From owner-dev-commits-doc-all@freebsd.org  Tue Jun  1 20:51:34 2021
Return-Path: <owner-dev-commits-doc-all@freebsd.org>
Delivered-To: dev-commits-doc-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id F134265DAAC
 for <dev-commits-doc-all@mailman.nyi.freebsd.org>;
 Tue,  1 Jun 2021 20:51:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Fvkpt6ZMFz4k1J;
 Tue,  1 Jun 2021 20:51:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C9E5B24C7;
 Tue,  1 Jun 2021 20:51:34 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 151KpY01080285;
 Tue, 1 Jun 2021 20:51:34 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 151KpY8V080284;
 Tue, 1 Jun 2021 20:51:34 GMT (envelope-from git)
Date: Tue, 1 Jun 2021 20:51:34 GMT
Message-Id: <202106012051.151KpY8V080284@gitrepo.freebsd.org>
To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: caf6116627 - main - Add EN-21:17. Approved by:	so
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: doc
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: caf6116627fb89e2d4020f04255c0133d6faaa58
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-doc-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the doc repository
 <dev-commits-doc-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-doc-all>, 
 <mailto:dev-commits-doc-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-doc-all/>
List-Post: <mailto:dev-commits-doc-all@freebsd.org>
List-Help: <mailto:dev-commits-doc-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-doc-all>, 
 <mailto:dev-commits-doc-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jun 2021 20:51:35 -0000

The branch main has been updated by gordon (src committer):

URL: https://cgit.FreeBSD.org/doc/commit/?id=caf6116627fb89e2d4020f04255c0133d6faaa58

commit caf6116627fb89e2d4020f04255c0133d6faaa58
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2021-06-01 20:51:11 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2021-06-01 20:51:11 +0000

    Add EN-21:17.
    Approved by:    so
---
 website/data/security/errata.toml                  |   4 +
 .../advisories/FreeBSD-EN-21:17.libradius.asc      | 147 +++++++++++++++++++++
 .../security/patches/EN-21:17/libradius.patch      |  16 +++
 .../security/patches/EN-21:17/libradius.patch.asc  |  16 +++
 4 files changed, 183 insertions(+)

diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml
index de0a6f640f..4c1b2b1704 100644
--- a/website/data/security/errata.toml
+++ b/website/data/security/errata.toml
@@ -1,6 +1,10 @@
 # Sort errata notices by year, month and day
 # $FreeBSD$
 
