From owner-freebsd-security@freebsd.org Wed Apr 14 16:21:01 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B59D95E0489 for ; Wed, 14 Apr 2021 16:21:01 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FL74r6trTz3j8b for ; Wed, 14 Apr 2021 16:21:00 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qk1-x734.google.com with SMTP id d15so8995251qkc.9 for ; Wed, 14 Apr 2021 09:21:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=5fYAsweYbd7s1qqSI8ElsMGQW3bDjig2VkxQb9XG5nw=; b=HqCit57Baj/2srkh8aUI3H0cDdzfRnEyns03hDMs8BwU5oQ9YekmDJ1SRguwx05Mn3 I1QQVh8hiAlRTv27bnpdCJHOyyB9HDYegyPRIpFndNYE4Er8dVCXdCdzetxNxtNHudNH xI62NkOqM8G6tOay+I4MZ8DgvnPcdRB3tfDU1qo3BH/+nl8j5HUX9xOngstz4mFf6aey sQNxwZeZTcNfJ2OUzh+epSLLWj/hQZm5WCiPmTOLcR+a4m3nZoLKwDVbiClxhm/5t3XK VFr9JQ8JLXls1MSfc5fPIl8tF2nLCZ24l8fMr7MV5CcCI/5s1AdjzCJ8rli7mDgIafL8 zXug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=5fYAsweYbd7s1qqSI8ElsMGQW3bDjig2VkxQb9XG5nw=; b=diPg3zhH8pIUXasEB9kShUDyw6Qrr5MzQ0nw3EKDInhbwTZayU7etGrI9DtfSQB/cH 3D0VtdaxzyTInm/T+foAnXD2vNSGtRjlGL3VOBv766uUFdEg13gEb+bOEaBIsIcsjuPD 9tF5u+Mmq9cM3I0iujnPm+A/fkA8ISOjsrNQaKcUjVJiNbZtm2TcUtPtyf/HsZUilRuA UUWS4bdOSXm+37FIS12FE81eg4KkBvZcB6N0Ncebsx0StpJ+iFnmXIcfvD6uU/iZa/3k nRjYwMAPPOKyLfRgYJ/3MioIFKN1XRucgWn7M8YbUKhk4VpVLnnwVbDxp9eIhxCZtjmJ 9SPg== X-Gm-Message-State: AOAM530rDJpaQE4r6oFGZ2Cj7VH9DHF8w97cQlx53DSnyjKYkGwxIEXA PCzDc+6SrxL7d3O0obRxaXhM6NlSe/Ti+zKy X-Google-Smtp-Source: ABdhPJxcP4bn6uzdCT729hV2agHystGMhDT9wAAHY2TQGQQfxx00e2zX5PFa5cZHdwKrRozCcXJXDg== X-Received: by 2002:a37:b947:: with SMTP id j68mr32133322qkf.108.1618417259861; Wed, 14 Apr 2021 09:20:59 -0700 (PDT) Received: from mutt-hbsd (pool-100-16-222-53.bltmmd.fios.verizon.net. [100.16.222.53]) by smtp.gmail.com with ESMTPSA id 81sm11729518qkl.121.2021.04.14.09.20.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Apr 2021 09:20:59 -0700 (PDT) Date: Wed, 14 Apr 2021 12:20:58 -0400 From: Shawn Webb To: mike tancsa Cc: "freebsd-security@freebsd.org" Subject: Re: name:wrek vulnerabilities ? Message-ID: <20210414162058.mrhv7cnyxrad5n7e@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xb2u6txeaf73mpzi" Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4FL74r6trTz3j8b X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=hardenedbsd.org header.s=google header.b=HqCit57B; dmarc=none; spf=pass (mx1.freebsd.org: domain of shawn.webb@hardenedbsd.org designates 2607:f8b0:4864:20::734 as permitted sender) smtp.mailfrom=shawn.webb@hardenedbsd.org X-Spamd-Result: default: False [-4.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[hardenedbsd.org:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::734:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RECEIVED_SPAMHAUS_PBL(0.00)[100.16.222.53:received]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; DMARC_NA(0.00)[hardenedbsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::734:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::734:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Apr 2021 16:21:01 -0000 --xb2u6txeaf73mpzi Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 14, 2021 at 11:44:06AM -0400, mike tancsa wrote: > I heard about this on the ISC stormcast podcast this AM, but I cant > quite make heads or tails of if/when what was patched with respect to > FreeBSD. >=20 > https://www.forescout.com/company/blog/forescout-and-jsof-disclose-new-dn= s-vulnerabilities-impacting-millions-of-enterprise-and-consumer-devices/ >=20 > They have a dhclient one I think is > https://www.freebsd.org/security/advisories/FreeBSD-SA-20:26.dhclient.asc, > but the report somewhat ambiguously writes there is a new one ? >=20 > "Table 3 =E2=80=93 New vulnerabilities in NAME:WRECK. Rows are colored ac= cording > to the CVSS score: yellow for medium or high and red for critical." Yet > the CVE ref is the above SA 20:26?! So this is new or this is just a > paper talking about a bug patched last August ? The paper's referencing a bug that's already fixed in all supported versions of FreeBSD. A lot of hand waving just for "nothing to see here, move along" if your systems are up-to-date. The commit that fixed the vulnerability is 8f594d4355a16f963e246be0b88b9fba8ad77049, made on 31 Aug 2020. That's over a half a year ago. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --xb2u6txeaf73mpzi Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmB3FmcACgkQ/y5nonf4 4foLmg//QoRJtxfZeGf7IdWnH+NefnI3Xvy7zipHFBC+H4Mo0buWNjIQL7z39vjz sTee16eIw/vsg3PmQSkqGURCVko+y1tffW19+tgW3ONVJPuL77QkMM18BjPafy4v U2DvCNSiAq6tvEhlXKgTEN5c0wTRnEp0qfBNXLDar4MOjOgVzfhTYFyJo5Gf2DnM u2HCooe76enJPv5b9ytgCxAbyxRqs2XRFiUV+aN+bPLIfRR1t3qulpe2pIpGWW/C SlMSC5KFklUU7UmWwr5pVsv/p6av/BZwRLeeEDw255kIxGyTvqbrGt5rjW33qgca HskiUv94vfKgqeRO5Our0HpMU7ASR7kr79iGD7vCfnKMsQiVjWED5fMShWnmT1Up JfAgfH342fVSK1Jij1bGRNiu+DtwonKuUicA+n0Ej/CnOA4sdoLNKB82y5MeVMVB 01+3grfTSU7Gq5HoYe+P1+HV47E4nWyYn1AenVdkOvuvna59DiwKg9bv7tix4Y7t bgzatQMvVt4IVwEYaTJC3d0uvangEBjKZfzzLpRPE5hghNt83Sr2FCqgbR+RL7Ob BRHkebWqDRtli7ZIXnPKULu9nmXzEvRyDHb1ogqoMY4feY5RPGFMH1RIoO+Xn3rh tOOq/U5ipmxCT/8xrmN6kiMD0YDjcqTBOJgsjmug4LltOTUhtuA= =Xie7 -----END PGP SIGNATURE----- --xb2u6txeaf73mpzi--