Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 30 Jun 2021 06:32:00 GMT
From:      Gordon Tetlow <gordon@FreeBSD.org>
To:        doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
Subject:   git: 1ef6062f2f - main - Add EN-21:18 through EN-21:22. Approved by:	so
Message-ID:  <202106300632.15U6W0tY016598@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch main has been updated by gordon (src committer):

URL: https://cgit.FreeBSD.org/doc/commit/?id=1ef6062f2f8682414dc5a1f090d89ee63ca0981f

commit 1ef6062f2f8682414dc5a1f090d89ee63ca0981f
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2021-06-30 06:31:06 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2021-06-30 06:31:06 +0000

    Add EN-21:18 through EN-21:22.
    Approved by:    so
---
 website/data/security/errata.toml                  |  20 ++
 .../advisories/FreeBSD-EN-21:18.libc++.asc         | 143 +++++++++++
 .../advisories/FreeBSD-EN-21:19.libcasper.asc      | 166 +++++++++++++
 .../security/advisories/FreeBSD-EN-21:20.vlan.asc  | 129 ++++++++++
 .../security/advisories/FreeBSD-EN-21:21.ipfw.asc  | 145 +++++++++++
 .../advisories/FreeBSD-EN-21:22.linux_futex.asc    | 157 ++++++++++++
 .../static/security/patches/EN-21:18/libc++.patch  | 275 +++++++++++++++++++++
 .../security/patches/EN-21:18/libc++.patch.asc     |  16 ++
 .../security/patches/EN-21:19/libcasper.11.patch   | 165 +++++++++++++
 .../patches/EN-21:19/libcasper.11.patch.asc        |  16 ++
 .../security/patches/EN-21:19/libcasper.12.patch   | 181 ++++++++++++++
 .../patches/EN-21:19/libcasper.12.patch.asc        |  16 ++
 .../security/patches/EN-21:19/libcasper.13.patch   | 176 +++++++++++++
 .../patches/EN-21:19/libcasper.13.patch.asc        |  16 ++
 .../static/security/patches/EN-21:20/vlan.patch    |  30 +++
 .../security/patches/EN-21:20/vlan.patch.asc       |  16 ++
 .../static/security/patches/EN-21:21/ipfw.patch    |  27 ++
 .../security/patches/EN-21:21/ipfw.patch.asc       |  16 ++
 .../security/patches/EN-21:22/linux_futex.patch    |  69 ++++++
 .../patches/EN-21:22/linux_futex.patch.asc         |  16 ++
 20 files changed, 1795 insertions(+)

diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml
index 4c1b2b1704..bd86fb8b01 100644
--- a/website/data/security/errata.toml
+++ b/website/data/security/errata.toml
@@ -1,6 +1,26 @@
 # Sort errata notices by year, month and day
 # $FreeBSD$
 
+[[notices]]
+name = "FreeBSD-EN-21:22.linux_futex"
+date = "2021-06-29"
+
+[[notices]]
+name = "FreeBSD-EN-21:21.ipfw"
+date = "2021-06-29"
+
+[[notices]]
+name = "FreeBSD-EN-21:20.vlan"
+date = "2021-06-29"
+
+[[notices]]
+name = "FreeBSD-EN-21:19.libcasper"
+date = "2021-06-29"
+
+[[notices]]
+name = "FreeBSD-EN-21:18.libc++"
+date = "2021-06-29"
+
 [[notices]]
 name = "FreeBSD-EN-21:17.libradius"
 date = "2021-06-01"
diff --git a/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc
new file mode 100644
index 0000000000..7773e922af
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc
@@ -0,0 +1,143 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:18.libc++                                         Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          Missing C++20 headers in libc++
+
+Category:       contrib
+Module:         libc++
+Announced:      2021-06-29
+Affects:        FreeBSD 13.0
+Corrected:      2021-06-03 18:53:18 UTC (stable/13, 13.0-STABLE)
+                2021-06-29 17:08:58 UTC (releng/13.0, 13.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+libc++ is an implementation of the C++ Standard Library, provided by the
+LLVM project. It is used by C++ programs in the base system, and also by
+many C++ programs in the ports collection. 
