 22:56:33 UTC (stable/13, 13.1-STABLE) 2022-11-29 23:00:43 UTC (releng/13.1, 13.1-RELEASE-p5) 2022-11-29 22:57:16 UTC (stable/12, 12.4-STABLE) 2022-11-29 23:19:09 UTC (releng/12.4, 12.4-RC2-p2) 2022-11-29 23:16:17 UTC (releng/12.3, 12.3-RELEASE-p10) CVE Name: CVE-2022-23093 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background ping(8) is a program that can be used to test reachability of a remote host using ICMP messages. To send and receive ICMP messages, ping makes use of raw sockets and therefore requires elevated privileges. To make ping's functionality available to unprivileged users, it is installed with the setuid bit set. When ping runs, it creates the raw socket needed to do its work, and then revokes its elevated privileges. II. Problem Description ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header. The pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes. III. Impact The memory safety bugs described above can be triggered by a remote host, causing the ping program to crash. It may be possible for a malicious host to trigger remote code execution in ping. The ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrainted in how it can interact with the rest of the system at the point where the bug can occur. IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch # fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch.asc # gpg --verify ping.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 186f495d4be1 stable/13-n253187 releng/13.1/ 66c7b53d9516 releng/13.1-n250172 stable/12/ r372774 releng/12.4/ r372778 releng/12.3/ r372775 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n 5cIQGw//ZiF50YbtOc7oYgVcJTGlBEAbKWV6OteTDpXWb/OlwkznGxwzrG0DPvWN wHyItOPSAmdxqC4xZUsZh9HNxlim80r5TR1y4BE22Lsg2vL5Ir0h3tcqOKKpHYLS KzNgishF1+J56JeU3TpTjOe5QbXK3EZiw092lH8uSXTp3PqcHxBfFuW9Cjc1Rq/u ewjHWI7zNCMOpGh3w/v14ZxGl3aFusL1jmrcyi5kZub2Pr0N3bUKgS3/3wXfWF6o hcFhl1ChmAwpT/1313LNE7SHPl4HCC5XK4r3w+wniLjOJUhnioOBjay29QLt5O53 0rYaINNvo7ooBSpcPO9ixta+7dqah+uuW3vnFewuahqNCaAGLhMDSPqyZW7KfYgU F7TIDoBRHPHASFb3FOiAAcCNMCvmGl7vFyVoWe0xJ1ion2jqO83R8XOGgnHsPL/l cTYTPdECPMIDMvmfIH9UAbNCzKEYdNjWsXUjFJKkxCBtwUcBRsn1TEu24zU2j9mS hRlY1DAYVy8raYUnQp/f6Llroim5DKyUYpJpeB3j//Fk6KACRnZKsqsSIj9U3OYf KD6zfJ35RrolPHePMPmy6vGPDYFocDo+YQSm1eauwfSeDGnsjBmIdzxahkgEav4Z 5agsPd2naEntMiJkGGgeuYCifEvkCttJbuTn2s+7VkuTap0uTuA= =rown -----END PGP SIGNATURE----- From nobody Wed Nov 30 00:46:07 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NML9W3HBbz4j2YN for ; Wed, 30 Nov 2022 00:46:07 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NML9W2nW9z47rK; Wed, 30 Nov 2022 00:46:07 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769167; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=/YSM3i9FIS524F1ogBJtdrjN+a/+pq7/vpxe8BnxWzc=; b=A1hNWyqbeabkr4xSeIRl1zuVp/qhWraNa0SAcY2XVwHjLWHPs1+GwLlAFI6wRFos+3MF21 SUJaU3NV5P89e0y1+xFv9K+sBoDSE0frv8piSM5RuzCZGkrLSqdKZe+gJPy2nEa4XTyon+ 8WY2pCpsDqSJ0FprMGI9Zi15i0V1ioc/Ob/WxYKj+4aA5Hc4Hy/Dhmh6pAY4bWwOYdzZbT TGyBvN9149oQINaJoDZxwcN5DyeMvPrmE0AQju1onzXYR5835ktmQ19Nxri5+EzNLieg1r ToV7ncRD5Hk32SLSM7Ea7oFuqu+wSKG5ucwuWiW8ZgQb3mge+RCR4F+b2id4xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769167; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=/YSM3i9FIS524F1ogBJtdrjN+a/+pq7/vpxe8BnxWzc=; b=x0SkvQMZQIW0ZCoS1aCwOxtp/1KrFinfwZNIP8Iwx00Ui4Vp9vYnZ7A31NSdJMgJ5giEaC ZOD83DBrHLN5t/Drr7JzXSHzs2eXCTfrSKlbfr0JgD7uJ2/1uDNGGZK+BWKyYyxxVjmZdu +OVs1zUifZROBz6OgU5BS4F4XDwquIfdJxhWDz2w92LBpxz26u0XWmeIB2te9gQ2+dfGcV fKMr72fz+OuQw+mhTM++C6i/bmbh+IOT0Fb1QNCjtHLLjaQ6NyN4nFzq0SXjmBx/xykBz6 Mr/9xllmSkWRaEJiBeTcDyCOEG+G/EMRfptgjSvRHTf5a+8zLKmxF6dfioPxZg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1669769167; a=rsa-sha256; cv=none; b=eAHFm+wmWzzTX8PBTztGkEGjC131xMkRKkVVrT2AFHCQ2rSB5LqCjbmhCYZYxnIqQ8TBHT SeU5T0B0ENcFVMEIFoaJBBUGRUuZJBwQsXv83MBUK0vMOIK1sc4gMFKdYlB9fGQKg9c4tN 5GRDJsYiCcNTHMdq/DvzxfDeX/trVXJZMFHikR6LZOHc+bv3/SYivt+nDSeK7vfr8UcHBo r7gTUFv/FTH2OOJz0113SDmZ2MD6yNqU4gOHI5sfXUgxP1LpFE4lEwY02Dvfid5D2nR52N qGdi/7NPVRApnydNU5sdqHqSY8ozsW/Df+X0Yu5rE/ixCiYQXYzAx0WWWi6C3g== Received: by freefall.freebsd.org (Postfix, from userid 945) id 41A4A1C626; Wed, 30 Nov 2022 00:46:07 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-22:28.heimdal Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20221130004607.41A4A1C626@freefall.freebsd.org> Date: Wed, 30 Nov 2022 00:46:07 +0000 (UTC) X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-22:28.heimdal Errata Notice The FreeBSD Project Topic: Regression in Heimdal KDC Category: contrib Module: heimdal Announced: 2022-11-29 Affects: All supported versions of FreeBSD. Corrected: 2022-11-18 01:09:42 UTC (stable/13, 13.1-STABLE) 2022-11-29 23:04:48 UTC (releng/13.1, 13.1-RELEASE-p5) 2022-11-18 01:10:53 UTC (stable/12, 12.4-STABLE) 2022-11-29 23:19:12 UTC (releng/12.4, 12.4-RC2-p2) 2022-11-29 23:16:21 UTC (releng/12.3, 12.3-RELEASE-p10) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Heimdal implements the Kerberos 5 network authentication protocols. A Key Distribution Center (KDC) is trusted by all principals registered in that administrative "realm" to store a secret key in confidence, of which, the proof of knowledge is used to verify the authenticity of a principal. FreeBSD-SA-22:14.heimdal corrected multiple vulnerabilities in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC included as part of the FreeBSD base system. II. Problem Description The patch released with FreeBSD-SA-22:14.heimdal included an inadvertently merged block of code which prevents the KDC from issuing valid tickets. III. Impact A system patched with FreeBSD-SA-22:14.heimdal will have a defective KDC. IV. Workaround No workaround is available. Systems that were not updated with the patch from FreeBSD-SA-22:14.heimdal are not affected. Note that unpatched systems are vulnerable to multiple security issues. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is recommended. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install A reboot is recommended. 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch # fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc # gpg --verify heimdal.