From nobody Tue Oct 3 23:03:35 2023 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S0YK32J5xz4w6tn for ; Tue, 3 Oct 2023 23:03:35 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S0YK31hQjz3FxB; Tue, 3 Oct 2023 23:03:35 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374215; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=1IaKPP/OnTdVxociEN12zPrON0LlF7XMcKi5hejlZ6o=; b=xZBp8scwCTUNv1mh4Ih+rpgScqgl1J9hS+c5TdlGGgvzL1lQlAZf/MhX5JZFAqNbDu0V8e LY4d+VgHkLLl+KOpiH7NDtf7vTR+CrSoy3d0FY2U/yU8soPyhmGRZYVfO1CIa++DUUuS/D J1syHE7m9QseStQ1ssWFsAh65zWjYC39Mta5lEQWV9mx2CpbgWG/SB35hBD+5ULqIg2E+H 7Z+DaxabzYWI3G87WZjBeBo3z/2Lq8IAkSP3J5IjpLO4zph+4aWlLgOSddJw8Gy6IUobFp mHXV94/lPT9+ZeQRsyM9KvLbBM0pe0MCNPk0Qu+LJCfLdURZC54x40Q83K/DzQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696374215; a=rsa-sha256; cv=none; b=U5Ye7aRBkXHaFTU/53jFa9MKT+rCTvH02SibXAnBa7eJSPrO5Av3rvLAv6bsY8TSXow8ER tmu9ifxz8hiiBk9kMdS5yIeaUWDT0OliNU9nGTz+W27Hc6+Dg2vCay19uDp+zhSW16gVhW fVAIjCp99Zy9UJ9NTfkSW1jbPo1nRSePf9LLdWZsfLxRxjzErM6anRBlf/YCtdTeKM7YxN nwwwMzgOqsxBSytegF8OzEiZ3QI2w8CySCiqZ8Mm3nCCT+LwWiAXVyiFUv5Vdh+x+isMzy gokf6841ELv1J2ND0gJHYWduS2o3aN1Ze/uoqGVpVY0bzS2hpSUDfaYWxtVI6Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374215; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=1IaKPP/OnTdVxociEN12zPrON0LlF7XMcKi5hejlZ6o=; b=qDQi8xvLR/3r5qGAbGWcZEIU/6xztnlX9fX1fM4i8xbclLKEf7zaj5YBbW6fifn8fXr0Hn r4QINVLxkczK/IAU0Tnd9T1KR7jhn/YXypBBpqJIKgGcsJq4bhip3QuekQlbCwHyQondVg 78Y+v8AiBU5WmT786nJvKCQ2rlMts6fdXWrtDT2JvxLyM3tBjGhp0kI1PV558AaDDvEqNL yS/DUTAM9KB8qMASJ+/KeTX9mU9TC5cR95q789C3dKAL2pCalVLpIsOFFY2j8pI17Q+g/q ZUQ60CvlZIMnJp+iNVH5Pzf1UYFwk3growQhTvpcTr/8Ur5xLE8XyEa8+xGoIg== Received: by freefall.freebsd.org (Postfix, from userid 945) id 0B92113333; Tue, 3 Oct 2023 23:03:35 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-23:09.freebsd-update [REVISED] Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20231003230335.0B92113333@freefall.freebsd.org> Date: Tue, 3 Oct 2023 23:03:35 +0000 (UTC) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-23:09.freebsd-update Errata Notice The FreeBSD Project Topic: freebsd-update incorrectly merges files on upgrade Category: core Module: freebsd-update Announced: 2023-09-06 Affects: FreeBSD 13.2 Corrected: 2023-05-16 21:34:10 UTC (stable/13, 13.2-STABLE) 2023-09-06 16:56:24 UTC (releng/13.2, 13.2-RELEASE-p3) 2023-09-28 13:42:18 UTC (stable/12, 12.4-STABLE) 2023-10-03 22:15:35 UTC (releng/12.4, 12.4-RELEASE-p6) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . 2023-09-06 Initial Revision 2023-10-03 Updated to include the patch for 12.4-RELEASE. I. Background freebsd-update provides binary updates for supported releases of FreeBSD on amd64, arm64, and i386. II. Problem Description freebsd-update incorrectly deleted files in /etc/ in the event the file to be updated matched the new release and was different than the old release. This has not been an issue previously because the $FreeBSD$ tag expansion from subversion virtually guaranteed the existing file was going to be different from the new release. With the conversion to git in the 13.x releases, $FreeBSD$ is no longer expanded, making it much more likely that a file would find this issue. III. Impact Unmodified files in /etc/ may be deleted on running freebsd-update upgrade. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-23:09/freebsd-update.patch # fetch https://security.FreeBSD.org/patches/EN-23:09/freebsd-update.patch.asc # gpg --verify freebsd-update.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 866e5c6b3ce7 stable/13-n255386 releng/13.2/ 0b39d9de2e71 releng/13.2-n254628 stable/12/ r373221 releng/12.4/ r373231 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmUclTsACgkQbljekB8A Gu+mvBAAumfz3Q0E3r4JXRaYDUBHgMN+L86xn9gzt/+sbrMtHCdJ1NariCwXO3lH tGgPW97xRZG4r1IQYayydYo3N7X4u4egzyz/HNKWhxJjkSBkgQG19IDryi9n/2B4 g5lFaLUGT57pKJDpbDWwvdKbpgUDEfHVTG2hthDVFcnJRuPVSaqdEcOi0eWuX/Dy 8t9CA+9TkvmaY9bl4Lbyltsf0ycSYOp2FDVOKorm0D1GvVAcA+5+9pw02IdFZuGo CFiXhstcIGs9kKGdtC21tkxemz8oV4Ub9gjsVYyVDzbvKcYtsb/EIKCiTnPcgL9M DBrekG3LhUK+pZ+V+eHFGToBukITPcZ/gkSwl59Zu1fB1ITBm9QoriwL5R6udpYA mymzlTYTnLIrGAu4u1Ft2RSXvxwfIAtErM0MyijI1KFl9q5EFhSJzSnTG411FJP4 w51r0iKHtMJdeL+gYFkWUQrZM+oDHOhuvhYwzbh0cZD2DFksCT2OB0F/zVCHvPsD uQag2aCttm1uEEhUeMqIYmByR93ctN+TuwmH3Qev0u0lamG5xfzxDEBtDVB2ThyC 9TLFXTrgR5ENmwaCkRkj1YwHdwfBmqPyoN4BBOIFYCXzvA1UIN3nCcm4FpeHXvWs EToL2Z1MUDCc7lfOsPNRrTBrDyqYUjOP9qlKR8F9CJfhR6eSMLc= =wkOB -----END PGP SIGNATURE----- From nobody Tue Oct 3 23:03:41 2023 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S0YK92C55z4w6X5 for ; Tue, 3 Oct 2023 23:03:41 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S0YK91Rr6z3GHd; Tue, 3 Oct 2023 23:03:41 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374221; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SQYjbIhKw8gtCi/7jR1z3uS6abJcld/cXaPs90F+iVk=; b=DfAqF3EHdmPSYfstJRxM0SBaKZPzupFbEWlMFPgbBBOZh1h9VTR/kNZGZev+yDAnqeWJ4m ktUYnAeG4EBPLGVw2yvZa30WyKl5mJ5f+VLwWhcPJBLORoVm2n1znz0uM37astU5xhQW3O cyu2K9Y1yzY/9p47JihZc4CtSrcSolSf5Xx4YcjKQp6tOIfzwgm+2AW60sJi+aACtW+/nJ FXAj+h/h5Fu0x/+ke7EQvokoZ2/J5nEb4rXrw+kPES2+azKq+PSSlx7W/hdwH62RZrdWf2 PUm7MrYZTYKY2rTHbyCs4Dq87VCb5FaXpzc2obsO2/qxhj5+Evbk3GfQo1azMQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696374221; a=rsa-sha256; cv=none; b=pafleTUidbH9SRG/mxCwr4XSKo6rsljQYGLhi8awH2D7rCBl/uS9uCYnPAmgywjJjFQMUb