FreeBSD Mail Archives

Date:      Wed, 10 Jun 2026 00:56:54 +0000
From:      Philip Paeps <philip@FreeBSD.org>
To:        doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
Subject:   git: 57e752f69a - main - Add security advisories affecting 14.3R, 14.4R and 15.0R
Message-ID:  <6a28b656.42bf7.2b04732d@gitrepo.freebsd.org>

index | next in thread | raw e-mail


The branch main has been updated by philip:

URL: https://cgit.FreeBSD.org/doc/commit/?id=57e752f69ac97b06c90ec856abaf7bf45b99596f

commit 57e752f69ac97b06c90ec856abaf7bf45b99596f
Author:     Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2026-06-10 00:54:10 +0000
Commit:     Philip Paeps <philip@FreeBSD.org>
CommitDate: 2026-06-10 00:54:10 +0000

    Add security advisories affecting 14.3R, 14.4R and 15.0R
    
    FreeBSD-SA-26:25.thr affects all supported releases
    FreeBSD-SA-26:26.ktls affects all supported releases
    FreeBSD-SA-26:27.sound affects all supported releases
    FreeBSD-SA-26:28.capsicum affects all supported releases
    FreeBSD-SA-26:29.ip6_multicast affects all supported releases
    FreeBSD-SA-26:30.linux affects all supported releases
    FreeBSD-SA-26:31.arm64 affects all supported releases
    FreeBSD-SA-26:32.elf affects all supported releases
    FreeBSD-SA-26:33.unbound affects all supported releases
    FreeBSD-SA-26:34.vt affects all supported releases
    FreeBSD-SA-26:35.openssl affects all supported releases
    FreeBSD-SA-26:36.ldns affects all supported releases
---
 website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++
 website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++
 website/content/en/releases/15.0R/errata.adoc | 12 ++++++++++++
 3 files changed, 36 insertions(+)

diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc
index 6f110d0cae..2b20c4c49a 100644
--- a/website/content/en/releases/14.3R/errata.adoc
+++ b/website/content/en/releases/14.3R/errata.adoc
@@ -72,6 +72,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc
index 4868a9a365..4f6eedbc5f 100644
--- a/website/content/en/releases/14.4R/errata.adoc
+++ b/website/content/en/releases/14.4R/errata.adoc
@@ -62,6 +62,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc
index 2bf793af83..8316c7d8f8 100644
--- a/website/content/en/releases/15.0R/errata.adoc
+++ b/website/content/en/releases/15.0R/errata.adoc
@@ -67,6 +67,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver
 |===
 
 [[errata]]

home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a28b656.42bf7.2b04732d>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation