From owner-svn-doc-head@freebsd.org Tue May 8 17:24:55 2018 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B043AFBCE8B; Tue, 8 May 2018 17:24:54 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6422981B0F; Tue, 8 May 2018 17:24:54 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2E7A92D4D8; Tue, 8 May 2018 17:24:54 +0000 (UTC) (envelope-from gordon@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w48HOsfD041237; Tue, 8 May 2018 17:24:54 GMT (envelope-from gordon@FreeBSD.org) Received: (from gordon@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w48HOqYr041228; Tue, 8 May 2018 17:24:52 GMT (envelope-from gordon@FreeBSD.org) Message-Id: <201805081724.w48HOqYr041228@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gordon set sender to gordon@FreeBSD.org using -f From: Gordon Tetlow Date: Tue, 8 May 2018 17:24:52 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51632 - in head/share: security/advisories security/patches/EN-18:05 security/patches/EN-18:06 security/patches/SA-18:06 xml X-SVN-Group: doc-head X-SVN-Commit-Author: gordon X-SVN-Commit-Paths: in head/share: security/advisories security/patches/EN-18:05 security/patches/EN-18:06 security/patches/SA-18:06 xml X-SVN-Commit-Revision: 51632 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 May 2018 17:24:55 -0000 Author: gordon (src,ports committer) Date: Tue May 8 17:24:52 2018 New Revision: 51632 URL: https://svnweb.freebsd.org/changeset/doc/51632 Log: Add today's advisories. Approved by: so Sponsored by: The FreeBSD Foundation Added: head/share/security/advisories/FreeBSD-EN-18:05.mem.asc (contents, props changed) head/share/security/advisories/FreeBSD-EN-18:06.tzdata.asc (contents, props changed) head/share/security/advisories/FreeBSD-SA-18:06.debugreg.asc (contents, props changed) head/share/security/patches/EN-18:05/ head/share/security/patches/EN-18:05/mem.10.4.patch (contents, props changed) head/share/security/patches/EN-18:05/mem.10.4.patch.asc (contents, props changed) head/share/security/patches/EN-18:05/mem.11.1.patch (contents, props changed) head/share/security/patches/EN-18:05/mem.11.1.patch.asc (contents, props changed) head/share/security/patches/EN-18:06/ head/share/security/patches/EN-18:06/tzdata-2018e.patch (contents, props changed) head/share/security/patches/EN-18:06/tzdata-2018e.patch.asc (contents, props changed) head/share/security/patches/SA-18:06/ head/share/security/patches/SA-18:06/debugreg.10.4.patch (contents, props changed) head/share/security/patches/SA-18:06/debugreg.10.4.patch.asc (contents, props changed) head/share/security/patches/SA-18:06/debugreg.11.1.patch (contents, props changed) head/share/security/patches/SA-18:06/debugreg.11.1.patch.asc (contents, props changed) Modified: head/share/xml/advisories.xml head/share/xml/notices.xml Added: head/share/security/advisories/FreeBSD-EN-18:05.mem.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-18:05.mem.asc Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,152 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-18:05.mem Errata Notice + The FreeBSD Project + +Topic: Multiple small kernel memory disclosures + +Category: core +Module: kernel +Announced: 2018-05-08 +Credits: Ilja van Sprundel, IOActive + Vlad Tsyrklevich +Affects: All supported versions of FreeBSD. +Corrected: 2018-04-08 20:50:16 UTC (stable/11, 11.1-STABLE) + 2018-05-08 17:14:54 UTC (releng/11.1, 11.1-RELEASE-p10) + 2018-04-09 12:55:09 UTC (stable/10, 10.4-STABLE) + 2018-05-08 17:14:54 UTC (releng/10.4, 10.4-RELEASE-p9) +CVE Name: CVE-2018-6920, CVE-2018-6921 + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +FreeBSD includes drivers for Atheros wireless interfaces, a TCP network +stack, and the ability to execute Linux binaries. + +II. Problem Description + +Due to insufficient initialization of memory copied to userland in the +components described above small amounts of kernel memory may be disclosed +to userland processes. + +The disclosure in the Atheros wireless driver and Linux subsystem applies to +both FreeBSD 10.x and 11.x (CVE-2018-6920). + +The disclosure in the TCP network stack was introduced in 11.0. As such, +only FreeBSD 11.x is affected by this issue (CVE-2018-6921). + +III. Impact + +A user who can access these drivers, use