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . Restart all daemons that use Kerberos, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ b23fe6badeba stable/13-n253102 releng/13.1/ 10571c04c9dd releng/13.1-n250173 stable/12/ r372759 releng/12.4/ r372779 releng/12.3/ r372776 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n 5cISog/8DVRGrMXWSdmaqa5KpO3SZ1o5mmhZDWYKRxDQZv0puJ6lTus44VtixzM6 ft1zRe2yQy3YoTtcxho2jY8zppcdg5r4rIR4rXsxIAjufxd53hxmWYXjN6zObxTB Owebw+xvJSG5ls020iRECI+YjE32ssXLBI7XkqOVnErF/UmxkTQM86VPHene3WwU EhwwM1i7ZUdl/11tGPft975u5waKUFxeRF4jpFLu/pbDqHBoFgY4AT2ivs+6jwaO o4X0gBDKDh/xXU7yFSdPfF09PRgSCosPMr8UNWXBlS6WYEmGPiRlS3NDB8EMFDw/ AElMEqlT55DzdFi4qD91x+FPeIQ+NbJCNjFuZDXv4lZtAvGF/ue4wfxH/ZNcAo06 SH1tJolwu0l6Q7e/6a+cU7RsonVhv7K2j5DKddoNSZcla/kg9z1IkYGgt0OrtOWn eMhuiLNsBZwebWsYWT/MG5nHaL79jWKPy69c+b8yXcpdrpfC4DNVmnTiiHzpus46 9K4X5aOgCMW6C19hIWvH74s6sWo8ZoEz4BaslJZ7AeHSv6HPGfUZBygtYm739a/J U8WN+rRIzsaxHQXts6LF8xroJtUvxQ76TZgK58k/Pma+Xa0vdYLcyqd/XEaFm1CW 7rLqVzTsHTlOz7JaMLnNm1aY6KKyERnJ94ii+LOjeldCAVWMNE0= =aUbR -----END PGP SIGNATURE----- From nobody Wed Nov 30 00:46:58 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NMLBV4W6Bz4j2jX for ; Wed, 30 Nov 2022 00:46:58 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NMLBV3L7xz4DY4; Wed, 30 Nov 2022 00:46:58 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769218; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=PE8+p24Wl+W9Dx5WmU6DGNoC2h5QED7uRNVEV01acIE=; b=pplVVgpuLd6B4IOkLEuvSRN/Hjoa5WbcMGz/o8/Yw1bObOnmgN/LNdO9HiR0cig0Z7QXfV joKBZsX/0LLBgWD4E+w0fBeZa+jTB1pjEHR41LS/oq0eUV+t3AbKBPukIVvLgOMvRPSJZQ dUoD3KAM/PtxN9TI92DduKbOPO20kXaiy2ptuE5aZViwhHQ8wv7t064qzHyZn3vO5w3h1/ Ykuw5G2Hlde20pDlMrJnY1GfzndpU9WVHYXno6GBSnsoWPjPG/71cJeNuyxi4yOxD0/GZI UwsvTKsxSs5S24YkFujNzVfje2WnuasxbdmIoe3nDh0mBBO28dmSVTjZucyebA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1669769218; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=PE8+p24Wl+W9Dx5WmU6DGNoC2h5QED7uRNVEV01acIE=; b=hPC0IpQqSM8t5BR142hDdo+kHBtz2Wlu/mWa5HDHH+7LPo1gFpQt6jcLCWGVQ1/CibPgSC 19R8iqU6XGriOr38B2nBt7HAMIhAzumzZNB2LPBbGFpvfY32YUhth1Z9kCLq8/K2zQE2rU l3W91DVSDgzKh88wUaYXYyAhexlNwVQySSssvqmtFrPkW7cCaV+PQFDNq7Yl+sraw3EvLg u3huLd9eieg0ZYtSJWtI8/wiZco/giSbbWbovhj7vBtCWsJIRA4IXTjKAJ3fG/0SU37egG cVYNPTC4YdrZZpDf+ukncfV+EoQOw51Ak/XrpV6v+mjU5iPDi5ZGHrkKnnIx0w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1669769218; a=rsa-sha256; cv=none; b=ot1dwosgwoBqLI+I9NacHekk+nSvLnyHrFvzGKFxfmBm97ZHnoH6gUJL2zEw7wMawyJKOD ELeJ2S+wj2pnzEnxcS8VSLlXXFDeBPwTjcH++bdg37gBK4DTo3ghB4yR+owAkXJSrPIoBK BsyWKGisRIv/h+x0GEixEGEKLeD45X3Y6E+wLzrz3sSU7+pAQcamxM/KOZDIWIHzzoDfvC dsnP9NeEX7cId/+U2ujg06FGwC4vuHjNX0t8x9G7S6d71z9QP25g9P7pIRZYlKSvbBhom1 WcwSTYTi05eW6eb8syw0tgE4B2j0ejONH/iEYYD8pTI8Dfu5I71ISgIF31u/AQ== Received: by freefall.freebsd.org (Postfix, from userid 945) id 396C41C53A; Wed, 30 Nov 2022 00:46:58 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-22:14.heimdal [REVISED] Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20221130004658.396C41C53A@freefall.freebsd.org> Date: Wed, 30 Nov 2022 00:46:58 +0000 (UTC) X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-22:14.heimdal Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in Heimdal [REVISED] Category: contrib Module: heimdal Announced: 2022-11-15 Revised: 2022-11-29 Affects: All supported versions of FreeBSD. Corrected: 2022-11-15 21:15:35 UTC (stable/13, 13.1-STABLE) 2022-11-16 01:50:27 UTC (releng/13.1, 13.1-RELEASE-p4) 2022-11-15 21:16:56 UTC (stable/12, 12.4-STABLE) 2022-11-16 01:47:57 UTC (releng/12.4, 12.4-RC2-p1) 2022-11-16 01:40:21 UTC (releng/12.3, 12.3-RELEASE-p9) CVE Name: CVE-2019-14870, CVE-2022-3437, CVE-2022-42898, CVE-2022-44640, CVE-2021-44758 0. Revision history v1.0 2022-11-15 Initial release. v1.1 2022-11-29 Updated with reference to FreeBSD-EN-22:28.heimdal. For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Heimdal implements the Kerberos 5 network authentication protocols. A Key Distribution Center (KDC) is trusted by all principals registered in that administrative "realm" to store a secret key in confidence, of which, the proof of knowledge is used to verify the authenticity of a principal. II. Problem Description Multiple security vulnerabilities have been discovered in the Heimdal implementation of the Kerberos 5 network authentication protocols and KDC. - - CVE-2022-42898 PAC parse integer overflows - - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour - - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors - - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec - - CVE-2019-14870 Validate client attributes in protocol-transition - - CVE-2019-14870 Apply forwardable policy in protocol-transition - - CVE-2019-14870 Always lookup impersonate client in DB III. Impact A malicious actor with control of the network between a client and a service using Kerberos for authentication can impersonate either the client or the service, enabling a man-in-the-middle (MITM) attack circumventing mutual authentication. Note that, while CVE-2022-44640 is a severe vulnerability, possibly enabling remote code execution on other platforms, the version of Heimdal included with the FreeBSD base system cannot be exploited in this way on FreeBSD. IV. Workaround No workaround is available, but only systems using Kerberos are affected. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. A reboot is recommended. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install A reboot is recommended. 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch # fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch.asc # gpg --verify heimdal.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) The original revision of this advisory included a patch which renders the KDC inoperative. This was corrected in FreeBSD-EN-22:28.heimdal. Systems using the KDC must download and verify an additional patch: # fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch # fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc # gpg --verify heimdal.patch.asc d) Apply the additional patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch e) Recompile the operating system using buildworld and installworld as described in . Restart all daemons that use the Kerberos, or reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ d0b6550173d2 stable/13-n253097 releng/13.1/ a1e014e89282 releng/13.1-n250170 stable/12/ r372752 releng/12.4/ r372755 releng/12.3/ r372753 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlpAACgkQ05eS9J6n 5cJFGQ//TbsJox2faNwQaBoQy/gFSP6TgauZTZJR5A5Y6bRMcvkNJyl3KIM2XlWD W+lJlxL7kERjv9zD6iI8rns4+FOO2p9f4ICZsWy88ABQrmpuz2N22MSd8NyXeRv0 30HyftaUMZdAPHVk5Piu7l3U6S4tPiO1BZEoMucG8cby1eWlPMtuH3K/0/CLZmPc F8U+oRDwB5KnZgP39JmvejvGoXik1lhCrvaLZ5fG1QEmyb1xtjHfT+QSkh9FWLxz jrHfwgpZFERprpMzqZAicbinV/LjZMfEbckJygzGNzSTTPD+uqT/jDmY+iHnkdF1 