aboutsummaryrefslogtreecommitdiff
path: root/sys
Commit message (Collapse)AuthorAgeFilesLines
* Import tzdata 2019c.releng/11.2Gordon Tetlow2019-10-231-1/+1
| | | | | | | | Approved by: so Security: FreeBSD-EN-19:18.tzdata Notes: svn path=/releng/11.2/; revision=353915
* Bump version information and add UPDATING entries.Gordon Tetlow2019-08-201-1/+1
| | | | | | | Approved by: so Notes: svn path=/releng/11.2/; revision=351263
* Fix reference count overflow in mqueuefs.Gordon Tetlow2019-08-201-1/+2
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:24.mqueuefs Security: CVE-2019-5603 Notes: svn path=/releng/11.2/; revision=351261
* Fix kernel memory disclosure from /dev/midistat.Gordon Tetlow2019-08-201-72/+58
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:23.midi Security: CVE-2019-5612 Notes: svn path=/releng/11.2/; revision=351260
* Fix IPv6 remote denial of service.Gordon Tetlow2019-08-201-1/+1
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:22.mbuf Security: CVE-2019-5611 Notes: svn path=/releng/11.2/; revision=351259
* Bump version information and add UPDATING entries.Gordon Tetlow2019-08-061-1/+1
| | | | | | | Approved by: so Notes: svn path=/releng/11.2/; revision=350649
* Fix ICMPv6 / MLDv2 out-of-bounds memory access.Gordon Tetlow2019-08-061-25/+23
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:19.mldv2 Security: CVE-2019-5608 Notes: svn path=/releng/11.2/; revision=350644
* Bump version information and update UPDATING.Gordon Tetlow2019-07-241-1/+1
| | | | | | | Approved by: so Notes: svn path=/releng/11.2/; revision=350287
* Fix file descriptor reference count leak.Gordon Tetlow2019-07-241-8/+33
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:17.fd Security: CVE-2019-5607 Notes: svn path=/releng/11.2/; revision=350286
* Fix reference count overflow in mqueuefs.Gordon Tetlow2019-07-241-3/+6
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:15.mqueuefs Security: CVE-2019-5603 Notes: svn path=/releng/11.2/; revision=350284
* Fix kernel memory disclosure in freebsd32_ioctl.Gordon Tetlow2019-07-241-0/+2
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:14.freebsd32 Security: CVE-2019-5605 Notes: svn path=/releng/11.2/; revision=350283
* Fix pts write-after-free.Gordon Tetlow2019-07-241-3/+3
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:13.pts Security: CVE-2019-5606 Notes: svn path=/releng/11.2/; revision=350282
* Fix panic from Intel CPU vulnerability mitigation.Gordon Tetlow2019-07-241-1/+1
| | | | | | | | Approved by: so Security: FreeBSD-EN-19:13.mds Notes: svn path=/releng/11.2/; revision=350280
* Update UPDATING and bump newvers.shGordon Tetlow2019-07-031-1/+1
| | | | | | | | Approved by: so Approved by: re (implicit) Notes: svn path=/releng/11.2/; revision=349626
* Fix privilege escalation in cd(4) driver.Gordon Tetlow2019-07-035-45/+26
| | | | | | | | | | Approved by: so Approved by: re (implicit) Security: FreeBSD-SA-19:11.cd_ioctl Security: CVE-2019-5602 Notes: svn path=/releng/11.2/; revision=349625
* Fix kernel stack disclosure in UFS/FFS.Gordon Tetlow2019-07-032-18/+28
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:10.ufs Security: CVE-2019-5601 Notes: svn path=/releng/11.2/; revision=349623
* Bump newvers.sh and add UPDATING block.Gordon Tetlow2019-05-141-1/+1
| | | | | | | Approved by: so Notes: svn path=/releng/11.2/; revision=347597
* Mitigations for Microarchitectural Data Sampling.Gordon Tetlow2019-05-1415-2/+661
| | | | | | | | | | | | Approved by: so Security: FreeBSD-SA-19:07.mds Security: CVE-2018-12126 Security: CVE-2018-12127 Security: CVE-2018-12130 Security: CVE-2019-11091 Notes: svn path=/releng/11.2/; revision=347595
* Fix ICMP/ICMP6 packet filter bypass in pf.Gordon Tetlow2019-05-141-3/+22
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:06.pf Security: CVE-2019-5598 Notes: svn path=/releng/11.2/; revision=347593
