Date: Wed, 30 Jun 2021 06:32:00 GMT From: Gordon Tetlow <gordon@FreeBSD.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org Subject: git: 1ef6062f2f - main - Add EN-21:18 through EN-21:22. Approved by: so Message-ID: <202106300632.15U6W0tY016598@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by gordon (src committer): URL: https://cgit.FreeBSD.org/doc/commit/?id=1ef6062f2f8682414dc5a1f090d89ee63ca0981f commit 1ef6062f2f8682414dc5a1f090d89ee63ca0981f Author: Gordon Tetlow <gordon@FreeBSD.org> AuthorDate: 2021-06-30 06:31:06 +0000 Commit: Gordon Tetlow <gordon@FreeBSD.org> CommitDate: 2021-06-30 06:31:06 +0000 Add EN-21:18 through EN-21:22. Approved by: so --- website/data/security/errata.toml | 20 ++ .../advisories/FreeBSD-EN-21:18.libc++.asc | 143 +++++++++++ .../advisories/FreeBSD-EN-21:19.libcasper.asc | 166 +++++++++++++ .../security/advisories/FreeBSD-EN-21:20.vlan.asc | 129 ++++++++++ .../security/advisories/FreeBSD-EN-21:21.ipfw.asc | 145 +++++++++++ .../advisories/FreeBSD-EN-21:22.linux_futex.asc | 157 ++++++++++++ .../static/security/patches/EN-21:18/libc++.patch | 275 +++++++++++++++++++++ .../security/patches/EN-21:18/libc++.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.11.patch | 165 +++++++++++++ .../patches/EN-21:19/libcasper.11.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.12.patch | 181 ++++++++++++++ .../patches/EN-21:19/libcasper.12.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.13.patch | 176 +++++++++++++ .../patches/EN-21:19/libcasper.13.patch.asc | 16 ++ .../static/security/patches/EN-21:20/vlan.patch | 30 +++ .../security/patches/EN-21:20/vlan.patch.asc | 16 ++ .../static/security/patches/EN-21:21/ipfw.patch | 27 ++ .../security/patches/EN-21:21/ipfw.patch.asc | 16 ++ .../security/patches/EN-21:22/linux_futex.patch | 69 ++++++ .../patches/EN-21:22/linux_futex.patch.asc | 16 ++ 20 files changed, 1795 insertions(+) diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml index 4c1b2b1704..bd86fb8b01 100644 --- a/website/data/security/errata.toml +++ b/website/data/security/errata.toml @@ -1,6 +1,26 @@ # Sort errata notices by year, month and day # $FreeBSD$ +[[notices]] +name = "FreeBSD-EN-21:22.linux_futex" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:21.ipfw" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:20.vlan" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:19.libcasper" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:18.libc++" +date = "2021-06-29" + [[notices]] name = "FreeBSD-EN-21:17.libradius" date = "2021-06-01" diff --git a/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc new file mode 100644 index 0000000000..7773e922af --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc @@ -0,0 +1,143 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:18.libc++ Errata Notice + The FreeBSD Project + +Topic: Missing C++20 headers in libc++ + +Category: contrib +Module: libc++ +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-06-03 18:53:18 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:08:58 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +libc++ is an implementation of the C++ Standard Library, provided by the +LLVM project. It is used by C++ programs in the base system, and also by +many C++ programs in the ports collection. + +II. Problem Description + +The LLVM project components in the base system, including libc++, were +(2020-07-31) upgraded to upstream version 11.0.0. Among other features, +improvements were made to libc++ to better support the C++20 standard. This +also included a number of new Standard Library headers, but these were +missed during the upgrade and not installed into the base system, in +particular: + +* <barrier> +* <concepts> +* <execution> +* <latch> +* <numbers> +* <semaphore> + +III. Impact + +Even though clang and libc++ 11.0.0 have much improved support for the +C++20 standard, it is not possible to build programs using the standard +headers listed above, because they are not available in the base system. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch +# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch.asc +# gpg --verify libc++.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 70e13c4cffd5 stable/13-n245875 +releng/13.0/ dac086497e50 releng/13.0-n244747 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + +<URL:https://en.cppreference.com/w/cpp/header/barrier> +<URL:https://en.cppreference.com/w/cpp/header/concepts> +<URL:https://en.cppreference.com/w/cpp/header/execution> +<URL:https://en.cppreference.com/w/cpp/header/latch> +<URL:https://en.cppreference.com/w/cpp/header/numbers> +<URL:https://en.cppreference.com/w/cpp/header/semaphore> + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255374> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:18.libc++.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n +5cKVZg//Ro5nAZ7q23Uf4LlZchlADS8BlH6rHxJ2sk2784CJl4q0Lrh1UMcttfg6 +JA8xfbNV2YXLIzUaXemCfzJAOwCfuNSZkU4hJ568eqo5/itpRf5uQ6hXIwlmmYKw +9Sk8ciUAxO4HuxLxKRDEPsHWSSQE04SnGyQk82AXCpxn/0nTeQoeKj1wyPHBf8F+ +Kj0kl30l9JKpnoXgHfvyTvK2akJAXbH1v+pc72kyjVBhy8HWKAtsbyC7vYbELylB +XuH2IwxAVf1iR3VG7slUlr/L/XcGniICRzmYoY1A/SW6QalEfLDPtZLujl33HMOE +xyni4+oi7JsbgwVc/ISNfqwtyZePSD8RCczLNrZb+femGz/iyGwq1fPn8w0H5snp +NYrQ22HnjIR5E6Tqlx4IdVFC0M9JQjmEp9cTjG+9CM6L0qZLStdzYbGlJsG2qz0o +hBc3gvMGZzP2uBG8VxaIH3FBZGgMllsN0/uaOvqipZyqA8t4OR56bF5/AEGxLuJY +MPdMBMKNDvIpLKe9CEJ9A6BpAO3aPWnRKgAGKlV69t1wub0GWeAAFHz70JQC0Kgv +6q5xuCjzzGydIeZdv34uSkVThB+vv4OgpdH806ZZLjSr90kfzYJsRYDTNxRBdKpR +etU1E7FFJAxl9Qc2gXadEvDhi4IhKslBdtlQFIZvkoO8Wd4VhHM= +=vLEs +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc new file mode 100644 index 0000000000..603e5fc9bf --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc @@ -0,0 +1,166 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:19.libcasper Errata Notice + The FreeBSD Project + +Topic: libcasper assertion failure + +Category: core +Module: libcasper +Announced: 2021-06-29 +Credits: Borja Marcos, Jung-uk Kim +Affects: All supported versions of FreeBSD. +Corrected: 2021-06-15 18:14:43 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:02 UTC (releng/13.0, 13.0-RELEASE-p3) + 2021-06-16 20:25:22 UTC (stable/12, 12.2-STABLE) + 2021-06-29 20:26:12 UTC (releng/12.2, 12.2-RELEASE-p9) + 2021-06-16 20:30:46 UTC (stable/11, 11.4-STABLE) + 2021-06-29 20:25:32 UTC (releng/11.4, 11.4-RELEASE-p12) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +libcasper(3) allows Capsicum-sandboxed applications to define and use +system interfaces which are ordinarily disallowed. It is used by +multiple programs in the base system, such as logger(1). + +II. Problem