From owner-dev-commits-doc-all@freebsd.org Wed Jun 30 06:32:00 2021 Return-Path: Delivered-To: dev-commits-doc-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A75AF65B940 for ; Wed, 30 Jun 2021 06:32:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GFBMh4K43z4VkG; Wed, 30 Jun 2021 06:32:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7C56D27D17; Wed, 30 Jun 2021 06:32:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 15U6W01s016599; Wed, 30 Jun 2021 06:32:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 15U6W0tY016598; Wed, 30 Jun 2021 06:32:00 GMT (envelope-from git) Date: Wed, 30 Jun 2021 06:32:00 GMT Message-Id: <202106300632.15U6W0tY016598@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Gordon Tetlow Subject: git: 1ef6062f2f - main - Add EN-21:18 through EN-21:22. Approved by: so MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1ef6062f2f8682414dc5a1f090d89ee63ca0981f Auto-Submitted: auto-generated X-BeenThere: dev-commits-doc-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the doc repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jun 2021 06:32:00 -0000 The branch main has been updated by gordon (src committer): URL: https://cgit.FreeBSD.org/doc/commit/?id=1ef6062f2f8682414dc5a1f090d89ee63ca0981f commit 1ef6062f2f8682414dc5a1f090d89ee63ca0981f Author: Gordon Tetlow AuthorDate: 2021-06-30 06:31:06 +0000 Commit: Gordon Tetlow CommitDate: 2021-06-30 06:31:06 +0000 Add EN-21:18 through EN-21:22. Approved by: so --- website/data/security/errata.toml | 20 ++ .../advisories/FreeBSD-EN-21:18.libc++.asc | 143 +++++++++++ .../advisories/FreeBSD-EN-21:19.libcasper.asc | 166 +++++++++++++ .../security/advisories/FreeBSD-EN-21:20.vlan.asc | 129 ++++++++++ .../security/advisories/FreeBSD-EN-21:21.ipfw.asc | 145 +++++++++++ .../advisories/FreeBSD-EN-21:22.linux_futex.asc | 157 ++++++++++++ .../static/security/patches/EN-21:18/libc++.patch | 275 +++++++++++++++++++++ .../security/patches/EN-21:18/libc++.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.11.patch | 165 +++++++++++++ .../patches/EN-21:19/libcasper.11.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.12.patch | 181 ++++++++++++++ .../patches/EN-21:19/libcasper.12.patch.asc | 16 ++ .../security/patches/EN-21:19/libcasper.13.patch | 176 +++++++++++++ .../patches/EN-21:19/libcasper.13.patch.asc | 16 ++ .../static/security/patches/EN-21:20/vlan.patch | 30 +++ .../security/patches/EN-21:20/vlan.patch.asc | 16 ++ .../static/security/patches/EN-21:21/ipfw.patch | 27 ++ .../security/patches/EN-21:21/ipfw.patch.asc | 16 ++ .../security/patches/EN-21:22/linux_futex.patch | 69 ++++++ .../patches/EN-21:22/linux_futex.patch.asc | 16 ++ 20 files changed, 1795 insertions(+) diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml index 4c1b2b1704..bd86fb8b01 100644 --- a/website/data/security/errata.toml +++ b/website/data/security/errata.toml @@ -1,6 +1,26 @@ # Sort errata notices by year, month and day # $FreeBSD$ +[[notices]] +name = "FreeBSD-EN-21:22.linux_futex" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:21.ipfw" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:20.vlan" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:19.libcasper" +date = "2021-06-29" + +[[notices]] +name = "FreeBSD-EN-21:18.libc++" +date = "2021-06-29" + [[notices]] name = "FreeBSD-EN-21:17.libradius" date = "2021-06-01" diff --git a/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc new file mode 100644 index 0000000000..7773e922af --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:18.libc++.asc @@ -0,0 +1,143 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:18.libc++ Errata Notice + The FreeBSD Project + +Topic: Missing C++20 headers in libc++ + +Category: contrib +Module: libc++ +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-06-03 18:53:18 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:08:58 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +libc++ is an implementation of the C++ Standard Library, provided by the +LLVM project. It is used by C++ programs in the base system, and also by +many C++ programs in the ports collection. + +II. Problem Description + +The LLVM project components in the base system, including libc++, were +(2020-07-31) upgraded to upstream version 11.0.0. Among other features, +improvements were made to libc++ to better support the C++20 standard. This +also included a number of new Standard Library headers, but these were +missed during the upgrade and not installed into the base system, in +particular: + +* +* +* +* +* +* + +III. Impact + +Even though clang and libc++ 11.0.0 have much improved support for the +C++20 standard, it is not possible to build programs using the standard +headers listed above, because they are not available in the base system. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch +# fetch https://security.FreeBSD.org/patches/EN-21:18/libc++.patch.asc +# gpg --verify libc++.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 70e13c4cffd5 stable/13-n245875 +releng/13.0/ dac086497e50 releng/13.0-n244747 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + + + + + + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n +5cKVZg//Ro5nAZ7q23Uf4LlZchlADS8BlH6rHxJ2sk2784CJl4q0Lrh1UMcttfg6 +JA8xfbNV2YXLIzUaXemCfzJAOwCfuNSZkU4hJ568eqo5/itpRf5uQ6hXIwlmmYKw +9Sk8ciUAxO4HuxLxKRDEPsHWSSQE04SnGyQk82AXCpxn/0nTeQoeKj1wyPHBf8F+ +Kj0kl30l9JKpnoXgHfvyTvK2akJAXbH1v+pc72kyjVBhy8HWKAtsbyC7vYbELylB +XuH2IwxAVf1iR3VG7slUlr/L/XcGniICRzmYoY1A/SW6QalEfLDPtZLujl33HMOE +xyni4+oi7JsbgwVc/ISNfqwtyZePSD8RCczLNrZb+femGz/iyGwq1fPn8w0H5snp +NYrQ22HnjIR5E6Tqlx4IdVFC0M9JQjmEp9cTjG+9CM6L0qZLStdzYbGlJsG2qz0o +hBc3gvMGZzP2uBG8VxaIH3FBZGgMllsN0/uaOvqipZyqA8t4OR56bF5/AEGxLuJY +MPdMBMKNDvIpLKe9CEJ9A6BpAO3aPWnRKgAGKlV69t1wub0GWeAAFHz70JQC0Kgv +6q5xuCjzzGydIeZdv34uSkVThB+vv4OgpdH806ZZLjSr90kfzYJsRYDTNxRBdKpR +etU1E7FFJAxl9Qc2gXadEvDhi4IhKslBdtlQFIZvkoO8Wd4VhHM= +=vLEs +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc new file mode 100644 index 0000000000..603e5fc9bf --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:19.libcasper.asc @@ -0,0 +1,166 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:19.libcasper Errata Notice + The FreeBSD Project + +Topic: libcasper assertion failure + +Category: core +Module: libcasper +Announced: 2021-06-29 +Credits: Borja Marcos, Jung-uk Kim +Affects: All supported versions of FreeBSD. +Corrected: 2021-06-15 18:14:43 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:02 UTC (releng/13.0, 13.0-RELEASE-p3) + 2021-06-16 20:25:22 UTC (stable/12, 12.2-STABLE) + 2021-06-29 20:26:12 UTC (releng/12.2, 12.2-RELEASE-p9) + 2021-06-16 20:30:46 UTC (stable/11, 11.4-STABLE) + 2021-06-29 20:25:32 UTC (releng/11.4, 11.4-RELEASE-p12) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +libcasper(3) allows Capsicum-sandboxed applications to define and use +system interfaces which are ordinarily disallowed. It is used by +multiple programs in the base system, such as logger(1). + +II. Problem Description + +libcasper(3) creates service processes by forking the calling process, +so they initially inherit the calling process' file descriptor table. +Casper services expect the lowest 3 file descriptors, traditionally +corresponding to standard input, output, and error, are redirected to +/dev/null. libcasper(3) ensures this is the case. However, it did not +handle the possibility that one of them is closed, and this scenario +would trigger an assertion failure during service creation, resulting in +a crash. + +III. Impact + +Some applications, such as logger(1), may crash if one of the standard +descriptors is closed when Casper services are started, typically during +program initialization. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 13.0] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.13.patch.asc +# gpg --verify libcasper.13.patch.asc + +[FreeBSD 12.2] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.12.patch.asc +# gpg --verify libcasper.12.patch.asc + +[FreeBSD 11.4] +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch +# fetch https://security.FreeBSD.org/patches/EN-21:19/libcasper.11.patch.asc +# gpg --verify libcasper.11.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all daemons that use the library, or reboot the system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 934e10b4a388 stable/13-n246041 +releng/13.0/ ba5ed8109cc9 releng/13.0-n244748 +stable/12/ r369994 +releng/12.2/ r370063 +stable/11/ r370004 +releng/11.4/ r370059 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0QACgkQ05eS9J6n +5cJ3oRAAhTR7w6yCDjLSExq+/mizNNPy/EHyTxnoexUV6vGnPL3wEno6IVhqTPS3 +Vuq9m7noXOgwHGO0Mbbuc9vkZJWjfoXoeEqylfkSxH3mDb+hkBKPGyZNZWup6XCd +ykm2FB+c65t/neF9n/6OesT7mIUp+k4UIwTOXuO5rRolWkGrSawHLYWucww3LAF1 +p2bD7Gdc8m/Ymj5FDJBPMWAtFW7QNmocyQI4vGAgqoW2DXokoy/BVTYE6pU3RQ3G +ZTkXMa5Vb6LlbnP3ho14Jap/6gXcUAnB96bXuWG3JIsNvslZzSLe1jRKD0QXNJvw +PFRLe8LBOA/VZ02xyoHdlAkAnTMk+vv7LU6K6Z7UIr8YzwkS0UYvvVvEr03E1Psm +qvzhs+qml2ATn4/C4sjzUEAq5YRqBPQOSmKFmGDAOzy179L1YM8IFIdm11hpGlu5 +8T+n/egH5IVQ7U35MiXUkomvO7F2PWBP7oGI0GDIvKa7UuR+gsMwkVyE68W2442i +3JaBCqntchJjS2P+ixnXR2qCI81zCRlG+/m/1gBgztA8+K85l0P0gt8VAhcakbES +WXh4rX6BSvMqDI1Ex3wS00zjZOSM/HoNz+HGmpUiQ7RYVinrt4Av3vdbv2hLm96l +Iu28g8UCf4HNUAVAbgtiHmU74TBKGSyDPVcQVvegMG/YEhof9Fw= +=LQ0r +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc new file mode 100644 index 0000000000..3f2cf35791 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:20.vlan.asc @@ -0,0 +1,129 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:20.vlan Errata Notice + The FreeBSD Project + +Topic: Missing backwards compatibility in vlan(4) + +Category: core +Module: vlan +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-04-12 22:18:33 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:25 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +FreeBSD 13.0 introduced support for stacked VLANs (802.1ad, Q-in-Q). + +II. Problem Description + +Due to missing backwards compatibility, VLAN interfaces created by +the ifconfig binaries from prior versions of FreeBSD result in a +VLAN Protocol of 0, instead of 802.1Q (normal VLAN). + +III. Impact + +During the upgrade process from a prior version of FreeBSD to FreeBSD +13.0, when the system is rebooted with the new kernel, but still the old +userland, VLANs are not configured properly, and the system may not be +accessible over the network. + +Some network interface drivers may crash when they encounter the invalid +ethernet protocol type 0. + +IV. Workaround + +Use the FreeBSD 13.0 ifconfig binary to configure network interfaces +until the rest of the userland is updated as the upgrade process completes. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch +# fetch https://security.FreeBSD.org/patches/EN-21:20/vlan.patch.asc +# gpg --verify vlan.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 9abc85d17d05 stable/13-n245206 +releng/13.0/ 78f91c1fbf02 releng/13.0-n244749 +- ------------------------------------------------------------------------- + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +VII. References + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n +5cIe+g/9Hbf0RjRHr4PDK9CMdl8qH2mUzJw48vZ7A/+/ZP2DI9uahAvwUzXs4LJd +RvO9RHAQ4zU4xq4PrJg/H1N6oyx3s4RlPMvVi7EFEv0hKcoc21PzWfrrlIlrjuEx +TZTighUmmfOy95Mx0R+zaqW5uO31hx5JrBeeIORMiTQFStSidoB5blj5+RXPhWdp +xGmvRN/0YUvpDzSuwDt1UsjmbcGDcQn0KyIU3cnm7Dbc7M97WAngF3qB4zblP/Eu +tCbC9SFe/Gp4aSydDupNLL45PM/WvcbDaULH1cu/03vkSu5jHOILdx9q+h8CKOfs +GzCn2TY4iL/idfC3OxcZ1IYz2aRKG92fc1vtucT80BZ4vd6xUnQgAbYgDn16H59L +QQjnddeohb7HcYoTsESaFUnjoHpcr9r756wPOIcP59/gENS3Q/3jhvUFt81hmXTC +9ybR9KcrpD9WMLeFrI241TDqhUn7WeAnWmp+NJbAOJFBWQeDqHDqw6/pq923g8b+ +8yesNwXPXBPIw9OoqyG4X4ltfGJ2B2TcNvcr+3ILxwKNwFK5NA0xy6q7LXGNA64V +fAnHYnLLvdrErFeDgYzTbn/stnFl7lQ1WDGc/KKcFNW6EfP0ZARljDXtNkj9RTKP +jcxJ2s1pQfbXC1SzoieDb4CaNKQ9tzs0caGhLUWpEI2BKjgz5cU= +=7me6 +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc new file mode 100644 index 0000000000..d0e5e81d67 --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:21.ipfw.asc @@ -0,0 +1,145 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:21.ipfw Errata Notice + The FreeBSD Project + +Topic: Kernel panic with ipfw link-layer filtering enabled + +Category: core +Module: ipfw +Announced: 2021-06-29 +Affects: FreeBSD 13.0 +Corrected: 2021-06-19 14:08:49 UTC (stable/13, 13.0-STABLE) + 2021-06-29 17:09:43 UTC (releng/13.0, 13.0-RELEASE-p3) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +ipfw(4) is a IP packet filter implementation in the kernel. It uses the +pfil(9) interface to hook into several + +II. Problem Description + +When link-layer filtering is enabled by setting the net.link.ether.ipfw +sysctl to 1, packets received by the filter may be reallocated to ensure +that protocol headers are contiguous in memory. In this case, the old +copy of the packet is freed. However, the filter failed to update the +pointer returned to the pfil(9) caller, resulting in the use of a +pointer to freed memory. + +III. Impact + +Systems which use ipfw(4)'s link-layer filtering capabilities may panic. + +IV. Workaround + +No workaround is available. Systems not using ipfw(4), or systems that +do not explicitly enable link-layer filtering by setting the +net.link.ether.ipfw sysctl to 1, are not affected. + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch +# fetch https://security.FreeBSD.org/patches/EN-21:21/ipfw.patch.asc +# gpg --verify ipfw.