Lw9R8pJoJIpvckRrPLQIOZZuz/Xd4FRB7Gc/q4/x4HTP/8y/x1uKZmcbrh86W9xu 9jCLMgpqETEjHhqADX7Z4+7oxhCPmgSJP8dX5o0HvORs4bqqxbkLqkCsp8QXdcES vftJGgpt1IPO8MBcr4pG6+cEcZQuk7qX0/D3PArxLkwU2coimP2MmjxyeWBX5GrI zgdF2HiUYvuZXyt1FMgve+8JkS1RYEE+yPWeOJ5RnIuHnIaNTD81o1gIYuFL3ECb UAREi6FYskzeJQ/W2ZRMwQPGMPDQI901+msfStjxgx92rKhxLW+rDsg0EUsApoOv DzIaeCtOGCZMG/mLvVhOLYbqmFrHDbWy8cMoSti/lnx7OdLpnn4= =L299 -----END PGP SIGNATURE----- From nobody Mon Dec 5 19:32:18 2022 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NQtwf23z1z4jHxc for ; Mon, 5 Dec 2022 19:32:18 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NQtwf1s2Sz3Ltg; Mon, 5 Dec 2022 19:32:18 +0000 (UTC) (envelope-from gjb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1670268738; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=C/KDrmdaQhDkzdHyOZNmoI8IN1Os/ENSqSL3QK2BbsE=; b=R0/EoyLaTOahbroBdk1tRu6v7jkk0IlESAzU6dM8d91wsBKSgGQ6QVoDW//g5LxCN6ULie aH8ysUFW2ybubOqvBurxg8ff3asTI2Qbo28oA5mtODp390H2vUXWGARq2Oy/avpumpDeWn MhDoXREaX84TOIDa/WFjPoVCynM1BcmD1pIvEJS7bZpqoVVnD341c51pt2eCzo7wSNqdsu Zzv6HtnlbeMibyJSNkgCYGxCSMThdI/HoUSbX76o6QSTuG0mC4ec1Z69aYJbLT9OQL7jJD Qe4XmuNOP6cyOsg1cY7nxzYajLB2IFz+t2inVv+w+vKPOQsDrr16e3tTqyIs/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1670268738; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc; bh=C/KDrmdaQhDkzdHyOZNmoI8IN1Os/ENSqSL3QK2BbsE=; b=D0fZishFnaVVs4Ym24oglBqIfA/SA3zD8k8v6P9m+oAOVCVFACVX6B9MkpTkPjo6OuzJFC O75TwjNUVd9XZpQmLUwCBo1Swks7Ne7o4K+05BbY1n0Z3roD1RlM5QICJsS4efl3GNNoqf 5RmmGSv1SNO5SKAsl35vIL7usbb0VrRzxONAt7VNcYiwcVo0Pelt9Yo00URFw+ig+KWdZg W3zORgXtvW5bQ/MNO+7g/zLpb7VjBebkG74hUgwxZyFW0M7gKAd1QI+kBpN8ekrcfin27m LMoJl/7eu3Sk0Di9pcRvNpgyZlneTR/2l5TsxRLBd5c0Nz2YeClCK0pcvIv5lQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1670268738; a=rsa-sha256; cv=none; b=GYdNk741Tmjc+R1NXcC2m+Ysj/MMH4/yVOD51O13JQT1g33ib3BpEzfMVHt8zJmbwZ6UxO EMA8eItGXj0b2VK2Mt9ua8hFMEia6WlXSJ0MHAaiBPtwrShbDTumrzbTQfhP1wtndfXLpv x0fDmD1R48j/NXV+uUsJbx8FkYMTKpjHpOtCA0lrHJ+DCKggB2zKzQp1Mcu3k901F0IVMO 0C26AKg1NU6gXbXNOPZHgKxkHAGmFWQezcOpfrXnI1cSgWcf1YYGrcj3fBwC2/xwianQ2a zCXlKMTqmfoRYcEeFddmvM/3lgcrKQOK5JhsNiSH9UUbqt+8b52dPnI8UGFPIQ== Received: by freefall.freebsd.org (Postfix, from userid 1237) id 38AE41FD13; Mon, 5 Dec 2022 19:32:18 +0000 (UTC) To: freebsd-announce@FreeBSD.org Cc: FreeBSD Release Engineering Team Reply-To: FreeBSD Release Engineering Team Subject: FreeBSD 12.4-RELEASE Now Available Precedence: bulk Message-Id: <20221205193218.38AE41FD13@freefall.freebsd.org> Date: Mon, 5 Dec 2022 19:32:18 +0000 (UTC) From: Glen Barber X-ThisMailContainsUnwantedMimeParts: N List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 FreeBSD 12.4-RELEASE Announcement Date: December 5, 2021 The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.4-RELEASE. This is the fifth release of the stable/12 branch. Some of the highlights: * The ena(4) kernel driver has been updated to 2.6.1. * The if_epair(4) driver now allows multiple cores to be used to process traffic to improve performance. * The unbound(8) utility has been updated to version 1.16.3. * The telnetd(8) daemon has been deprecated. * The tcpdump(1) utility now allow users to set a number on rules which will be exposed as part of the pflog header. * OpenSSL has been updated to 1.1.1q. * OpenSSH has been updated to 9.1p1. * The LLVM toolchain suite has been updated to version 13.0.0. * The dma(8) utility has been updated to snapshot 2022-01-27. * The file(1) utility has been updated to version 5.43. * The libarchive(3) library has been updated to version 3.6.0. * And much more...* For a complete list of new features and known problems, please see the online release notes and errata list, available at: * https://www.FreeBSD.org/releases/12.4R/relnotes/ * https://www.FreeBSD.org/releases/12.4R/errata/ For more information about FreeBSD release engineering activities, please see: * https://www.FreeBSD.org/releng/ FreeBSD 12.4-RELEASE is now available for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64 architectures. FreeBSD 12.4-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded as described in the section below. SHA512 and SHA256 hashes for the release ISO, memory stick, and SD card images are included at the bottom of this message. PGP-signed checksums for the release images are also available at: * https://www.FreeBSD.org/releases/12.4R/signatures/ A PGP-signed version of this announcement is available at: * https://www.FreeBSD.org/releases/12.4R/announce.asc The purpose of the images provided as part of the release are as follows: dvd1 This contains everything necessary to install the base FreeBSD operating system, the documentation, debugging distribution sets, and a small set of pre-built packages aimed at getting a graphical workstation up and running. It also supports booting into a "livefs" based rescue mode. This should be all you need if you can burn and use DVD-sized media. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.4-RELEASE-amd64-dvd1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. disc1 This contains the base FreeBSD operating system. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.4-RELEASE-amd64-disc1.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. bootonly This supports booting a machine using the CDROM drive but does not contain the installation distribution sets for installing FreeBSD from the CD itself. You would need to perform a network based install (e.g., from an HTTP or FTP server) after booting from the CD. Additionally, this can be written to a USB memory stick (flash drive) for the amd64 architecture and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.4-RELEASE-amd64-bootonly.iso \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. memstick This can be written to a USB memory stick (flash drive) and used to do an install on machines capable of booting off USB drives. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.4-RELEASE-amd64-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. mini-memstick This can be written to a USB memory stick (flash drive) and used to boot a machine, but does not contain the installation distribution sets on the medium itself, similar to the bootonly image. It also supports booting into a "livefs" based rescue mode. There are no pre-built packages. As one example of how to use the mini-memstick image, assuming the USB drive appears as /dev/da0 on your machine something like this should work: # dd if=FreeBSD-12.4-RELEASE-amd64-mini-memstick.