Date: Wed, 28 Jan 2026 13:26:24 -0700 From: Rich Reynolds <rich@redstar-assoc.com> To: Mark Millard <marklmi@yahoo.com>, freebsd-stable@freebsd.org, freebsd-security@freebsd.org Subject: Re: FreeBSD Errata Notice FreeBSD-EN-26:03.vm [and other notices/advisories from today: pkgbase instructions?] Message-ID: <021b88a7-9855-496c-b47a-26357d3c080f@redstar-assoc.com> In-Reply-To: <a0630f43-5fb0-49a2-87f0-e6bafa3e7d0e@yahoo.com> References: <20260127222855.40E6D3A1@freefall.freebsd.org> <a0630f43-5fb0-49a2-87f0-e6bafa3e7d0e@yahoo.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On 1/27/26 16:56, Mark Millard wrote: > On 1/27/26 14:28, FreeBSD Errata Notices wrote: >> ============================================================================= >> FreeBSD-EN-26:03.vm Errata Notice >> The FreeBSD Project >> >> Topic: The page fault handler fails to zero memory >> >> Category: core >> Module: vm >> Announced: 2026-01-27 >> Affects: All supported versions of FreeBSD. >> Corrected: 2025-12-15 10:37:54 UTC (stable/15, 15.0-STABLE) >> 2026-01-27 19:15:47 UTC (releng/15.0, 15.0-RELEASE-p2) >> 2025-12-15 10:42:28 UTC (stable/14, 14.3-STABLE) >> 2026-01-27 19:16:12 UTC (releng/14.3, 14.3-RELEASE-p8) >> 2026-01-26 15:18:32 UTC (stable/13, 13.4-STABLE) >> 2026-01-27 19:16:34 UTC (releng/13.5, 13.5-RELEASE-p9) > My notes use this Errata Notice as an example. But all 3 of the Errata > Notices and the 2 Security Advisories released today look to have > similar points relative to pkgbase-based FreeBSD OS installations. > >> For general information regarding FreeBSD Errata Notices and Security >> Advisories, including descriptions of the fields above, security >> branches, and the following sections, please visit >> <URL:https://security.FreeBSD.org/>. >> >> I. Background >> >> The mmap(2) system call allows applications and system libraries to allocate >> heap memory using the MAP_ANON flag. The system call allocates virtual memory >> in the calling thread's address space and physical memory is allocated on >> demand as page faults occur. Memory allocated this way is guaranteed to be >> zero-filled. >> >> II. Problem Description >> >> Under some conditions, the physical pages allocated and mapped by the kernel >> may not be zero-filled. >> >> III. Impact >> >> This bug has been observed to cause process crashes. >> >> IV. Workaround >> >> No workaround is available. >> >> V. Solution >> >> Upgrade your system to a supported FreeBSD stable or release / security >> branch (releng) dated after the correction date. >> >> Perform one of the following: >> >> 1) To update your system via a binary patch: > The below freebsd-update use is inappropriate for pkgbase based > installations of the 15.0 variants. > > [I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based > systems but (1) does not apply there either.] > >> Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms, >> or the i386 platform on FreeBSD 13, can be updated via the freebsd-update(8) >> utility: >> >> # freebsd-update fetch >> # freebsd-update install >> # shutdown -r now >> >> 2) To update your system via a source code patch: > The below source-based steps are inappropriate for pkgbase based > installations of the 15.0 variants. > > [I'm unsure of intended coverage of 14.3's non-re@-pkgbase-use based > systems but (2) does not correctly apply there either.] > >> The following patches have been verified to apply to the applicable >> FreeBSD release branches. >> >> a) Download the relevant patch from the location below, and verify the >> detached PGP signature using your PGP utility. >> >> [FreeBSD 15.0] >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-15.patch.asc >> # gpg --verify vm-15.patch.asc >> >> [FreeBSD 14.3] >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-14.patch.asc >> # gpg --verify vm-14.patch.asc >> >> [FreeBSD 13.5] >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch >> # fetch https://security.FreeBSD.org/patches/EN-26:03/vm-13.patch.asc >> # gpg --verify vm-13.patch.asc >> >> b) Apply the patch. Execute the following commands as root: >> >> # cd /usr/src >> # patch < /path/to/patch >> >> c) Recompile your kernel as described in >> <URL:https://www.FreeBSD.org/handbook/kernelconfig.html>; and reboot the >> system. > There is no section for --or mention of-- pkgbase or of use of > pkg/pkg-static commands for updating at all. > > (Such would not apply to any 13.5 variant.) > >> VI. Correction details >> >> This issue is corrected as of the corresponding Git commit hash in the >> following stable and release branches: >> >> Branch/path Hash Revision >> ------------------------------------------------------------------------- >> stable/15/ 3c0942f99209 stable/15-n281508 >> releng/15.0/ 6e279feb40be releng/15.0-n281002 >> stable/14/ 99f641267d44 stable/14-n272998 >> releng/14.3/ de311ee39b3f releng/14.3-n271457 >> stable/13/ babac9d7bc05 stable/13-n259725 >> releng/13.5/ 4967e14ba25b releng/13.5-n259188 >> ------------------------------------------------------------------------- >> >> Run the following command to see which files were modified by a >> particular commit: >> >> # git show --stat <commit hash> >> >> Or visit the following URL, replacing NNNNNN with the hash: >> >> <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>; >> >> To determine the commit count in a working tree (for comparison against >> nNNNNNN in the table above), run: >> >> # git rev-list --count --first-parent HEAD >> >> VII. References >> >> The latest revision of this advisory is available at >> <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:03.vm.asc>; >> >> other than overwriting my cloned git /usr/src directory, 'pkg upgrade' acted as expected. now if i could just get my build from source repository to be as easy. thanx gang. odd1 -- When you believe in things, that you don't understand, then you suffer, superstition ain't the way. Stevie Wonder - 1972 [-- Attachment #2 --] odd1@fb15r:/usr/src % sudo pkg upgrade Password: Updating FreeBSD-ports repository catalogue... FreeBSD-ports repository is up to date. Updating FreeBSD-ports-kmods repository catalogue... Fetching data: 100% 35 KiB 35.5 k/s 00:01 Processing entries: 100% FreeBSD-ports-kmods repository update completed. 239 packages processed. Updating FreeBSD-base repository catalogue... FreeBSD-base repository is up to date. Updating FreeBSD-kmods repository catalogue... Fetching data: 100% 35 KiB 35.6 k/s 00:01 Processing entries: 100% FreeBSD-kmods repository update completed. 239 packages processed. All repositories are up to date. Checking for upgrades (17 candidates): 100% Processing candidates (17 candidates): 100% The following 16 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: FreeBSD-devmatch: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-kernel-generic: 15.0p1 -> 15.0p2 [FreeBSD-base] FreeBSD-kernel-generic-dbg: 15.0p1 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl-dbg-lib32: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl-dev: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl-dev-lib32: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl-lib: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-openssl-lib32: 15.0 -> 15.0p2 [FreeBSD-base] FreeBSD-rescue: 15.0p1 -> 15.0p2 [FreeBSD-base] FreeBSD-runtime: 