TCP sockets, or execute Linux +binaries may be able to read the contents of small portions of kernel memory. + +Such memory might contain sensitive information, such as portions of the file +cache or terminal buffers. This information might be directly useful, or it +might be leveraged to obtain elevated privileges in some way; for example, +a terminal buffer might include a user-entered password. + +IV. Workaround + +No workaround is available. + +V. Solution + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. + +Afterward, reboot the system. + +2) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +Afterward, reboot the system. + +3) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 11.1] +# fetch https://security.FreeBSD.org/patches/EN-18:05/mem.11.1.patch +# fetch https://security.FreeBSD.org/patches/EN-18:05/mem.11.1.patch.asc +# gpg --verify mem.11.1.patch.asc + +[FreeBSD 10.4] +# fetch https://security.FreeBSD.org/patches/EN-18:05/mem.10.4.patch +# fetch https://security.FreeBSD.org/patches/EN-18:05/mem.10.4.patch.asc +# gpg --verify mem.10.4.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile your kernel as described in + and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r332321 +releng/10.4/ r333372 +stable/11/ r332303 +releng/11.1/ r333372 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlrx3F5fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cLEJw/+O78dItjByrV33QHG6FG99Sk2tMvYJaD5jmM7qUiV2TiumFz4n8a3IjDe +kEmH68jkHxkSvWHvpOKMYx/CzzGG1UkMQvrFseGO6d/azZMqY4V3WqXeKcD6lwLI +qggFdIBDr2ltGQ19jLuD8ucfuyC8DurdhiEzn1s7e2YjpPaCgNSc9kHf/+Ez/MBu +v9ozlq/uS9+tLWHCoY6r4WFXWBrT96LFs9O+5TMVXZ+1ZuIvj4/2y+7HtgJalt85 +5+bce0+qFdmk/gpcw7SQOZ1ngeXPWi9fDOv7LR+YkDaHcpJP9sXp9Ej2Tro97CMK +oQ0QGiJ+h1iGuYIw76chchZ5mK+UEVSbdxK70fpPC1zi+g8l0smVSpOs8oNFGX0m +F0pHhIz3LwMMDyZgJsEMUIkBF7nbKS8Mc+noq9DOaOjZjb0yyBFbc8s82LIdbOhO +IIJftNF1NSlH4tKJtFdet/TrxHX/UZ0xp52SHev+U3c3gXaoP4EUHQ71R/lnlyJc +R+H6G/xZjcsNrklKgJJMV+5znKbjDaqavaaAxo17eRqLG/M4ZIac3xzqJUyeuUPY +RnErPTRQzGL4C9CldxjIfI+iY3f2uTsNclzonV98kcLxbRdMsNIybUV6mNBYVmlx +4A6IN3zP1+bsbjOdZMhpAUIjsflj/KzdF/f4/BjoCgBv3O030ec= +=jxlW +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-EN-18:06.tzdata.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-EN-18:06.tzdata.asc Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,147 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-EN-18:06.tzdata Errata Notice + The FreeBSD Project + +Topic: Timezone database information update + +Category: contrib +Module: zoneinfo +Announced: 2018-05-08 +Credits: Philip Paeps +Affects: All supported versions of FreeBSD. +Corrected: 2018-05-07 06:58:19 UTC (stable/11, 11.2-PRERELEASE) + 2018-05-08 17:18:24 UTC (releng/11.1, 11.1-RELEASE-p10) + 2018-05-07 07:02:26 UTC (stable/10, 10.4-STABLE) + 2018-05-08 17:18:24 UTC (releng/10.4, 10.4-RELEASE-p9) + +For general information regarding FreeBSD Errata Notices and Security +Advisories, including descriptions of the fields above, security +branches, and the following sections, please visit +. + +I. Background + +The tzsetup(8) program allows the user to specify the default local timezone. +Based on the selected timezone, tzsetup(8) copies one of the files from +/usr/share/zoneinfo to /etc/localtime. This file actually controls the +conversion. + +II. Problem Description + +Several changes in Daylight Savings Time happened after previous FreeBSD +releases were released that would affect many people who live in different +countries. Because of these changes, the data in the zoneinfo files need to +be updated, and if the local timezone on the running system is affected, +tzsetup(8) needs to be run so the /etc/localtime is updated. + +III. Impact + +An incorrect time will be displayed on a system configured to use one of the +affected timezones if the /usr/share/zoneinfo and /etc/localtime files are +not updated, and all applications on the system that rely on the system time, +such as cron(8) and syslog(8), will be affected. + +IV. Workaround + +The system administrator can install an updated timezone database from the +misc/zoneinfo port and run tzsetup(8) to get the timezone database corrected. + +Applications that store and display times in Coordinated Universal Time (UTC) +are not affected. + +V. Solution + +Please note that some third party software, for instance PHP, Ruby, Java and +Perl, may be using different zoneinfo data source, in such cases this +software must be updated separately. For software packages that is installed +via binary packages, they can be upgraded by executing `pkg upgrade'. + +Following the instructions in this Errata Notice will update all of the +zoneinfo files to be the same as what was released with FreeBSD release. + +Perform one of the following: + +1) Upgrade your system to a supported FreeBSD stable or release / security +branch (releng) dated after the correction date. Restart all the affected +applications and daemons, or reboot the system. + +2) To update your system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +Restart all the affected applications and daemons, or reboot the system. + +3) To update your system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch https://security.FreeBSD.org/patches/EN-18:06/tzdata-2018e.patch +# fetch https://security.FreeBSD.org/patches/EN-18:06/tzdata-2018e.patch.asc +# gpg --verify tzdata-2018e.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile the operating system using buildworld and installworld as +described in . + +Restart all the affected applications and daemons, or reboot the system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r333313 +releng/10.4/ r333375 +stable/11/ r333312 +releng/11.1/ r333375 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlrx3G1fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cIzdg//a6Vn9B/eW4na7jAcX4rUCUJGBFE1A4MhX4NGULx+L4v6qkcdj4O6CWYR +rbqNRzEtb5oF0We9K0XyekigmOVmb5TwDXHbjiaw13DrLWM4WhEAerRP04DrDV7k +31SGAq92L3oP4u8FrxwdtKZ2TY5naH/3GdGEL0JJmUaqUSrtLeiOvqVwCKZIy7i9 +Q4DqQh7cEtBK5J8V+VqqbKNKOTPKS0uH27UAjzPhTc+GbZ4YRnD4YKVfNZMEDmiy +5TgXJrVOX+eJZlB1jgZXJY38wZtQELbs+2I2haNvzKz3Ypt7Rtan9MxAWkBkC+g6 +/tbiJFYaJ5GC0CTBymBa8gm5oqvpWzb3h3kNpld4SDyO1iDcIcD7/+VqnNoFynVa +Fgf/icLc3Ck48n0ZZQlkGk22kTmBwe69p6QLnL5cuDbm3ZpRM/+1GjguG2Ow5eYD +Y6p6eMozALZh2JdHdxAtKEuSfc03UOMcEu2kBtVE/XtoJqPb+2SmaSRvXmMiio2E +TPjjdAzUUITDcESmyJLmHoqwHR40i2+ZSwH6BbD/1qeoH7PSXS+/Nh/wv2KEsC0S +tbAYiwuj4uDlgPIPm0tr2xDB+2BaSVe/0AituXyzFQVnrNJHisLrk0tZ7Y3WmN0B +Fn/5LIRGjT51Sw/0D0XpedwcdWoUQ9vz/FpoC6xQDcaXhW/ViDo= +=0QUF +-----END PGP SIGNATURE----- Added: head/share/security/advisories/FreeBSD-SA-18:06.debugreg.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/advisories/FreeBSD-SA-18:06.debugreg.asc Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,141 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +============================================================================= +FreeBSD-SA-18:06.debugreg Security Advisory + The FreeBSD Project + +Topic: Mishandling of x86 debug exceptions + +Category: core +Module: kernel +Announced: 2018-05-08 +Credits: Nick Peterson, Everdox Tech LLC + https://www.linkedin.com/in/everdox + Andy Lutomirski +Affects: All supported versions of FreeBSD. +Corrected: 2018-05-08 17:03:33 UTC (stable/11, 11.2-PRERELEASE) + 2018-05-08 17:12:10 UTC (releng/11.1, 11.1-RELEASE-p10) + 2018-05-08 17:05:39 UTC (stable/10, 10.4-STABLE) + 2018-05-08 17:12:10 UTC (releng/10.4, 10.4-RELEASE-p9) +CVE Name: CVE-2018-8897 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit . + +I. Background + +On x86 architecture systems, the stack is represented by the combination of +a stack segment and a stack pointer, which must remain in sync for proper +operation. Instructions related to manipulating the stack segment have +special handling to facilitate consistency with changes to the stack pointer. + +II. Problem Description + +The MOV SS and POP SS instructions inhibit debug exceptions until the +instruction boundary following the next instruction. If that instruction is +a system call or similar instruction that transfers control to the operating +system, the debug exception will be handled in the kernel context instead of +the user context. + +III. Impact + +An authenticated local attacker may be able to read sensitive data in kernel +memory, control low-level operating system functions, or may panic the +system. + +IV. Workaround + +No workaround is available. + +V. Solution + +Upgrade your vulnerable system to a supported FreeBSD stable or +release / security branch (releng) dated after the correction date, +using either a binary or source code patch, and then reboot. + +1) To update your vulnerable system via a binary patch: + +Systems running a RELEASE version of FreeBSD on the i386 or amd64 +platforms can be updated via the freebsd-update(8) utility: + +# freebsd-update fetch +# freebsd-update install + +And reboot. + +2) To update your vulnerable system via a source code patch: + +The following patches have been verified to apply to the applicable +FreeBSD release branches. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +[FreeBSD 11.1] +# fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.11.1.patch +# fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.11.1.patch.asc +# gpg --verify debugreg.11.1.patch.asc + +[FreeBSD 10.4] +# fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.10.4.patch +# fetch https://security.FreeBSD.org/patches/SA-18:06/debugreg.10.4.patch.asc +# gpg --verify debugreg.10.4.patch.asc + +b) Apply the patch. Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch + +c) Recompile and install your kernel as described in + and reboot the +system. + +VI. Correction details + +The following list contains the correction revision numbers for each +affected branch. + +Branch/path Revision +- ------------------------------------------------------------------------- +stable/10/ r333370 +releng/10.4/ r333371 +stable/11/ r333369 +releng/11.1/ r333371 +- ------------------------------------------------------------------------- + +To see which files were modified by a particular revision, run the +following command, replacing NNNNNN with the revision number, on a +machine with Subversion installed: + +# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base + +Or visit the following URL, replacing NNNNNN with the revision number: + + + +VII. References + + + +The latest revision of this advisory is available at + +-----BEGIN PGP SIGNATURE----- + +iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlrx3HhfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cK/jhAAmPPCFZRMvbyG0VBCBqo5COFZ/32IMOWFDGMlsSi+CEgcGM51SzYZi97c +zsT/2RgMsvBdggk41wvXqp1gKxgIbJe22af7l+D18e6rDEesueJqSiizcHmfGQul +X+ZRUkFxTkCNz0Ajp4clqbavuHNiCmiKmH/0X8LMk31SXIVE3oH0Pphf0W8qJqxz +4k2nvc6NoPWEMVA0rsj3n6sB0NhvV1ddLLmGpoDgedSyz77PCDgWGMoh5ny5sY12 +tHNB1r+gL624Y0l8xoyVJP0Snk0emzeQQ5HOTa8DRIwD/a0Uxy+xKcvDMorW9U6M +zsxrMs9EwSJYpwLxsQ/YVTgFvyQbkHXFXg56hxqUvnnEEahGfF47d/9x2lyzDr8r +H+ncl9a+PfOCJ5OcwkjzorQv+Pq65JFlc15bxLS+zyU4g6yJDnHdk7Azbc60Uwq/ +chauKmosm1I1CVH60JG00rmvoiX7b5ZRdEGEzAFt4XIX+EuXPnI84C5DxiD1YG+3 +n7IygNZNGtGfIrNhWEn2VK+VGzFEm2p4RkreWbGwrWQIxfd5gOJxvjAPSwjgy5rl +dwRW7bMzowIGnrlzCF18Qc2xnFD31JPYDdsI+Fa8d1YkCVWRZ79VX57Locw50/de +c5nZRJGk4AQ1lXxkNTkxWnstfb/q8fBVPkIEQKVHpVnGiI/pQpQ= +=Oyxs +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-18:05/mem.10.4.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-18:05/mem.10.4.patch Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,115 @@ +--- sys/compat/linux/linux_ioctl.c.orig ++++ sys/compat/linux/linux_ioctl.c +@@ -246,6 +246,7 @@ + } else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) { + struct linux_hd_big_geometry hdbg; + ++ memset(&hdbg, 0, sizeof(hdbg)); + hdbg.cylinders = fwcylinders; + hdbg.heads = fwheads; + hdbg.sectors = fwsectors; +@@ -2426,6 +2427,7 @@ + printf("%s(): ioctl %d on %.*s\n", __func__, + args->cmd & 0xffff, LINUX_IFNAMSIZ, lifname); + #endif ++ memset(ifname, 0, sizeof(ifname)); + ifp = ifname_linux_to_bsd(td, lifname, ifname); + if (ifp == NULL) + return (EINVAL); +--- sys/compat/linux/linux_ipc.c.orig ++++ sys/compat/linux/linux_ipc.c +@@ -516,6 +516,9 @@ + register_t rval; + int cmd, error; + ++ memset(&linux_seminfo, 0, sizeof(linux_seminfo)); ++ memset(&linux_semid, 0, sizeof(linux_semid)); ++ + switch (args->cmd & ~LINUX_IPC_64) { + case LINUX_IPC_RMID: + cmd = IPC_RMID; +@@ -661,6 +664,8 @@ + struct l_msqid_ds linux_msqid; + struct msqid_ds bsd_msqid; + ++ memset(&linux_msqid, 0, sizeof(linux_msqid)); ++ + bsd_cmd = args->cmd & ~LINUX_IPC_64; + switch (bsd_cmd) { + case LINUX_IPC_INFO: +@@ -667,6 +672,7 @@ + case LINUX_MSG_INFO: { + struct l_msginfo linux_msginfo; + ++ memset(&linux_msginfo, 0, sizeof(linux_msginfo)); + /* + * XXX MSG_INFO uses the same data