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD/arm SD card images These can be written to an SD card and used to boot the supported arm system. The SD card image contains the full FreeBSD installation, and can be installed onto SD cards as small as 512Mb. For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root, which it is strongly recommended to change the password for both users after gaining access to the system. To write the FreeBSD/arm image to an SD card, use the dd(1) utility, replacing KERNEL with the appropriate kernel configuration name for the system. # dd if=FreeBSD-12.4-RELEASE-arm-armv6-KERNEL.img \ of=/dev/da0 bs=1m conv=sync Be careful to make sure you get the target (of=) correct. FreeBSD 12.4-RELEASE can also be purchased on CD-ROM or DVD from several vendors. One of the vendors that will be offering FreeBSD 12.4-based products is: * FreeBSD Mall, Inc. https://www.freebsdmall.com Pre-installed virtual machine images are also available for the amd64 (x86_64), i386 (x86_32), AArch64 (arm64), and RISCV architectures in QCOW2, VHD, and VMDK disk image formats, as well as raw (unformatted) images. FreeBSD 12.4-RELEASE amd64 is also available on these cloud hosting platforms: * FreeBSD/amd64 Amazon(R) EC2(TM): AMIs are available in the following regions: ap-south-2 region: ami-03fc41b5fddd1ccff ap-south-1 region: ami-05eb3a57f43de17e0 eu-south-1 region: ami-0f653265a35acb8ee eu-south-2 region: ami-0283c9b53e77e2a43 me-central-1 region: ami-036dafc92b8889806 ca-central-1 region: ami-0971dee4589ea81c3 eu-central-1 region: ami-049d0e2fadb9cf90c eu-central-2 region: ami-03a08cf3d56b5f872 us-west-1 region: ami-05c8c7f5948bf5ebd us-west-2 region: ami-0178da7d9e8419972 af-south-1 region: ami-0a3a6d3aaf1a400ef eu-north-1 region: ami-0c21c64bb9c85483c eu-west-3 region: ami-067b23779d7b7d470 eu-west-2 region: ami-0d69e3c56dc906369 eu-west-1 region: ami-02ae3649a01f1a281 ap-northeast-3 region: ami-00beedfd652cf778c ap-northeast-2 region: ami-0d6e7097a9d9548a9 me-south-1 region: ami-0cb41fb740d33e9e7 ap-northeast-1 region: ami-03fe31854dc481b0e sa-east-1 region: ami-08dfa98e63ed1558c ap-east-1 region: ami-097b30a0d7afcf843 ap-southeast-1 region: ami-025a6fff2784fd469 ap-southeast-2 region: ami-051a3a08ac7cfcdb0 ap-southeast-3 region: ami-0d5bfe6bc8c18b87c us-east-1 region: ami-0cb7a9df037ea045f us-east-2 region: ami-0bc1c6cab643df266 These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/amd64/base/ufs/12.4/RELEASE AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B0928XNW6D FreeBSD/arm64 Amazon(R) EC2(TM): AMIs are available in the following regions: ap-south-2 region: ami-00e27663b9d5ff4c0 ap-south-1 region: ami-0ba040459a1007232 eu-south-1 region: ami-0414b749e7067bcd6 eu-south-2 region: ami-0f9fca3f3c2d49202 me-central-1 region: ami-071ccc6b476b5b43c ca-central-1 region: ami-0eb6ec884ccca0cef eu-central-1 region: ami-00fd69bc016ca8690 eu-central-2 region: ami-0f078197fbb7f49b5 us-west-1 region: ami-088a995502466f767 us-west-2 region: ami-01635212247505c83 af-south-1 region: ami-031e626a6b2688135 eu-north-1 region: ami-08124535227394d44 eu-west-3 region: ami-0e660ef80701fb6ef eu-west-2 region: ami-03204a5225af5706c eu-west-1 region: ami-0a93f56ee30d1ce91 ap-northeast-3 region: ami-01d57710338d2c9aa ap-northeast-2 region: ami-0ead6d7c05b8a2c65 me-south-1 region: ami-095f1968c7739faf9 ap-northeast-1 region: ami-0c485f0fac8cff81c sa-east-1 region: ami-052feaa53560e1483 ap-east-1 region: ami-0f594db43f46b7a0c ap-southeast-1 region: ami-0526938480885586b ap-southeast-2 region: ami-018fe628087edf851 ap-southeast-3 region: ami-0234fe8cc74c67008 us-east-1 region: ami-0a44bc70b409ad654 us-east-2 region: ami-0ac61c6fbc4638e2b These AMI IDs can be retrieved from the Systems Manager Parameter Store in each region using the keys: /aws/service/freebsd/arm64/base/ufs/12.4/RELEASE AMIs are also available in the Amazon(R) Marketplace at: https://aws.amazon.com/marketplace/pp/B09291VW11 * Google(R) Compute Engine(TM): Instances can be deployed using the gcloud utility: % gcloud compute instances create INSTANCE \ --image freebsd-12-4-release-amd64 \ --image-project=freebsd-org-cloud-dev % gcloud compute ssh INSTANCE Replace INSTANCE with the name of the Google Compute Engine instance. FreeBSD 12.4-RELEASE is also expected to be available in the Google Compute Engine(TM) Marketplace once they have completed third-party specific validation at: https://console.cloud.google.com/launcher/browse?filter=category:os&filter=price:free * Hashicorp/Atlas(R) Vagrant(TM): Instances can be deployed using the vagrant utility: % vagrant init freebsd/FreeBSD-12.4-RELEASE % vagrant up Download FreeBSD 12.4-RELEASE may be downloaded via https from the following site: * https://download.freebsd.org/releases/ISO-IMAGES/12.4/ FreeBSD 12.4-RELEASE virtual machine images may be downloaded from: * https://download.freebsd.org/releases/VM-IMAGES/12.4-RELEASE/ For instructions on installing FreeBSD or updating an existing machine to 12.4-RELEASE please see: * https://www.FreeBSD.org/releases/12.4R/installation/ Support Based on the new FreeBSD support model, the FreeBSD 13 release series will be supported until at least January 31, 2023. This point release, FreeBSD 12.4-RELEASE, will be supported until the end of life of FreeBSD 12.4-RELEASE. Additional support information can be found at: * https://www.FreeBSD.org/security/ Please note that 12.3 will be supported until three months from the 12.4 release date, which is yet to be scheduled at the time of this writing. Acknowledgments Many companies donated equipment, network access, or human time to support the release engineering activities for FreeBSD 12.4 including: The FreeBSD Foundation Rubicon Communications, LLC (Netgate) Tarsnap NetApp Internet Systems Consortium ByteMark Hosting NextArray Sentex Data Communications New York Internet Juniper Networks NetActuate Department of Computer Science, National Chiao Tung University NLNet Labs iXsystems The release engineering team for 12.4-RELEASE includes: Glen Barber Release Engineering Lead, 12.4-RELEASE Release Engineer Konstantin Belousov Release Engineering Antoine Brodin Package Building Marc Fonvieille Release Engineering, Documentation Xin Li Release Engineering, Security Team Liaison Ed Maste Security Officer Deputy Colin Percival Release Engineering Deputy Lead Trademark FreeBSD is a registered trademark of The FreeBSD Foundation. ISO Image Checksums amd64 (x86_64): SHA512 (FreeBSD-12.4-RELEASE-amd64-bootonly.iso) = 861c3ea8ee1104e194897a3764091b21d0c0dfe113fc453f915e44be54c71e6b8c612865e38e49d66d5c0ce1e96857d8e11a7abeb718bd34dd97d9d06ba6fdf6 SHA512 (FreeBSD-12.4-RELEASE-amd64-bootonly.iso.xz) = 5e7f89887f03831717044a8becf6ea4ff2f06b7a3a90b4ea4ae8197fe141d8c843dffbd6443b84b353b8e096c8efea82254c74d073efc42e01a809c7997de789 SHA512 (FreeBSD-12.4-RELEASE-amd64-disc1.iso) = 14f21f31f3bdb7ac593cb8c859cb5f1857cba0c5f0b92c081b0ee7b34d1d0d28cc3dd5e7c38e22a0176a902397afb3dce461bafd2673011efaa7c4f63dcd5db8 SHA512 (FreeBSD-12.4-RELEASE-amd64-disc1.iso.xz) = e0e985d41d25bba94d7cc072ecc5986ceb9cc1eac31808fa0b9f380ba4a3248ac95b5cc47586108071e473572aa77752ed149f1db4ef3f59ad65f06e3831bfdb SHA512 (FreeBSD-12.4-RELEASE-amd64-dvd1.iso) = f65af5907d2e6492d96aa33df9276024212530b9b36156b60005cd6168e25f09415556e54abf2648dcaf0a648ae276bb70f5afb0d377cde6246b17d7b03b909c SHA512 (FreeBSD-12.4-RELEASE-amd64-dvd1.iso.xz) = d838e01b831268e1fcc563503fdd993fadcbfee409c936fd2dfd9ccee177bad11b11fb1883afc4698598b0e84c51c425b8facf9a41622f381fead74c4aa8bdf7 SHA512 (FreeBSD-12.4-RELEASE-amd64-memstick.img) = ecc6b66445e5173733e1d0d8cdedbbbc47856808d89fcefdd3f426c27cba0521f20270b5a2b32668633d4e0e11e16e1ca07f08fbf8e0f059337d76136e63e2f6 SHA512 (FreeBSD-12.4-RELEASE-amd64-memstick.img.xz) = 161864ec7e78750c8febdb425e081f7b962606101979b8bc808b6939c8eb0e682434e96e4d06a12f79cfe34994f03cf6c52ac87b76deb3714804d884375039a2 SHA512 (FreeBSD-12.4-RELEASE-amd64-mini-memstick.img) = 5bffbb8937a6ed5e4f2116f01dc0dc6d295f8581d9727a254da4d07e4d063e5e66c70b4e8572b0bd8e389f525c8217b6b2428992a484e1c096e0a42dd0ab2586 SHA512 (FreeBSD-12.4-RELEASE-amd64-mini-memstick.img.xz) = bfabf14a086a8d350a6951b3b07b6cd2d3d7e9be11bd9a9f5a953052f6d0e620461286a868a95ee4afe8a4367d7bf6eb70450087fcee6eb8af5d36c43534177a SHA256 (FreeBSD-12.4-RELEASE-amd64-bootonly.iso) = 4bf1f0b91b0c20e11d4fe4ebe54e0aaa4a421e474c0785477d9cb17b5dfc0fb6 SHA256 (FreeBSD-12.4-RELEASE-amd64-bootonly.iso.xz) = f89a948908a41db7f68fcf2ab9f7a0718abcabcfa8b7ba7122d40062feabaadd SHA256 (FreeBSD-12.4-RELEASE-amd64-disc1.iso) = 606435637b76991f96df68f561badf03266f3d5452e9f72ed9b130d96b188800 SHA256 (FreeBSD-12.4-RELEASE-amd64-disc1.iso.xz) = 1dcf6446e31bf3f81b582e9aba3319a258c29a937a2af6138ee4b181ed719a87 SHA256 (FreeBSD-12.4-RELEASE-amd64-dvd1.iso) = f889113f4cb0dc50b443b3e5753861cfda1b6c08beb0c9bfc6b212572f19dc9f SHA256 (FreeBSD-12.4-RELEASE-amd64-dvd1.iso.xz) = b31f2c0c9c25b80651720ccc0cb7e9375f2b7fa23f1b2c46370906e2b4b6338f SHA256 (FreeBSD-12.4-RELEASE-amd64-memstick.img) = e9f1278905547bd13d29e86e4af02d6b21b54bf8f4345bb7a2f38d1b977c49de SHA256 (FreeBSD-12.4-RELEASE-amd64-memstick.img.xz) = a621c9e1316c329f67e74e3d156a7377945f3dae1eb2c5cc421f44474810469a SHA256 (FreeBSD-12.4-RELEASE-amd64-mini-memstick.img) = e1cabe7131fe2a12d5b1ca51ffa8f53645fd347b2fae3eeab700c89519f9075a SHA256 (FreeBSD-12.4-RELEASE-amd64-mini-memstick.img.xz) = 82159d4e6fb08cadc28eb28ba3b4057576e97c924d8eb28c0bd87e775e88286b i386 (x86): SHA512 (FreeBSD-12.4-RELEASE-i386-bootonly.iso) = 1f71e1d74a5e8167ddfe91920cf4df07d39d8a5501ca94f5b227576dbca6e26c09966d50b4199dc0be2ac08320152305300771700d6175d9208b76bf89bb0010 SHA512 (FreeBSD-12.4-RELEASE-i386-bootonly.iso.xz) = e96467832860063a639e623547a9f4ee8acc2fd85d7ce5d8cbd4ebed11b1a164d2c839e234ba8db2b5538bab65022cf5d5685ced570d582e462ce5b2260195e4 SHA512 (FreeBSD-12.4-RELEASE-i386-disc1.iso) = a1c6050e4b216159d473b982b583b2faf594d93685349d7bcc518af61159c6405f145a5af03dd2aa5e9696bdf687fab216b226dc4a9ce4466db1d016d855312c SHA512 (FreeBSD-12.4-RELEASE-i386-disc1.iso.xz) = 05073660976a4981f55c48ded6f2cecb907cfaedd25a5fdd626e74a32353c6e381368f0c6db638eb0587066985c31bf6ee26510bc5a84b153a59828500be4bc9 SHA512 (FreeBSD-12.4-RELEASE-i386-dvd1.iso) = 690508034baed7b5d0bac1b385debca9099a6dc85a3802b76fa4e3b8904c3ac01573ff4769be10d0dca083f035ee74eecfff331de85a6983a9a723b215b0638d SHA512 (FreeBSD-12.4-RELEASE-i386-dvd1.iso.xz) = 3cda522af5d2249a5e43bf1ee5b0a9ac7eaf7fcaedfdf9135a4cb255c562eb0b04b73586a008367cbba55b47ed10238cbd04fe9524956b79a913ee8427506390 SHA512 (FreeBSD-12.4-RELEASE-i386-memstick.img) = b3eaf003560e750b2d1f76d34aa77b8bda17847dfc44d5e751c9856517763df5e1a9125068311e81cf16ff92d8d51428d8918550d480fc13bf1a2f61bc26e1f8 SHA512 (FreeBSD-12.4-RELEASE-i386-memstick.img.xz) = c794d773368e7bf03644cfc92cc94d4bab741f5ae3b3515a65d1dbd667e750a2935bcdd4eaad53ecd433aac9dd4009228b3bcd1b7f9d07802b6f054ba51d82ea SHA512 (FreeBSD-12.4-RELEASE-i386-mini-memstick.img) = 08937a444a755ceec65825c037fb94f3236019085b0f2911962dc119043574d549ebb7de4224e5981fed070485cd07f4510f3b1e159998d99d14038818d19d03 SHA512 (FreeBSD-12.4-RELEASE-i386-mini-memstick.img.xz) = 60742d309e695a2c91dfaf71b9e2cddccfc7d5992b0591ab072f5959e1c389211be1b644da45e8d9ec4c57176b45bcadb0539fd97e98344519afbe54b46ef36d SHA256 (FreeBSD-12.4-RELEASE-i386-bootonly.iso) = 2993343198040e52ba4cb95a793de32e9036966e772b27a133f83f28ace4e59c SHA256 (FreeBSD-12.4-RELEASE-i386-bootonly.iso.xz) = aad695a77fc5d494b92601f96c40aff8642b9fe28ba37b42ddee7b04a40a8631 SHA256 (FreeBSD-12.4-RELEASE-i386-disc1.iso) = 73f4e4875ae4ab9e8695d1ec2cd42f1e4ab4c66b12d99194809eb623a18a7b0d SHA256 (FreeBSD-12.4-RELEASE-i386-disc1.iso.xz) = 26733c8bc571b905cb8d457e892fadef6a0172adb9b61e5ef96081dfd9531852 SHA256 (FreeBSD-12.4-RELEASE-i386-dvd1.iso) = 6ec4329e85bf628bfe2b80677a3db1b2b9ee9332f8cd2625977135ef75216128 SHA256 (FreeBSD-12.4-RELEASE-i386-dvd1.iso.xz) = 52fd1d608cdedae2f9f9ccb47347dd5680c07131cc2c25e444269cf66573471b SHA256 (FreeBSD-12.4-RELEASE-i386-memstick.img) = 38f2c99c37c3bfa71195474a6ecada5a7dafaf1b02068437d0b17ad852ebf3d3 SHA256 (FreeBSD-12.4-RELEASE-i386-memstick.img.xz) = c9f8f9b429ba11e39734fe4fe4b7216cd85b1a3d8dc537f65a96ff5430b09251 SHA256 (FreeBSD-12.4-RELEASE-i386-mini-memstick.img) = ddfbec969a6ac579edd7ff5a5bf3fe7c5291aa8f0432117ecf6975d43d93f843 SHA256 (FreeBSD-12.4-RELEASE-i386-mini-memstick.img.xz) = 6d1d96117353eaf96e84f9b17c99f2cbe8e34c4a8704047c6623a071d96c662b powerpc: SHA512 (FreeBSD-12.4-RELEASE-powerpc-bootonly.iso) = d06183d0cb08f2eec708ca02924c4b50e1d8637c4b80dd46bded884c61a2b94a367e188a9334b85f8d0d58f619dc388071af96420f0d1d0e0b62de8ca706562d SHA512 (FreeBSD-12.4-RELEASE-powerpc-bootonly.iso.xz) = 8df11ce1de6040964d5631a051d5a603daeb7f9ec9f7dbed360baf2e01430edd71589ce4b4d84c622b369ee84f1eab2c94ccc52a08616943bcc2da34d85be108 SHA512 (FreeBSD-12.4-RELEASE-powerpc-disc1.iso) = f7593a33ce0ff732d7c6b249c653dd423329f1fc38b7ba63cee974244432402f93c6fff54a319953c90dc9b6601c63264decc93d1549604dea659650d50dfcce