+
+II.  Problem Description
+
+The LLVM project components in the base system, including libc++, were
+(2020-07-31) upgraded to upstream version 11.0.0. Among other features,
+improvements were made to libc++ to better support the C++20 standard. This
+also included a number of new Standard Library headers, but these were
+missed during the upgrade and not installed into the base system, in
+particular:
+
+* <barrier>
+* <concepts>
+* <execution>
+* <latch>
+* <numbers>
+* <semaphore>
+
+III. Impact
+
+Even though clang and libc++ 11.0.0 have much improved support for the
+C++20 standard, it is not possible to build programs using the standard
+headers listed above, because they are not available in the base system.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch.asc
+# gpg --verify libc++.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              70e13c4cffd5    stable/13-n245875
+releng/13.0/                            dac086497e50  releng/13.0-n244747
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>;
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://en.cppreference.com/w/cpp/header/barrier>;
+<URL:https://en.cppreference.com/w/cpp/header/concepts>;
+<URL:https://en.cppreference.com/w/cpp/header/execution>;
+<URL:https://en.cppreference.com/w/cpp/header/latch>;
+<URL:https://en.cppreference.com/w/cpp/header/numbers>;
+<URL:https://en.cppreference.com/w/cpp/header/semaphore>;
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255374>;
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:18.libc++.asc>;
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n
+5cKVZg//Ro5nAZ7q23Uf4LlZchlADS8BlH6rHxJ2sk2784CJl4q0Lrh1UMcttfg6
+JA8xfbNV2YXLIzUaXemCfzJAOwCfuNSZkU4hJ568eqo5/itpRf5uQ6hXIwlmmYKw
+9Sk8ciUAxO4HuxLxKRDEPsHWSSQE04SnGyQk82AXCpxn/0nTeQoeKj1wyPHBf8F+
+Kj0kl30l9JKpnoXgHfvyTvK2akJAXbH1v+pc72kyjVBhy8HWKAtsbyC7vYbELylB
+XuH2IwxAVf1iR3VG7slUlr/L/XcGniICRzmYoY1A/SW6QalEfLDPtZLujl33HMOE
+xyni4+oi7JsbgwVc/ISNfqwtyZePSD8RCczLNrZb+femGz/iyGwq1fPn8w0H5snp
+NYrQ22HnjIR5E6Tqlx4IdVFC0M9JQjmEp9cTjG+9CM6L0qZLStdzYbGlJsG2qz0o
+hBc3gvMGZzP2uBG8VxaIH3FBZGgMllsN0/uaOvqipZyqA8t4OR56bF5/AEGxLuJY
+MPdMBMKNDvIpLKe9CEJ9A6BpAO3aPWnRKgAGKlV69t1wub0GWeAAFHz70JQC0Kgv
+6q5xuCjzzGydIeZdv34uSkVThB+vv4OgpdH806ZZLjSr90kfzYJsRYDTNxRBdKpR
+etU1E7FFJAxl9Qc2gXadEvDhi4IhKslBdtlQFIZvkoO8Wd4VhHM=
+=vLEs
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc
new file mode 100644
index 0000000000..603e5fc9bf
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc
@@ -0,0 +1,166 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:19.libcasper                                      Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          libcasper assertion failure
+
+Category:       core
+Module:         libcasper
+Announced:      2021-06-29
+Credits:	Borja Marcos, Jung-uk Kim
+Affects:        All supported versions of FreeBSD.
+Corrected:      2021-06-15 18:14:43 UTC (stable/13, 13.0-STABLE)
+                2021-06-29 17:09:02 UTC (releng/13.0, 13.0-RELEASE-p3)
+                2021-06-16 20:25:22 UTC (stable/12, 12.2-STABLE)
+                2021-06-29 20:26:12 UTC (releng/12.2, 12.2-RELEASE-p9)
+                2021-06-16 20:30:46 UTC (stable/11, 11.4-STABLE)
+                2021-06-29 20:25:32 UTC (releng/11.4, 11.4-RELEASE-p12)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+libcasper(3) allows Capsicum-sandboxed applications to define and use
+system interfaces which are ordinarily disallowed.  It is used by
+multiple programs in the base system, such as logger(1).
+
+II.  Problem Description
+
+libcasper(3) creates service processes by forking the calling process,
+so they initially inherit the calling process' file descriptor table.
+Casper services expect the lowest 3 file descriptors, traditionally
+corresponding to standard input, output, and error, are redirected to
+/dev/null.  libcasper(3) ensures this is the case.  However, it did not
+handle the possibility that one of them is closed, and this scenario
+would trigger an assertion failure during service creation, resulting in
+a crash.