Description + +libcasper(3) creates service processes by forking the calling process, +so they initially inherit the calling process' file descriptor table. +Casper services expect the lowest 3 file descriptors, traditionally +corresponding to standard input, output, and error, are redirected to +/dev/null. libcasper(3) ensures this is the case. However, it did not +handle the possibility that one of them is closed, and this scenario +would trigger an assertion failure during service creation, resulting in +a crash. + +III. Impact + +Some applications, such as logger(1), may crash if one of the standard +descriptors is closed when Casper services are started, typically during +program initialization. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 13.0] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch.asc +# gpg --verify libcasper.13.patch.asc + +[FreeBSD 12.2] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch.asc +# gpg --verify libcasper.12.patch.asc + +[FreeBSD 11.4] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch.asc +# gpg --verify libcasper.11.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. + +Restart all daemons that use the library, or reboot the system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 934e10b4a388 stable/13-n246041 +releng/13.0/ ba5ed8109cc9 releng/13.0-n244748 +stable/12/ r369994 +releng/12.2/ r370063 +stable/11/ r370004 +releng/11.4/ r370059 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255339> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:19.libcasper.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n +5cJ3oRAAhTR7w6yCDjLSExq+/mizNNPy/EHyTxnoexUV6vGnPL3wEno6IVhqTPS3 +Vuq9m7noXOgwHGO0Mbbuc9vkZJWjfoXoeEqylfkSxH3mDb+hkBKPGyZNZWup6XCd +ykm2FB+c65t/neF9n/6OesT7mIUp+k4UIwTOXuO5rRolWkGrSawHLYWucww3LAF1 +p2bD7Gdc8m/Ymj5FDJBPMWAtFW7QNmocyQI4vGAgqoW2DXokoy/BVTYE6pU3RQ3G +ZTkXMa5Vb6LlbnP3ho14Jap/6gXcUAnB96bXuWG3JIsNvslZzSLe1jRKD0QXNJvw +PFRLe8LBOA/VZ02xyoHdlAkAnTMk+vv7LU6K6Z7UIr8YzwkS0UYvvVvEr03E1Psm +qvzhs+qml2ATn4/C4sjzUEAq5YRqBPQOSmKFmGDAOzy179L1YM8IFIdm11hpGlu5 +8T+n/egH5IVQ7U35MiXUkomvO7F2PWBP7oGI0GDIvKa7UuR+gsMwkVyE68W2442i +3JaBCqntchJjS2P+ixnXR2qCI81zCRlG+/m/1gBgztA8+K85l0P0gt8VAhcakbES +WXh4rX6BSvMqDI1Ex3wS00zjZOSM/HoNz+HGmpUiQ7RYVinrt4Av3vdbv2hLm96l +Iu28g8UCf4HNUAVAbgtiHmU74TBKGSyDPVcQVvegMG/YEhof9Fw= +=LQ0r +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc new file mode 100644 index 0000000000..3f2cf35791 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc @@ -0,0 +1,129 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:20.vlan Errata Notice + The FreeBSD Project + +Topic: Missing backwards compatibility in vlan(4) + +Category: core +Module: vlan +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-04-12 22:18:33 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:25 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +FreeBSD 13.0 introduced support for stacked VLANs (802.1ad, Q-in-Q). + +II. Problem Description + +Due to missing backwards compatibility, VLAN interfaces created by +the ifconfig binaries from prior versions of FreeBSD result in a +VLAN Protocol of 0, instead of 802.1Q (normal VLAN). + +III. Impact + +During the upgrade process from a prior version of FreeBSD to FreeBSD +13.0, when the system is rebooted with the new kernel, but still the old +userland, VLANs are not configured properly, and the system may not be +accessible over the network. + +Some network interface drivers may crash when they encounter the invalid +ethernet protocol type 0. + +IV. Workaround + +Use the FreeBSD 13.0 ifconfig binary to configure network interfaces +until the rest of the userland is updated as the upgrade process completes. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch +# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch.asc +# gpg --verify vlan.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 9abc85d17d05 stable/13-n245206 +releng/13.0/ 78f91c1fbf02 releng/13.0-n244749 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:20.vlan.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n +5cIe+g/9Hbf0RjRHr4PDK9CMdl8qH2mUzJw48vZ7A/+/ZP2DI9uahAvwUzXs4LJd +RvO9RHAQ4zU4xq4PrJg/H1N6oyx3s4RlPMvVi7EFEv0hKcoc21PzWfrrlIlrjuEx +TZTighUmmfOy95Mx0R+zaqW5uO31hx5JrBeeIORMiTQFStSidoB5blj5+RXPhWdp +xGmvRN/0YUvpDzSuwDt1UsjmbcGDcQn0KyIU3cnm7Dbc7M97WAngF3qB4zblP/Eu +tCbC9SFe/Gp4aSydDupNLL45PM/WvcbDaULH1cu/03vkSu5jHOILdx9q+h8CKOfs +GzCn2TY4iL/idfC3OxcZ1IYz2aRKG92fc1vtucT80BZ4vd6xUnQgAbYgDn16H59L +QQjnddeohb7HcYoTsESaFUnjoHpcr9r756wPOIcP59/gENS3Q/3jhvUFt81hmXTC +9ybR9KcrpD9WMLeFrI241TDqhUn7WeAnWmp+NJbAOJFBWQeDqHDqw6/pq923g8b+ +8yesNwXPXBPIw9OoqyG4X4ltfGJ2B2TcNvcr+3ILxwKNwFK5NA0xy6q7LXGNA64V +fAnHYnLLvdrErFeDgYzTbn/stnFl7lQ1WDGc/KKcFNW6EfP0ZARljDXtNkj9RTKP +jcxJ2s1pQfbXC1SzoieDb4CaNKQ9tzs0caGhLUWpEI2BKjgz5cU= +=7me6 +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc new file mode 100644 index 0000000000..d0e5e81d67 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc @@ -0,0 +1,145 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:21.ipfw Errata Notice + The FreeBSD Project + +Topic: Kernel panic with ipfw link-layer filtering enabled + +Category: core +Module: ipfw +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-06-19 14:08:49 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:43 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +ipfw(4) is a IP packet filter implementation in the kernel. It uses the +pfil(9) interface to hook into several + +II. Problem Description + +When link-layer filtering is enabled by setting the net.link.ether.ipfw +sysctl to 1, packets received by the filter may be reallocated to ensure +that protocol headers are contiguous in memory. In this case, the old +copy of the packet is freed. However, the filter failed to update the +pointer returned to the pfil(9) caller, resulting in the use of a +pointer to freed memory. + +III. Impact + +Systems which use ipfw(4)'s link-layer filtering capabilities may panic. + +IV. Workaround + +No workaround is available. Systems not using ipfw(4), or systems that +do not explicitly enable link-layer filtering by setting the +net.link.ether.ipfw sysctl to 1, are not affected. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch +# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch.asc +# gpg --verify ipfw.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ ed1acef3fe30 stable/13-n246063 +releng/13.0/ 4647d115ff84 releng/13.0-n244750 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +<other info on the problem> + +<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254015> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:21.ipfw.