summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix multiple small kernel memory disclosures. [EN-18:04.mem]releng/10.3Gordon Tetlow2018-04-047-7/+10
| | | | | | | | | | Reported by: Ilja van Sprundel Approved by: so Security: CVE-2018-6919 Security: FreeBSD-EN-18:04.mem Notes: svn path=/releng/10.3/; revision=331987
* Update timezone database information. [EN-18:03.tzdata]Gordon Tetlow2018-04-0418-1207/+1889
| | | | | | | | | Submitted by: philip Approved by: so Security: FreeBSD-EN-18:03.tzdata Notes: svn path=/releng/10.3/; revision=331986
* Fix ipsec crash or denial of service. [SA-18:05.ipsec]Gordon Tetlow2018-04-041-44/+28
| | | | | | | | | | Reported by: Maxime Villard Approved by: so Security: CVE-2018-6918 Security: FreeBSD-SA-18:05.ipsec Notes: svn path=/releng/10.3/; revision=331985
* Fix vt console memory disclosure. [SA-18:04.vt]Gordon Tetlow2018-04-043-2/+17
| | | | | | | | | | | | | | Bump newvers.sh and UPDATING for today's patches. Submitted by: emaste Reported by: Dr Silvio Cesare of InfoSect Approved by: so Security: CVE-2018-6917 Security: FreeBSD-SA-18:04.vt Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/10.3/; revision=331984
* Bump newvers and document the updated patch for SA-18:01.ipsecGordon Tetlow2018-03-082-1/+5
| | | | | | | | | Approved by: so Security: FreeBSD-SA-18:01.ipsec Security: CVE-2018-6916 Notes: svn path=/releng/10.3/; revision=330631
* Correct patch for ipsec vulnerability.Gordon Tetlow2018-03-071-3/+3
| | | | | | | | Approved by: so Security: FreeBSD-SA-18:01.netipsec Notes: svn path=/releng/10.3/; revision=330611
* Update file(1) to new version with security update. [EN-18:02.file]Gordon Tetlow2018-03-07181-3514/+9407
| | | | | | | | | Approved by: so Security: FreeBSD-EN-18:02.file Security: CVE-2017-1000249 Notes: svn path=/releng/10.3/; revision=330569
* Update timezone database information. [EN-18:01.tzdata]Gordon Tetlow2018-03-0717-201/+557
| | | | | | | | Approved by: so Security: FreeBSD-EN-18:01.tzdata Notes: svn path=/releng/10.3/; revision=330568
* Fix multiple vulnerabilities in ntp. [SA-18:02.ntp]Gordon Tetlow2018-03-07261-11260/+18806
| | | | | | | | | | | | | Approved by: so Security: FreeBSD-SA-18:02.ntp Security: CVE-2018-7182 Security: CVE-2018-7170 Security: CVE-2018-7184 Security: CVE-2018-7185 Security: CVE-2018-7183 Notes: svn path=/releng/10.3/; revision=330567
* Fix ipsec validation and use-after-free. [SA-18:01.ipsec]Gordon Tetlow2018-03-073-2/+28
| | | | | | | | | Approved by: so Security: FreeBSD-SA-18:01.ipsec Security: CVE-2018-6916 Notes: svn path=/releng/10.3/; revision=330566
* Fix error state handlingGordon Tetlow2017-12-093-3/+7
| | | | | | | | | Approved by: so Security: CVE-2017-3737 Security: FreeBSD-SA-17:12.openssl Notes: svn path=/releng/10.3/; revision=326723
* Fix OpenSSL out-of-bounds read vulnerability.Xin LI2017-11-293-5/+11
| | | | | | | | Security: FreeBSD-SA-17:11 Approved by: so Notes: svn path=/releng/10.3/; revision=326359
* Properly bzero kldstat structure to prevent information leak. [SA-17:10]Gordon Tetlow2017-11-154-19/+36
| | | | | | | | | Approved by: so Security: FreeBSD-SA-17:10.kldstat Security: CVE-2017-1088 Notes: svn path=/releng/10.3/; revision=325878
* Fix namespace issue in POSIX shm implementation for jails. [SA-17:09]Gordon Tetlow2017-11-156-130/+406
| | | | | | | | | Approved by: so Security: FreeBSD-SA-17:09.shm Security: CVE-2017-1087 Notes: svn path=/releng/10.3/; revision=325873