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ ed1acef3fe30 stable/13-n246063 +releng/13.0/ 4647d115ff84 releng/13.0-n244750 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0UACgkQ05eS9J6n +5cKBew//V3FOP0ctdnzu2Y+EDOPkOt8SwVANBSY/Yde5NLATx6tpYf8ob2a98rYP +6raKpxrn1LtMWwuhXfUGl86mZYInTKvG1SFAZx8H3y1NLc+oesXXF6kmObQz6yfN +U8Gud4axcviV0dP2QW/JAbOAH7zwXpzCTYFYZvtdbFALGJdo2KqNYiFuJ6eVv4EK +Gm35CJvTiugKoXG6JKzJpqHhonHMeKcRDTYcg9xLneTRkKoCldXNtFY6G21+sFDN +OJgI+D6HilxPC1ujyGGKOx1EvQeUh42Hv8KoIQlbXzFq4j/ql1UlITaoPyOEGJYW +G7qEH5WnIrQoauq5v3DZydwTsF6Bi/k9Xw3vZkpIkHjq/mEGBquMW3y660thuDFD +K33dZWAtvzf4oupWNtGmAGZJ59MBSoSyj4TKUKChC5FC6MtKh1xaDi5AstqBZTkD +VPo/DJXS3jR/gF/1jDt7lxTKVNFGsp60Ru9Y7Pd0P3PqAEbLuVQJxF4VSfGx814P +PW7xOQmhi8Y3c0Cgcox/16hxAxo2tvv0XzNvvPikKn1HTMQ+9rc2V0rXG3bcr++a +7Ug+ToEEYOjln03S5Xu7LWfkHYJdrPVV2qnbCMgRYxBWezrK76Q420dNtbx47ScZ +eDg1vOOfiWpRQVUJbCzeUyLaZBUZ9WvgmemeO6bgeHlS9NE81Ys= +=pdU2 +-----END PGP SIGNATURE----- diff --git a/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc new file mode 100644 index 0000000000..750ce7f9de --- /dev/null +++ b/website/static/security/advisories/FreeBSD-EN-21:22.linux_futex.asc @@ -0,0 +1,157 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-21:22.linux_futex Errata Notice + The FreeBSD Project + +Topic: Linux compatibility layer futex(2) system call vulnerability + +Category: core +Module: kernel +Announced: 2021-06-29 +Credits: Dmitry Chagin +Affects: All supported versions of FreeBSD. +Corrected: 2021-06-29 19:58:32 UTC (stable/13, 13.0-STABLE) + 2021-06-29 20:06:09 UTC (releng/13.0, 13.0-RELEASE-p3) + 2021-06-29 20:01:48 UTC (stable/12, 12.2-STABLE) + 2021-06-29 20:26:15 UTC (releng/12.2, 12.2-RELEASE-p9) + 2021-06-29 20:01:14 UTC (stable/11, 11.4-STABLE) + 2021-06-29 20:25:38 UTC (releng/11.4, 11.4-RELEASE-p12) +CVE Name: CVE-2018-6927 + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The Linux ABI layer (Linuxulator) allows Linux binaries to be executed on a +FreeBSD kernel. This compatibility layer is supported on the amd64, aarch64 +and i386 architecture. + +II. Problem Description + +A programming error in the Linux compatibility layer futex(2) system +call might allow attackers to cause a denial of service. + +III. Impact + +It is possible for an unprivileged local attacker to specify negative +wake or requeue value for futex_requeue, which may result in a signed +integer overflow. + +IV. Workaround + +No workaround is available. Systems not using the Linux binary compatibility +layer are not affected. + +The following command can be used to test if the Linux binary compatibility +layer is loaded: + +# kldstat -m linuxelf && kldstat -m linux64elf + +V. Solution + +Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date and reboot. + +Perform one of the following: + +1) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the amd64, i386, or +(on FreeBSD 13 and later) arm64 platforms can be updated via the +freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install +# shutdown -r +10min "Rebooting for an erratum update" + +2) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch +# fetch https://security.FreeBSD.org/patches/EN-21:22/linux_futex.patch.asc +# gpg --verify linux_futex.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +This issue is corrected by the corresponding Git commit hash or Subversion +revision number in the following stable and release branches: + +Branch/path Hash Revision +- ------------------------------------------------------------------------- +stable/13/ 7a37d13b6cfa stable/13-n246121 +releng/13.0/ d1fffaed2309 releng/13.0-n244751 +stable/12/ r370058 +releng/12.2/ r370064 +stable/11/ r370057 +releng/11.4/ r370061 +- ------------------------------------------------------------------------- + +For FreeBSD 13 and later: + +Run the following command to see which files were modified by a +particular commit: + +# git show --stat + +Or visit the following URL, replacing NNNNNN with the hash: + + + +To determine the commit count in a working tree (for comparison against +nNNNNNN in the table above), run: + +# git rev-list --count --first-parent HEAD + +For FreeBSD 12 and earlier: + +Run the following command to see which files were modified by a particular +revision, replacing NNNNNN with the revision number: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The fix was modeled after Linux, where a similar error has been fixed: + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmDcD0YACgkQ05eS9J6n +5cJeohAAkhSmsTOpyNfWe2nhRmtH/686fEIaRyNBdPkPtCE/bszgMNLbGLPaCKEt +EHV9HgtDWJF/U/V9odh4QJChkbBEIngh5A45IZcWgv3359Sv1xSCDhPNxuJvUgHZ +R4VZ9zKFcY/ur6e/AJCkp9ofkWVDLBoLI/yYXTiIJqKWTtnOJ9ObphV08t6hNCSY +vWK5wLs39Gd/fo7VhPSjSOP9JuCNCrrX57pd6PQzmhDuewl3jQAp6oot3nQSmTNM +l8JlpegC8SnbUIv5vOxRdtuE22WbMjiGXN3V/ejxl40q9SeY+uDQjollMSf+xJwf +6tTStPJMMv7zu10BJTja/27a+TTL7tTYzseTAtYSsCu51ZfN45AONaSgNDy8Tb1N +zDiEi2E74bM1raO5TPHp+cPWAcYT/QV35DNt7BkKEDOGBrqAM1nyTsoe1qWolm9R +PEkdOpRDOS1bpss6vcyI4yjD/wFPf82A7Ji27A0+fpmUedaqNpE4EXxlSAd/2vp2 +pORz+EhFj3D9iOSHvZJM9FS8cOncXlnq33rcSF0nY8prZ7pJfbaWZjLYIIBSrMZB +w8PsmWBYjP01zHK+IReI/JVyJHbau+qdUsTND15TxVXAJPK5qbMKEeRak8RA9m5f +v7CU2ahZfXhvLgxysBWP1txf4s/7+hiynftxAL2TGg0YH4Dqkts= +=BHgS +-----END PGP SIGNATURE----- diff --git a/website/static/security/patches/EN-21:18/libc++.patch b/website/static/security/patches/EN-21:18/libc++.patch new file mode 100644 index 0000000000..7052684db3 --- /dev/null +++ b/website/static/security/patches/EN-21:18/libc++.patch @@ -0,0 +1,275 @@ + Add C++ headers + + I missed adding these to the libc++ Makefile, when importing + llvm-project 11.0.0-rc1, even though they were supplied by upstream. + + While here, update OptionalObsoleteFiles.inc to add these new headers, + and cleanup old cruft. + + Reported by: yuri + Submitted by: jkim (Makefile diff) + PR: 255374 + MFC after: 3 days + + (cherry picked from commit 95aa617e4bf09fcc813b1bab3d0dbf4b606807b1) + (cherry picked from commit 70e13c4cffd5ff7a70296bc5c4c3b7525c278b1d) +--- lib/libc++/Makefile.orig ++++ lib/libc++/Makefile +@@ -112,6 +112,7 @@ + STD_HEADERS+= any + STD_HEADERS+= array + STD_HEADERS+= atomic ++STD_HEADERS+= barrier + STD_HEADERS+= bit + STD_HEADERS+= bitset + STD_HEADERS+= cassert +@@ -131,6 +132,7 @@ + STD_HEADERS+= compare + STD_HEADERS+= complex + STD_HEADERS+= complex.h ++STD_HEADERS+= concepts + STD_HEADERS+= condition_variable + STD_HEADERS+= csetjmp + STD_HEADERS+= csignal +@@ -149,6 +151,7 @@ + STD_HEADERS+= deque + STD_HEADERS+= errno.h + STD_HEADERS+= exception ++STD_HEADERS+= execution + STD_HEADERS+= fenv.h + STD_HEADERS+= filesystem + STD_HEADERS+= float.h +@@ -164,6 +167,7 @@ + STD_HEADERS+= iostream + STD_HEADERS+= istream + STD_HEADERS+= iterator ++STD_HEADERS+= latch + STD_HEADERS+= limits + STD_HEADERS+= limits.h + STD_HEADERS+= list +@@ -174,6 +178,7 @@ + STD_HEADERS+= memory + STD_HEADERS+= mutex + STD_HEADERS+= new ++STD_HEADERS+= numbers + STD_HEADERS+= numeric + STD_HEADERS+= optional + STD_HEADERS+= ostream +@@ -182,6 +187,7 @@ + STD_HEADERS+= ratio + STD_HEADERS+= regex + STD_HEADERS+= scoped_allocator ++STD_HEADERS+= semaphore + STD_HEADERS+= set + STD_HEADERS+= setjmp.h + STD_HEADERS+= shared_mutex +--- tools/build/mk/OptionalObsoleteFiles.inc.orig ++++ tools/build/mk/OptionalObsoleteFiles.inc +@@ -3831,6 +3831,7 @@ + OLD_FILES+=usr/include/c++/v1/any + OLD_FILES+=usr/include/c++/v1/array + OLD_FILES+=usr/include/c++/v1/atomic ++OLD_FILES+=usr/include/c++/v1/barrier + OLD_FILES+=usr/include/c++/v1/bit + OLD_FILES+=usr/include/c++/v1/bitset + OLD_FILES+=usr/include/c++/v1/cassert +@@ -3850,6 +3851,7 @@ + OLD_FILES+=usr/include/c++/v1/compare + OLD_FILES+=usr/include/c++/v1/complex + OLD_FILES+=usr/include/c++/v1/complex.h ++OLD_FILES+=usr/include/c++/v1/concepts + OLD_FILES+=usr/include/c++/v1/condition_variable + OLD_FILES+=usr/include/c++/v1/csetjmp + OLD_FILES+=usr/include/c++/v1/csignal +@@ -3869,14 +3871,12 @@ + OLD_FILES+=usr/include/c++/v1/deque + OLD_FILES+=usr/include/c++/v1/errno.h + OLD_FILES+=usr/include/c++/v1/exception ++OLD_FILES+=usr/include/c++/v1/execution + OLD_FILES+=usr/include/c++/v1/experimental/__config + OLD_FILES+=usr/include/c++/v1/experimental/__memory + OLD_FILES+=usr/include/c++/v1/experimental/algorithm +-OLD_FILES+=usr/include/c++/v1/experimental/any +-OLD_FILES+=usr/include/c++/v1/experimental/chrono + OLD_FILES+=usr/include/c++/v1/experimental/coroutine + OLD_FILES+=usr/include/c++/v1/experimental/deque +-OLD_FILES+=usr/include/c++/v1/experimental/dynarray + OLD_FILES+=usr/include/c++/v1/experimental/filesystem + OLD_FILES+=usr/include/c++/v1/experimental/forward_list + OLD_FILES+=usr/include/c++/v1/experimental/functional +@@ -3884,25 +3884,22 @@ + OLD_FILES+=usr/include/c++/v1/experimental/list + OLD_FILES+=usr/include/c++/v1/experimental/map + OLD_FILES+=usr/include/c++/v1/experimental/memory_resource +-OLD_FILES+=usr/include/c++/v1/experimental/numeric +-OLD_FILES+=usr/include/c++/v1/experimental/optional + OLD_FILES+=usr/include/c++/v1/experimental/propagate_const +-OLD_FILES+=usr/include/c++/v1/experimental/ratio + OLD_FILES+=usr/include/c++/v1/experimental/regex + OLD_FILES+=usr/include/c++/v1/experimental/set + OLD_FILES+=usr/include/c++/v1/experimental/simd + OLD_FILES+=usr/include/c++/v1/experimental/string +-OLD_FILES+=usr/include/c++/v1/experimental/string_view +-OLD_FILES+=usr/include/c++/v1/experimental/system_error +-OLD_FILES+=usr/include/c++/v1/experimental/tuple + OLD_FILES+=usr/include/c++/v1/experimental/type_traits + OLD_FILES+=usr/include/c++/v1/experimental/unordered_map + OLD_FILES+=usr/include/c++/v1/experimental/unordered_set + OLD_FILES+=usr/include/c++/v1/experimental/utility + OLD_FILES+=usr/include/c++/v1/experimental/vector ++OLD_DIRS+=usr/include/c++/v1/experimental + OLD_FILES+=usr/include/c++/v1/ext/__hash + OLD_FILES+=usr/include/c++/v1/ext/hash_map + OLD_FILES+=usr/include/c++/v1/ext/hash_set ++OLD_DIRS+=usr/include/c++/v1/ext ++OLD_FILES+=usr/include/c++/v1/fenv.h + OLD_FILES+=usr/include/c++/v1/filesystem + OLD_FILES+=usr/include/c++/v1/float.h + OLD_FILES+=usr/include/c++/v1/forward_list +@@ -3917,6 +3914,7 @@ + OLD_FILES+=usr/include/c++/v1/iostream + OLD_FILES+=usr/include/c++/v1/istream + OLD_FILES+=usr/include/c++/v1/iterator ++OLD_FILES+=usr/include/c++/v1/latch + OLD_FILES+=usr/include/c++/v1/limits + OLD_FILES+=usr/include/c++/v1/limits.h + OLD_FILES+=usr/include/c++/v1/list +@@ -3927,7 +3925,7 @@ + OLD_FILES+=usr/include/c++/v1/memory + OLD_FILES+=usr/include/c++/v1/mutex + OLD_FILES+=usr/include/c++/v1/new +-OLD_FILES+=usr/include/c++/v1/numeric ++OLD_FILES+=usr/include/c++/v1/numbers + OLD_FILES+=usr/include/c++/v1/numeric + OLD_FILES+=usr/include/c++/v1/optional + OLD_FILES+=usr/include/c++/v1/ostream *** 968 LINES SKIPPED ***