ZvsDf92rL9n66p8MIL5N2QCZppZXGQK1ejNqKKqqt6nRgFFl0K4OfTgCML8BZ7Gb7DA0sg v91lj2wsepOvf6bWNfmf12IvFQG0j/Ybb6K2gl6/pjDk7LBbZxPWXlqOWM4skZjpq7xuCX zy9ZT+4gtqzstO2nNwHShK+/g1xj4LRVrH2bLAo8OCI1DPINYJUtAcDxeBe6v4PeTCNhia 6mF5uCjrO/oftqXo5u/9AD2obqH6s1D/xDFkAfxlvj/3IkaeQK+3B4S5D3+XFw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374221; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=SQYjbIhKw8gtCi/7jR1z3uS6abJcld/cXaPs90F+iVk=; b=cjKnq67B+TrdKhQWAg0xcIpwUZvlvb2HrLFQD1ZtY+nrNK9uchOw9Vj0PZLS5HekSMWhCB h/znSbPonH8q53CPh+fw0UkCZMqUQw/fpnLv1GhT8cXBvZMwhVU9uH5eG2IuxXNBY9ZXCp rawNaLjydKDNEovQ3XCBgUwlZoy5V+wRpgiyMNCm9U/3KXJW+yS7i1+tuX/SeVhDjm6IvF DhUXoPHn8DlglYiC5yyAYpqK3rBcqyb8u4gG+AznjS97Q/rKLSRdFmL9829kb9jPYTVIGP lhnoBtJUN/PjId2vkYd6wgMprvuJtL0jVMRCvE/ehiYAZ2oNkwzedBoqwlkgzA== Received: by freefall.freebsd.org (Postfix, from userid 945) id 14A101348B; Tue, 3 Oct 2023 23:03:41 +0000 (UTC) From: FreeBSD Errata Notices To: FreeBSD Errata Notices Subject: FreeBSD Errata Notice FreeBSD-EN-23:12.freebsd-update Reply-To: freebsd-stable@freebsd.org Precedence: bulk Message-Id: <20231003230341.14A101348B@freefall.freebsd.org> Date: Tue, 3 Oct 2023 23:03:41 +0000 (UTC) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-23:12.freebsd-update Errata Notice The FreeBSD Project Topic: freebsd-update to 14.0 fails Category: core Module: freebsd-update Announced: 2023-10-03 Affects: All supported versions of FreeBSD. Corrected: 2023-10-01 16:33:03 UTC (stable/13, 13.2-STABLE) 2023-10-03 21:22:19 UTC (releng/13.2, 13.2-RELEASE-p4) 2023-10-01 16:35:16 UTC (stable/12, 12.4-STABLE) 2023-10-03 22:15:37 UTC (releng/12.4, 12.4-RELEASE-p6) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background freebsd-update provides binary updates for supported releases of FreeBSD on amd64, arm64, and i386. II. Problem Description freebsd-update was unable to handle the case where a file in the "old" version changed to a directory in the "new" version. This case occurs with upgrades to FreeBSD 14.0, as /usr/include/c++/v1/__string exists as a file in 12.4 and 13.2, and as a directory in FreeBSD 14.0. III. Impact Using freebsd-update to upgrade to FreeBSD 14.0 emits errors during install and results in a system with broken C++ headers. IV. Workaround No workaround is available. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-23:12/freebsd-update.patch # fetch https://security.FreeBSD.org/patches/EN-23:12/freebsd-update.patch.asc # gpg --verify freebsd-update.