* Fix kernel data leak via ptrace(PT_LWPINFO). [SA-17:08]Gordon Tetlow2017-11-151-2/+2
| | | | | | | | | Approved by: so Security: FreeBSD-SA-17:08.ptrace Security: CVE-2017-1086 Notes: svn path=/releng/10.3/; revision=325871
* Update timezone database information. [EN-17:09]Gordon Tetlow2017-11-0227-2095/+3306
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=325322
* Fix WPA2 protocol vulnerability. [SA-17:07]Gordon Tetlow2017-10-1914-44/+228
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=324740
* Fix OpenSSH Denial of Service vulnerability. [SA-17:06]Xin LI2017-08-103-1/+10
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=322344
* Add the missed Heimdal patch, freebsd-update bits are not affected.Xin LI2017-07-121-2/+2
| | | | | | | | Noticed by: gordon Approved by: so Notes: svn path=/releng/10.3/; revision=320915
* Fix heimdal KDC-REP service name validation vulnerability [SA-17:05]Xin LI2017-07-1212-127/+214
| | | | | | | | | Boot compatibility improvements with Azure VMs. [EN-17:06] Approved by: so Notes: svn path=/releng/10.3/; revision=320912
* Fix ipfilter(4) fragment handling panic.Xin LI2017-04-273-2/+6
| | | | | | | | Security: FreeBSD-SA-17:04.ipfilter Approved by: so Notes: svn path=/releng/10.3/; revision=317487
* Fix multiple vulnerabilities of ntp. [SA-17:03]Xin LI2017-04-12285-49603/+16394
| | | | | | | | | Xen migration enhancements. [EN-17:05] Approved by: so Notes: svn path=/releng/10.3/; revision=316722
* Fix OpenSSL RC4_MD5 cipher vulnerability.Xin LI2017-02-233-1/+7
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=314126
* Fix multiple vulnerabilities of OpenSSH.Xin LI2017-01-115-10/+54
| | | | | | | | | | Security: FreeBSD-SA-17:01.openssh Security: CVE-2016-10009 Security: CVE-2016-10010 Approved by: so Notes: svn path=/releng/10.3/; revision=311916
* Fix multiple vulnerabilities of ntp.Xin LI2016-12-22184-3780/+7378
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=310419
* Merge r309688: address regressions in SA-16:37.libc.Gleb Smirnoff2016-12-073-7/+10
| | | | | | | | | PR: 215105 Submitted by: <jtd2004a sbcglobal.net> Approved by: so Notes: svn path=/releng/10.3/; revision=309693
* Fix possible login(1) argument injection in telnetd(8). [SA-16:36]Gleb Smirnoff2016-12-065-24/+59
| | | | | | | | | | | | | | | | | Fix link_ntoa(3) buffer overflow in libc. [SA-16:37] Fix possible escape from bhyve(8) virtual machine. [SA-16:38] Fix warnings about valid time zone abbreviations. [EN-16:19] Update timezone database information. [EN-16:20] Security: FreeBSD-SA-16:36.telnetd Security: FreeBSD-SA-16:37.libc Security: FreeBSD-SA-16:38.bhyve Errata Notice: FreeBSD-EN-16:19.tzcode Errata Notice: FreeBSD-EN-16:20.tzdata Approved by: so Notes: svn path=/releng/10.3/; revision=309634
* Update tzdata to 2016i.Gleb Smirnoff2016-12-0526-932/+8215
| | | | | | | | | | | | | | | Note: because of what appears to be a missing MFC to stable branches, these patches were generated by doing: % rsync -av stable/10/contrib/tzdata releng/10.x/contrib/tzdata % svn add releng/10.x/contrib/tzdata Errata Notice: EN-16:19 Submitted by: gjb Approved by: so Notes: svn path=/releng/10.3/; revision=309577
* Merge r307359 from stable/10:Gleb Smirnoff2016-12-052-33/+11
