Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 01 Jul 2026 00:00:00 +0000
From:      Philip Paeps <philip@FreeBSD.org>
To:        doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
Subject:   git: c825b69ca0 - main - Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R
Message-ID:  <6a445880.20dd9.23c4fa27@gitrepo.freebsd.org>

index | next in thread | raw e-mail

The branch main has been updated by philip:

URL: https://cgit.FreeBSD.org/doc/commit/?id=c825b69ca0b0cdd41f3980c9dd4b45ce6cded427

commit c825b69ca0b0cdd41f3980c9dd4b45ce6cded427
Author:     Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-06-30 23:58:05 +0000
Commit:     Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-06-30 23:58:05 +0000

    Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R
    
    FreeBSD-SA-26:37.vm affects all supported releases
    FreeBSD-SA-26:38.jail affects 15.0R and 15.1R
    FreeBSD-SA-26:39.execve affects all supported releases
    FreeBSD-SA-26:40.zfs affects all supported releases
    FreeBSD-SA-26:41.libalias affects all supported releases
    FreeBSD-SA-26:42.unlinkat affects all supported releases
    FreeBSD-SA-26:43.tcp affects all supported releases
    FreeBSD-SA-26:44.posixshm affects all supported releases
    FreeBSD-SA-26:45.audit affects all supported releases
    FreeBSD-SA-26:46.ktls affects all supported releases
    FreeBSD-SA-26:47.linux affects 14.3R, 14.4R and 15.0R
    FreeBSD-SA-26:48.compat32 affects 14.3R, 14.4R and 15.0R
    FreeBSD-SA-26:49.iconv affects all supported releases
---
 website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++
 website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++
 website/content/en/releases/15.0R/errata.adoc | 13 +++++++++++++
 website/content/en/releases/15.1R/errata.adoc | 14 +++++++++++---
 4 files changed, 48 insertions(+), 3 deletions(-)

diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index a067cccbd0..e564658d6b 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -84,6 +84,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index df26ddd969..15249a694a 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -74,6 +74,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index 0a35ba1a06..349252067b 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -79,6 +79,19 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/15.1R/errata.adoc b/website/content/en/releases/15.1R/errata.adoc
index 102cb395fc..26af480806 100644
--- a/website/content/en/releases/15.1R/errata.adoc
+++ b/website/content/en/releases/15.1R/errata.adoc
@@ -44,9 +44,17 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 [width="100%",cols="40%,30%,30%",options="header",]
 |===
 |Advisory |Date |Topic
-
-|No advisories.||
-
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3)
 |===
 
 [[errata]]


home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a445880.20dd9.23c4fa27>