Date: Wed, 01 Jul 2026 00:00:00 +0000 From: Philip Paeps <philip@FreeBSD.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org Subject: git: c825b69ca0 - main - Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R Message-ID: <6a445880.20dd9.23c4fa27@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by philip: URL: https://cgit.FreeBSD.org/doc/commit/?id=c825b69ca0b0cdd41f3980c9dd4b45ce6cded427 commit c825b69ca0b0cdd41f3980c9dd4b45ce6cded427 Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2026-06-30 23:58:05 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2026-06-30 23:58:05 +0000 Add security advisories affecting 14.3R, 14.4R, 15.0R and 15.1R FreeBSD-SA-26:37.vm affects all supported releases FreeBSD-SA-26:38.jail affects 15.0R and 15.1R FreeBSD-SA-26:39.execve affects all supported releases FreeBSD-SA-26:40.zfs affects all supported releases FreeBSD-SA-26:41.libalias affects all supported releases FreeBSD-SA-26:42.unlinkat affects all supported releases FreeBSD-SA-26:43.tcp affects all supported releases FreeBSD-SA-26:44.posixshm affects all supported releases FreeBSD-SA-26:45.audit affects all supported releases FreeBSD-SA-26:46.ktls affects all supported releases FreeBSD-SA-26:47.linux affects 14.3R, 14.4R and 15.0R FreeBSD-SA-26:48.compat32 affects 14.3R, 14.4R and 15.0R FreeBSD-SA-26:49.iconv affects all supported releases --- website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++ website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++ website/content/en/releases/15.0R/errata.adoc | 13 +++++++++++++ website/content/en/releases/15.1R/errata.adoc | 14 +++++++++++--- 4 files changed, 48 insertions(+), 3 deletions(-) diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc index a067cccbd0..e564658d6b 100644 --- a/website/content/en/releases/14.3R/errata.adoc +++ b/website/content/en/releases/14.3R/errata.adoc @@ -84,6 +84,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3) |=== [[errata]] diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc index df26ddd969..15249a694a 100644 --- a/website/content/en/releases/14.4R/errata.adoc +++ b/website/content/en/releases/14.4R/errata.adoc @@ -74,6 +74,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3) |=== [[errata]] diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc index 0a35ba1a06..349252067b 100644 --- a/website/content/en/releases/15.0R/errata.adoc +++ b/website/content/en/releases/15.0R/errata.adoc @@ -79,6 +79,19 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:47.linux.asc[FreeBSD-SA-26:47.linux] |30 June 2026 |Kernel stack disclosure in Linux compatibility layer +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:48.compat32.asc[FreeBSD-SA-26:48.compat32] |30 June 2026 |Kernel stack disclosure in 32-bit compatibility support +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3) |=== [[errata]] diff --git a/website/content/en/releases/15.1R/errata.adoc b/website/content/en/releases/15.1R/errata.adoc index 102cb395fc..26af480806 100644 --- a/website/content/en/releases/15.1R/errata.adoc +++ b/website/content/en/releases/15.1R/errata.adoc @@ -44,9 +44,17 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ [width="100%",cols="40%,30%,30%",options="header",] |=== |Advisory |Date |Topic - -|No advisories.|| - +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:37.vm.asc[FreeBSD-SA-26:37.vm] |30 June 2026 |Use-after-free in device pager page list +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:38.jail.asc[FreeBSD-SA-26:38.jail] |30 June 2026 |Jail reference count underflow +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:39.execve.asc[FreeBSD-SA-26:39.execve] |30 June 2026 |Local privilege escalation via execve(2) TOCTOU race +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:40.zfs.asc[FreeBSD-SA-26:40.zfs] |30 June 2026 |Multiple vulnerabilities in OpenZFS +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:41.libalias.asc[FreeBSD-SA-26:41.libalias] |30 June 2026 |Buffer overflow in libalias RTSP handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:42.unlinkat.asc[FreeBSD-SA-26:42.unlinkat] |30 June 2026 |unlinkat(2) ignores AT_RESOLVE_BENEATH flag +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:43.tcp.asc[FreeBSD-SA-26:43.tcp] |30 June 2026 |Use-after-free in TCP RACK stack option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:44.posixshm.asc[FreeBSD-SA-26:44.posixshm] |30 June 2026 |Multiple vulnerabilities in POSIX largepage objects +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:45.audit.asc[FreeBSD-SA-26:45.audit] |30 June 2026 |Incorrect audit records for ptrace(2) syscall requests +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:46.ktls.asc[FreeBSD-SA-26:46.ktls] |30 June 2026 |Remote DOS via uninitialized memory access in KTLS receive +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:49.iconv.asc[FreeBSD-SA-26:49.iconv] |30 June 2026 |Multiple vulnerabilities in iconv(3) |=== [[errata]]home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a445880.20dd9.23c4fa27>