| | | | | | | | | | | | | | | | | | | | Incorporate a change from OpenBSD by millert@OpenBSD.org Don't warn about valid time zone abbreviations. POSIX through 2000 says that an abbreviation cannot start with ':', and cannot contain ',', '-', '+', NUL, or a digit. POSIX from 2001 on changes this rule to say that an abbreviation can contain only '-', '+', and alphanumeric characters from the portable character set in the current locale. To be portable to both sets of rules, an abbreviation must therefore use only ASCII letters." Adapted from tzcode2015f. Errata Notice: EN-16:19.tzcode Submitted by: bapt Approved by: so Notes: svn path=/releng/10.3/; revision=309572
* Fix OpenSSH remote Denial of Service vulnerability. [SA-16:33]Xin LI2016-11-028-1/+44
| | | | | | | | | | | Fix OpenSSL remote DoS vulnerability. [SA-16:35] Security: FreeBSD-SA-16:33.openssh Security: FreeBSD-SA-16:35.openssl Approved by: so Notes: svn path=/releng/10.3/; revision=308203
* Revised SA-16:15. The initial patch didn't cover all possible overflowsGleb Smirnoff2016-10-253-2/+11
| | | | | | | | | | based on passing incorrect parameters to sysarch(2). Security: SA-16:15 Approved by: so Notes: svn path=/releng/10.3/; revision=307934
* EN-16:17: virtual memory issues.Gleb Smirnoff2016-10-255-51/+65
| | | | | | | | | | | | | | | | | | | | | Due to increased parallelism and optimizations in several parts of the system, the previously latent bugs in VM become much easier to trigger, affecting a significant number of the FreeBSD users. The exact technical details of the issues are provided in the commit messages of the merged revisions, which are listed below with short summaries. r301184 prevent parallel object collapses, fixes object lifecycle r301436 do not leak the vm object lock, fixes overcommit disable r302243 avoid the active object marking for vm.vmtotal sysctl, fixes "vodead" hangs r302513 vm_fault() race with the vm_object_collapse(), fixes spurious SIGSEGV r303291 postpone BO_DEAD, fixes panic on fast vnode reclaim Approved by: so Notes: svn path=/releng/10.3/; revision=307929
* Remove duplicate file content from patch misapplication in r306941Ed Maste2016-10-143-303/+0
| | | | | | | | | | The three files affected were tests and aren't normally built so this had no user-facing effect in the normal case. Approved by: so Notes: svn path=/releng/10.3/; revision=307329
* Fix bspatch heap overflow vulnerability. [SA-16:29]Xin LI2016-10-1014-203/+1255
| | | | | | | | | | | Fix multiple portsnap vulnerabilities. [SA-16:30] Fix multiple libarchive vulnerabilities. [SA-16:31] Approved by: so Notes: svn path=/releng/10.3/; revision=306941
* Apply upstream revision 3612ff6fcec0e3d1f2a598135fe12177c0419582:Xin LI2016-09-263-4/+7
| | | | | | | | | | | | | | | Fix overflow check in BN_bn2dec() Fix an off by one error in the overflow check added by 07bed46 ("Check for errors in BN_bn2dec()"). This fixes a regression introduced in SA-16:26.openssl. Submitted by: jkim PR: 212921 Approved by: so Notes: svn path=/releng/10.3/; revision=306336
* Fix multiple OpenSSL vulnerabilitites.Xin LI2016-09-2318-92/+223
| | | | | | | | Approved by: so Security: FreeBSD-SA-16:26.openssl Notes: svn path=/releng/10.3/; revision=306230
* Release 6 errata notices for 10.3-RELEASE, all related to Microsoft Hyper-V.Gleb Smirnoff2016-08-1210-153/+332
| | | | | | | | Submitted by: Dexuan Cui <decui microsoft.com>, gjb Approved by: so Notes: svn path=/releng/10.3/; revision=303984
* Fix bspatch heap overflow vulnerability. [SA-16:25]Xin LI2016-07-254-2/+14
