Date: Tue, 28 Jan 2020 19:12:55 +0000 (UTC) From: Gordon Tetlow <gordon@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r53835 - in head/share: security/advisories security/patches/EN-20:01 security/patches/EN-20:02 security/patches/SA-20:01 security/patches/SA-20:02 security/patches/SA-20:03 xml Message-ID: <202001281912.00SJCtdV049937@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gordon (src committer) Date: Tue Jan 28 19:12:55 2020 New Revision: 53835 URL: https://svnweb.freebsd.org/changeset/doc/53835 Log: Add EN-20:01, EN-20:01, and SA-20:01 through SA-20:03. Approved by: so Added: head/share/security/advisories/FreeBSD-EN-20:01.ssp.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-20:02.nmount.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-20:01.libfetch.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-20:02.ipsec.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-20:03.thrmisc.asc (contents, props changed) head/share/security/patches/EN-20:01/ head/share/security/patches/EN-20:01/ssp.patch (contents, props changed) head/share/security/patches/EN-20:01/ssp.patch.asc (contents, props changed) head/share/security/patches/EN-20:02/ head/share/security/patches/EN-20:02/nmount.patch (contents, props changed) head/share/security/patches/EN-20:02/nmount.patch.asc (contents, props changed) head/share/security/patches/SA-20:01/ head/share/security/patches/SA-20:01/libfetch.patch (contents, props changed) head/share/security/patches/SA-20:01/libfetch.patch.asc (contents, props changed) head/share/security/patches/SA-20:02/ head/share/security/patches/SA-20:02/ipsec.patch (contents, props changed) head/share/security/patches/SA-20:02/ipsec.patch.asc (contents, props changed) head/share/security/patches/SA-20:03/ head/share/security/patches/SA-20:03/thrmisc.patch (contents, props changed) head/share/security/patches/SA-20:03/thrmisc.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-20:01.ssp.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-20:01.ssp.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,138 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-20:01.ssp Errata Notice + The FreeBSD Project + +Topic: Imprecise ordering of SSP canary initialization + +Category: core +Module: libc +Announced: 2020-01-28 +Credits: Kyle Evans +Affects: All supported versions of FreeBSD. +Corrected: 2019-11-25 03:49:38 UTC (stable/12, 12.1-STABLE) + 2020-01-28 18:53:14 UTC (releng/12.1, 12.1-RELEASE-p2) + 2020-01-28 18:53:14 UTC (releng/12.0, 12.0-RELEASE-p13) + 2019-11-25 03:49:38 UTC (stable/11, 11.3-STABLE) + 2020-01-28 18:53:14 UTC (releng/11.3, 11.3-RELEASE-p6) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +The Stack Smashing Protector ("SSP") relies on a stack canary being +initialized early on in application startup. On FreeBSD, this is +accomplished with a constructor in libc. + +II. Problem Description + +When a binary is statically linked, constructor invocation order is based on +priority and sorted arbitrarily within a priority level across all +constructors present in the single statically linked object. The stack +canary guard constructor had no priority, so statically linked binary could +not predictably order their constructors to avoid bad interactions with +respect to the stack canary constructor leading to false-positive detection +of a stack overflow condition and erroneous process abort in some rare cases. + +Dynamically linked binaries are generally not affected, since the stack +canary is initialized in libc and libc is ordered very early in constructor +invocation. + +III. Impact + +Affected programs will abort and log a "stack overflow detected" message to +syslog(3). + +IV. Workaround + +No workaround is available, but dynamically linked binaries are not affected. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. Statically linked binaries +should be relinked against the updated base system. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-20:01/ssp.patch +# fetch https://security.FreeBSD.org/patches/EN-20:01/ssp.patch.asc +# gpg --verify ssp.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/12/ r355080 +releng/12.1/ r357215 +releng/12.0/ r357215 +stable/11/ r355080 +releng/11.3/ r357215 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=241905> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-20:01.ssp.asc> +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whbdfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cKWSA/8CINmMeEm76kGRoyuDiTD+h1Ra28DM81+HNsTuEb8W8uhNT/ZJf61lWZe +c5BEO8uJMP8XUjGEzIEu4ARkZcV2pvLxyUIoWgq1TGTYB7jp8zXeJZj/wPqLLpI4 +lwXl19hWPprz1CDgukR87+flDZyNEe62YfAtL3WRqGuYU8Yb6AmNoKSwOphset4m +6F7pg8wPFnHfW2EOl6/jFZsv41C+2SlIXa8HIXFJj0TnfltLsCqEWhpDhVE0Wv0D +f2MCGs03xS+UN/kUGIE6G2WBD/Etfy4DMr7RsRxu1lta6FhOk8sR27FCcSnqyKPM +MqXK0PxN5qx8D2UbQUhNCmmclnOVjzGEn9ECzxW5XrDsz17bhodtL4f29GmLEw4l +wdHcttUlQduzolZlBgKgNyp6ZuKXXYzPYsATgJTG9LBQShyQeWa4rCz21Nh+vrmA +NdSAY/LEvq6R8IKHFljDwFIPITnV6xQObMIDgrsJMFyFyIUGiZEo0Jo51I28aUJ/ +EM76+SULzxY50Agw5KFgCM1iXPfGnEfPN03wNCzrbvpv3y67qduGF4jbmLMZPcnv +aZBVQj4Cx9Q/pC/TCFNilmmEa3/xYDB6hGnQn9cIYBV1Q61IQXwGaGXNG+fN760x +gYfnbY2ZlJVV66amfTC89HNVwMeq++Imd4AzNlaXV+a9qummNKc= +=VzHc +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-20:02.nmount.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-20:02.nmount.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,131 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-20:02.nmount Errata Notice + The FreeBSD Project + +Topic: nmount invalid pointer dereference + +Category: core +Module: kernel +Announced: 2020-01-28 +Credits: Andrew Turner +Affects: FreeBSD 11.3 and FreeBSD 12.0. +Corrected: 2019-10-03 07:17:26 UTC (stable/12, 12.1-STABLE) + 2019-10-04 14:10:56 UTC (releng/12.1, 12.1-RELEASE) + 2020-01-28 18:54:15 UTC (releng/12.0, 12.0-RELEASE-p13) + 2019-10-04 17:27:49 UTC (stable/11, 11.3-STABLE) + 2020-01-28 18:54:15 UTC (releng/11.3, 11.3-RELEASE-p6) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +The nmount(2) system call is used to mount file systems. + +II. Problem Description + +VFS option processing related to the nmount(2) system call was missing a +length check. This is generally only available to privileged users unless +the vfs.usermount sysctl is changed from the default to allow non-privileged +users the ability to mount file systems. + +III. Impact + +A userland process authorized to mount filesystems can possibly trigger a +kernel panic. + +IV. Workaround + +No workaround is available. However, if the vfs.usermount sysctl has been +changed to allow non-privileged users the ability to mount file systems, +switching back to the default value of 0 will prevent non-privileged users +from triggering the issue. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date, and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an errata update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-20:02/nmount.patch +# fetch https://security.FreeBSD.org/patches/EN-20:02/nmount.patch.asc +# gpg --verify nmount.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/12/ r353032 +releng/12.1/ r353104 +releng/12.0/ r357216 +stable/11/ r353109 +releng/11.3/ r357216 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-20:02.nmount.asc> +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whcpfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cJWUQ//UZtfZZXpkmLYet67qmbIj7uLbw9CDc1N5HRwNgnjTDGc4d5o3BQEAr2X +/q1t8US3Ec/rWm5YqzqRNmt+Uei/F7J2u1udRm56vsPPb+eq8tRiRVK6RYY4FYBj +rxPkxf6nNCTqWELFtmQejnCQ0wN2Oy+oNY3fA1j1GzOHm0S7dc9CnlrE75eDX33q +sXezm6/VYRwyKGKEJUMlmn9gn0qzGr3L9go5TCWDw9lhuJoygE/QblnVTQI5mTDv +khjke28RxLkAkOUMvq8EIq1L9j88FeVWEOMIKU2xgaUvh6z6NQE8o6eKTb4D7mDO +Vo4NdB81SdPmCaHISocrEhkS/Vff3rlMcb4xf/DFZgDK3FXzNYkAqLyMrDNw6egv +fV4fbhnyqPpejCDW0Il7nxOwV4KtdmEaMCvKwvQu9VpiL8wUrV9wBSkbavyagS49 +un2UYkkv28IIkmhDwbRM7qEcE7Dt6xfsZN4HIZ6R2eUGhGx/ETDXoC9fE74khigF +ubU7QygqWtZ8JDZ8qmnfDM7n0EG1DV3I+XSdupN1ytaxaKOzF5HAnVxcLuMnY5LT +80HaVQazsfCJ5IQinUtiGoOFldQT3NGkvVMcCe+M5R+PP2g4DRJgaCzDCXDIx0k2 +My/JU5RjlUl0714OV0VaGlzVnwk5y7RNNLcHWlSx83HBoBSWcnk= +=uOTk +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-20:01.libfetch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-20:01.libfetch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,131 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-20:01.libfetch Security Advisory + The FreeBSD Project + +Topic: libfetch buffer overflow + +Category: core +Module: libfetch +Announced: 2020-01-28 +Credits: Duncan Overbruck +Affects: All supported versions of FreeBSD. +Corrected: 2020-01-28 18:40:55 UTC (stable/12, 12.1-STABLE) + 2020-01-28 18:55:25 UTC (releng/12.1, 12.1-RELEASE-p2) + 2020-01-28 18:55:25 UTC (releng/12.0, 12.0-RELEASE-p13) + 2020-01-28 18:42:06 UTC (stable/11, 11.3-STABLE) + 2020-01-28 18:55:25 UTC (releng/11.3, 11.3-RELEASE-p6) +CVE Name: CVE-2020-7450 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit <URL:https://security.FreeBSD.org/>. + +I. Background + +libfetch(3) is a multi-protocol file transfer library included with FreeBSD +and used by the fetch(1) command-line tool, pkg(8) package manager, and +others. + +II. Problem Description + +A programming error allows an attacker who can specify a URL with a username +and/or password components to overflow libfetch(3) buffers. + +III. Impact + +An attacker in control of the URL to be fetched (possibly via HTTP redirect) +may cause a heap buffer overflow, resulting in program misbehavior or +malicious code execution. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date. + +Perform one of the following: + +1) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/SA-20:01/libfetch.patch +# fetch https://security.FreeBSD.org/patches/SA-20:01/libfetch.patch.asc +# gpg --verify libfetch.