SHA512 (FreeBSD-12.4-RELEASE-powerpc-disc1.iso.xz) = e0c34585163a35f2d94434da84dd16be5834eb20ed4382ed84ee4eee003156eb6efc9446d3893fdbfcf0ad220bbed688dedfb256f04636e1ce389f89fa6b68fb SHA512 (FreeBSD-12.4-RELEASE-powerpc-memstick.img) = ed0f838a2904d494596d0fa9eb5f9e3954284b24b73754dcaab3c8a572d286f1de94f9562ef505909646d4254ce58bbce7eb65f8cfbed2c4342e7a7352f96e8f SHA512 (FreeBSD-12.4-RELEASE-powerpc-memstick.img.xz) = 69a507486a8ae44a0f4a57e9ed085841bfabe5a742346fb18fc1a0cc53d303a90f44b71c6db79c4fac1673e72863a3cd86571781dc5a9988c747856d6cf884c2 SHA512 (FreeBSD-12.4-RELEASE-powerpc-mini-memstick.img) = ff4a672bb5f7e6120e61b816e3154f7bcca41949e31ddfd5064ac59834c9e36d42bcd72bdc6db4eda9009b5b7b282c6f7f574705102202089c3f31a8bf466c6f SHA512 (FreeBSD-12.4-RELEASE-powerpc-mini-memstick.img.xz) = 4a87b075c01353998322fdc187781540ac52628c4c8aac492f93c9bc1e093bdd87a4b6b970c529e719d8315bf63767711b41a0afa43c94dd295b83be06367801 SHA256 (FreeBSD-12.4-RELEASE-powerpc-bootonly.iso) = 3bb2cb41f3f621dadd3a1e0871fe289b15432be68423c0c5b2b02fcdc539bda2 SHA256 (FreeBSD-12.4-RELEASE-powerpc-bootonly.iso.xz) = ea8d790f7e25c5d920ed54e5ec264f48920aa8a020c56b6e508027dfe47c2eea SHA256 (FreeBSD-12.4-RELEASE-powerpc-disc1.iso) = b2be9593500a7383d2757d3220125e41cb4ac81042217db0c6f5cebd80b387c7 SHA256 (FreeBSD-12.4-RELEASE-powerpc-disc1.iso.xz) = cd1f6d180008ceb63548d1e2240f6e71af3a534db9b2c3a1ecc200c4b5f3d824 SHA256 (FreeBSD-12.4-RELEASE-powerpc-memstick.img) = 9bad0dd470ca58b7d2388be3fefe03c6f764be39e03794858496554c87c38141 SHA256 (FreeBSD-12.4-RELEASE-powerpc-memstick.img.xz) = 8fc1a02e9dd5f7dddca3a9ca8e5a6e199461ca0b00b402e825fa6c3654f4b25a SHA256 (FreeBSD-12.4-RELEASE-powerpc-mini-memstick.img) = 4b287616626960e5f0bb793b1144a172b781d61f36a956686ca036a74d2f1b5c SHA256 (FreeBSD-12.4-RELEASE-powerpc-mini-memstick.img.xz) = c77cc476f550ba2b429d13a1f4d3a1844256850c5df19a08282722fe23a71a66 powerpc64: SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-bootonly.iso) = 03291ff1b9fb541376f1a4ec147ae5a9e12801e063db21c44ab9d46ccf9600e80bf2084e305e39f31ce93ae76f57ef020d88a131515c2631f5bcbdc562e837d5 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = f63be328c7fa0e3c7f6a5dfdd68f5fea53af9d070566dde44b817ad9b210462c93d3ecf98990e5cea842f55026da5c73755a76eea0bf3f2eecda8ec93cc7333f SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-disc1.iso) = e0d96f1bc3b7ec0439ad6be194faf83efb66674492d7019021be0d5bee95f6de0a49693d39c23c1409e5bd8c679d6393bd0b55e70d1f78af35562fa2bcbee50c SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-disc1.iso.xz) = b21d63647f547b3a0f148fbd45753f944c0a6b801b55a8a09dd442ad6d42f764542e8a6641e51f3dc44ba4ad066c674b1aca997228a63e7a2313f47d3461aa4e SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-memstick.img) = 97d4138dd96035d30d2905fde222af0e552dfdffdbbba3949b9db3306ee9f29f4bc1e8c2a87e3c548d0b29f2d3d0ec3f741fcdf9685fe99f6002208ecaebf962 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-memstick.img.xz) = e1c7c7082eefa4672f9a79a487e52a1795d2f7358eaed021e7fefae8ad1f02730b68304cd2c01b98c452d25e564215c12e3ecbbbbba955023b643a83b2eb790b SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-mini-memstick.img) = 0f6c01c751ec4779a93dd572b3fe0a6d31a482f1e951d4440304e351a6edc571afc05407af9471b62ba9221418ab7158839ed7913f86e7c46e48ebcd6cdac195 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = a28c70b1d8a8aab3dadf92d0d50d0df91ac4bafe33b4cdf88b81e92b5a82f20d8030855b28bf96706966b11ab25639c04ab18288f14893fccb7c750a5a708c02 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-bootonly.iso) = 9ae238188b26e669bb15da2ebeb6c058af1ef7ece8aabdf9020bc2c14288e2f9 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-bootonly.iso.xz) = f900209d2105a8cc09c69465ccb21c88c569f4e96533d7a7812ed28b2db1da13 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-disc1.iso) = 8e100b21ed85775ad7d6c8cd6dd43f48a66fbe19470db2a2b21b3592bf7579e4 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-disc1.iso.xz) = d1016e0c96dad833ba216f7a747d8972f4e99d619ca0fa326d694ed7303beb9e SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-memstick.img) = 95908a213427390d4268833f5bc13595da96b88baec3abe1687b0e32912e2135 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-memstick.img.xz) = 13be4d5ae64bc694f8f4487daee3402b76e9a21c50b802eb88e3697b0a1fa280 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-mini-memstick.img) = fe70fbfd4ed781b0c68dfd453a01795d170bdb9d275453474bd2c447f51b68e2 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpc64-mini-memstick.img.xz) = 4256938a32fa17217b4eb97afab85a65c7f339148e07971b43b6e994e6845070 powerpcspe: SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-bootonly.iso) = 866a8ee56221671614cebad7030203ac65f881eadc5229a6b4b6d1fc09bb11debf639d21d947fcff31f183593bdf578880c7fb68c60af32961f16edf33cbd7bc SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = 0d19223a5dbe9ff89e8f01cfa04dc4680a0a7f7111e6f63b3efba947fafb3dc43bf26becc120b374e3dec84c33a9af2d5b034fc5ef7cdaad85972de73119c21d SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-disc1.iso) = 7817ff340773e5d7e776d7c8baf337826922834a1808675a37a7dc9386b3b06e6bf84bb33e5e6f3874e295544f09157af8d54db09ce4a3936cb3a720ddc38b1e SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = 3025d538f79dd75d1624c672132b786a5960e91da169695f8a7972683abd25d8a407938f02ca091c39f2d9b7d79ed7f61697c5e661b34273f186d356582a17f1 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-memstick.img) = 7e296f1eff30ed7c566a9d22a2ab698339fe3577b43ac8662aa25404448deb21f952c4d38d8fbb80074f6b837504b100411e333e4dd30357ea60229f09992005 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-memstick.img.xz) = 904d484f955424abc1b6db9ac57b433a6404fc063968f0c603b901aced88552f0b02f4a4864ded62afc727b00478187f1526b2779c0d6771037e0badcbf52089 SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-mini-memstick.img) = 87e328ac5b9d9aeb1bdbf9080de3f5d6a7a8d370cbf6540573f6be3e27d46005847a12834a62d7e58b75d2e77360dfc7b782e2c13bc97b61695108197b01eeed SHA512 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-mini-memstick.img.xz) = e410045d23ad2ffabea82ed0bbc983a2575d877980dc095f2d85118bf0d864b1fbf0b1b878ece12b8de1ebe002ee7b18c9f68fd0aacce4ba051a152bfd1427d4 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-bootonly.iso) = 49c201ffd1d0d1fa4c3967f3c2569a5a2e5a4c22423d22e8908529d9cf38ba88 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-bootonly.iso.xz) = 7d0bebcf6e50b0ea852e9985c7d449ee2f1e1c93c27d47b67a8709b2d6da4737 