+
+III. Impact
+
+Some applications, such as logger(1), may crash if one of the standard
+descriptors is closed when Casper services are started, typically during
+program initialization.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 13.0]
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch.asc
+# gpg --verify libcasper.13.patch.asc
+
+[FreeBSD 12.2]
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch.asc
+# gpg --verify libcasper.12.patch.asc
+
+[FreeBSD 11.4]
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch.asc
+# gpg --verify libcasper.11.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart all daemons that use the library, or reboot the system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              934e10b4a388    stable/13-n246041
+releng/13.0/                            ba5ed8109cc9  releng/13.0-n244748
+stable/12/                                                        r369994
+releng/12.2/                                                      r370063
+stable/11/                                                        r370004
+releng/11.4/                                                      r370059
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>;
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>;
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255339>;
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:19.libcasper.asc>;
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n
+5cJ3oRAAhTR7w6yCDjLSExq+/mizNNPy/EHyTxnoexUV6vGnPL3wEno6IVhqTPS3
+Vuq9m7noXOgwHGO0Mbbuc9vkZJWjfoXoeEqylfkSxH3mDb+hkBKPGyZNZWup6XCd
+ykm2FB+c65t/neF9n/6OesT7mIUp+k4UIwTOXuO5rRolWkGrSawHLYWucww3LAF1
+p2bD7Gdc8m/Ymj5FDJBPMWAtFW7QNmocyQI4vGAgqoW2DXokoy/BVTYE6pU3RQ3G
+ZTkXMa5Vb6LlbnP3ho14Jap/6gXcUAnB96bXuWG3JIsNvslZzSLe1jRKD0QXNJvw
+PFRLe8LBOA/VZ02xyoHdlAkAnTMk+vv7LU6K6Z7UIr8YzwkS0UYvvVvEr03E1Psm
+qvzhs+qml2ATn4/C4sjzUEAq5YRqBPQOSmKFmGDAOzy179L1YM8IFIdm11hpGlu5
+8T+n/egH5IVQ7U35MiXUkomvO7F2PWBP7oGI0GDIvKa7UuR+gsMwkVyE68W2442i
+3JaBCqntchJjS2P+ixnXR2qCI81zCRlG+/m/1gBgztA8+K85l0P0gt8VAhcakbES
+WXh4rX6BSvMqDI1Ex3wS00zjZOSM/HoNz+HGmpUiQ7RYVinrt4Av3vdbv2hLm96l
+Iu28g8UCf4HNUAVAbgtiHmU74TBKGSyDPVcQVvegMG/YEhof9Fw=
+=LQ0r
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc
new file mode 100644
index 0000000000..3f2cf35791
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc
@@ -0,0 +1,129 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:20.vlan                                           Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          Missing backwards compatibility in vlan(4)
+
+Category:       core
+Module:         vlan
+Announced:      2021-06-29
+Affects:        FreeBSD 13.0
+Corrected:      2021-04-12 22:18:33 UTC (stable/13, 13.0-STABLE)
+                2021-06-29 17:09:25 UTC (releng/13.0, 13.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+FreeBSD 13.0 introduced support for stacked VLANs (802.1ad, Q-in-Q).
+
+II.  Problem Description
+
+Due to missing backwards compatibility, VLAN interfaces created by
+the ifconfig binaries from prior versions of FreeBSD result in a
+VLAN Protocol of 0, instead of 802.1Q (normal VLAN).
+
+III. Impact
+
+During the upgrade process from a prior version of FreeBSD to FreeBSD
+13.0, when the system is rebooted with the new kernel, but still the old
+userland, VLANs are not configured properly, and the system may not be
+accessible over the network.
+
+Some network interface drivers may crash when they encounter the invalid
+ethernet protocol type 0.