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +Restart all daemons that use the library, or reboot the system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/12/ r357213 +releng/12.1/ r357217 +releng/12.0/ r357217 +stable/11/ r357214 +releng/11.3/ r357217 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7450> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-20:01.libfetch.asc> +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whc5fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cJw5BAAmi4Mk+an8qJB4GwfOSxWhn42GnN9/HikJwkiTNHQr7n51ANp4sHCgTYG +PCo6UvCFqdIfhpBIrykI7ZwzAetCpldDdIMQFJoi5ChJ7aIcNDpiH06yLjYLgseS +qSxJ+dXt6j7G2FMUWPBka8eTNBi64gT0MbyC7zFdISfJqfNy+p0WvdwYm3UsWkeR +pEV+o6zL+PI3s6IsqQTQzYuyNYgoTLdvhjgNMymI+OMH8uCdBUrdItdSwSYPwVOp ++8SUX47jMFNcIbBmuQ3KnPxu9fHx8JzfqpLDAkmp6hu6sXNTmIZ27mgItu4DRgWN +nvd750H6fv9UCbRYOyvjeuEN8olOpZcoTAuQDtcC/z7BvKAwLC7oAYXZEiQ4pn/D +MGMzlJU7fxiyIWDNJprzyrsgPAUhCC3ePyenTErB+GQKmf1fHTjLWJHN43W2tbqk +kYzMwwLQa3KwOYzHPHbJt6F94b9dN30v8cgIVkvs5ivLr8eErIJAQ71PgxkgRQL1 +/C301qeJvgBqLm+so0Ef6wi/D9HvCvyk6IqbQNEvOXD8RNtyqdhBO1jJ93zDVLLK +ey5room7Hln/A3l5bXBzb6O3+q60U7lbxzokkAhNoe+pls6HQ50OeainXDU1dal4 +HcBOCM1cnXNjXDdizqdMDvyR7ftXuBxOYeMsxY2JbT4qKjjA19M= +=chN4 +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-20:02.ipsec.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-20:02.ipsec.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,123 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-20:02.ipsec Security Advisory + The FreeBSD Project + +Topic: Missing IPsec anti-replay window check + +Category: core +Module: kernel +Announced: 2020-01-28 +Credits: Jean-Francois HREN +Affects: FreeBSD 12.0 only +Corrected: 2020-01-28 18:56:46 UTC (releng/12.0, 12.0-RELEASE-p13) +CVE Name: CVE-2019-5613 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit <URL:https://security.FreeBSD.org/>. + +I. Background + +IPsec is a suite of protocols providing data authentication, integrity, and +confidentiality between two networked hosts. + +II. Problem Description + +A missing check means that an attacker can reinject an old packet and it will +be accepted and processed by the IPsec endpoint. + +III. Impact + +The impact depends on the higher-level protocols in use over IPsec. For +example, an attacker who can capture and inject packets could cause an action +that was intentionally performed once to be repeated. + +IV. Workaround + +No workaround is available. Systems not using IPsec are not vulnerable. + +V. Solution + +Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date, +and reboot. + +Perform one of the following: + +1) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for a security update" + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/SA-20:02/ipsec.patch +# fetch https://security.FreeBSD.org/patches/SA-20:02/ipsec.patch.asc +# gpg --verify ipsec.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +releng/12.0/ r357218 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5613> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-20:02.ipsec.asc> +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whdFfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cIWbQ/9EvRm9/pFezk65B8NR9BJFYzSbFv8GxtxNjcFJ0KpG48s7XxBg9BWNKMs +b7dtGTRlPKGUh0CRfhkCzxx10JZ0Aeu+UNNWQrt7r34pku1bUTrOAqW9nxIBq8zr +tihvShWxWmMb9roeGRQIDpDoRCDs/Ps5eZ9NkTIRIPnGvidm8FTr8eQIHxSQJ/dX +9bnQO1KP3Fz1+ywKA/poMdfXwdrUhiaPaC9AQ704lMiz881Itsi93Xw9HceKar0E +dnbPbXMTQ+mkdVe3U2KLVDIMs119XL3Nuel2y7ACNjH3Bvjeerfjn6rZfiseV5FR +muH0I+HKVdkdgWrFRPPthzUTmZYaStgbgOymsclwCpUJkS/ITgJWTpx6V+0E+4n6 +bocwue5xP9EtCKDoEp3RSf17f47nbHgA0oeR+1CU9bh2lU6h2lAxRhxkPcWrgBiJ +HWSJ96UyF3S9Kfj7sbKBE/0wPQYRO2fs2PSfjvjmydyYlg0gcZ25tK3sm5xyvxoG +pVCwMn3gFDchEWnxJaSrGg/xoQCCWM+KdVXkaBSdCEsqs8+o6bTXPrq8ZyU451aO +7qxLPBlw5XNZ87jUEOhT3PwH49H9sAl++4IHUUUvs5pcIigdTNplgVpRt2DdFDzg +ardLO/Cyr1qAAMClC3jXx0I7uTViROt3x7lg2+2V7bF5SnL8VjU= +=tFox +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-20:03.thrmisc.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-20:03.thrmisc.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,131 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-20:03.thrmisc Security Advisory + The FreeBSD Project + +Topic: kernel stack data disclosure + +Category: core +Module: kernel +Announced: 2020-01-28 +Credits: Ilja Van Sprundel +Affects: All supported versions of FreeBSD. +Corrected: 2019-11-15 16:40:10 UTC (stable/12, 12.1-STABLE) + 2020-01-28 18:57:45 UTC (releng/12.1, 12.1-RELEASE-p2) + 2020-01-28 18:57:45 UTC (releng/12.0, 12.0-RELEASE-p13) + 2019-11-15 16:40:55 UTC (stable/11, 11.3-STABLE) + 2020-01-28 18:57:45 UTC (releng/11.3, 11.3-RELEASE-p6) +CVE Name: CVE-2019-15875 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit <URL:https://security.FreeBSD.org/>. + +I. Background + +The kernel can create a core dump file when a process crashes that contains +process state, for debugging. + +II. Problem Description + +Due to incorrect initialization of a stack data structure, up to 20 bytes of +kernel data stored previously stored on the stack will be exposed to a +crashing user process. + +III. Impact + +Sensitive kernel data may be disclosed. + +IV. Workaround + +Core dumps may be disabled by setting the kern.coredump sysctl to 0. +See sysctl(8) and sysctl.conf(5). + +V. Solution + +Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date, +and reboot. + +Perform one of the following: + +1) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for a security update" + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/SA-20:03/thrmisc.patch +# fetch https://security.FreeBSD.org/patches/SA-20:03/thrmisc.patch.asc +# gpg --verify thrmisc.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/12/ r354734 +releng/12.1/ r357219 +releng/12.0/ r357219 +stable/11/ r354735 +releng/11.3/ r357219 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15875> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-20:03.thrmisc.asc> +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whdVfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cLOgg/7BAIhE6SQ06BkCKNBerK3jj1sY2gBc7aohLbzdhEpCIrrd+sMsh0tphII +ftR5psPaZahzjP9Mrs/lA1fWVsco1jo4icevGiPTfbEVqBF1S8XINccwQr3AvYJR +33PGUrgzY2rU8MTj0YPJ2EG3ahghb96lKkK3USikoJA5SsXSZkFphp2OFXnUFWbG +TXWOUBWXbHMBUprf/oXcvNo/ZjDcxvJzMqT2YIGwKOsT0Xtx5nD+6C390axRuVEd +sA6z1RhA/EEx6JMNSUAoG5rnJSXDYQTB2kd9ilozXi07CboVZ38loXy8492FGrin +uG3MfnI+PHrMtG+S5yHwzOGhB/20DNoWqLKZobTGr46r8rrdc553F5Cn7ivLEz9Y +Sk+IGjZfB99jv+JxCr/+/4gn3niOyh0MolqG9r0rT13fLmeQX5XtYfyYPJHE1wuR ++JZ9TQSaJ6TX/DcIsy60OWcfWAQOeoYsvTZO6hqpjHt66m2Ah1pdAyc8c0R8yaQG +tFpRhgQvYpiPJviq7NvM5V2afSo16RWWy9A+xEYUrxp0H0inVNOgdqwhln7ZzI4u +YoBis/eZkNAPxqFJyvJ89TQFmsWFPcpHjAGMoL+aCuIotuHHa/MPdT2pfyqHG9iL +E9axI8zhyzNUC+osR2I6DT/R8rF5QHAY8xI8FffiS8jfN3BJVm4= +=3mdJ +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-20:01/ssp.