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in . VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 774cc6348a50 stable/13-n256442 releng/13.2/ cfb624d7e250 releng/13.2-n254634 stable/12/ r373223 releng/12.4/ r373232 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmUclUgACgkQbljekB8A Gu+9fRAArZE0IrnLNZedxplzPbqrhErZAvomp04D+FR/FGiawgSuItfYmmX7sfxG 6MDlnfsIiumrxjWPr7btxN6tD9ouo6M1LLEz2WKRdRJfuhXsghjyP8TqSGb7DBZG wIThOxz5akSVGLAWF2ShRGe42bloNfSJjnYWos0bkHpKo/m8ljOMbkQU9kjvsLXR jV6vYvWJAkPanGJ30g4Hu1tucPUReCbnXRUJ66MzsAerQPRCYoCYx7to4ljPnwN2 RBOKSeB+yE5ShVwOSCREcPYlsnE/ah7ayb0P4Vcskfy1CT7bN+yK8+DTfHCdICgr R4h0FcmSXGls7S7OmewUZYjqnJHkpE6AH3s+fennOGB3Fv06QX7xxrP3l/5jqFgc ffONEv0mYMDE49PnXTttXZL/trIBLWbqIO8KOGlQneOXciQYokbw4hZnyK0G64mn M/bszNU2gjwei5BvlcCQLs9n84TgTRhfLPJMR+QFK5bNMlZM/b5/wETYjbqZBEDX rjUsIuUzkLKAJr9MA4BItCGhRMjkViRJ06WcfLsSOdlNrNF7vBfGtcLbt7BiyWos P4VPMPVKdt3XBR5c4EAC2y4j0s+On2Ts0SMqBXwmQ5/D+gGlIdPgHLMrq8gbvN0Q ZF/qdH6EWIFLHAmBcWxYmqRhzmPeV3y8RrHxaPriffb6ko9KW4s= =SfBw -----END PGP SIGNATURE----- From nobody Tue Oct 3 23:03:59 2023 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S0YKW5s9Wz4w6jy for ; Tue, 3 Oct 2023 23:03:59 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S0YKW4xfZz3HSj; Tue, 3 Oct 2023 23:03:59 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374239; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=cwFbAXBShrNMpth4vLAYvSHrdkBxV35tu4qoJoQjOaM=; b=qBSCCtyLhcdZopCtMZcyE3eTgfS2LE7MyZp156iSY6qTHOj8/lg3MerIwrw3Na2+TfR1Bc ZsazexLoiH8tPOIRseHHoSltxCIGHEzCphA/CS8eCRgGhLvMXX6R9ErqCqJmPT8SC4Iu/Z 3ZB35X6GrMR5nkq29XhTvRfegrfPoVDxLeV8AM4YmdMoeL6S4+fY7Qhar05XJ+t6275sp/ Vz5TqLJ/1lYTxXtk7YnO/lVcVKT4Ok8GXcKrsSzcGgh1LRPjIavruVMp8o+A8JWW982Agx HmCTuVIAJGnsI34YaGwD2XT2r+iVqlqQ3fRsB+LBTIcKXA2Kll/xPpCtL2fIag== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696374239; a=rsa-sha256; cv=none; b=tBKf8nFuc71lIgVnMa4RDtgawbGq70EXjif8Of02A2yfjyPH42o/aMe3J1kMcFEBz0ofRr S6v0ilM6p+jP5pgvW6LGvD4TnIZ15DA9nSzZBzKrYoqIgHC2JR9yK+8QmB7PkyFzoOvTCx J01WJxyhBnuWWCEETxGFDzsU+owbJ3V4QvdwAoPgFGlCBJmaKTMVwMvDwE1zeLpeIk8Ppy VQCGU7l7o4T4D0ZWx7sgh8SJRNB2UhELGZTZpd+kaKJqzoVqwb26BGj+z95TMc7DOABSDZ 8AXYeKuYpN0VwpumR8HFD5HXeD2YOuaEPtOOQ39PFmnVauLFdDCYa9OR4lGnBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374239; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=cwFbAXBShrNMpth4vLAYvSHrdkBxV35tu4qoJoQjOaM=; b=P2iX+Jh0c8S77HJkASjT6B7FcL/gYH4pS8R1rKZmM7jhkO5GyqfdWa3I385hxEhNuep83h wDijj5AhF+3VMUnrOGQFG0iCLRbvgpnQ4CerKqi0JcV8Mk3VTHlqJwz9eGJIfo9zv3NYsE TtXDj26RVLZ9wI+4lEjBo5BmWSSKMXXSZW05tOVIMArZrHmgz0Z+Db6YwkjAzpj7Jd2ReH +jFLwyFjaprBrU4IyWIoCAEmTyzwEKX2+S3wWrY5GUbMdUdK8nYl53eB/D2QW3yFkc5gfv SZVRKpvm9QgGYp5/jZh0bKQ+EZOH6Be1WdJklD7Yg5Ww0ercs8OlChzEXmTs1w== Received: by freefall.freebsd.org (Postfix, from userid 945) id 9B377132DD; Tue, 3 Oct 2023 23:03:59 