+
+IV.  Workaround
+
+Use the FreeBSD 13.0 ifconfig binary to configure network interfaces
+until the rest of the userland is updated as the upgrade process completes.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an erratum update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch.asc
+# gpg --verify vlan.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html>; and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              9abc85d17d05    stable/13-n245206
+releng/13.0/                            78f91c1fbf02  releng/13.0-n244749
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>;
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:20.vlan.asc>;
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n
+5cIe+g/9Hbf0RjRHr4PDK9CMdl8qH2mUzJw48vZ7A/+/ZP2DI9uahAvwUzXs4LJd
+RvO9RHAQ4zU4xq4PrJg/H1N6oyx3s4RlPMvVi7EFEv0hKcoc21PzWfrrlIlrjuEx
+TZTighUmmfOy95Mx0R+zaqW5uO31hx5JrBeeIORMiTQFStSidoB5blj5+RXPhWdp
+xGmvRN/0YUvpDzSuwDt1UsjmbcGDcQn0KyIU3cnm7Dbc7M97WAngF3qB4zblP/Eu
+tCbC9SFe/Gp4aSydDupNLL45PM/WvcbDaULH1cu/03vkSu5jHOILdx9q+h8CKOfs
+GzCn2TY4iL/idfC3OxcZ1IYz2aRKG92fc1vtucT80BZ4vd6xUnQgAbYgDn16H59L
+QQjnddeohb7HcYoTsESaFUnjoHpcr9r756wPOIcP59/gENS3Q/3jhvUFt81hmXTC
+9ybR9KcrpD9WMLeFrI241TDqhUn7WeAnWmp+NJbAOJFBWQeDqHDqw6/pq923g8b+
+8yesNwXPXBPIw9OoqyG4X4ltfGJ2B2TcNvcr+3ILxwKNwFK5NA0xy6q7LXGNA64V
+fAnHYnLLvdrErFeDgYzTbn/stnFl7lQ1WDGc/KKcFNW6EfP0ZARljDXtNkj9RTKP
+jcxJ2s1pQfbXC1SzoieDb4CaNKQ9tzs0caGhLUWpEI2BKjgz5cU=
+=7me6
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc
new file mode 100644
index 0000000000..d0e5e81d67
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc
@@ -0,0 +1,145 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:21.ipfw                                           Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          Kernel panic with ipfw link-layer filtering enabled
+
+Category:       core
+Module:         ipfw
+Announced:      2021-06-29
+Affects:        FreeBSD 13.0
+Corrected:      2021-06-19 14:08:49 UTC (stable/13, 13.0-STABLE)
+                2021-06-29 17:09:43 UTC (releng/13.0, 13.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+ipfw(4) is a IP packet filter implementation in the kernel.  It uses the
+pfil(9) interface to hook into several 
+
+II.  Problem Description
+
+When link-layer filtering is enabled by setting the net.link.ether.ipfw
+sysctl to 1, packets received by the filter may be reallocated to ensure
+that protocol headers are contiguous in memory.  In this case, the old
+copy of the packet is freed.  However, the filter failed to update the
+pointer returned to the pfil(9) caller, resulting in the use of a
+pointer to freed memory.
+
+III. Impact
+
+Systems which use ipfw(4)'s link-layer filtering capabilities may panic.
+
+IV.  Workaround
+
+No workaround is available.  Systems not using ipfw(4), or systems that
+do not explicitly enable link-layer filtering by setting the
+net.link.ether.ipfw sysctl to 1, are not affected.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an erratum update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch.asc
+# gpg --verify ipfw.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html>; and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              ed1acef3fe30    stable/13-n246063
+releng/13.0/                            4647d115ff84  releng/13.0-n244750
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>;
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>;
+
+VII. References
+
+<other info on the problem>
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254015>;
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:21.ipfw.asc>;
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n
+5cKBew//V3FOP0ctdnzu2Y+EDOPkOt8SwVANBSY/Yde5NLATx6tpYf8ob2a98rYP
+6raKpxrn1LtMWwuhXfUGl86mZYInTKvG1SFAZx8H3y1NLc+oesXXF6kmObQz6yfN
+U8Gud4axcviV0dP2QW/JAbOAH7zwXpzCTYFYZvtdbFALGJdo2KqNYiFuJ6eVv4EK
+Gm35CJvTiugKoXG6JKzJpqHhonHMeKcRDTYcg9xLneTRkKoCldXNtFY6G21+sFDN
+OJgI+D6HilxPC1ujyGGKOx1EvQeUh42Hv8KoIQlbXzFq4j/ql1UlITaoPyOEGJYW
+G7qEH5WnIrQoauq5v3DZydwTsF6Bi/k9Xw3vZkpIkHjq/mEGBquMW3y660thuDFD
+K33dZWAtvzf4oupWNtGmAGZJ59MBSoSyj4TKUKChC5FC6MtKh1xaDi5AstqBZTkD
+VPo/DJXS3jR/gF/1jDt7lxTKVNFGsp60Ru9Y7Pd0P3PqAEbLuVQJxF4VSfGx814P
+PW7xOQmhi8Y3c0Cgcox/16hxAxo2tvv0XzNvvPikKn1HTMQ+9rc2V0rXG3bcr++a
+7Ug+ToEEYOjln03S5Xu7LWfkHYJdrPVV2qnbCMgRYxBWezrK76Q420dNtbx47ScZ
+eDg1vOOfiWpRQVUJbCzeUyLaZBUZ9WvgmemeO6bgeHlS9NE81Ys=
+=pdU2
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc
new file mode 100644
index 0000000000..750ce7f9de
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc
@@ -0,0 +1,157 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-21:22.linux_futex                                    Errata Notice
+                                                          The FreeBSD Project
+
+Topic:		Linux compatibility layer futex(2) system call vulnerability
+
+Category:       core
+Module:         kernel
+Announced:      2021-06-29
+Credits:        Dmitry Chagin
+Affects:        All supported versions of FreeBSD.
