From owner-svn-doc-head@freebsd.org Thu Mar 8 06:17:32 2018 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 19218F36E2E; Thu, 8 Mar 2018 06:17:32 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BE49D87C95; Thu, 8 Mar 2018 06:17:31 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B91CB50BD; Thu, 8 Mar 2018 06:17:31 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w286HV53025294; Thu, 8 Mar 2018 06:17:31 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w286HVFa025291; Thu, 8 Mar 2018 06:17:31 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <201803080617.w286HVFa025291@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Thu, 8 Mar 2018 06:17:31 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51472 - in head/share/security: advisories patches/SA-18:01 X-SVN-Group: doc-head X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in head/share/security: advisories patches/SA-18:01 X-SVN-Commit-Revision: 51472 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Mar 2018 06:17:32 -0000 Author: gordon (src,ports committer) Date: Thu Mar 8 06:17:31 2018 New Revision: 51472 URL: https://svnweb.freebsd.org/changeset/doc/51472 Log: Update SA-18:01 with revision and a new patch. Added: head/share/security/patches/SA-18:01/ipsec-10.rev1.patch (contents, props changed) head/share/security/patches/SA-18:01/ipsec-10.rev1.patch.asc (contents, props changed) Modified: head/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc Modified: head/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc ============================================================================== --- head/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc Thu Mar 8 04:29:30 2018 (r51471) +++ head/share/security/advisories/FreeBSD-SA-18:01.ipsec.asc Thu Mar 8 06:17:31 2018 (r51472) @@ -2,7 +2,7 @@ Hash: SHA512 ============================================================================= -FreeBSD-SA-18:01.ipsec Security Advisory +FreeBSD-SA-18:01.ipsec [REVISED] Security Advisory The FreeBSD Project Topic: ipsec validation and use-after-free @@ -15,8 +15,8 @@ Affects: All supported versions of FreeBSD. Corrected: 2018-02-24 13:04:02 UTC (stable/11, 11.1-STABLE) 2018-03-07 05:53:35 UTC (releng/11.1, 11.1-RELEASE-p7) 2018-03-07 16:55:15 UTC (stable/10, 10.4-STABLE) - 2018-03-07 17:16:41 UTC (releng/10.4, 10.4-RELEASE-p6) - 2018-03-07 17:16:41 UTC (releng/10.3, 10.3-RELEASE-p27) + 2018-03-07 17:16:41 UTC (releng/10.4, 10.4-RELEASE-p7) + 2018-03-07 17:16:41 UTC (releng/10.3, 10.3-RELEASE-p28) CVE Name: CVE-2018-6916 For general information regarding FreeBSD Security Advisories, @@ -26,7 +26,7 @@ following sections, please visit -----BEGIN PGP SIGNATURE----- -iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqgIMpfFIAAAAAALgAo +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqg1K9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n -5cIRsA//b3GwfCJwKRdmxvEeTMxSrlppHr3x+quY9HhJEy1Sp4G4aPv4T5J0wjwX -vYdRuCtYSbdewGrOtq77Lwf0QKmvay6rvY/FB5Mm5EXqzdSzKLoEWqv9n0ShRbA4 -4M61TaqrK6TB/zE+CRm9LS1Vmx7sfOh7ebhWvt1oKoobC/9p/1W/622ZJ6CsE7vc -GWg0zJzbCpw3MfhCF8dTr7mjheL7EiXBQaSNDIa4FqSScPshk87VmUM7rd8NYUuX -ADDTOyQ/9ycwPecHl1/IlFRsIOGXl7mvXy8SibRUsSFNZB53x+915hLRhH+YuQH8 -aoWVT+mTwOsJPs36Nd+PwV3iJ5jcLaIXFlx65JHu+rep7BXDpDM6N7BHoeDl3s+y -8qwFUwb6wVEMj93kM8X+VdVx1nyFr/MTFsbj6CaIryXm+X/QtE4TCzDoWn+P+cpo -Ic7q/NDA4abU1KEOQYAS8TTrJl+VTtAVl2gv/D3+TGOXWebXkoAsKvRbXC7eesWa -b1GD5my7sSPmMsSsiNxNus9EtWOE0QMu6Asa/fDhhsg+jUSdsn8Iduia62UFeCXz -NBq87Gobw1WM+N7aDKDbt9+hXBZu3YTPL31IDhCj5ezOWQ77qpDV7c0CiQsRqLjG -nwgNe41g2bhjIFpIoyA/e4aXdOuYHsUKYFCmmzCO1ZGO3NkB0VQ= -=Yb3u +5cJCDQ/+OpTS1PrKiwuRsJ5i0RWnS8C9d/dIn9C83JJtuxhGb+CEY5bYSVKufsW/ +ilkUK3fiOWWwDHYecZW15qvt1E2E6Hm608b+K37bqL+FKobNj78B+KQr4erb0183 +/Kqo0TKDtsUzr20sNFWgeQWgHP/EqyWyJuB2zfOSb1vGUViiuxJfMxajzfE2tKqh +IDG/QpMvRolJFKSWdQnF08NIYLXfffZ4Sz9+VDCdfeLEQKi+LT6DJnlGDz/rR5iB +TwyMg3AbobpGuuV0puOZTul2GiHaPwh/fJR8JoG13+kK5VznvrOXopLAl2CVAjtj +mNuHeQHwaSQanSXgKtYxZG4/w1JDMSr60FKgG7FizhJ+9WAbjPySbb+wV5qJD4oY +a8F2urt3Tj1c1l4juOctVW+NVSS96idpf9NsmsmticTujgBu+2k63+cSIchiNj1B +ZcPw5PLgiC/r0P6FITrwXa7zJLNHdFrPvNihKTlEHJAgGno7FJJpdagxmcfGnpb2 +74VlbQF7Tq+9NQJU23y9Vj3YL0XERB/b45oRHkBEoVJKgK9/4U4mzFufn4PfANUt +0hcgMlxTOVKt0S405dh4I6ok51iq6XDol18QoYbXJHqMuEq7Lo80fKuq8gpKmCJ0 +h3NBYJKPUsngfJUisXS7VrQx3zTB8Yyp1BykpCDKET8LVJGmV7c= +=RMG/ -----END PGP SIGNATURE----- Added: head/share/security/patches/SA-18:01/ipsec-10.rev1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-18:01/ipsec-10.rev1.patch Thu Mar 8 06:17:31 2018 (r51472) @@ -0,0 +1,17 @@ +--- sys/netipsec/xform_ah.c.orig ++++ sys/netipsec/xform_ah.c +@@ -619,11 +619,11 @@ + DPRINTF(("%s: bad mbuf length %u (expecting %lu)" + " for packet in SA %s/%08lx\n", __func__, + m->m_pkthdr.len, (u_long) (skip + authsize + rplen), +- ipsec_address(&sav->sah->saidx.dst, buf, sizeof(buf)), ++ ipsec_address(&sav->sah->saidx.dst), + (u_long) ntohl(sav->spi))); + AHSTAT_INC(ahs_badauthl); +- error = EACCES; +- goto bad; ++ m_freem(m); ++ return EACCES; + } + AHSTAT_ADD(ahs_ibytes, m->m_pkthdr.len - skip - hl); + Added: head/share/security/patches/SA-18:01/ipsec-10.rev1.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/SA-18:01/ipsec-10.rev1.patch.asc Thu Mar 8 06:17:31 2018 (r51472) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlqgutVfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cI6Yg//dYhm+VAIs8cB/n3asDDqTdNY1TfSse5U8YXDXN0fvZGBfa5Fg+hrqQFk +CkFuwJrnsiBQ2d0HEBTG5jrQGjPCfGszKlCQoLzoCF+nv2nEqQZISBgdjTkRRhFB +LfDbSPhlgHqQVHpNjp03hSJlz/57svLVIdmbZYKqITRMhuE9yR1RK5x51br88Jse +ImcmZpojG1p/5ECiLunf/fEwh1riN2kWwZWStQCqEX0XF9aV55unCkM4OQdiUEyJ +WUXlS0XljkG2BwopAVMUkYx8G5N/Mj6VRogkohitEpdToQXJ+EdwzE5bOqkEZMwx +k9gwUNwpGqZeuThGa1ZeqJ3Izf1iF+6DNEOhxSYNfVgGY7Kjf5AtS+lSUdxMjTmZ +/hpgIW86QvSBjV7H7b0NZGXZQ2fItzPfVnVQ9agBpEzYG4IJiuGPXRfgmFKg33qp +q+ip+PgkO1rwJSMg4PVUa5t8VR2ITTbgamLDK9NHylBPHwbUR9CeYgiBOjRljs4b +j/QJi6TOQ/5vyUccW8ilGSGr0UQ3yrOZhkW298mn8o9FS6aoj8dbr9DXKLitSbkj +iQssnB2xe6K2F6XYILK+Zi154zvGaXdzUFXZE8DE7XScDugM2QHqRNe7FlTc8IjJ +fk9HdL55a+vzpFgu54TIz/tO/Rvz3rIGMVQ/WGF1wNIz36285Vs= +=O3Zi +-----END PGP SIGNATURE-----