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-23:12.msdosfs Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20231003230359.9B377132DD@freefall.freebsd.org> Date: Tue, 3 Oct 2023 23:03:59 +0000 (UTC) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:12.msdosfs Security Advisory The FreeBSD Project Topic: msdosfs data disclosure Category: core Module: msdosfs (FAT) file system driver Announced: 2023-10-03 Credits: Maxim Suhanov Affects: All supported versions of FreeBSD. Corrected: 2023-07-18 05:46:13 UTC (stable/13, 13.2-STABLE) 2023-10-03 21:23:40 UTC (releng/13.2, 13.2-RELEASE-p4) 2023-09-11 18:51:21 UTC (stable/12, 12.4-STABLE) 2023-10-03 22:15:40 UTC (releng/12.4, 12.4-RELEASE-p6) CVE Name: CVE-2023-5368 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background The msdosfs driver provides read and write access to MS-DOS (FAT) file systems. Systems may be configured to allow unprivileged users to have read and write access to mounted msdosfs file systems. II. Problem Description In certain cases using the truncate or ftruncate system call to extend a file size populates the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. III. Impact A user with write access to files on a msdosfs file system may be able to read unintended data (for example, from a previously deleted file). IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 13.2] # fetch https://security.FreeBSD.org/patches/SA-23:12/msdosfs.13.2.patch # fetch https://security.FreeBSD.org/patches/SA-23:12/msdosfs.13.2.patch.asc # gpg --verify msdosfs.13.2.patch.asc [FreeBSD 12.4] # fetch https://security.FreeBSD.org/patches/SA-23:12/msdosfs.12.4.patch # fetch https://security.FreeBSD.org/patches/SA-23:12/msdosfs.12.4.patch.asc # gpg --verify msdosfs.12.4.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 868f3eadc5e0 stable/13-n255824 releng/13.2/ 7d08a7e6908b releng/13.2-n254635 stable/12/ r373207 releng/12.4/ r373233 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmUclUoACgkQbljekB8A Gu9CSw/9G+9cwxNruCQaEOcNGCIUdOe9itmZzVJKVtIIWqXZhq+unXRS0D2YDMdA EKkfGj6GYaPnFlRe7T3cfrqUFhlNMb4Na5SW0wJp8HUqhKzKB4/SNZSs+iXNQE2z WdhYFl582Gg2+vuoije4Z9Idl0WYPqXHXyRC7TCtSwUHDwRsU9jA6g/GNM0X+0dl mOzFxFSSGoORF5aJYtp91KeNwGdNwORc75k6xxMWGGDc0sba9Fbupfrjc/XQ8SaQ tYil3Eomh/cbYOKneppGQo9ohY+PAC1u/2XxRBxXYFCDtNLed4SGEWp4pLKjq2QM X8jkDooTPLwDiVaM6Cps54PmUI3YBrYKSpt3Z1SdTHWyh0hDtpAJb/1f/sPUu90D oWCiFI5p6oZjFNJxskZZ8T6xFgjqiII70ULfHQ3GxGhMZ0Pe5QyzmqIFGvkn0UtX uGechgeL+jwqnyviIFyfVTGORmbcWj60WHajUAVUbb5aF/WV5QS0XDOLhTFkeY/P WQjOBFAH/pf93ahUnA0NuDqAe5yX/3NEXLzMg8bnSBDJRIPRWsPfIE3lqWl0zNmD sdtsugBS74zTM3MUn/Lq5MdtozuvEWK6Hs60i1wuiTMT39X8oE89r5LLVgTyc0Tj 2nML+7TKutMqWgeRvYsXBp6VtEiZd9Qc6nx8FWtSq8UMODa57C8= =T0YO -----END PGP SIGNATURE----- From nobody Tue Oct 3 23:04:05 2023 X-Original-To: freebsd-announce@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S0YKd2nqBz4w75s for ; Tue, 3 Oct 2023 23:04:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S0YKd1wH8z3Hqq; Tue, 3 Oct 2023 23:04:05 +0000 (UTC) (envelope-from security-advisories@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374245; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=z3mkaK1hGpKJ46Wug8FNyr1K0ba+H0fZLqh2fiZS5do=; b=yR/PSzVgWf/MiJY8dbGrfkgzyT4FEqVpCc7V7RvU+SPoCAWwjYv3vlAQJZb9YE9299f1m4 a9wT7HGwa07xXRwFDpy+VC7ktp1AvZ7WUW3x/rOI40Oz5WmuJLkz7HNSuzMSGaXqDzKxgq /wf8zxk88RNak2zzk4b0Tc+4tJb9Fcb4EnSZWvn/rtSPT41n+tM0hfOBEe6jhvUcLDk+NP UGp1NzAU8fJJT897akh8qOrvuDqDeZ4YRxoxFZsjpGMgam9nqO5d1jrHrQjSrtNTuoioR0 KkJoQ8faY1+eYtPdByiK9KEB3Nu7IaxMiCtvf6Hs7Wbpy1A59My8ONmukFQXbQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1696374245; a=rsa-sha256; cv=none; b=QB+CFtsU8pC1q63MtMU+X0zaseKs/ZiHeZFAQOugSdodJ6BZee0+M0MXcYDzh2z6sK/fh3 Avdm8QhVEQXhb6la6X0Mmh0exXrw9i0ZAAU9wWdDmGf/z82pp/huq/ZjLXMaWgWQqCKhbL egXOYIOSp1Jnq6TGRkTfXT5wwSADeCMMHU00AcwsczGfBTLpTpjyvDJaf1Qq3y9uBCKvEl O7yLhhZFvMHvuyGJmW9Hw9B5JhPqEMZqM8AnXWoyJ6xieDrFQ42zCPM7uVHmAeZ7EBuAzE Cv7uNuyaNYH9PWFdjp1Kt43Q0A8M+nFf/CjuKHZfWr9gj1sHcwLuuxEQz6iygA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1696374245; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc; bh=z3mkaK1hGpKJ46Wug8FNyr1K0ba+H0fZLqh2fiZS5do=; b=IxlGPcWj1RJ1YqQbr9XhenBgWULKyvVTTcrpvpJGJFFb/YG3S3kBljSfxirLzIjSUiA5rn WdqnVObLLjVvSsA+6urQe3il+mi7NG2qXfSmYzl7UfYFXXlj7u3hT3ekx2h7VyF4F+FO94 qmLjyOs91MV2p37EIthnUcY5999zT51QL1tBiF6OrffbzV010XZEOtWGtPsyihkVA5pU7+ ZdVx1FgZdKsnVkIlY/uKjuy+n7eFjLkcWDkpPlKndLz5ep1n6FpA17tF9mMZcba0Rc41io UTuKBsqmoUZ6YJPk7Cwwc+4tKtgcKmzE4+IexjihR5LVRRs6Otv2w5nxUGtqrw== Received: by freefall.freebsd.org (Postfix, from userid 945) id 213A41350B; Tue, 3 Oct 2023 23:04:05 +0000 (UTC) From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Advisory FreeBSD-SA-23:13.capsicum Reply-To: freebsd-security@freebsd.org Precedence: bulk Message-Id: <20231003230405.213A41350B@freefall.freebsd.org> Date: Tue, 3 Oct 2023 23:04:05 +0000 (UTC) List-Id: Project Announcements [moderated] List-Archive: https://lists.freebsd.org/archives/freebsd-announce List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-announce@freebsd.org X-BeenThere: freebsd-announce@freebsd.