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-20:01/ssp.patch Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,33 @@ +--- lib/libc/secure/stack_protector.c.orig ++++ lib/libc/secure/stack_protector.c +@@ -40,11 +40,29 @@ + #include <unistd.h> + #include "libc_private.h" + ++/* ++ * We give __guard_setup a defined priority early on so that statically linked ++ * applications have a defined priority at which __stack_chk_guard will be ++ * getting initialized. This will not matter to most applications, because ++ * they're either not usually statically linked or they simply don't do things ++ * in constructors that would be adversely affected by their positioning with ++ * respect to this initialization. ++ * ++ * This conditional should be removed when GCC 4.2 is removed. ++ */ ++#if __has_attribute(__constructor__) || __GNUC_PREREQ__(4, 3) ++#define _GUARD_SETUP_CTOR_ATTR \ ++ __attribute__((__constructor__ (200), __used__)); ++#else ++#define _GUARD_SETUP_CTOR_ATTR \ ++ __attribute__((__constructor__, __used__)); ++#endif ++ + extern int __sysctl(const int *name, u_int namelen, void *oldp, + size_t *oldlenp, void *newp, size_t newlen); + + long __stack_chk_guard[8] = {0, 0, 0, 0, 0, 0, 0, 0}; +-static void __guard_setup(void) __attribute__((__constructor__, __used__)); ++static void __guard_setup(void) _GUARD_SETUP_CTOR_ATTR; + static void __fail(const char *); + void __stack_chk_fail(void); + void __chk_fail(void); Added: head/share/security/patches/EN-20:01/ssp.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-20:01/ssp.patch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4wheBfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cJjxg/5ATm/M6VVGLH8RR/VVdsEn0MaXnq8K8Mu/z42RzHhApPZuK9Rqxi0KllI +HapRslvyE/PsgxP119jhrqRFpxyXkkQI27t8+muQalENRqMQr1TUzqRz8R/ULm/b +1/O83JSzaCVuVgSSFIEi49PfLdkO7M/UYxSGm8OXKJiYR+5lbWORPdQH8iCx5CCv +hXgE65yTFxS9ekOTlr3kBCe5p+Oy3e8HRmWGpStfWx/KIKZXxoC4Nhwg+zP3DoV+ +4S+mCpknPjDAtdEaL9cUxYQ1OUjIII+yQ91ZOkwoTMelvDMU/Aam6LIi6mBPTs3q +nI+hNZlI5t7eE4jhdhDFxnH6hGKIFuQe9AsEz0wlMtyyyAnXWwuNzr9lAw1Stu8c +ksC3rFgP2PWHxO42KzewDiBqLKnNxM8nN5m544qqASo9UNJnnQdooluuMWFlJ7iP +Cr/QPQlNwAGiZ3GxI9t2TnUzUH8raWyKQokkgp5ZYwVIuO2Wxj/dKvbg+bQkXuqv +BRz3TLWjPlGWwPpSCqQG0I5IQbq3YJK+r0lJ1cyONlDRsUTXe2Y2YUFdp4toTFR5 +43kQbU1dTcuydYQ8C/gU6wklneGhiswINL+aZHtGGw8IMz9kPvTAti1WmrHAWLph +ADYr+VMT3Hds0FZfDmIhiBBcDI528Bz9pMXZBfP4YJhwRic+nic= +=IKok +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-20:02/nmount.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-20:02/nmount.patch Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,20 @@ +--- sys/kern/vfs_mount.c.orig ++++ sys/kern/vfs_mount.c +@@ -603,7 +603,7 @@ + */ + fstypelen = 0; + error = vfs_getopt(optlist, "fstype", (void **)&fstype, &fstypelen); +- if (error || fstype[fstypelen - 1] != '\0') { ++ if (error || fstypelen <= 0 || fstype[fstypelen - 1] != '\0') { + error = EINVAL; + if (errmsg != NULL) + strncpy(errmsg, "Invalid fstype", errmsg_len); +@@ -611,7 +611,7 @@ + } + fspathlen = 0; + error = vfs_getopt(optlist, "fspath", (void **)&fspath, &fspathlen); +- if (error || fspath[fspathlen - 1] != '\0') { ++ if (error || fspathlen <= 0 || fspath[fspathlen - 1] != '\0') { + error = EINVAL; + if (errmsg != NULL) + strncpy(errmsg, "Invalid fspath", errmsg_len); Added: head/share/security/patches/EN-20:02/nmount.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-20:02/nmount.patch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whedfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cJKTBAAmQXDT2YnQ4jZkHw/ZpiqA5cVJQzaCDX4BC0gtJijdbHiewrxgSK0yw/6 +iguZ2YUCi+0SkjqGtSHNZgNk8JZ4Xdqicq47jxuNbh5ckDjlkR8h7BL+MWRYPLU/ +DtpUy3u66C/zXCJZMxUTCNwg5eJjCmJW9LXeVLVE3uGWQZ21eA8VM4LAmYnUOgVW +cLjmyu7yQRVBtqkfVOD8yWMy0aLim6iwdxlun8MfFsQRJFiUXnz/3qJWlm85+mhC +Agll8Ea8+VuhYnhqsy6ixEi82ISllKqGsysBH9X/PQevkx6jgNBMlDnvQ4ZNskFt +P1GUZgcLnBW3qYeCvj0ob8kylnK1F8Vm5YLV/GU4m7ja56Q6xZzqfez/WuwB+8Pu +epYZIglBrx1hXjZag9iUwWDNaHCjI+M+Ki49DbCsxBZUsj8/YPfh2OS+NBFcpWDp +rExxzcfN23YeOpFawDeAHcMXRCBozqP/JEG+8Yv3tLmj7kPMxWmaOAc+Zm2EUEBq +KYRAErAPbQUcZExaH/OHcJId0JV6llP+QYu55IhMPY04jAVIjaBAU3jh+Gm0V7CQ +QV462nucMVtt/qCcFjcemVirZMpqYIbJ5ud1+9vqqPHJEOsbEmYTrcm7frBZtT6r +tklX+u2rbl3fWVwhkOYTtax2YhxbKADG+vI2wxuVszn1qDLsZEg= +=w1fm +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-20:01/libfetch.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:01/libfetch.patch Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,29 @@ +--- lib/libfetch/fetch.c.orig ++++ lib/libfetch/fetch.c +@@ -332,6 +332,8 @@ + } + if (dlen-- > 0) + *dst++ = c; ++ else ++ return (NULL); + } + return (s); + } +@@ -381,11 +383,15 @@ + if (p && *p == '@') { + /* username */ + q = fetch_pctdecode(u->user, URL, URL_USERLEN); ++ if (q == NULL) ++ goto ouch; + + /* password */ +- if (*q == ':') ++ if (*q == ':') { + q = fetch_pctdecode(u->pwd, q + 1, URL_PWDLEN); +- ++ if (q == NULL) ++ goto ouch; ++ } + p++; + } else { + p = URL; Added: head/share/security/patches/SA-20:01/libfetch.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:01/libfetch.patch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whexfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cI8uRAAjHeuD0Mz/5DVcAAY/eAA/hiN/maLEVbNAP+mqv3S5Xa7Iha/XWsq96ih +qu6UnZeAhwRPBDC3tTAd6BlgGBvnAeLVkRto1SJFLjROGJOL9CXM1ohtxkKwSZpd +xH2Y9kUj4vTfa/RL+ctE5xIsaMI5A23YJ4RaP/nB7BGOsXzSM62beeX4ibKrZPP2 +gtJC6OsJADnZnX/FGsfit9Ckc3DvYOyuxV/hj2PMwkNUt+xzoJ0wPVmEvglTMlcm +0gFGfRUhvO4IetKpZG1+jfD5EngYsvcyswd1JazTZVflpUfGt6rACYw8rPbBNTXi +pKhTgu4KUicTSq2A74Mfd7ClYyPAhLU5RMav/ydwTDYpjpt6+akWcxap9V4hwW5p +8bxCt0bi/9eXhgt7PuSTV/NvRPvsuhoyXXLLodMAWwHHCvlJEs8PYM/Qwz2yd5V2 +FYHf1EaCV79vLYeqVa/CE5p9er783GwEvSmeeNKOHlBeOeb3Is7cdrTpFYwBS+sY +RQhqccfEpSq0bUdpHyiKV6pvq0tfOhLyamTH/4SAPh3hC52uH90zejeGhPMmZ6ld +ud3eN7Lz8sZsJRg9nq8GCfpS1x225twnVz15YAlaQCZ2+y9R/QxKZpt/H0X4o9Hp +8fOpiyxbW79k7/OuZDEwmXk7oAl4z//uM97Z9bLkuLk9heiVgI0= +=Vs4w +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-20:02/ipsec.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:02/ipsec.patch Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,11 @@ +--- sys/netipsec/ipsec.c.orig ++++ sys/netipsec/ipsec.c +@@ -1318,6 +1318,8 @@ + __func__, replay->overflow, + ipsec_sa2str(sav, buf, sizeof(buf)))); + } ++ ++ replay->count++; + return (0); + } + Added: head/share/security/patches/SA-20:02/ipsec.