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n +5cKBew//V3FOP0ctdnzu2Y+EDOPkOt8SwVANBSY/Yde5NLATx6tpYf8ob2a98rYP +6raKpxrn1LtMWwuhXfUGl86mZYInTKvG1SFAZx8H3y1NLc+oesXXF6kmObQz6yfN +U8Gud4axcviV0dP2QW/JAbOAH7zwXpzCTYFYZvtdbFALGJdo2KqNYiFuJ6eVv4EK +Gm35CJvTiugKoXG6JKzJpqHhonHMeKcRDTYcg9xLneTRkKoCldXNtFY6G21+sFDN +OJgI+D6HilxPC1ujyGGKOx1EvQeUh42Hv8KoIQlbXzFq4j/ql1UlITaoPyOEGJYW +G7qEH5WnIrQoauq5v3DZydwTsF6Bi/k9Xw3vZkpIkHjq/mEGBquMW3y660thuDFD +K33dZWAtvzf4oupWNtGmAGZJ59MBSoSyj4TKUKChC5FC6MtKh1xaDi5AstqBZTkD +VPo/DJXS3jR/gF/1jDt7lxTKVNFGsp60Ru9Y7Pd0P3PqAEbLuVQJxF4VSfGx814P +PW7xOQmhi8Y3c0Cgcox/16hxAxo2tvv0XzNvvPikKn1HTMQ+9rc2V0rXG3bcr++a +7Ug+ToEEYOjln03S5Xu7LWfkHYJdrPVV2qnbCMgRYxBWezrK76Q420dNtbx47ScZ +eDg1vOOfiWpRQVUJbCzeUyLaZBUZ9WvgmemeO6bgeHlS9NE81Ys= +=pdU2 +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc new file mode 100644 index 0000000000..750ce7f9de --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc @@ -0,0 +1,157 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:22.linux_futex Errata Notice + The FreeBSD Project + +Topic: Linux compatibility layer futex(2) system call vulnerability + +Category: core +Module: kernel +Announced: 2021-06-29 +Credits: Dmitry Chagin +Affects: All supported versions of FreeBSD. +Corrected: 2021-06-29 19:58:32 UTC (stable/13, 13.0-STABLE) + 2021-06-29 20:06:09 UTC (releng/13.0, 13.0-RELEASE-p3) + 2021-06-29 20:01:48 UTC (stable/12, 12.2-STABLE) + 2021-06-29 20:26:15 UTC (releng/12.2, 12.2-RELEASE-p9) + 2021-06-29 20:01:14 UTC (stable/11, 11.4-STABLE) + 2021-06-29 20:25:38 UTC (releng/11.4, 11.4-RELEASE-p12) +CVE Name: CVE-2018-6927 + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +<URL:https://security.FreeBSD.org/>. + +I. Background + +The Linux ABI layer (Linuxulator) allows Linux binaries to be executed on a +FreeBSD kernel. This compatibility layer is supported on the amd64, aarch64 +and i386 architecture. + +II. Problem Description + +A programming error in the Linux compatibility layer futex(2) system +call might allow attackers to cause a denial of service. + +III. Impact + +It is possible for an unprivileged local attacker to specify negative +wake or requeue value for futex_requeue, which may result in a signed +integer overflow. + +IV. Workaround + +No workaround is available. Systems not using the Linux binary compatibility +layer are not affected. + +The following command can be used to test if the Linux binary compatibility +layer is loaded: + +# kldstat -m linuxelf && kldstat -m linux64elf + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch +# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch.asc +# gpg --verify linux_futex.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in +<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 7a37d13b6cfa stable/13-n246121 +releng/13.0/ d1fffaed2309 releng/13.0-n244751 +stable/12/ r370058 +releng/12.2/ r370064 +stable/11/ r370057 +releng/11.4/ r370061 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat <commit hash> + +Or visit the following URL, replacing NNNNNN with the hash: + +<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + +<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> + +VII. References + +The fix was modeled after Linux, where a similar error has been fixed: +<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6927> + +The latest revision of this advisory is available at +<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:22.linux_futex.asc> +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0YACgkQ05eS9J6n +5cJeohAAkhSmsTOpyNfWe2nhRmtH/686fEIaRyNBdPkPtCE/bszgMNLbGLPaCKEt +EHV9HgtDWJF/U/V9odh4QJChkbBEIngh5A45IZcWgv3359Sv1xSCDhPNxuJvUgHZ +R4VZ9zKFcY/ur6e/AJCkp9ofkWVDLBoLI/yYXTiIJqKWTtnOJ9ObphV08t6hNCSY +vWK5wLs39Gd/fo7VhPSjSOP9JuCNCrrX57pd6PQzmhDuewl3jQAp6oot3nQSmTNM +l8JlpegC8SnbUIv5vOxRdtuE22WbMjiGXN3V/ejxl40q9SeY+uDQjollMSf+xJwf +6tTStPJMMv7zu10BJTja/27a+TTL7tTYzseTAtYSsCu51ZfN45AONaSgNDy8Tb1N +zDiEi2E74bM1raO5TPHp+cPWAcYT/QV35DNt7BkKEDOGBrqAM1nyTsoe1qWolm9R +PEkdOpRDOS1bpss6vcyI4yjD/wFPf82A7Ji27A0+fpmUedaqNpE4EXxlSAd/2vp2 +pORz+EhFj3D9iOSHvZJM9FS8cOncXlnq33rcSF0nY8prZ7pJfbaWZjLYIIBSrMZB +w8PsmWBYjP01zHK+IReI/JVyJHbau+qdUsTND15TxVXAJPK5qbMKEeRak8RA9m5f +v7CU2ahZfXhvLgxysBWP1txf4s/7+hiynftxAL2TGg0YH4Dqkts= +=BHgS +-----END PGP SIGNATURE----- diff --git a/website/static/security/patches/EN-21:18/libc++.patch b/website/static/security/patches/EN-21:18/libc++.patch new file mode 100644 index 0000000000..7052684db3 --- /dev/null +++ b/website/static/security/patches/EN-21:18/libc++.patch @@ -0,0 +1,275 @@ + Add C++ headers <barrier> <concepts> <execution> <latch> <numbers> <semaphore> + + I missed adding these to the libc++ Makefile, when importing + llvm-project 11.0.0-rc1, even though they were supplied by upstream. + + While here, update OptionalObsoleteFiles.inc to add these new headers, + and cleanup old cruft. + + Reported by: yuri + Submitted by: jkim (Makefile diff) + PR: 255374 + MFC after: 3 days + + (cherry picked from commit 95aa617e4bf09fcc813b1bab3d0dbf4b606807b1) + (cherry picked from commit 70e13c4cffd5ff7a70296bc5c4c3b7525c278b1d) +--- lib/libc++/Makefile.orig ++++ lib/libc++/Makefile +@@ -112,6 +112,7 @@ + STD_HEADERS+= any + STD_HEADERS+= array + STD_HEADERS+= atomic ++STD_HEADERS+= barrier + STD_HEADERS+= bit + STD_HEADERS+= bitset + STD_HEADERS+= cassert +@@ -131,6 +132,7 @@ + STD_HEADERS+= compare + STD_HEADERS+= complex + STD_HEADERS+= complex.h ++STD_HEADERS+= concepts + STD_HEADERS+= condition_variable + STD_HEADERS+= csetjmp + STD_HEADERS+= csignal +@@ -149,6 +151,7 @@ + STD_HEADERS+= deque + STD_HEADERS+= errno.h + STD_HEADERS+= exception ++STD_HEADERS+= execution + STD_HEADERS+= fenv.h + STD_HEADERS+= filesystem + STD_HEADERS+= float.h +@@ -164,6 +167,7 @@ + STD_HEADERS+= iostream + STD_HEADERS+= istream + STD_HEADERS+= iterator ++STD_HEADERS+= latch + STD_HEADERS+= limits + STD_HEADERS+= limits.h + STD_HEADERS+= list +@@ -174,6 +178,7 @@ + STD_HEADERS+= memory + STD_HEADERS+= mutex + STD_HEADERS+= new ++STD_HEADERS+= numbers + STD_HEADERS+= numeric + STD_HEADERS+= optional + STD_HEADERS+= ostream +@@ -182,6 +187,7 @@ + STD_HEADERS+= ratio + STD_HEADERS+= regex + STD_HEADERS+= scoped_allocator ++STD_HEADERS+= semaphore + STD_HEADERS+= set + STD_HEADERS+= setjmp.h + STD_HEADERS+= shared_mutex +--- tools/build/mk/OptionalObsoleteFiles.inc.orig ++++ tools/build/mk/OptionalObsoleteFiles.inc +@@ -3831,6 +3831,7 @@ + OLD_FILES+=usr/include/c++/v1/any + OLD_FILES+=usr/include/c++/v1/array + OLD_FILES+=usr/include/c++/v1/atomic ++OLD_FILES+=usr/include/c++/v1/barrier + OLD_FILES+=usr/include/c++/v1/bit + OLD_FILES+=usr/include/c++/v1/bitset + OLD_FILES+=usr/include/c++/v1/cassert +@@ -3850,6 +3851,7 @@ + OLD_FILES+=usr/include/c++/v1/compare + OLD_FILES+=usr/include/c++/v1/complex + OLD_FILES+=usr/include/c++/v1/complex.h ++OLD_FILES+=usr/include/c++/v1/concepts + OLD_FILES+=usr/include/c++/v1/condition_variable + OLD_FILES+=usr/include/c++/v1/csetjmp + OLD_FILES+=usr/include/c++/v1/csignal +@@ -3869,14 +3871,12 @@ + OLD_FILES+=usr/include/c++/v1/deque + OLD_FILES+=usr/include/c++/v1/errno.h + OLD_FILES+=usr/include/c++/v1/exception ++OLD_FILES+=usr/include/c++/v1/execution + OLD_FILES+=usr/include/c++/v1/experimental/__config + OLD_FILES+=usr/include/c++/v1/experimental/__memory + OLD_FILES+=usr/include/c++/v1/experimental/algorithm +-OLD_FILES+=usr/include/c++/v1/experimental/any +-OLD_FILES+=usr/include/c++/v1/experimental/chrono + OLD_FILES+=usr/include/c++/v1/experimental/coroutine + OLD_FILES+=usr/include/c++/v1/experimental/deque +-OLD_FILES+=usr/include/c++/v1/experimental/dynarray + OLD_FILES+=usr/include/c++/v1/experimental/filesystem + OLD_FILES+=usr/include/c++/v1/experimental/forward_list + OLD_FILES+=usr/include/c++/v1/experimental/functional +@@ -3884,25 +3884,22 @@ + OLD_FILES+=usr/include/c++/v1/experimental/list + OLD_FILES+=usr/include/c++/v1/experimental/map + OLD_FILES+=usr/include/c++/v1/experimental/memory_resource +-OLD_FILES+=usr/include/c++/v1/experimental/numeric +-OLD_FILES+=usr/include/c++/v1/experimental/optional + OLD_FILES+=usr/include/c++/v1/experimental/propagate_const +-OLD_FILES+=usr/include/c++/v1/experimental/ratio + OLD_FILES+=usr/include/c++/v1/experimental/regex + OLD_FILES+=usr/include/c++/v1/experimental/set + OLD_FILES+=usr/include/c++/v1/experimental/simd + OLD_FILES+=usr/include/c++/v1/experimental/string +-OLD_FILES+=usr/include/c++/v1/experimental/string_view +-OLD_FILES+=usr/include/c++/v1/experimental/system_error +-OLD_FILES+=usr/include/c++/v1/experimental/tuple + OLD_FILES+=usr/include/c++/v1/experimental/type_traits + OLD_FILES+=usr/include/c++/v1/experimental/unordered_map + OLD_FILES+=usr/include/c++/v1/experimental/unordered_set + OLD_FILES+=usr/include/c++/v1/experimental/utility + OLD_FILES+=usr/include/c++/v1/experimental/vector ++OLD_DIRS+=usr/include/c++/v1/experimental + OLD_FILES+=usr/include/c++/v1/ext/__hash + OLD_FILES+=usr/include/c++/v1/ext/hash_map + OLD_FILES+=usr/include/c++/v1/ext/hash_set ++OLD_DIRS+=usr/include/c++/v1/ext ++OLD_FILES+=usr/include/c++/v1/fenv.h + OLD_FILES+=usr/include/c++/v1/filesystem + OLD_FILES+=usr/include/c++/v1/float.h + OLD_FILES+=usr/include/c++/v1/forward_list +@@ -3917,6 +3914,7 @@ + OLD_FILES+=usr/include/c++/v1/iostream + OLD_FILES+=usr/include/c++/v1/istream + OLD_FILES+=usr/include/c++/v1/iterator ++OLD_FILES+=usr/include/c++/v1/latch + OLD_FILES+=usr/include/c++/v1/limits + OLD_FILES+=usr/include/c++/v1/limits.h + OLD_FILES+=usr/include/c++/v1/list +@@ -3927,7 +3925,7 @@ + OLD_FILES+=usr/include/c++/v1/memory + OLD_FILES+=usr/include/c++/v1/mutex + OLD_FILES+=usr/include/c++/v1/new +-OLD_FILES+=usr/include/c++/v1/numeric ++OLD_FILES+=usr/include/c++/v1/numbers + OLD_FILES+=usr/include/c++/v1/numeric + OLD_FILES+=usr/include/c++/v1/optional + OLD_FILES+=usr/include/c++/v1/ostream *** 968 LINES SKIPPED ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106300632.15U6W0tY016598>