From nobody Thu Mar 26 05:05:58 2026 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4fhBYz2VqTz6W8g3 for ; Thu, 26 Mar 2026 05:05:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4fhBYy6wPDz3Tj1 for ; Thu, 26 Mar 2026 05:05:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1774501559; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tJXdi8Pqod0A21Q3em6mCM3UE94jmNWxUWXXQ4vrsUI=; b=GJcy8UXQbClNuWaGFOzv7X8W9kXFNjBEvPK8Z4HGPUKUK3VXxIz0xFIJyRjdI4mKp+/Gou RQWiiacfHG7mTSDGGTVfa4Wk1QIU7M5KGXlLOjFx+kruvzeMegGyGyRQc5xjeSHsM98n5h To21XEv28LvuZBTM7D1jOfVykwkqbZT6ZiJMwLVoDJ2ojO9DtoVqoLXT3CNG3Ni1Hl/K8x coYjqPqcM2uUbqeFiyOZNC4cNXAPX4d9ldScP0iNdCiWqB6okdffoOK0clOEIjl3rd15KI gwu6okXkq5rU+Ead+RBN+yhlNQldQo0ZOaelMzvvy8Ql+L+k0NEmsTZ7/u0u9w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1774501559; a=rsa-sha256; cv=none; b=WxUTwR0lcBLPR/c24By2Ss8jT7s7NZzEXEft6AiwZlVz1zMIP5kDhL9lDGNi/dSKOxGI+t U8PdnicD5EqrUI2slPfEtfuqOPbA4gTuu3ujcoITL5PBTPciTJ4y2HqOSz8nZxjd/Qu9Gk Ev0sbWW16R8BSj3QFNuS/SgbcmYIm6GqXsJVp0kD4C5kHoFRmqiitlg94Y4dF9boG2FmSR gfN1EcPrAPx1MFs6qEw8FBWUNla4WymnRbaIkCmfyjJTO68xddi1JxtwQiZF4U/8sgMmDW ojAj5pvqEt4ZXpt+zvJa+JGacPL0PBr/l6M0mo0oj2+j7RIEuJc4zH/4v/RnzQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1774501559; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tJXdi8Pqod0A21Q3em6mCM3UE94jmNWxUWXXQ4vrsUI=; b=nALDFGDnlTy4IHKOHVVu5arsqx7u425VQ5EqHDahyld0iy3Wrtuxad5Du5D+68owWSU0Ai 5KLb47UB9ReMtF7X1e+3kegWC1iiVZHWvR1R1KrhEBoCIyKJ1MXBcZBiSdUEXbBbxw6CGi AFG5vmEooLMNYU3muGkjmjodX8qKn3pt6/lkdZ1TrYWXjOM8+2WRCWwOzbi85OL5VCYBwl AxJEyKnFqYbu/+ugE6ePlkzslNxK0YrQip4N4NAeRNFrEIhUnESSfDLkAO7koa+QymxEmF RtwvDAodbYlNXLP+Lpg3TCf3IVRva5/YL8ensvs//6Fiusj31mbcLpGpmCc8kg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4fhBYy6WzHzdry for ; Thu, 26 Mar 2026 05:05:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3adb6 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Thu, 26 Mar 2026 05:05:58 +0000 To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Philip Paeps Subject: git: 9ab94ece17 - main - Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: philip X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9ab94ece171524958a016bf547e9b67ccaf529ed Auto-Submitted: auto-generated Date: Thu, 26 Mar 2026 05:05:58 +0000 Message-Id: <69c4beb6.3adb6.5a5a6b81@gitrepo.freebsd.org> The branch main has been updated by philip: URL: https://cgit.FreeBSD.org/doc/commit/?id=9ab94ece171524958a016bf547e9b67ccaf529ed commit 9ab94ece171524958a016bf547e9b67ccaf529ed Author: Philip Paeps AuthorDate: 2026-03-26 05:05:17 +0000 Commit: Philip Paeps CommitDate: 2026-03-26 05:05:17 +0000 Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R FreeBSD-SA-26:06.tcp affects FreeBSD 14.3R, 14.4R and 15.0R FreeBSD-SA-26:07.nvmf affects FreeBSD 15.0R FreeBSD-SA-26:08.rpcsec_gss affects all supported releases FreeBSD-SA-26:09.pf affects FreeBSD 14.3R, 14.4R and 15.0R --- website/content/en/releases/13.5R/errata.adoc | 1 + website/content/en/releases/14.3R/errata.adoc | 3 +++ website/content/en/releases/14.4R/errata.adoc | 6 +++--- website/content/en/releases/15.0R/errata.adoc | 4 ++++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/website/content/en/releases/13.5R/errata.adoc b/website/content/en/releases/13.5R/errata.adoc index 09005faf4f..ed64d81b15 100644 --- a/website/content/en/releases/13.5R/errata.adoc +++ b/website/content/en/releases/13.5R/errata.adoc @@ -52,6 +52,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:02.jail.asc[FreeBSD-SA-26:02.jail] |27 January 2026 |Jail escape by a privileged user via nullfs |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:04.jail.asc[FreeBSD-SA-26:04.jail] |24 February 2026 |Jail chroot escape via fd exchange with a different jail |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:05.route.asc[FreeBSD-SA-26:05.route] |24 February 2026 |Local DoS and possible privilege escalation via routing sockets +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation |=== [[errata]] diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc index 5ba196ffe9..81f981732d 100644 --- a/website/content/en/releases/14.3R/errata.adoc +++ b/website/content/en/releases/14.3R/errata.adoc @@ -54,6 +54,9 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:02.jail.asc[FreeBSD-SA-26:02.jail] |27 January 2026 |Jail escape by a privileged user via nullfs |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:04.jail.asc[FreeBSD-SA-26:04.jail] |24 February 2026 |Jail chroot escape via fd exchange with a different jail |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:05.route.asc[FreeBSD-SA-26:05.route] |24 February 2026 |Local DoS and possible privilege escalation via routing sockets +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules |=== [[errata]] diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc index 0404bd3ba2..ba2c280ddd 100644 --- a/website/content/en/releases/14.4R/errata.adoc +++ b/website/content/en/releases/14.4R/errata.adoc @@ -44,9 +44,9 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ [width="100%",cols="40%,30%,30%",options="header",] |=== |Advisory |Date |Topic - -|No advisories.|| - +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules |=== [[errata]] diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc index da9874f778..025335df68 100644 --- a/website/content/en/releases/15.0R/errata.adoc +++ b/website/content/en/releases/15.0R/errata.adoc @@ -48,6 +48,10 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:01.openssl.asc[FreeBSD-SA-26:01.openssl] |27 January 2026 |Multiple vulnerabilities in OpenSSL |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:03.blocklistd.asc[FreeBSD-SA-26:03.blocklistd] |10 February 2026 |blocklistd(8) socket leak |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:05.route.asc[FreeBSD-SA-26:05.route] |24 February 2026 |Local DoS and possible privilege escalation via routing sockets +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:06.tcp.asc[FreeBSD-SA-26:06.tcp] |26 March 2026 |TCP: remotely exploitable DoS vector (mbuf leak) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:07.nvmf.asc[FreeBSD-SA-26:07.nvmf] |26 March 2026 |Remote denial of service via null pointer dereference +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules |=== [[errata]]