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-disc1.iso) = d4053207ddd2ca246ef62d9039afec816c1eb7bb05762f203c35121cda0cf257 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-disc1.iso.xz) = fa73e382e4041239a270333a69a8782942f93eaef13992ac558a5f96b8b4c777 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-memstick.img) = 0ba4dd11df4fb48717a075c2b8566b0a95e90399b45e79b8ebbf4b426f2ac927 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-memstick.img.xz) = c41d85dabaedd1a864e447a6d4743cdf040a25b90fd212bf7f96a79b377248fd SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-mini-memstick.img) = cae54fffa2308c0654272009f54562002326cab3f22ca1442b7194b894c32d63 SHA256 (FreeBSD-12.4-RELEASE-powerpc-powerpcspe-mini-memstick.img.xz) = 3793ed100e0e18db03efe504eeda99c1be9446cb173924b52842bfa85bdffd43 sparc64: SHA512 (FreeBSD-12.4-RELEASE-sparc64-bootonly.iso) = 325e3d366ee62c9a867b19f37d5711d9bf69b8a75afdb9c7aa7c4fc51a3e52686327c7a0481b3db8559db4a85123029998e61c4db3cfa9a9516cf024045e8c99 SHA512 (FreeBSD-12.4-RELEASE-sparc64-bootonly.iso.xz) = 48a264bb9daa4669270dac1bbff7bc8eb879d1ff887a41abc4a0eb21582d82a01bfad3f8f3c3f98959ac0ba36a30c31b591fd2aa089bf4338b4e9c97acce6cae SHA512 (FreeBSD-12.4-RELEASE-sparc64-disc1.iso) = 8d5cd28684e04dc58de357238a87b509a7bcb3d939476a195835bc8b8cdd76ad65642638a20f887199eb97277965db73a1093e58673940cbc416d328c7c067f9 SHA512 (FreeBSD-12.4-RELEASE-sparc64-disc1.iso.xz) = 5aadbe1d9a99f8bda18d4fd8b96be99db62230cdcf4762771c49798d60c553d6e93d78e736991a65e99e06d7b953b8c72bee6ad435bf46997693d550e2b84c33 SHA256 (FreeBSD-12.4-RELEASE-sparc64-bootonly.iso) = 0adb1cccd0ccde4438886dcfd8bddbc4cfc12c6a961ab1a8af08d449628fe0cb SHA256 (FreeBSD-12.4-RELEASE-sparc64-bootonly.iso.xz) = 3722c90599d820301e8c3e373de2128596374f6a7ec34f05194777ccd054de29 SHA256 (FreeBSD-12.4-RELEASE-sparc64-disc1.iso) = 72abeb51bae9680b8354a623fcddadf98c67ae706c15f7e80054e1ba7764aaa9 SHA256 (FreeBSD-12.4-RELEASE-sparc64-disc1.iso.xz) = c95a74b6754c5e25639d8ef3a4782f7d57eb53c965f57802e3e66e07f7073675 aarch64 GENERIC: SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-bootonly.iso) = e0e8de89da59a83672afac515bfbbb732afacd66e28881153064d015e73a957824501df16b58fcb45f1fb2055f89c7a4daaa5b03534098882e397b2fd42b0d69 SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-bootonly.iso.xz) = 57cf5a49a96547a184f30f72988727331913a2b062ef1c41383f78f3b9768e16898b19db2f3382771f507cbd45d6f41bfb4cb5b25369c85b739247817b9fa42b SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-disc1.iso) = ee4c4853bc2a089d3d4a2564495e20dd0d2490823e0b8a002d6d0f118a1fc18c95a357df798d54e98af41d75ce6b1586ed7d33589519a866b0eba9b1f36861ad SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-disc1.iso.xz) = fa287e1de23887fc3290322a6d416fdbcca4925f975987c65c981ce1a99016f765a4af68e564ba2714e38bf68320a5e1dc247eeeb006b06a6e762cd64fea132e SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-dvd1.iso) = fea548260dbd89bd4f71d9cf6636c3df808ef65e882ae0f05ccc16dd811bb187db24ed8ad3f028f7ee72f96aef1ef3161ff1175d1c5e01783df0b2d1ffcc438f SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-dvd1.iso.xz) = 2c8b18c0a92f2d1a47f1f263dec282d0b40c8af56989b66921f6558be8226ec2daa49b80c65f22834324c8d919d3e78e5a6227a8831493be524ebc08781ce333 SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-memstick.img) = dba0abc4ded1e54bbd6b1c45140ecdf4f18f83701b5f7ca316bf9546b77157e6952dcf0ff3c85f66d8c08c91ef01d260729be30b6feb64ce09140d523d69a38d SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-memstick.img.xz) = 8ab385fd12addebdb60854b03fb4c36a611eab4a686a5321dd7ef967405976d64c9ba0558ba4978dcdbc92510abdc6f7076d2a835bf4eb0d387f513cd1d1b964 SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-mini-memstick.img) = f5e5b84c65115973f97b45222185644109762b1b37babb6eef0b3fc2f284c40a84eff8b3b208b4733f0cfbdbf093a7560ec45bb3b7ebeec20e42136e402d2c93 SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-mini-memstick.img.xz) = 5fd94f1bae3692f17b027677c842f49f38313beaf3f7deddfabff9d1f360e44d93f024193094ccf0f7b278d7eff558d08ff38724262142e32062189c96d0d726 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-bootonly.iso) = ba66db569bffda7b0aaf0195958e992c716b28085f9976bd9a46dd76636389de SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-bootonly.iso.xz) = ca2bb2e55cfb0552dcb818f6a9defcc4bc4b1e6020bc77c57195152e400d5355 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-disc1.iso) = daa57f093f43804087b79f98aa7751c33b56c91c1f593041a015a59f4cbe3dbc SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-disc1.iso.xz) = 5dc99b14cb035b155e8f6d43f5bb7f8f8f5503f6608b1b5769b9f0dedfe2eb81 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-dvd1.iso) = b20afd320d5a15394c376077a93f57b3433455d274047d90d7447b6f356789b1 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-dvd1.iso.xz) = e88131317db39fdb7556da26eeb9de6c141fb0fb6f333a69ad3a6b82c549cdf9 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-memstick.img) = e7a3252e5615d620f15118906053fdb67b902740b3921946399fa5cbe240ff08 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-memstick.img.xz) = 5076a9988cfa95eb0c9a7606d43e18a01008696b2e355384453f96e4d4700e0a SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-mini-memstick.img) = 0e47201cefcf81d23d6d5d3dd2c5043e7999f5df5fa9fac5bd74cd18c7626d37 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-mini-memstick.img.xz) = b6fca52405fdbe6eabc9c92350bc14d89c6325198e500d2c531badcc8d343b27 aarch64 RPI3: SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-RPI3.img.xz) = 9bff83ab877b58ba066393649fd87591d0bb1bbf6ceb42c493bb5690fd7ffaba0e59c4efd4b8b32502e1bbf79894c8a0a63920b9c942edac0e2823d29489ac55 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-RPI3.img.xz) = f686ce07d77715fd082086f688a622526bf1f203e3692392c9c34002b00405ed aarch64 PINE64: SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-PINE64.img.xz) = 35b1eff5d7abda3705cc1523157b8762f33a76923348052819239aa2d5a32cbb3442938c6f969b535ad60f91ed184f008e88fb969b8611934a9830c033483d6e SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-PINE64.img.xz) = 12cb9e02257ec6653e3d080e68e38b835ea5ad1dc82aa497091a0c14fdbeb811 aarch64 PINE64-LTS: SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = 0a3583b4dfd6ebbf336cf9d15b225469108ceda3ec0e827074373fa2266e2b0c89da0bd5aa80a4bdcf416957eb09f0e15b0691756ee2289b08cce7f7632f4a4b SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64-PINE64-LTS.img.xz) = a9f7bfc7872d4dc480bb33acbc8ea706874d172f619bf9f61a513c178b8c95d0 armv6 RPI-B: SHA512 (FreeBSD-12.4-RELEASE-arm-armv6-RPI-B.img.xz) = 