FreeBSD Mail Archives

Date:      Thu, 30 Apr 2026 01:31:46 +0000
From:      Philip Paeps <philip@FreeBSD.org>
To:        doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
Subject:   git: f6ce52f505 - main - Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R
Message-ID:  <69f2b102.3ad85.3b745439@gitrepo.freebsd.org>

index | next in thread | raw e-mail


The branch main has been updated by philip:

URL: https://cgit.FreeBSD.org/doc/commit/?id=f6ce52f50591bdb84c5b866bf75501b12048c55f

commit f6ce52f50591bdb84c5b866bf75501b12048c55f
Author:     Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-04-30 01:28:08 +0000
Commit:     Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-04-30 01:28:08 +0000

    Add security advisories affecting 13.5R, 14.3R, 14.4R and 15.0R
    
    FreeBSD-SA-26:12.dhclient affects all supported releases
    FreeBSD-SA-26:13.exec affects all supported releases
    FreeBSD-SA-26:14.pf affects all supported releases
    FreeBSD-SA-26:15.dhclient affects all supported releases
    FreeBSD-SA-26:16.libnv affects all supported releases
    FreeBSD-SA-26:17.libnv affects all supported releases
---
 website/content/en/releases/13.5R/errata.adoc | 6 ++++++
 website/content/en/releases/14.3R/errata.adoc | 6 ++++++
 website/content/en/releases/14.4R/errata.adoc | 6 ++++++
 website/content/en/releases/15.0R/errata.adoc | 6 ++++++
 4 files changed, 24 insertions(+)

diff --git a/website/content/en/releases/13.5R/errata.adoc b/website/content/en/releases/13.5R/errata.adoc
index e8751c59c3..bce64dd752 100644
--- a/website/content/en/releases/13.5R/errata.adoc
+++ b/website/content/en/releases/13.5R/errata.adoc
@@ -55,6 +55,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:08.rpcsec_gss.asc[FreeBSD-SA-26:08.rpcsec_gss] |26 March 2026 |Remote code execution via RPCSEC_GSS packet validation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index c5d3ff2eb6..11269e841d 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -59,6 +59,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index 551d7e6cce..f58b4677d1 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -49,6 +49,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index da400909ce..f891ed725f 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -54,6 +54,12 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:09.pf.asc[FreeBSD-SA-26:09.pf] |26 March 2026 |pf silently ignores certain rules
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:10.tty.asc[FreeBSD-SA-26:10.tty] |21 April 2026 |Kernel use-after-free bug in the TIOCNOTTY handler
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:11.amd64.asc[FreeBSD-SA-26:11.amd64] |21 April 2026 |Missing large page handling in pmap_pkru_update_range()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc[FreeBSD-SA-26:12.dhclient] |29 April 2026 |Remote code execution via malicious DHCP options
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:13.exec.asc[FreeBSD-SA-26:13.exec] |29 April 2026 |Local privilege escalation via execve()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:14.pf.asc[FreeBSD-SA-26:14.pf] |29 April 2026 |pf can overflow the stack parsing crafted SCTP packets
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:15.dhclient.asc[FreeBSD-SA-26:15.dhclient] |29 April 2026 |Remotely triggerable out-of-bounds heap write in dhclient
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:16.libnv.asc[FreeBSD-SA-26:16.libnv] |29 April 2026 |Stack overflow via select() file descriptor set overflow
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:17.libnv.asc[FreeBSD-SA-26:17.libnv] |29 April 2026 |Heap overflow in libnv
 |===
 
 [[errata]]

home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69f2b102.3ad85.3b745439>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation