From nobody Wed Jun 10 00:56:54 2026 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZnRb5WB5z6h48j for ; Wed, 10 Jun 2026 00:56:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZnRb4W0Pz3bD7 for ; Wed, 10 Jun 2026 00:56:59 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781053019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hpCtMr+EfxP4by3eqCw4mV/AO7NPMRrrwAjUOHSYkCY=; b=LwSPaYa/M0bC+X8uWTYUqB9XfG0CKCzjmAHoNaF3Hl4udSUnKO8kNDahaUq22xQ+X97F2q 0ewe/nUlifyKA05rW53tz/BbrL+slcU4D6zwpuoAIzIjvUyMbAWjY42h8qwHHozJijV0Hg Hqx+C5yr6V+YH9xXTmT5Larw1fz5/cFTtDleDK+BrGhLn/ZGBwnjgisqCEIi8SZD5QUqaI w0/TAPaiv59/nhwMuGnPwhe94LIlKieutwL3Re02xmjSFWl1H9KMYDApuFKiNKZUU5WBDc o+izc2cxgNUMRNTgweKMVeicqB+7QM56EXSRwyDvqu4s1eZ3FOZYoSrWuGlPUA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781053019; a=rsa-sha256; cv=none; b=T1ICb2gaYAo6qHh6vHBj/k0lyf4O5jbY8A6b6NoQMmVtuFGbSaOHSQqoRSwful5i34yWLd dk4RUgnLpHHZaUi5fZVbBUec7g0txC2cH07WhDKwQSA1mDD5t3yB8rlkiM64dBVW7BKFeC FJ88E6ZAJb03lY1HDAMc7TGZCpMPlrbGHv+V8n9mFY5Ra/Cj8vHbvxlM0MsaEd5ARhfUsk Lp29orNu6jr5azC4NHVsz7GOZPuqn1hAMPCjE5CDAC2OIZioKN0STAEBQ53isNc95IIRYp eetdIN0gDIpTf7SjSqwBfZXYe3x7/Aubai2Mo70lAUOWiKZpFUmX39LWz6voww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781053019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hpCtMr+EfxP4by3eqCw4mV/AO7NPMRrrwAjUOHSYkCY=; b=DVz+FAc3KF/ch9rEBokuPe3n5T0873TGJtE/AVWE0fMFvx53PvP3u+tpwGPehck+5MzKbf UdQ+6fNpPjLGT2PYFjCqgVVVbXm1EZXozp/c3KJ0E4bovv6ylP48ZdV0x3racpxPkDDEGH HfSu3Al8R6yVEOylEHWuE9JUWTPcKpDMCsU/Z60TyaXQDvIz8WDG3LbRl0yEatVs1Cx52d ZA/fn2MgO9X4PsNxBJQVLtjq/SL+VodEwotluqU9F0FoDjg/TPuTj5tStG6fx4rMVc35EI UwvRtVTy2f81zgk15fDga7Hs4st2rhWfB/Xay+aqNoahu1xq+NZS+4e2YhDvCg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZnRb41zszyLb for ; Wed, 10 Jun 2026 00:56:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 42bf7 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 00:56:54 +0000 To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Philip Paeps Subject: git: 57e752f69a - main - Add security advisories affecting 14.3R, 14.4R and 15.0R List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: philip X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 57e752f69ac97b06c90ec856abaf7bf45b99596f Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 00:56:54 +0000 Message-Id: <6a28b656.42bf7.2b04732d@gitrepo.freebsd.org> The branch main has been updated by philip: URL: https://cgit.FreeBSD.org/doc/commit/?id=57e752f69ac97b06c90ec856abaf7bf45b99596f commit 57e752f69ac97b06c90ec856abaf7bf45b99596f Author: Philip Paeps AuthorDate: 2026-06-10 00:54:10 +0000 Commit: Philip Paeps CommitDate: 2026-06-10 00:54:10 +0000 Add security advisories affecting 14.3R, 14.4R and 15.0R FreeBSD-SA-26:25.thr affects all supported releases FreeBSD-SA-26:26.ktls affects all supported releases FreeBSD-SA-26:27.sound affects all supported releases FreeBSD-SA-26:28.capsicum affects all supported releases FreeBSD-SA-26:29.ip6_multicast affects all supported releases FreeBSD-SA-26:30.linux affects all supported releases FreeBSD-SA-26:31.arm64 affects all supported releases FreeBSD-SA-26:32.elf affects all supported releases FreeBSD-SA-26:33.unbound affects all supported releases FreeBSD-SA-26:34.vt affects all supported releases FreeBSD-SA-26:35.openssl affects all supported releases FreeBSD-SA-26:36.ldns affects all supported releases --- website/content/en/releases/14.3R/errata.adoc | 12 ++++++++++++ website/content/en/releases/14.4R/errata.adoc | 12 ++++++++++++ website/content/en/releases/15.0R/errata.adoc | 12 ++++++++++++ 3 files changed, 36 insertions(+) diff --git a/website/content/en/releases/14.3R/errata.adoc b/website/content/en/releases/14.3R/errata.adoc index 6f110d0cae..2b20c4c49a 100644 --- a/website/content/en/releases/14.3R/errata.adoc +++ b/website/content/en/releases/14.3R/errata.adoc @@ -72,6 +72,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver |=== [[errata]] diff --git a/website/content/en/releases/14.4R/errata.adoc b/website/content/en/releases/14.4R/errata.adoc index 4868a9a365..4f6eedbc5f 100644 --- a/website/content/en/releases/14.4R/errata.adoc +++ b/website/content/en/releases/14.4R/errata.adoc @@ -62,6 +62,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver |=== [[errata]] diff --git a/website/content/en/releases/15.0R/errata.adoc b/website/content/en/releases/15.0R/errata.adoc index 2bf793af83..8316c7d8f8 100644 --- a/website/content/en/releases/15.0R/errata.adoc +++ b/website/content/en/releases/15.0R/errata.adoc @@ -67,6 +67,18 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/ |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:22.libcasper.asc[FreeBSD-SA-26:22.libcasper] |20 May 2026 |select(2) file descriptor set overflow causes stack overflow |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:23.bsdinstall.asc[FreeBSD-SA-26:23.bsdinstall] |20 May 2026 |Remote code execution via installer Wi-Fi access point scans |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:24.cap_net.asc[FreeBSD-SA-26:24.cap_net] |20 May 2026 |Incorrect libcap_net limitation list manipulation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:25.thr.asc[FreeBSD-SA-26:25.thr] |9 June 2026 |Missing permission check in thr_kill2(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:26.ktls.asc[FreeBSD-SA-26:26.ktls] |9 June 2026 |Arbitrary file overwrite via the KTLS receive path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:27.sound.asc[FreeBSD-SA-26:27.sound] |9 June 2026 |Multiple vulnerabilities in the sound(4) mmap path +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:28.capsicum.asc[FreeBSD-SA-26:28.capsicum] |9 June 2026 |sigqueue(2) missing capability mode restriction +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:29.ip6_multicast.asc[FreeBSD-SA-26:29.ip6_multicast] |9 June 2026 |Use-after-free bug in the IPV6_MSFILTER socket option handler +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:30.linux.asc[FreeBSD-SA-26:30.linux] |9 June 2026 |Flaw in Linuxulator execution of setugid binaries +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:31.arm64.asc[FreeBSD-SA-26:31.arm64] |9 June 2026 |Arm CPU errata may bypass page table permission changes +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:32.elf.asc[FreeBSD-SA-26:32.elf] |9 June 2026 |ASLR bypass for setuid executables via procctl(2) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:33.unbound.asc[FreeBSD-SA-26:33.unbound] |9 June 2026 |Multiple vulnerabilities in unbound +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:34.vt.asc[FreeBSD-SA-26:34.vt] |9 June 2026 |Integer overflow in vt(4) CONS_HISTORY ioctl +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:35.openssl.asc[FreeBSD-SA-26:35.openssl] |9 June 2026 |Multiple vulnerabilities in OpenSSL +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-26:36.ldns.asc[FreeBSD-SA-26:36.ldns] |9 June 2026 |Insufficient response validation in the ldns stub resolver |=== [[errata]]