8f766700ce8b327c661928c9bf5a59e06dc92c9940dbfcbbe3f639c34d13c4f057accd464d99508ba1357903519f185e2207d5e01dc73948903322b1979388b1 SHA256 (FreeBSD-12.4-RELEASE-arm-armv6-RPI-B.img.xz) = 0dd6576b786d5a124640faf48268faf6ea61e02c3884f51f42215b174a765e22 armv7 BANANAPI: SHA512 (FreeBSD-12.4-RELEASE-arm-armv7-BANANAPI.img.xz) = d6de88557f7af951d703470b3d5d6f95dc4f72980f6bddac4294cc04ffe46cd27c18f0b204256c261679a7ea2f54cdce55e418f014853aa05ec3ea4be0850696 SHA256 (FreeBSD-12.4-RELEASE-arm-armv7-BANANAPI.img.xz) = 86362b203458891d73de78315aa737f9b9bc2957997e37e218e54eca205fefb2 armv7 CUBIEBOARD: SHA512 (FreeBSD-12.4-RELEASE-arm-armv7-CUBIEBOARD.img.xz) = e8024ad0c97cfae2769f65c23bb680f90ec6832dd68d21d11a906eab1eea1d8603f0afad86d912fe638d02a2cd8c721f73f230fe78017fedf641c80dfe0edaef SHA256 (FreeBSD-12.4-RELEASE-arm-armv7-CUBIEBOARD.img.xz) = 56059e914607641d0aca20a4af42f644dc505dc95bb51fa2b27429b15aaaa289 armv7 CUBIEBOARD2: SHA512 (FreeBSD-12.4-RELEASE-arm-armv7-CUBIEBOARD2.img.xz) = e474dda598cbaf60dfb1c3cf8934a065c02eb5f1647506a1746757f2584cc481a386cd0de580e9a108ace45d272e294872f8252f2103a1ffed1426e6ad9fd603 SHA256 (FreeBSD-12.4-RELEASE-arm-armv7-CUBIEBOARD2.img.xz) = c60f71ce4134fb9e51ba4617364c76a82dbc63acbc56011367b6707a1ed099b9 armv7 GENERICSD: SHA512 (FreeBSD-12.4-RELEASE-arm-armv7-GENERICSD.img.xz) = 2370614a1a7142601d5266816bd7f4b1769feb8cb636887c8cb0d391e1ff8e54d55ca23bcd8296a8ae27ab82a24a111d06dfc365f1ef4aa5e5924206ee622da2 SHA256 (FreeBSD-12.4-RELEASE-arm-armv7-GENERICSD.img.xz) = cc3aa951f09139777840b43084dea140a4c5cf6cc96789840c2dce407df52b2c armv7 RPI-B: SHA512 (FreeBSD-12.4-RELEASE-arm-armv6-RPI-B.img.xz) = 8f766700ce8b327c661928c9bf5a59e06dc92c9940dbfcbbe3f639c34d13c4f057accd464d99508ba1357903519f185e2207d5e01dc73948903322b1979388b1 SHA256 (FreeBSD-12.4-RELEASE-arm-armv6-RPI-B.img.xz) = 0dd6576b786d5a124640faf48268faf6ea61e02c3884f51f42215b174a765e22 Virtual Machine Disk Image Checksums amd64 (x86_64): SHA512 (FreeBSD-12.4-RELEASE-amd64.qcow2.xz) = 10397e5d78a7c781131f7f45a812c548fbcb484fbefedcc7ff81075507563826cbeb09320766c74ab7635ec497b974329cc0092024eb243e983404541cf9b88c SHA512 (FreeBSD-12.4-RELEASE-amd64.raw.xz) = 7044757d9415acc9b41e13b87ec479d221ef68053a2ceef4945849270ab708e1c023c16f35cd17a8d9e5ba91ecd714c31240d4167f53c0f60b52708b475614b8 SHA512 (FreeBSD-12.4-RELEASE-amd64.vhd.xz) = 84fab0dbb4d4192f81ceabc654919a7412517f0ba418d407a81bd6f0056be1927c45034fc090d44ff41148acc1034c4a8e7f05f7ee51773a530a6487e8447f68 SHA512 (FreeBSD-12.4-RELEASE-amd64.vmdk.xz) = 79e2be0761251c157a8b23d0c20abf290978d720ee11b0d247ffdecde1a9c216cabb76a7ecf8bdffdf032b6227c6c2f94759b7c070dc8c6db43bd33ce60a03fa SHA256 (FreeBSD-12.4-RELEASE-amd64.qcow2.xz) = a4ab5c6793d9d3f62c5e1201574aa7b12ff41b0704405951fd7d71f901d0712c SHA256 (FreeBSD-12.4-RELEASE-amd64.raw.xz) = 71e62ecab5cfa8b09ac643b7362ddb73d4d5613651de353d6da4819f6495be9f SHA256 (FreeBSD-12.4-RELEASE-amd64.vhd.xz) = 3b70ed257a563780079570658055ad98e2a6b52ce0c4b9f693bc9ba74d18b55b SHA256 (FreeBSD-12.4-RELEASE-amd64.vmdk.xz) = 1e20bef5ab6ee0caeec844e8b00c8cf744cc012842b0f5d56b0a2b9666de2b2b i386 (x86): SHA512 (FreeBSD-12.4-RELEASE-i386.qcow2.xz) = b4ba8c134bb847911381453e9c61f460e623aa7830cde97dccbc8f64519e5d96fa2017f6213b2a8b031c6f8f33f7e8bf2874db310390fd6a6e7395bc027d39e7 SHA512 (FreeBSD-12.4-RELEASE-i386.raw.xz) = 3c7d37a2f44ce2e8452ff28b0cb378076d5e88cbf569e3d687d4adc66f0e692b3260cd0f06b8060f4904ec0edf9f994542c3d4b2f814c76b7f841efab8cb98b6 SHA512 (FreeBSD-12.4-RELEASE-i386.vhd.xz) = 81f0c21f2e12ce4f5b7af10c35211c8c33b196f3559e4d194ea163c6f9528e5667c41e80c98d4e531d2bdb5a8fcad469902afc3f5225a74cc45593b6427c72d2 SHA512 (FreeBSD-12.4-RELEASE-i386.vmdk.xz) = 61f62770a80a8b957d9c02a0ddac815ef120423004b16021fc1cfc76d0e63ce8678b8735b316e88f8a92899903447539b9bc8abf0bb0d25c12354e449fcadd52 SHA256 (FreeBSD-12.4-RELEASE-i386.qcow2.xz) = 7b7b5096cc3f37e05545eea9f16b8dbee1c9b59ee631d42d10b90a8df5302734 SHA256 (FreeBSD-12.4-RELEASE-i386.raw.xz) = 286bcb8332a68d5bfa58133dbcc5c58d54f4c9b3931ac688bfc744605d631223 SHA256 (FreeBSD-12.4-RELEASE-i386.vhd.xz) = 1463d59d03c88deffd35e9b095a213fe108e83d0d8246618a9b717b599ed98c9 SHA256 (FreeBSD-12.4-RELEASE-i386.vmdk.xz) = 0cb87a0c294182894df1e9a0410090cbef05e602c1b1acef7e448a6dc51bf3de aarch64 (arm64): SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64.qcow2.xz) = d3a484a8b8360dd9ef0fdb09c21810d49b9a7c96cbc1b52546a185d40aa547854e6c07cc07e2c74161bac60ab8640ecdf20f0e7bae16065ac151f95d45b1b82d SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64.raw.xz) = fcc5e988ac17c6b83a757774a10613b513c81b96949031b1b769ef769c597d3a8c28cda397f4d260094feaab69a9a39e86040ea15f766659a37a46baa1f832cf SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64.vhd.xz) = 2b1ea2cde0dac950e6dcc3f4d4476231228ee889cb0067ea29f262cb0cfd150cb5faecabfdafc9019035665071c91ce04422e8476bcb1762fec86116026c828d SHA512 (FreeBSD-12.4-RELEASE-arm64-aarch64.vmdk.xz) = 35b99c8e6dd5ef3dc0c26643afc4b5d9507dc127bed1d2ebb0079b8492a3b7703c4c9653ee4da5cf61da302b8b561dc4056a883bcd7613ce12153936beeca000 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64.qcow2.xz) = 8ec0c66c356a7c4f14ea8cce5c40abf9c8e1f6163a2346c54dd40a2ac0852c72 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64.raw.xz) = 195f8f299968ccda13f1df91a10ac780918e8df3374c4264d0dee5958f93e10a SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64.vhd.xz) = 3bd04f8b617f60cecb730676707a4bd80d7d18ced003229d636a5452335c26f4 SHA256 (FreeBSD-12.4-RELEASE-arm64-aarch64.vmdk.xz) = a835f0e3c2d2bf56858fe7f2d03b0916d1f118439764a89de9b69f235ebb23d6 Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation! https://www.FreeBSDFoundation.org/donate/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEjRJAPC5sqwhs9k2jAxRYpUeP4pMFAmOORUcACgkQAxRYpUeP 4pOk+hAAhPpaZNZWKouCGvZoScH3vxk1R+YaicoZDcUNktSOs0NM6G9OuV6CcIsG uO70Y9Cs4qnOMNgo/Cj2BSaevn3z/AeIx6g18UyVmzzIzVWOLKGdZkg4RFbHXw34 BXkSg40D9sILgWCaDwSSKQopy5+zPqzew4s8MtUNsNSj1dvQUew66Os5WFTcZZzg peLyKLPKJ40RrZsCBwAJTwYxTtvUYruun9oH/MWvv92jyo7q3lh6IyjNKwZa+hQf DC6XUFFipQ+dKwiFI3Iqr6b/oPoj71JnmFfzTIlEYZd6JqFk0UemAQrhxQBB5oNA 5kMm1m0D/OwwiKSc26vRhIKBLiyMC10Ademic4RHZ4fE9yOedM5Oc1veePLm3qSk 6HJjRsy36Yu4SECExhztl+oKVfxjpApVzJQD8Dvo0KXhlSUrpZMADIS8tPnk38cm ZLHx4FvnOqaNj6ue2JSFypuZR1GPqw/J8hDSR6iF4Jn5tyArIQXYZHvn84qjiGT1 pxeKFoqwnv5TCSsIT1R7FrxTvJEruV/0h1PVb4IgUfXqTMnlwkTEpB2/Eo6E95Id K2n8MhGFNxuCOQEPuksrc7gmn7wZRLBX9cjCKsKqrtrNqySk7cdnTYqzBqllnnK6 VgxgXoF09kvUHM3tYafmBkPQZNdZfUnn3gpmt16DmxnRMbDABL8= =M5nX -----END PGP SIGNATURE-----