+Corrected:      2021-06-29 19:58:32 UTC (stable/13, 13.0-STABLE)
+                2021-06-29 20:06:09 UTC (releng/13.0, 13.0-RELEASE-p3)
+                2021-06-29 20:01:48 UTC (stable/12, 12.2-STABLE)
+                2021-06-29 20:26:15 UTC (releng/12.2, 12.2-RELEASE-p9)
+                2021-06-29 20:01:14 UTC (stable/11, 11.4-STABLE)
+                2021-06-29 20:25:38 UTC (releng/11.4, 11.4-RELEASE-p12)
+CVE Name:       CVE-2018-6927
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The Linux ABI layer (Linuxulator) allows Linux binaries to be executed on a
+FreeBSD kernel.  This compatibility layer is supported on the amd64, aarch64
+and i386 architecture.
+
+II.  Problem Description
+
+A programming error in the Linux compatibility layer futex(2) system
+call might allow attackers to cause a denial of service.
+
+III. Impact
+
+It is possible for an unprivileged local attacker to specify negative
+wake or requeue value for futex_requeue, which may result in a signed
+integer overflow.
+
+IV.  Workaround
+
+No workaround is available.  Systems not using the Linux binary compatibility
+layer are not affected.
+
+The following command can be used to test if the Linux binary compatibility
+layer is loaded:
+
+# kldstat -m linuxelf && kldstat -m linux64elf
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an erratum update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch
+# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch.asc
+# gpg --verify linux_futex.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html>; and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              7a37d13b6cfa    stable/13-n246121
+releng/13.0/                            d1fffaed2309  releng/13.0-n244751
+stable/12/                                                        r370058
+releng/12.2/                                                      r370064
+stable/11/                                                        r370057
+releng/11.4/                                                      r370061
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>;
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>;
+
+VII. References
+
+The fix was modeled after Linux, where a similar error has been fixed:
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6927>;
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:22.linux_futex.asc>;
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0YACgkQ05eS9J6n
+5cJeohAAkhSmsTOpyNfWe2nhRmtH/686fEIaRyNBdPkPtCE/bszgMNLbGLPaCKEt
+EHV9HgtDWJF/U/V9odh4QJChkbBEIngh5A45IZcWgv3359Sv1xSCDhPNxuJvUgHZ
+R4VZ9zKFcY/ur6e/AJCkp9ofkWVDLBoLI/yYXTiIJqKWTtnOJ9ObphV08t6hNCSY
+vWK5wLs39Gd/fo7VhPSjSOP9JuCNCrrX57pd6PQzmhDuewl3jQAp6oot3nQSmTNM
+l8JlpegC8SnbUIv5vOxRdtuE22WbMjiGXN3V/ejxl40q9SeY+uDQjollMSf+xJwf
+6tTStPJMMv7zu10BJTja/27a+TTL7tTYzseTAtYSsCu51ZfN45AONaSgNDy8Tb1N
+zDiEi2E74bM1raO5TPHp+cPWAcYT/QV35DNt7BkKEDOGBrqAM1nyTsoe1qWolm9R
+PEkdOpRDOS1bpss6vcyI4yjD/wFPf82A7Ji27A0+fpmUedaqNpE4EXxlSAd/2vp2
+pORz+EhFj3D9iOSHvZJM9FS8cOncXlnq33rcSF0nY8prZ7pJfbaWZjLYIIBSrMZB
+w8PsmWBYjP01zHK+IReI/JVyJHbau+qdUsTND15TxVXAJPK5qbMKEeRak8RA9m5f
+v7CU2ahZfXhvLgxysBWP1txf4s/7+hiynftxAL2TGg0YH4Dqkts=
+=BHgS
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/patches/EN-21:18/libc++.patch b/website/static/security/patches/EN-21:18/libc++.patch
new file mode 100644
index 0000000000..7052684db3
--- /dev/null
+++ b/website/static/security/patches/EN-21:18/libc++.patch
@@ -0,0 +1,275 @@
+    Add C++ headers <barrier> <concepts> <execution> <latch> <numbers> <semaphore>
+    
+    I missed adding these to the libc++ Makefile, when importing
+    llvm-project 11.0.0-rc1, even though they were supplied by upstream.
+    
+    While here, update OptionalObsoleteFiles.inc to add these new headers,
+    and cleanup old cruft.
+    
+    Reported by:    yuri
+    Submitted by:   jkim (Makefile diff)
+    PR:             255374
+    MFC after:      3 days
+    
+    (cherry picked from commit 95aa617e4bf09fcc813b1bab3d0dbf4b606807b1)
+    (cherry picked from commit 70e13c4cffd5ff7a70296bc5c4c3b7525c278b1d)
+--- lib/libc++/Makefile.orig
++++ lib/libc++/Makefile
+@@ -112,6 +112,7 @@
+ STD_HEADERS+=	any
+ STD_HEADERS+=	array
+ STD_HEADERS+=	atomic
++STD_HEADERS+=	barrier
+ STD_HEADERS+=	bit
+ STD_HEADERS+=	bitset
+ STD_HEADERS+=	cassert
+@@ -131,6 +132,7 @@
+ STD_HEADERS+=	compare
+ STD_HEADERS+=	complex
+ STD_HEADERS+=	complex.h
++STD_HEADERS+=	concepts
+ STD_HEADERS+=	condition_variable
+ STD_HEADERS+=	csetjmp
+ STD_HEADERS+=	csignal
+@@ -149,6 +151,7 @@
+ STD_HEADERS+=	deque
+ STD_HEADERS+=	errno.h
+ STD_HEADERS+=	exception
++STD_HEADERS+=	execution
+ STD_HEADERS+=	fenv.h
+ STD_HEADERS+=	filesystem
+ STD_HEADERS+=	float.h
+@@ -164,6 +167,7 @@
+ STD_HEADERS+=	iostream
+ STD_HEADERS+=	istream
+ STD_HEADERS+=	iterator
++STD_HEADERS+=	latch
+ STD_HEADERS+=	limits
+ STD_HEADERS+=	limits.h
+ STD_HEADERS+=	list
+@@ -174,6 +178,7 @@
+ STD_HEADERS+=	memory
+ STD_HEADERS+=	mutex
+ STD_HEADERS+=	new
++STD_HEADERS+=	numbers
+ STD_HEADERS+=	numeric
+ STD_HEADERS+=	optional
+ STD_HEADERS+=	ostream
+@@ -182,6 +187,7 @@
+ STD_HEADERS+=	ratio
+ STD_HEADERS+=	regex
+ STD_HEADERS+=	scoped_allocator
++STD_HEADERS+=	semaphore
+ STD_HEADERS+=	set
+ STD_HEADERS+=	setjmp.h
+ STD_HEADERS+=	shared_mutex
+--- tools/build/mk/OptionalObsoleteFiles.inc.orig
++++ tools/build/mk/OptionalObsoleteFiles.inc
+@@ -3831,6 +3831,7 @@
+ OLD_FILES+=usr/include/c++/v1/any
+ OLD_FILES+=usr/include/c++/v1/array
+ OLD_FILES+=usr/include/c++/v1/atomic
++OLD_FILES+=usr/include/c++/v1/barrier
+ OLD_FILES+=usr/include/c++/v1/bit
+ OLD_FILES+=usr/include/c++/v1/bitset
+ OLD_FILES+=usr/include/c++/v1/cassert
+@@ -3850,6 +3851,7 @@
+ OLD_FILES+=usr/include/c++/v1/compare
+ OLD_FILES+=usr/include/c++/v1/complex
+ OLD_FILES+=usr/include/c++/v1/complex.h
++OLD_FILES+=usr/include/c++/v1/concepts
+ OLD_FILES+=usr/include/c++/v1/condition_variable
+ OLD_FILES+=usr/include/c++/v1/csetjmp
+ OLD_FILES+=usr/include/c++/v1/csignal
+@@ -3869,14 +3871,12 @@
+ OLD_FILES+=usr/include/c++/v1/deque
+ OLD_FILES+=usr/include/c++/v1/errno.h
+ OLD_FILES+=usr/include/c++/v1/exception
++OLD_FILES+=usr/include/c++/v1/execution
+ OLD_FILES+=usr/include/c++/v1/experimental/__config
+ OLD_FILES+=usr/include/c++/v1/experimental/__memory
+ OLD_FILES+=usr/include/c++/v1/experimental/algorithm
+-OLD_FILES+=usr/include/c++/v1/experimental/any
+-OLD_FILES+=usr/include/c++/v1/experimental/chrono
+ OLD_FILES+=usr/include/c++/v1/experimental/coroutine
+ OLD_FILES+=usr/include/c++/v1/experimental/deque
+-OLD_FILES+=usr/include/c++/v1/experimental/dynarray
+ OLD_FILES+=usr/include/c++/v1/experimental/filesystem
+ OLD_FILES+=usr/include/c++/v1/experimental/forward_list
+ OLD_FILES+=usr/include/c++/v1/experimental/functional
+@@ -3884,25 +3884,22 @@
+ OLD_FILES+=usr/include/c++/v1/experimental/list
+ OLD_FILES+=usr/include/c++/v1/experimental/map
+ OLD_FILES+=usr/include/c++/v1/experimental/memory_resource
+-OLD_FILES+=usr/include/c++/v1/experimental/numeric
+-OLD_FILES+=usr/include/c++/v1/experimental/optional
+ OLD_FILES+=usr/include/c++/v1/experimental/propagate_const
+-OLD_FILES+=usr/include/c++/v1/experimental/ratio
+ OLD_FILES+=usr/include/c++/v1/experimental/regex
+ OLD_FILES+=usr/include/c++/v1/experimental/set
+ OLD_FILES+=usr/include/c++/v1/experimental/simd
+ OLD_FILES+=usr/include/c++/v1/experimental/string
+-OLD_FILES+=usr/include/c++/v1/experimental/string_view
+-OLD_FILES+=usr/include/c++/v1/experimental/system_error
+-OLD_FILES+=usr/include/c++/v1/experimental/tuple
+ OLD_FILES+=usr/include/c++/v1/experimental/type_traits
+ OLD_FILES+=usr/include/c++/v1/experimental/unordered_map
+ OLD_FILES+=usr/include/c++/v1/experimental/unordered_set
+ OLD_FILES+=usr/include/c++/v1/experimental/utility
+ OLD_FILES+=usr/include/c++/v1/experimental/vector
++OLD_DIRS+=usr/include/c++/v1/experimental
+ OLD_FILES+=usr/include/c++/v1/ext/__hash
+ OLD_FILES+=usr/include/c++/v1/ext/hash_map
+ OLD_FILES+=usr/include/c++/v1/ext/hash_set
++OLD_DIRS+=usr/include/c++/v1/ext
++OLD_FILES+=usr/include/c++/v1/fenv.h
+ OLD_FILES+=usr/include/c++/v1/filesystem
+ OLD_FILES+=usr/include/c++/v1/float.h
+ OLD_FILES+=usr/include/c++/v1/forward_list
+@@ -3917,6 +3914,7 @@
+ OLD_FILES+=usr/include/c++/v1/iostream
+ OLD_FILES+=usr/include/c++/v1/istream
+ OLD_FILES+=usr/include/c++/v1/iterator
++OLD_FILES+=usr/include/c++/v1/latch
+ OLD_FILES+=usr/include/c++/v1/limits
+ OLD_FILES+=usr/include/c++/v1/limits.h
+ OLD_FILES+=usr/include/c++/v1/list
+@@ -3927,7 +3925,7 @@
+ OLD_FILES+=usr/include/c++/v1/memory
+ OLD_FILES+=usr/include/c++/v1/mutex
+ OLD_FILES+=usr/include/c++/v1/new
+-OLD_FILES+=usr/include/c++/v1/numeric
++OLD_FILES+=usr/include/c++/v1/numbers
+ OLD_FILES+=usr/include/c++/v1/numeric
+ OLD_FILES+=usr/include/c++/v1/optional
+ OLD_FILES+=usr/include/c++/v1/ostream
*** 968 LINES SKIPPED ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106300632.15U6W0tY016598>