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-23:13.capsicum Security Advisory The FreeBSD Project Topic: copy_file_range insufficient capability rights check Category: core Module: capsicum Announced: 2023-10-03 Credits: David Chisnall Affects: FreeBSD 13.2 Corrected: 2023-10-02 16:00:27 UTC (stable/13, 13.2-STABLE) 2023-10-03 21:24:41 UTC (releng/13.2, 13.2-RELEASE-p4) CVE Name: CVE-2023-5369 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Capsicum is a lightweight OS capability and sandbox framework. It provides two kernel primatives, capability mode and capabilities. Capabilities limit operations that can be performed on file descriptors. copy_file_range is a system call that performs a kernel copy of a byte range from one file to another or within one file. copy_file_range accepts optional pointers to offsets for the input and output file descriptors. II. Problem Description The syscall checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the syscall must additionally require the CAP_SEEK capability. III. Impact A sandboxed process with only read or write but no seek capability on a file descriptor may be able to read data from or write data to an arbitrary location within the file corresponding to that file descriptor. IV. Workaround No workaround is available. V. Solution Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date, and reboot. Perform one of the following: 1) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for a security update" 2) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-23:13/capsicum.patch # fetch https://security.FreeBSD.org/patches/SA-23:13/capsicum.patch.asc # gpg --verify capsicum.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ 3f0ce63828dc stable/13-n256458 releng/13.2/ 2d23f6c33431 releng/13.2-n254636 - ------------------------------------------------------------------------- Run the following command to see which files were modified by a particular commit: # git show --stat Or visit the following URL, replacing NNNNNN with the hash: To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD VII. References The latest revision of this advisory is available at -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmUclU0ACgkQbljekB8A Gu/a3Q//aXO1+HdImFnqAzKEto8E97DEv6vB2HUZAoxrmwSX9VNjkrIo9Z9+LRyL q7WXMcok1OPQCCE3ad+g05eqXwnmJ55CpToP/jEXrOOZRDInK0Z5owZbwVpmyAmW zF/+xoEjcw90H7ReIQQ3+TNGDf025tCoXlTQKdzWtNN6BcY3px4zuDYHPUKgMwSv XJDrjYWBzBede00CnlolwmsBorjvZvRMfllTIpiVTlmtD73s+sRDI7rc768MY0RZ gCplCL9S9EkIGL8XJhDWB2+TsG7nvwrUII5M2u0Db252IK7nmgty4l03PtYotx4p jH/a3oXWKeqExGHJaqNcaUwS6xdu+pvMRuJgY4mH6rd+uvOMbC5jvac3FopSlmXq aVIctA2LCRomyYmVDsWXIGLcBT5cAOhsqkrw+JE0kA/k2Pl6NDNK7HNgo6Fj01TR lVf91A1mTsDJxfymU4SWB/KGgImAnR9e7gHUo4gLZCNyYXvcnFa/ntHoswNZ+12L e/b4+PnHts2X4/+I4K6qdF522yzF/vpyF6UjfwAGtT6qmbmGyW9VbDcn6TIL9I3p IDKJCWeHPBfyspWua2hCUIi3/EwpSFvIECPad3hFT6cej1pZ6hfJt8XT0ma82QGp ocbh3tb3E1phSGvgZitk8J0oyWDehuck3YfZ+6nHMwzPBgmr6Lo= =lS69 -----END PGP SIGNATURE-----