From nobody Tue Nov  8 17:06:33 2022
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N6Dz76grdz4YZP7
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Tue,  8 Nov 2022 17:06:43 +0000 (UTC)
	(envelope-from jon@xyinn.org)
Received: from mail-4323.proton.ch (mail-4323.proton.ch [185.70.43.23])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "protonmail.com", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4N6Dz74Nqxz45Br
	for <freebsd-stable@freebsd.org>; Tue,  8 Nov 2022 17:06:43 +0000 (UTC)
	(envelope-from jon@xyinn.org)
Authentication-Results: mx1.freebsd.org;
	none
Date: Tue, 08 Nov 2022 17:06:33 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xyinn.org;
	s=protonmail3; t=1667927200; x=1668186400;
	bh=oSifLS+aXT+Yyu9FZL7JiveykXKoCmog/i3tu7EazXU=;
	h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References:
	 Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID:
	 Message-ID:BIMI-Selector;
	b=BjDxdXWSjzi9T2nKNzT5Vl2625+EtLIqOzkZCO8D9PVxbjH8o4TWZmDKeGnXTQGI9
	 ih+luAUkZv7khiwOEejYE8KNWp0iT1jPqAUI/lpw1eWQ0PNk2xa+uxtlFSZDAajSI+
	 hweRJKgKHTKRNpq8AqRAuejR1PY9uDucgdGK7vk/vHALrI49b4ty8lKIPgXMWnDGzg
	 OyQHkw/JCbgc2ha63f/gUBTIeNRSOTJtC+nPLGTr9BgBw5oYqsH432B4xK6XJ4DVVy
	 LyYC6N/k3ygXEe29+kNFuPi62TUqBWM15NZ3k69DYvdECV9uXQ80DRr5RsUINgf1fw
	 WfRaUozMn3QSQ==
To: Paul Mather <paul@gromit.dlib.vt.edu>
From: Jonathan Vasquez <jon@xyinn.org>
Cc: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>
Subject: Re: Did anyone else get a glut of old security/errata notices today??
Message-ID: <no3GabKWpdACOejD5o3iCWp0DA0Xfvr8aTGwHCsNcl-ZlHzyIvrVQc85y-pOV6eEbLU2Hrr-PWazaUISfEMtK5asAqBLhWQem1kfuqpjuxk=@xyinn.org>
In-Reply-To: <F7FD9CC6-DC97-4FF1-90C7-D6A35ACE7246@gromit.dlib.vt.edu>
References: <20220809221902.7717C17160@freefall.freebsd.org> <F7FD9CC6-DC97-4FF1-90C7-D6A35ACE7246@gromit.dlib.vt.edu>
Feedback-ID: 12351801:user:proton
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: 4N6Dz74Nqxz45Br
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:62371, ipnet:185.70.43.0/24, country:CH]
X-ThisMailContainsUnwantedMimeParts: N

Yup I received a bunch of them today. My server is on 13.1-RELEASE-p3, and =
laptop on latest stable/13, so it should have all of them already.



Jonathan Vasquez
PGP: 34DA 858C 1447 509E C77A D49F FB85 90B7 C4CA 5279
Sent with ProtonMail Secure Email



------- Original Message -------
On Tuesday, November 8th, 2022 at 11:50, Paul Mather <paul@gromit.dlib.vt.e=
du> wrote:


> Today I received a glut of ten or so security/errata notices, some of whi=
ch date back as far as 9th August:
>=20
> > On Aug 9, 2022, at 6:19 PM, FreeBSD Errata Notices errata-notices@freeb=
sd.org wrote:
> >=20
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA512
> >=20
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> > FreeBSD-EN-22:19.pam_exec Errata Notice
> > The FreeBSD Project
> >=20
> > Topic: NULL pointer dereference in pam_exec(8)
> >=20
> > Category: core
> > Module: pam
> > Announced: 2022-08-09
> > Affects: FreeBSD 13.0 and later
> > Corrected: 2022-06-24 09:09:59 UTC (stable/13, 13.1-STABLE)
> > 2022-08-09 20:01:22 UTC (releng/13.1, 13.1-RELEASE-p1)
> > 2022-08-09 20:00:25 UTC (releng/13.0, 13.0-RELEASE-p12)
> >=20
> > For general information regarding FreeBSD Errata Notices and Security
> > Advisories, including descriptions of the fields above, security
> > branches, and the following sections, please visit
> > URL:https://security.FreeBSD.org/.
> >=20
> > I. Background
> >=20
> > pam_exec(8) is a pam(3) module for delegating PAM service functions to =
an
> > external program. When used for authentication, it can pass the user's
> > authentication token to the external program.
>=20
> [[ etc. ]]
>=20
>=20
> Looking at the headers, the common point of delay is the mail hop from ml=
mmj.nyi.freebsd.org -> mx1.freebsd.org. The in the case of the above Errata=
 Notice the mail languished on mlmmj.nyi.freebsd.org from 9th August 2022 u=
ntil 8th November 2022:
>=20
>=20
> =3D=3D=3D=3D=3D
> [[...]]
> Received: from mlmmj.nyi.freebsd.org (mlmmj.nyi.freebsd.org [IPv6:2610:1c=
1:1:606c::50:24]) by mx1.freebsd.org (Postfix) with ESMTP id 4N62bh2W3xz4cy=
t for paul@gromit.dlib.vt.edu; Tue, 8 Nov 2022 09:19:12 +0000 (UTC) (envelo=
pe-from freebsd-security-notifications+bounces-11-paul=3Dgromit.dlib.vt.edu=
@FreeBSD.org)
>=20
> Received: from mlmmj.nyi.freebsd.org (mlmmj.nyi.freebsd.org [IPv6:2610:1c=
1:1:606c::50:24]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZg0v=
yKz4YRd6; Tue, 9 Aug 2022 22:35:39 +0000 (UTC) (envelope-from freebsd-secur=
ity-notifications+bounces-11@FreeBSD.org)
> Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19=
:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M2SZb4c04z4YRnN for =
freebsd-security-notifications@mlmmj.nyi.freebsd.org; Tue, 9 Aug 2022 22:35=
:35 +0000 (UTC) (envelope-from security-advisories@freebsd.org)
>=20
> Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:=
1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 =
bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-diges=
t SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client=
 CN "freefall.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (=
Postfix) with ESMTPS id 4M2SZb3rv6z3MvX; Tue, 9 Aug 2022 22:35:35 +0000 (UT=
C) (envelope-from security-advisories@freebsd.org)
> Received: by freefall.freebsd.org (Postfix, from userid 945) id 5E29F172B=
B; Tue, 9 Aug 2022 22:35:35 +0000 (UTC)
> =3D=3D=3D=3D=3D
>=20
> It goes some way to explaining why I saw a reply to the FreeBSD-EN-22:25.=
tcp e-mail on freebsd-stable on 3rd November without having seen the origin=
al Errata Notice. :-)
>=20
> I'm just wondering: did this happen to anyone else, or was I the only luc=
ky Mail Delivery Powerball winner here? :-)
>=20
> Cheers,
>=20
> Paul.