* Fix IPv6 fragment reassembly panic in pfGordon Tetlow2019-05-141-2/+2
| | | | | | | | | Approved by: so Security: FreeBSD-SA-19:05.pf Security: CVE-2019-5597 Notes: svn path=/releng/11.2/; revision=347591
* UPDATING and newvers entries for 11.2-p9Ed Maste2019-02-051-1/+1
| | | | | | | | Approved by: so Security: FreeBSD-SA-19:01.syscall Notes: svn path=/releng/11.2/; revision=343793
* amd64: clear callee-preserved registers on syscall exitEd Maste2019-02-051-2/+4
| | | | | | | | | | Submitted by: kib Approved by: so Security: CVE-2019-5595 Security: FreeBSD-SA-19:01.syscall Notes: svn path=/releng/11.2/; revision=343789
* UPDATING and newvers entries for 11.2-p8Ed Maste2019-01-091-1/+1
| | | | | | | | | | Approved by: so Security: FreeBSD-EN-19:03.sqlite Security: FreeBSD-EN-19:04.tzdata Security: FreeBSD-EN-19:05.kqueue Notes: svn path=/releng/11.2/; revision=342901
* MFS11 r340904: Avoid unsynchronized updates to kn_status.Ed Maste2019-01-091-8/+13
| | | | | | | | Approved by: so Security: FreeBSD-EN-19:05.kqueue Notes: svn path=/releng/11.2/; revision=342899
* 11.2-RELEASE-p7 UPDATINGEd Maste2018-12-191-1/+1
| | | | | | | | | | | Approved by: so Security: FreeBSD-SA-18:15.bootpd Security: FreeBSD-EN-18:16.ptrace Security: FreeBSD-EN-18:17.vm Security: FreeBSD-EN-18:18.zfs Notes: svn path=/releng/11.2/; revision=342232
* MFS11 r341828: Resolve a hang in ZFS during vnode reclaimationEd Maste2018-12-191-6/+18
| | | | | | | | | | | | | | This is caused by a deadlock between zil_commit() and zfs_zget() Add a way for zfs_zget() to break out of the retry loop in the common case PR: 229614, 231117 Submitted by: allanjude Approved by: so Security: FreeBSD-EN-18:18.zfs Sponsored by: Klara Systems, The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=342226
* MFS11 r341401: Update the free page count when blacklisting pages.Ed Maste2018-12-191-1/+3
| | | | | | | | | | | PR: 231296 Submitted by: markj Approved by: so Security: FreeBSD-EN-18:17.vm Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=342225
* MFS11 r340290: Only clear a pending thread event if one is pending.Ed Maste2018-12-191-49/+53
| | | | | | | | | | | | | | This fixes a panic when attaching to an already-stopped process. Also do some other clean ups for control flow of sendsig section. Submitted by: markj Approved by: so Security: FreeBSD-EN-18:16.ptrace Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=342224
* Fix insufficient bounds checking in bhyve(8) device model. [SA-18:14.bhyve]Gordon Tetlow2018-12-041-1/+1
| | | | | | | | | | | Submitted by: jhb Reported by: Reno Robert Approved by: so Security: FreeBSD-SA-18:14.bhyve Security: CVE-2018-17160 Notes: svn path=/releng/11.2/; revision=341488
* Fix ICMP buffer underwrite. [EN-18:13.icmp]Gordon Tetlow2018-11-271-1/+4
| | | | | | | | | Approved by: so Security: FreeBSD-EN-18:13.icmp Security: CVE-2018-17156 Notes: svn path=/releng/11.2/; revision=341089
* Fix multiple vulnerabilities in NFS server code. [SA-18:13.nfs]Gordon Tetlow2018-11-274-9/+19
| | | | | | | | | | | | Reported by: Jakub Jirasek, Secunia Research at Flexera Approved by: so Security: FreeBSD-SA-18:13.nfs Security: CVE-2018-17157 Security: CVE-2018-17158 Security: CVE-2018-17159 Notes: svn path=/releng/11.2/; revision=341088
* Fix small kernel memory disclosures. [EN-18:12.mem]Gordon Tetlow2018-09-271-0/+2
| | | | | | | | | | Reported by: Thomas Barabosch, Fraunhofer FKIE Approved by: so Security: FreeBSD-EN-18:12.mem Security: CVE-2018-17155 Notes: svn path=/releng/11.2/; revision=338981
* Fix DoS in listen syscall over IPv6 socket. [EN-18:11.listen]Gordon Tetlow2018-09-273-11/+63
| | | | | | | | | | Reported by: Jakub Jirasek, Secunia Research at Flexera Approved by: so Security: FreeBSD-EN-18:11.listen Security: CVE-2018-6925 Notes: svn path=/releng/11.2/; revision=338980
* Fix NULL pointer dereference in freebsd4_getfsstat. [EN-18:10.syscall]Gordon Tetlow2018-09-271-0/+2