15.0p1 -> 15.0p2 [FreeBSD-base] FreeBSD-src: 15.0p1 -> 15.0p2 [FreeBSD-base] FreeBSD-src-sys: 15.0p1 -> 15.0p2 [FreeBSD-base] dav1d: 1.5.2 -> 1.5.3 [FreeBSD-ports] qt6-declarative: 6.10.1_1 -> 6.10.1_2 [FreeBSD-ports] thunderbird: 147.0 -> 147.0.1 [FreeBSD-ports] Number of packages to be upgraded: 16 555 MiB to be downloaded. Proceed with this action? [y/N]: y [ 1/16] Fetching FreeBSD-kernel-generic-dbg-15.0p2: 100% 124 MiB 1.0 M/s 02:09 [ 2/16] Fetching FreeBSD-devmatch-15.0p2: 100% 17 KiB 17.4 k/s 00:01 [ 3/16] Fetching FreeBSD-src-15.0p2: 100% 158 MiB 955.3 k/s 02:53 [ 4/16] Fetching FreeBSD-kernel-generic-15.0p2: 100% 45 MiB 663.0 k/s 01:11 [ 5/16] Fetching FreeBSD-openssl-lib-15.0p2: 100% 2 MiB 768.6 k/s 00:03 [ 6/16] Fetching FreeBSD-openssl-dbg-lib32-15.0p2: 100% 4 MiB 1.3 M/s 00:03 [ 7/16] Fetching qt6-declarative-6.10.1_2: 100% 16 MiB 930.1 k/s 00:18 [ 8/16] Fetching FreeBSD-openssl-lib32-15.0p2: 100% 2 MiB 2.1 M/s 00:01 [ 9/16] Fetching FreeBSD-src-sys-15.0p2: 100% 87 MiB 916.0 k/s 01:40 [10/16] Fetching FreeBSD-rescue-15.0p2: 100% 7 MiB 1.2 M/s 00:06 [11/16] Fetching FreeBSD-runtime-15.0p2: 100% 3 MiB 759.7 k/s 00:04 [12/16] Fetching FreeBSD-openssl-dev-15.0p2: 100% 13 MiB 1.1 M/s 00:12 [13/16] Fetching FreeBSD-openssl-dev-lib32-15.0p2: 100% 9 MiB 777.4 k/s 00:12 [14/16] Fetching thunderbird-147.0.1: 100% 84 MiB 811.5 k/s 01:49 [15/16] Fetching dav1d-1.5.3: 100% 639 KiB 327.4 k/s 00:02 [16/16] Fetching FreeBSD-openssl-15.0p2: 100% 631 KiB 646.5 k/s 00:01 Checking integrity... done (0 conflicting) [ 1/16] Upgrading FreeBSD-devmatch from 15.0 to 15.0p2... [ 1/16] Extracting FreeBSD-devmatch-15.0p2: 100% [ 2/16] Upgrading FreeBSD-kernel-generic from 15.0p1 to 15.0p2... [ 2/16] Extracting FreeBSD-kernel-generic-15.0p2: 100% [ 3/16] Upgrading FreeBSD-kernel-generic-dbg from 15.0p1 to 15.0p2... [ 3/16] Extracting FreeBSD-kernel-generic-dbg-15.0p2: 100% [ 4/16] Upgrading FreeBSD-openssl from 15.0 to 15.0p2... [ 4/16] Extracting FreeBSD-openssl-15.0p2: 100% [ 5/16] Upgrading FreeBSD-openssl-dbg-lib32 from 15.0 to 15.0p2... [ 5/16] Extracting FreeBSD-openssl-dbg-lib32-15.0p2: 100% [ 6/16] Upgrading FreeBSD-openssl-dev from 15.0 to 15.0p2... [ 6/16] Extracting FreeBSD-openssl-dev-15.0p2: 100% [ 7/16] Upgrading FreeBSD-openssl-dev-lib32 from 15.0 to 15.0p2... [ 7/16] Extracting FreeBSD-openssl-dev-lib32-15.0p2: 100% [ 8/16] Upgrading FreeBSD-openssl-lib from 15.0 to 15.0p2... [ 8/16] Extracting FreeBSD-openssl-lib-15.0p2: 100% [ 9/16] Upgrading FreeBSD-openssl-lib32 from 15.0 to 15.0p2... [ 9/16] Extracting FreeBSD-openssl-lib32-15.0p2: 100% [10/16] Upgrading FreeBSD-rescue from 15.0p1 to 15.0p2... [10/16] Extracting FreeBSD-rescue-15.0p2: 100% [11/16] Upgrading FreeBSD-runtime from 15.0p1 to 15.0p2... [11/16] Extracting FreeBSD-runtime-15.0p2: 100% [12/16] Upgrading FreeBSD-src from 15.0p1 to 15.0p2... [12/16] Extracting FreeBSD-src-15.0p2: 100% [13/16] Upgrading FreeBSD-src-sys from 15.0p1 to 15.0p2... [13/16] Extracting FreeBSD-src-sys-15.0p2: 100% [14/16] Upgrading dav1d from 1.5.2 to 1.5.3... [14/16] Extracting dav1d-1.5.3: 100% [15/16] Upgrading qt6-declarative from 6.10.1_1 to 6.10.1_2... [15/16] Extracting qt6-declarative-6.10.1_2: 100% [16/16] Upgrading thunderbird from 147.0 to 147.0.1... [16/16] Extracting thunderbird-147.0.1: 100% ==> Running trigger: mandoc.ucl Generating apropos(1) database for /usr/share/man... Generating apropos(1) database for /usr/share/openssl/man... ==> Running trigger: desktop-file-utils.ucl Building cache database of MIME types odd1@fb15r:/usr/src %home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?021b88a7-9855-496c-b47a-26357d3c080f>