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:02/ipsec.patch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whe9fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cL22hAAp65Q2PDHj0Y5ykuTsXobEH6oD7DDmvL27PtY8mbT01hYu7jNxwycuzv3 +7ALZljpJN+1pwN6NV7+lOlVPj/VVCzHBIK1ga7uZi0Qv/CvzIRdazWOTMKDmbo9L +4NzLZTrC4DcQmJI7YZptMy+2jlldBkYf9cEJRC2xPxAiKonLmRrBtR826VOLCV4a +5FPtFObGAp1JYrspExzpyJ5U5Eh6Nxag3kgY3OwXPcIa6CfI2CeY2rp5rUhqwIy/ +6CewC4YP2kRL//auKFkXc8jTvgcIdUEPdmAEzKdmlpkE/xQ+twcAYxwkYxox8QVS +dEACEOcVJ3krKo5r5dFrTdeu/fUmptvXsVR5iI/J/r997+fsqKG8O7N3J+HNYJWM +r9zKJjfzRNYuTNwk15KxpfY3qx2d+G09mTVwTYJ/hG+LHyj9qgB/gVCyct/l82zQ +93rlyDKN3EQiLNs1BgoSXSRz3IoS2NErccE5tSKPbphtbpdbxU6f45wHhEWyRO/b +43yJwslmMIgSVoG1B2WftRuQBK9EmQSVpMvP3T6gJqr0ZyQuXLTWHpBg/vX79chQ +R/necLTNP4+aQEDtv9d8GjkEkFqj6fLbe6nJiUdo0hME8WdbGfM+cjRSBUx5LvyS +6yMddT9SPlu4PXiMn3OT1qmqsaUuozWL+UmS5QkmGwgkbBwGS6w= +=wVs3 +-----END PGP SIGNATURE----- Added: head/share/security/patches/SA-20:03/thrmisc.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:03/thrmisc.patch Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,11 @@ +--- sys/kern/imgact_elf.c.orig ++++ sys/kern/imgact_elf.c +@@ -2211,7 +2211,7 @@ + td = (struct thread *)arg; + if (sb != NULL) { + KASSERT(*sizep == sizeof(thrmisc), ("invalid size")); +- bzero(&thrmisc._pad, sizeof(thrmisc._pad)); ++ bzero(&thrmisc, sizeof(thrmisc)); + strcpy(thrmisc.pr_tname, td->td_name); + sbuf_bcat(sb, &thrmisc, sizeof(thrmisc)); + } Added: head/share/security/patches/SA-20:03/thrmisc.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-20:03/thrmisc.patch.asc Tue Jan 28 19:12:55 2020 (r53835) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl4whfJfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cJfyw/+LEyYZDvgLZGxH+vMhpFKaG/s02TCf4qz9alCkn20JvYJYPZQUW6zJfgh +qjRwa4cP1uvbO+on7O0Ez6QHOfCec6QgFOdAh5H0R2u1kt7WZri6NjIZuxidJeuk +BJMdg0uGlCwdI4kFXiRjhRBLDHJImD1WFuoCK+hiCYlYxYaVJ7lDSBPWx0q1MbTA +8FSRcmohlRKjjuw6ANBpw84K9JJcNBw+WcMePdMCmU/JhhDSeVbxfs5UonBPu09o +JIGqX4k5FMbSWFWdCEz4GrtAv8CtO3eT7ykv0B8qaDiW/NGq4l3h6koh/e0ZsWPj +vyvf+989VCnQHvNSxlde+Hdl+5rR2Lu23gj3v9AcRlLNjfE/8nVvosh7QgTtf3oC +ZgElZXBSTO7T4msBKLnFKwyPrHm1B0ZgGDGDHr7gngyYukt+eCyYlvA8qtsv3L+f +UXyutsABSk73O3Jm/qLNad1g51/KTfhesVzaOo1LV1McmfqkEwdt5YDmsW/A4pUO +V5Xhjc8a0pjp2looiIrZHOGqd4pgUhwl9JvdkGm0ab4VQdc67SzgJZYj5PzMeufU +cUdsCzvLS0ioblz6osPEp+fzhXw/F12nSb7mWXTftnTmpkJXBJkepMU7vzxrL4Ds ++KhqpqxM41XOy5my5E3FH9m0ZPhMKF7dRR6IEOkjF3eLOUc+J7M= +=pyQC +-----END PGP SIGNATURE----- Modified: head/share/xml/advisories.xml ============================================================================== --- head/share/xml/advisories.xml Tue Jan 28 14:39:34 2020 (r53834) +++ head/share/xml/advisories.xml Tue Jan 28 19:12:55 2020 (r53835) @@ -5,6 +5,31 @@ </cvs:keyword> <year> + <name>2020</name> + + <month> + <name>1</name> + + <day> + <name>28</name> + + <advisory> + <name>FreeBSD-SA-20:03.thrmisc</name> + </advisory> + + <advisory> + <name>FreeBSD-SA-20:02.ipsec</name> + </advisory> + + <advisory> + <name>FreeBSD-SA-20:01.libfetch</name> + </advisory> + + </day> + </month> + </year> + + <year> <name>2019</name> <month> Modified: head/share/xml/notices.xml ============================================================================== --- head/share/xml/notices.xml Tue Jan 28 14:39:34 2020 (r53834) +++ head/share/xml/notices.xml Tue Jan 28 19:12:55 2020 (r53835) @@ -5,6 +5,27 @@ </cvs:keyword> <year> + <name>2020</name> + + <month> + <name>1</name> + + <day> + <name>28</name> + + <notice> + <name>FreeBSD-EN-20:02.nmount</name> + </notice> + + <notice> + <name>FreeBSD-EN-20:01.ssp</name> + </notice> + + </day> + </month> + </year> + + <year> <name>2019</name> <month>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202001281912.00SJCtdV049937>