+[[notices]]
+name = "FreeBSD-EN-21:17.libradius"
+date = "2021-06-01"
+
 [[notices]]
 name = "FreeBSD-EN-21:16.bc"
 date = "2021-05-26"
diff --git a/website/static/security/advisories/FreeBSD-EN-21:17.libradius.asc b/website/static/security/advisories/FreeBSD-EN-21:17.libradius.asc
new file mode 100644
index 0000000000..889553b23f
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:17.libradius.asc
@@ -0,0 +1,147 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:17.libradius                                      Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          Incorrect validation in rad_get_attr(3)
+
+Category:       core
+Module:         libradius
+Announced:      2021-06-01
+Affects:        All supported versions of FreeBSD.
+Corrected:      2021-05-28 17:00:19 UTC (stable/13, 13.0-STABLE)
+                2021-06-01 20:26:32 UTC (releng/13.0, 13.0-RELEASE-p2)
+                2021-05-28 17:03:20 UTC (stable/12, 12.2-STABLE)
+                2021-06-01 20:38:39 UTC (releng/12.2, 12.2-RELEASE-p8)
+                2021-05-28 17:02:43 UTC (stable/11, 11.4-STABLE)
+                2021-05-28 20:37:54 UTC (releng/11.4, 11.4-RELEASE-p11)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+libradius(3) is a client and server library implementing the Remote
+Authentication Dial In User Service (RADIUS) protocol.  It is used by
+pam_radius(8) and mpd5 (available in the ports tree as net/mpd5).
+
+II.  Problem Description
+
+The patch for FreeBSD-SA-21:12.libradius modified rad_get_attr(3) to
+verify that an attribute length smaller than the minimum required for
+the attribute type and length fields is disallowed.  This check may fail
+incorrectly for the final attribute in a RADIUS message.
+
+III. Impact
+
+The bug may cause request validation to fail when it should succeed.
+This can result in errors in applications making using of libradius(3).
+
+IV.  Workaround
+
+No workaround is available.  Systems not using libradius(3) are unaffected.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-21:17/libradius.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:17/libradius.patch.asc
+# gpg --verify libradius.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart all daemons that use the library, or reboot the system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              f9972532343b    stable/13-n245792
+releng/13.0/                            8acc450613c3  releng/13.0-n244745
+stable/12/                                                        r369897
+releng/12.2/                                                      r369921
+stable/11/                                                        r369896
+releng/11.4/                                                      r369919
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:17.libradius.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmC2nUcACgkQ05eS9J6n
+5cIyuxAAgNcgrQ/+3NRWPk8N0iqjIs5fN0HHdKF91o8FtCel9JW0UXXH9LZEsJiX
+5twBTXHy8QL5yleJy83KDgHtIAKFTgILr2NaKBsc9T10sKJ7QWqpTUYKy9YXbqfO
+3eX2+60j5LVfazoRMrPZotLxvvexa3imHQh4IrUEr/eDdUs1kB/fIc1bwi6sBksK
+5Mqg6rlm1FusruUFfRynEUCQY7MhuFMTPUDvOOu8bvfmYK+sFB2lyfH1mxv7eaNA
+LtiTrP/EcMDxpxbPL+fwEJgHnz50K4UIwaqpt9x46z3tNEDB/NJI5XWJ8KHG7liW
+mJvPJIhu0QV2+Q04r5zqF9Io8PSulowS7NYxgGwcFXL7ZquLFxR2w/IdPkkqoLmZ
+kTHW3Zz2kyDDJ7c3kg2dafolMS2G5MmUy91cIpR8T6o4ARYHIHuojXE4E8M2JUPQ
+GV/HP0keMNKHRAy674Ie1Pa+Lmzwa1o1MNj/znF/8kR7pFqY60TqQ+h2jsHKO+ov
+TZEjVf886LOmw6z/q7s2WBl2sq2JMiffWoFBx6URGKPtjCYYOWbC4AocsbAeu4a1
+5aNOa5otm25JjSZi6h0nepbw/QQHhR6LgqAIJue1bD4uA0Sbhf4Vwcbte1aMasGs
+Te0nK0Q2QAdzfSI7TJdzAazXPHeqDfWnKAw2h57jJnMQH5IbMss=
+=lZku
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/patches/EN-21:17/libradius.patch b/website/static/security/patches/EN-21:17/libradius.patch
new file mode 100644
index 0000000000..4f8e05c631
--- /dev/null
+++ b/website/static/security/patches/EN-21:17/libradius.patch
@@ -0,0 +1,16 @@
+--- lib/libradius/radlib.c.orig
++++ lib/libradius/radlib.c
+@@ -964,7 +964,12 @@
+ 	}
+ 	type = h->in[h->in_pos++];
+ 	len = h->in[h->in_pos++];
+-	if (len < 2 || h->in_pos + len > h->in_len) {
++	if (len < 2) {
++		generr(h, "Malformed attribute in response");
++		return -1;
++	}
++	len -= 2;
++	if (h->in_pos + len > h->in_len) {
+ 		generr(h, "Malformed attribute in response");
+ 		return -1;
+ 	}
diff --git a/website/static/security/patches/EN-21:17/libradius.patch.asc b/website/static/security/patches/EN-21:17/libradius.patch.asc
new file mode 100644
index 0000000000..fdc7c1af1e
--- /dev/null
+++ b/website/static/security/patches/EN-21:17/libradius.patch.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmC2nUgACgkQ05eS9J6n
+5cLZcxAApmo7ozxwyMyLpvozf94MtA4spYgM3/MQb8WiO4gd1FkQOKjqyLVTnSF3
+Hbb8VTrhDp13K5o5v4wCtF102P5LWnRC1Ny0ivOGVBmtOnZsDsMHCH1FSSGE8V9z
+8kFtFWSxaW5GKyA8KWHNxfWnxbwlrK0PXNBYgcGbXv8t1LBO/OJ6AKv7ghuNHaSR
+wPcLekQXRc4AyjkqNETiXLwc+zUTXT9uEgbtQw9TgFjhP15R1EIwFBfL9IdyLaW3
+8cShW2JbByCIPocVzCjZGbgLYWXGoysrIVTM7bKMvJmmOUbP++b+WDpFhdhDQh7v
+RYpkBcU4uSsSKmMp/y9b9oJf0s2ARkrK5TJphQ3hecdpINFnQeq2jC1YP95DuW+U
+9JARIvL1R8bQgdg3BihpZUgpdV0nOLc+V5rTTu7zbB5mhc1PdppIUKHOS26bmzbP
+lIaqQb3npiCMslcjsybYNCpYfLIGbPP+aoSzvu/uAOkXhWp4CPlwvCEberM8jtVo
+h7/3XmfzMkKqpf86OVm7/xXxPQgP/F5HZm66hFeaUZOIutAKcmJGkOaH3gzO1U9N
+oyUQPbDkbTEUKuGRnxHBXf3ne6KUfxx8k6zq0Xr9St5MXSRjLH8gdfSyTS4EgXtb
+s9XrgdHfvsJlOff/p3m17sEm4hrX3fXJeX1e+adG54N4rldPgHM=
+=CECh
+-----END PGP SIGNATURE-----