| | | | | | | | | | Fix freebsd-update(8) support of FreeBSD 11.0 release distribution. [EN-16:09] Approved by: so Notes: svn path=/releng/10.3/; revision=303304
* Fix multiple ntp vulnerabilities.Xin LI2016-06-04161-3086/+4306
| | | | | | | | Security: FreeBSD-SA-16:24.ntp Approved by: so Notes: svn path=/releng/10.3/; revision=301301
* Fix kernel stack disclosure in Linux compatibility layer. [SA-16:20]Gleb Smirnoff2016-05-315-1/+14
| | | | | | | | | | | Fix kernel stack disclosure in 4.3BSD compatibility layer. [SA-16:21] Security: SA-16:20 Security: SA-16:21 Approved by: so Notes: svn path=/releng/10.3/; revision=301052
* Merge r300361 by mm@:Gleb Smirnoff2016-05-316-4/+44
| | | | | | | | | | | | Backport security fix for absolute path traversal vulnerability in bsdcpio. Security: CVE-2015-2304 Security: SA-16:22 Approved by: so Notes: svn path=/releng/10.3/; revision=301048
* - Use unsigned version of min() when handling arguments of SETFKEY ioctl.Gleb Smirnoff2016-05-174-2/+12
| | | | | | | | | | | | | | | - Validate that user supplied control message length in sendmsg(2) is not negative. Security: SA-16:18 Security: CVE-2016-1886 Security: SA-16:19 Security: CVE-2016-1887 Submitted by: C Turt <cturt hardenedbsd.org> Approved by: so Notes: svn path=/releng/10.3/; revision=300087
* Fix multiple OpenSSL vulnerabilitites. [SA-16:17]Xin LI2016-05-0412-28/+81
| | | | | | | | | | | | | Fix performance regression in libc hash(3). [EN-16:06] Fix excessive latency in x86 IPI delivery. [EN-16:07] Fix memory leak in ZFS. [EN-16:08] Approved by: so Notes: svn path=/releng/10.3/; revision=299066
* Fix ntp multiple vulnerabilities.Xin LI2016-04-29187-1243/+4544
| | | | | | | Approved by: so Notes: svn path=/releng/10.3/; revision=298770
* Update releng/10.3 to -RELEASE status in preparation for the finalrelease/10.3.0Marius Strobl2016-03-251-1/+1
| | | | | | | | | | 10.3-RELEASE builds. Approved by: re (implicit) Notes: svn path=/releng/10.3/; revision=297264 svn path=/release/10.3.0/; revision=297553; tag=release/10.3.0
* Anticipate the expected 10.3-RELEASE date.Marius Strobl2016-03-251-0/+3
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/10.3/; revision=297262
* Set the static abitag to the current value of __FreeBSD_version.Marius Strobl2016-03-251-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/10.3/; revision=297261
* Prune empty sections.Glen Barber2016-03-251-107/+0
| | | | | | | | Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/10.3/; revision=297257
* - Update relnotes items:Hiroki Sato2016-03-241-4/+57
| | | | | | | | | | | | | | | | | | | grdc(6) 12-hour mode fixed, inetd(8) crash with IPv6 address fixed, netstat(1) statistics counter divided by 1024 fixed, rc.d/netif now updates only static routes, vt(4) kern.vt.bell_enable, puc(4) MSI support, epair(4) and lagg(4) cloner vnet jail support, epair(4) panic fixed, lagg(4) per-interface sysctl nodes replaced with ifconfig flags, lagg(4) panic fixed, SIOCGDRLST_IN6 and SIOCGPRLST_IN6 ioctls removed. Approved by: re (implicit) Notes: svn path=/releng/10.3/; revision=297254
* - Update relnotes items:Hiroki Sato2016-03-241-4/+32
| | | | | | | | | | | | | | reword description about ar -D/-U option, camcontrol(8) fwdonwload improvements, pkill -j jailname support, timeout(1) added, ypinit(8) eui64 NIS map, kern.features.invariants sysctl added. Approved by: re (implicit) Notes: svn path=/releng/10.3/; revision=297246
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 18:31:46 +0000