structure but returns different + * dynamic counters in msgpool, msgmap, and msgtql fields. +@@ -789,6 +795,10 @@ + struct shmid_ds bsd_shmid; + int error; + ++ memset(&linux_shm_info, 0, sizeof(linux_shm_info)); ++ memset(&linux_shmid, 0, sizeof(linux_shmid)); ++ memset(&linux_shminfo, 0, sizeof(linux_shminfo)); ++ + switch (args->cmd & ~LINUX_IPC_64) { + + case LINUX_IPC_INFO: { +--- sys/dev/ath/if_ath_btcoex.c.orig ++++ sys/dev/ath/if_ath_btcoex.c +@@ -321,7 +321,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -330,6 +330,7 @@ + switch (id) { + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; +--- sys/dev/ath/if_ath_lna_div.c.orig ++++ sys/dev/ath/if_ath_lna_div.c +@@ -185,7 +185,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -194,6 +194,7 @@ + switch (id) { + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; +--- sys/dev/ath/if_ath_spectral.c.orig ++++ sys/dev/ath/if_ath_spectral.c +@@ -210,7 +210,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -273,6 +273,7 @@ + break; + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; Added: head/share/security/patches/EN-18:05/mem.10.4.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-18:05/mem.10.4.patch.asc Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlrxvPRfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cL+ag/9G31jTLcccP2zEVMkQImlpbok+NQ6S/68DSgLfyht72mBR+Auhr+uN6i4 +9Rd3+UDwA5ZLOYt7QcZpV5xAJKAp9JtV8gNA0TFpWsRY2OYzDXL2EbyVonhutib5 +X5a0ClXjMOP99OZTWKMxQvLMZOa4p6DLOxZZfHyqbKdiDVOQCvLX2PSpHEQWCAZg +d6ciw3Hs/H6AwT7ILwBlrWlax/O3RcMApRroeOIfKp1tVgoujvPlfHXGGIgXnEjr +OfzLO6VBdaBYmKXQL3+zSweJtQXqby75JvLeS4+8SNwSyW4SOX+wgA63Q1imD6az +Max+FPo459kGf1bp5sgmtn1r4AsWuCFEBE93tYnAWA5RXXyZwdjN0UBbKmoENZwb +0eUuwymanPpJZ+LBRjlXS7fjpE3r9Dal9khxQnZ4L4mICYYyDqdTmCmXt/Dh+fTB +7SwCb+ptVmZqvZfg7Xmp4Kk9lIDaPXxjlUTfmQK26iiV/sR53RP3hgDMT9HXfxdQ +BuF5eRkOgT5oGTljqOpsZuxpSRTvVGpnTzRQ3ORq9kxv2pk9+z37A2RkHWbw95H6 +JnmnrZrjUYjYXxnMn7TyFlEgrkWicQN1a3QOCq4hBOMgqfID8Q/doNTcvomchX1w +R+z+l737NWCTOvFN7DBL7GQcmzidTI7LwdEIVxK7+c0csSrycp0= +=nC9i +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-18:05/mem.11.1.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-18:05/mem.11.1.patch Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,139 @@ +--- sys/compat/linux/linux_ioctl.c.orig ++++ sys/compat/linux/linux_ioctl.c +@@ -253,6 +253,7 @@ + } else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) { + struct linux_hd_big_geometry hdbg; + ++ memset(&hdbg, 0, sizeof(hdbg)); + hdbg.cylinders = fwcylinders; + hdbg.heads = fwheads; + hdbg.sectors = fwsectors; +@@ -2477,6 +2478,7 @@ + printf("%s(): ioctl %d on %.*s\n", __func__, + args->cmd & 0xffff, LINUX_IFNAMSIZ, lifname); + #endif ++ memset(ifname, 0, sizeof(ifname)); + ifp = ifname_linux_to_bsd(td, lifname, ifname); + if (ifp == NULL) + return (EINVAL); +--- sys/compat/linux/linux_ipc.c.orig ++++ sys/compat/linux/linux_ipc.c +@@ -548,6 +548,9 @@ + register_t rval; + int cmd, error; + ++ memset(&linux_seminfo, 0, sizeof(linux_seminfo)); ++ memset(&linux_semid64, 0, sizeof(linux_semid64)); ++ + switch (args->cmd & ~LINUX_IPC_64) { + case LINUX_IPC_RMID: + cmd = IPC_RMID; +@@ -702,6 +705,8 @@ + struct l_msqid64_ds linux_msqid64; + struct msqid_ds bsd_msqid; + ++ memset(&linux_msqid64, 0, sizeof(linux_msqid64)); ++ + bsd_cmd = args->cmd & ~LINUX_IPC_64; + switch (bsd_cmd) { + case LINUX_IPC_INFO: +@@ -708,6 +713,7 @@ + case LINUX_MSG_INFO: { + struct l_msginfo linux_msginfo; + ++ memset(&linux_msginfo, 0, sizeof(linux_msginfo)); + /* + * XXX MSG_INFO uses the same data structure but returns different + * dynamic counters in msgpool, msgmap, and msgtql fields. +@@ -833,6 +839,10 @@ + struct shmid_ds bsd_shmid; + int error; + ++ memset(&linux_shm_info, 0, sizeof(linux_shm_info)); ++ memset(&linux_shmid64, 0, sizeof(linux_shmid64)); ++ memset(&linux_shminfo64, 0, sizeof(linux_shminfo64)); ++ + switch (args->cmd & ~LINUX_IPC_64) { + + case LINUX_IPC_INFO: { +--- sys/dev/ath/if_ath_btcoex.c.orig ++++ sys/dev/ath/if_ath_btcoex.c +@@ -457,7 +457,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -466,6 +466,7 @@ + switch (id) { + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; +--- sys/dev/ath/if_ath_ioctl.c.orig ++++ sys/dev/ath/if_ath_ioctl.c +@@ -197,7 +197,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +--- sys/dev/ath/if_ath_lna_div.c.orig ++++ sys/dev/ath/if_ath_lna_div.c +@@ -187,7 +187,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -196,6 +196,7 @@ + switch (id) { + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; +--- sys/dev/ath/if_ath_spectral.c.orig ++++ sys/dev/ath/if_ath_spectral.c +@@ -212,7 +212,7 @@ + * pointer for us to use below in reclaiming the buffer; + * may want to be more defensive. + */ +- outdata = malloc(outsize, M_TEMP, M_NOWAIT); ++ outdata = malloc(outsize, M_TEMP, M_NOWAIT | M_ZERO); + if (outdata == NULL) { + error = ENOMEM; + goto bad; +@@ -275,6 +275,7 @@ + break; + default: + error = EINVAL; ++ goto bad; + } + if (outsize < ad->ad_out_size) + ad->ad_out_size = outsize; +--- sys/netinet/tcp_usrreq.c.orig ++++ sys/netinet/tcp_usrreq.c +@@ -1495,7 +1495,9 @@ + return (error); + } else if ((sopt->sopt_dir == SOPT_GET) && + (sopt->sopt_name == TCP_FUNCTION_BLK)) { +- strcpy(fsn.function_set_name, tp->t_fb->tfb_tcp_block_name); ++ strncpy(fsn.function_set_name, tp->t_fb->tfb_tcp_block_name, ++ TCP_FUNCTION_NAME_LEN_MAX); ++ fsn.function_set_name[TCP_FUNCTION_NAME_LEN_MAX - 1] = '\0'; + fsn.pcbcnt = tp->t_fb->tfb_refcnt; + INP_WUNLOCK(inp); + error = sooptcopyout(sopt, &fsn, sizeof fsn); Added: head/share/security/patches/EN-18:05/mem.11.1.patch.asc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-18:05/mem.11.1.patch.asc Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,18 @@ +-----BEGIN PGP SIGNATURE----- + +iQKTBAABCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlrxvQJfFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD +MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n +5cIwxQ//bgsLVPJ63nz0rDnWhF3qOLtJbE0ZTE2F5XRraNRaUVBx7ZpCyirSHnsU +CZvNVDtPxRGzxxgzPXj4gjtRuFK7VK5uKMG+tAL1i2A7S9ukbIOsD6y5R1VO3Vnj +uYPqGZgo437tnzgSCo/z7WAW98tDPzcbHJIO3gNNAG7Tu9+xfinLFP2GhFkYlsij +K/tplIX8OiT4X4Qcn4x3LNUIS9bXxMcX7ogkPqLEYlCOVT4h7IXXBJa6Z+IkSwSv +Y8xOmdDwp33t+JbEZt2NGMNG3evT1aYR/v0/GHPEjruPmK+fMSI5EmJOPPGn0zMn +7/vPiDacXDnyGIORFaerC0kZkQjaSwunzzO4npqBmj+jD7ALTtpyCY8fpHqPlERH +LkA+3xZDZqcgRVyVEWYq7exyyXNe2BkkENP8BZaZGUCPA9+uJ8dsDcw5D8DghMBG +KvbBcr+7zIiWRYM9rWwLS1t4y7GpC9DJxqvgAy2S7w8MGZsS6zGPsgt91cG71m+T +S+uEcuu1x3xowI6ODOTc3ISxD+V20yE464UdBYyN21zE67yuWRJXdMzIqQUbgSuU +W8w4z3sNFUlh1phVi9pCteX0Vgvt+YHEkd2NG0zoHp7//1a5vtSoSMgAN746eanP +MVdI7kaTjrjzJaaKPtb5zKdznLUH06mHspeI2qXrtb7XoRpSt2o= +=Q1kJ +-----END PGP SIGNATURE----- Added: head/share/security/patches/EN-18:06/tzdata-2018e.patch ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/security/patches/EN-18:06/tzdata-2018e.patch Tue May 8 17:24:52 2018 (r51632) @@ -0,0 +1,837 @@ +--- contrib/tzdata/Makefile.orig ++++ contrib/tzdata/Makefile +@@ -21,7 +21,7 @@ + + # Change the line below for your time zone (after finding the zone you want in + # the time zone files, or adding it to a time zone file). +-# Alternately, if you discover you've got the wrong time zone, you can just ++# Alternatively, if you discover you've got the wrong time zone, you can just + # zic -l rightzone + # to correct things. + # Use the command +@@ -38,7 +38,7 @@ + # template file are used to determine "spring forward" and "fall back" days and + # times; the environment variable itself specifies UT offsets of standard and + # daylight saving time. +-# Alternately, if you discover you've got the wrong time zone, you can just ++# Alternatively, if you discover you've got the wrong time zone, you can just + # zic -p rightzone + # to correct things. + # Use the command +@@ -236,14 +236,16 @@ + $(GCC_INSTRUMENT) \ + -Wall -Wextra \ + -Walloc-size-larger-than=100000 -Warray-bounds=2 \ +- -Wbad-function-cast -Wcast-align -Wdate-time \ ++ -Wbad-function-cast -Wcast-align=strict -Wdate-time \ + -Wdeclaration-after-statement -Wdouble-promotion \ + -Wformat=2 -Wformat-overflow=2 -Wformat-signedness -Wformat-truncation \ + -Winit-self -Wjump-misses-init -Wlogical-op \ + -Wmissing-declarations -Wmissing-prototypes -Wnested-externs \ + -Wold-style-definition -Woverlength-strings -Wpointer-arith \ +- -Wshadow -Wshift-overflow=2 -Wstrict-prototypes -Wstringop-overflow=5 \ ++ -Wshadow -Wshift-overflow=2 -Wstrict-prototypes -Wstringop-overflow=4 \ ++ -Wstringop-truncation -Wsuggest-attribute=cold \ + -Wsuggest-attribute=const -Wsuggest-attribute=format \ ++ -Wsuggest-attribute=malloc \ + -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure \ + -Wtrampolines -Wundef -Wuninitialized -Wunused \ + -Wvariadic-macros -Wvla -Wwrite-strings \ +@@ -514,6 +516,7 @@ + tzfile.5 tzfile.h tzselect.8 tzselect.ksh \ + workman.sh yearistype.sh \ + zdump.8 zdump.c zic.8 zic.c \ ++ ziguard.awk zishrink.awk \ + zone.tab zone1970.tab zoneinfo2tdf.pl + + # And for the benefit of csh users on systems that assume the user +@@ -559,8 +562,8 @@ + + # These files can be tailored by setting BACKWARD, PACKRATDATA, etc. + vanguard.zi main.zi rearguard.zi: $(DSTDATA_ZI_DEPS) +- $(AWK) -v outfile='$@' -f ziguard.awk $(TDATA) $(PACKRATDATA) \ +- >$@.out ++ $(AWK) -v DATAFORM=`expr $@ : '\(.*\).zi'` -f ziguard.awk \ ++ $(TDATA) $(PACKRATDATA) >$@.out + mv $@.out $@ + tzdata.zi: $(DATAFORM).zi version + version=`sed 1q version` && \ +@@ -900,6 +903,13 @@ + done + rm -fr time_t.dir + ++TRADITIONAL_ASC = \ ++ tzcode$(VERSION).tar.gz.asc \ ++ tzdata$(VERSION).tar.gz.asc ++ALL_ASC = $(TRADITIONAL_ASC) \ ++ tzdata$(VERSION)-rearguard.tar.gz.asc \ ++ tzdb-$(VERSION).tar.lz.asc ++ + tarballs traditional_tarballs signatures traditional_signatures: version + VERSION=`cat version` && \ + $(MAKE) VERSION="$$VERSION" $@_version +@@ -907,12 +917,13 @@ + # These *_version rules are intended for use if VERSION is set by some + # other means. Ordinarily these rules are used only by the above + # non-_version rules, which set VERSION on the 'make' command line. +-tarballs_version: traditional_tarballs_version tzdb-$(VERSION).tar.lz ++tarballs_version: traditional_tarballs_version \ ++ tzdata$(VERSION)-rearguard.tar.gz \ ++ tzdb-$(VERSION).tar.lz + traditional_tarballs_version: \ + tzcode$(VERSION).tar.gz tzdata$(VERSION).tar.gz +-signatures_version: traditional_signatures_version tzdb-$(VERSION).tar.lz.asc +-traditional_signatures_version: \ +- tzcode$(VERSION).tar.gz.asc tzdata$(VERSION).tar.gz.asc \ ++signatures_version: $(ALL_ASC) ++traditional_signatures_version: $(TRADITIONAL_ASC) + + tzcode$(VERSION).tar.gz: set-timestamps.out + LC_ALL=C && export LC_ALL && \ +@@ -927,6 +938,26 @@ + gzip $(GZIPFLAGS) >$@.out + mv $@.out $@ + ++tzdata$(VERSION)-rearguard.tar.gz: rearguard.zi set-timestamps.out ++ rm -fr tzdata$(VERSION)-rearguard.dir ++ mkdir tzdata$(VERSION)-rearguard.dir ++ ln $(COMMON) $(DATA) $(MISC) tzdata$(VERSION)-rearguard.dir ++ cd tzdata$(VERSION)-rearguard.dir && \ ++ rm -f $(TDATA) $(PACKRATDATA) version ++ for f in $(TDATA) $(PACKRATDATA); do \ ++ rearf=tzdata$(VERSION)-rearguard.dir/$$f; \ ++ $(AWK) -v DATAFORM=rearguard -f ziguard.awk $$f >$$rearf && \ ++ touch -cmr `ls -t ziguard.awk $$f` $$rearf || exit; \ ++ done ++ sed '1s/$$/-rearguard/' \ ++ tzdata$(VERSION)-rearguard.dir/version ++ touch -cmr version tzdata$(VERSION)-rearguard.dir/version ++ LC_ALL=C && export LC_ALL && \ ++ (cd tzdata$(VERSION)-rearguard.dir && \ ++ tar $(TARFLAGS) -cf - $(COMMON) $(DATA) $(MISC) | \ ++ gzip $(GZIPFLAGS)) >$@.out ++ mv $@.out $@ ++ + tzdb-$(VERSION).tar.lz: set-timestamps.out + rm -fr tzdb-$(VERSION) + mkdir tzdb-$(VERSION) +@@ -937,12 +968,10 @@ + mv $@.out $@ + + tzcode$(VERSION).tar.gz.asc: tzcode$(VERSION).tar.gz +- gpg --armor --detach-sign $? +- + tzdata$(VERSION).tar.gz.asc: tzdata$(VERSION).tar.gz +- gpg --armor --detach-sign $? +- ++tzdata$(VERSION)-rearguard.tar.gz.asc: tzdata$(VERSION)-rearguard.tar.gz + tzdb-$(VERSION).tar.lz.asc: tzdb-$(VERSION).tar.lz ++$(ALL_ASC): + gpg --armor --detach-sign $? + + typecheck: +--- contrib/tzdata/NEWS.orig ++++ contrib/tzdata/NEWS +@@ -1,5 +1,69 @@ + News for the tz database + ++Release 2018e - 2018-05-01 23:42:51 -0700 ++ ++ Briefly: ++ ++ North Korea switches back to +09 on 2018-05-05. ++ The main format uses negative DST again, for Ireland etc. ++ 'make tarballs' now also builds a rearguard tarball. ++ New 's' and 'd' suffixes in SAVE columns of Rule and Zone lines. ++ ++ Changes to past and future time stamps ++ ++ North Korea switches back from +0830 to +09 on 2018-05-05. ++ (Thanks to Kang Seonghoon, Arthur David Olson, Seo Sanghyeon, ++ and Tim Parenti.) ++ ++ Bring back the negative-DST changes of 2018a, except be more ++ compatible with data parsers that do not support negative DST. ++ Also, this now affects historical time stamps in Namibia and the ++ former Czechoslovakia, not just Ireland. The main format now uses ++ negative DST to model time stamps in Europe/Dublin (from 1971 on), ++ Europe/Prague (1946/7), and Africa/Windhoek (1994/2017). This ++ does not affect UT offsets, only time zone abbreviations and the ++ tm_isdst flag. Also, this does not affect rearguard or vanguard ++ formats; effectively the main format now uses vanguard instead of ++ rearguard format. Data parsers that do not support negative DST ++ can still use data from the rearguard tarball described below. ++ ++ Changes to build procedure ++ ++ The command 'make tarballs' now also builds the tarball ++ tzdataVERSION-rearguard.tar.gz, which is like tzdataVERSION.tar.gz ++ except that it uses rearguard format intended for trailing-edge ++ data parsers. ++ ++ Changes to data format and to code ++ ++ The SAVE column of Rule and Zone lines can now have an 's' or 'd' ++ suffix, which specifies whether the adjusted time is standard time ++ or daylight saving time. If no suffix is given, daylight saving ++ time is used if and only if the SAVE column is nonzero; this is ++ the longstanding behavior. Although this new feature is not used ++ in tzdata, it could be used to specify the legal time in Namibia ++ 1994-2017, as opposed to the popular time (see below). ++ ++ Changes to past time stamps ++ ++ From 1994 through 2017 Namibia observed DST in winter, not summer. ++ That is, it used negative DST, as Ireland still does. This change ++ does not affect UTC offsets; it affects only the tm_isdst flag and ++ the abbreviation used during summer, which is now CAT, not WAST. ++ Although (as noted by Michael Deckers) summer and winter time were ++ both simply called "standard time" in Namibian law, in common ++ practice winter time was considered to be DST (as noted by Stephen ++ Colebourne). The full effect of this change is only in vanguard ++ format; in rearguard and main format, the tm_isdst flag is still ++ zero in winter and nonzero in summer. ++ ++ In 1946/7 Czechoslovakia also observed negative DST in winter. ++ The full effect of this change is only in vanguard format; in ++ rearguard and main formats, it is modeled as plain GMT without ++ daylight saving. Also, the dates of some 1944/5 DST transitions ++ in Czechoslovakia have been changed. ++ ++ + Release 2018d - 2018-03-22 07:05:46 -0700 + + Briefly: +@@ -39,7 +103,7 @@ + Enderbury and Kiritimati skipped New Year's Eve 1994, not + New Year's Day 1995. (Thanks to Kerry Shetline.) + +- Fix the 1912-01-01 transition for Portugual and its colonies. ++ Fix the 1912-01-01 transition for Portugal and its colonies. + This transition was at 00:00 according to the new UT offset, not + according to the old one. Also assume that Cape Verde switched on + the same date as the rest, not in 1907. This affects +--- contrib/tzdata/africa.orig ++++ contrib/tzdata/africa +@@ -6,7 +6,7 @@ + # tz@iana.org for general use in the future). For more, please see + # the file CONTRIBUTING in the tz distribution. + +-# From Paul Eggert (2017-02-20): ++# From Paul Eggert (2017-04-09): + # + # Unless otherwise specified, the source for data through 1990 is: + # Thomas G. Shanks and Rique Pottenger, The International Atlas (6th edition), +@@ -52,7 +52,7 @@ + # cannot now come up with solid citations. + # + # I invented the following abbreviations; corrections are welcome! +-# +02 WAST West Africa Summer Time ++# +02 WAST West Africa Summer Time (no longer used) + # +03 CAST Central Africa Summer Time (no longer used) + # +03 SAST South Africa Summer Time (no longer used) + # +03 EAT East Africa Time +@@ -967,6 +967,10 @@ + # commence at OOhOO on Monday 21 March 1994 and shall end at 02h00 on + # Sunday 4 September 1994. + ++# From Michael Deckers (2017-04-06): ++# ... both summer and winter time are called "standard" ++# (which differs from the use in Ireland) ... ++ + # From Petronella Sibeene (2007-03-30): + # http://allafrica.com/stories/200703300178.html + # While the entire country changes its time, Katima Mulilo and other +@@ -992,10 +996,26 @@ + # the same time they would normally start DST, the first Sunday in September: *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***