| | | | | | | | | | Reported by: Thomas Barabosch, Fraunhofer FKIE Approved by: so Security: FreeBSD-EN-18:10.syscall Security: CVE-2018-17154 Notes: svn path=/releng/11.2/; revision=338979
* Fix regression in IPv6 fragment reassembly. [EN-18:09.ip]Gordon Tetlow2018-09-272-2/+4
| | | | | | | | Approved by: so Security: FreeBSD-EN-18:09.ip Notes: svn path=/releng/11.2/; revision=338978
* Fix regression in Lazy FPU remediation. [EN-18:08.lazyfpu]Gordon Tetlow2018-09-124-35/+43
| | | | | | | | Approved by: so Security: FreeBSD-EN-18:08.lazyfpu Notes: svn path=/releng/11.2/; revision=338607
* Fix improper elf header parsing. [SA-18:12.elf]Gordon Tetlow2018-09-123-2/+10
| | | | | | | | | Approved by: so Security: FreeBSD-SA-18:12.elf Security: CVE-2018-6924 Notes: svn path=/releng/11.2/; revision=338606
* Revis manual pages. [SA-18:08.tcp]Xin LI2018-08-1511-150/+482
| | | | | | | | | | | | | | | Fix L1 Terminal Fault (L1TF) kernel information disclosure. [SA-18:09.l1tf] Fix resource exhaustion in IP fragment reassembly. [SA-18:10.ip] Fix unauthenticated EAPOL-Key decryption vulnerability. [SA-18:11.hostapd] Approved by: so Notes: svn path=/releng/11.2/; revision=337828
* Bump patch level and document them.Xin LI2018-08-061-1/+1
| | | | | | | Approved by: so Notes: svn path=/releng/11.2/; revision=337395
* Address concerns about CPU usage while doing TCP reassembly.Jonathan T. Looney2018-08-061-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | Currently, the per-queue limit is a function of the receive buffer size and the MSS. In certain cases (such as connections with large receive buffers), the per-queue segment limit can be quite large. Because we process segments as a linked list, large queues may not perform acceptably. The better long-term solution is to make the queue more efficient. But, in the short-term, we can provide a way for a system administrator to set the maximum queue size. We set the default queue limit to 100. This is an effort to balance performance with a sane resource limit. Depending on their environment, goals, etc., an administrator may choose to modify this limit in either direction. Approved by: so Security: FreeBSD-SA-18:08.tcp Security: CVE-2018-6922 Notes: svn path=/releng/11.2/; revision=337387
* - Switch releng/11.2 to -RELEASE.release/11.2.0Glen Barber2018-06-211-1/+1
| | | | | | | | | | | | - Add the anticipated 11.2-RELEASE date to UPDATING. - Set a static __FreeBSD_version. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=335510 svn path=/release/11.2.0/; revision=335563; tag=release/11.2.0
* Update releng/11.2 to RC3 as part of the 11.2-RELEASE cycle.Glen Barber2018-06-151-1/+1
| | | | | | | | Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=335197
* MFC rr335072, r335089:Konstantin Belousov2018-06-154-90/+156
| | | | | | | | | | | | | | | | Enable eager FPU context switch on i386 and amd64. CVE: CVE-2018-3665 MFC r335131 Remove printf() in #NM handler. MFC r335132: Reorganize code flow in fpudna()/npxdna(). Approved by: re (gjb) Notes: svn path=/releng/11.2/; revision=335196
* MFS11 r334872 (ram):Glen Barber2018-06-141-2/+2
| | | | | | | | | | | | | | | MFC r334657: Issue: Utility hangs when OCS_IOCTL_CMD_MGMT_GET_ALL called in parallel on port 0 and port 1. Fix: Using static structure for results is corrupting the second ioctl request. Removed static for results structure. Approved by: re (marius) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=335163
* Switch releng/11.2 to RC2 as part of the 11.2-RELEASE cycle, followingGlen Barber2018-06-081-1/+1
| | | | | | | | | | r334860. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=334861
* Revert releng/11.2 back to RC1 temporarily, as an additional fixGlen Barber2018-06-081-1/+1
| | | | | | | | | | for amd64 ISOs is required. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=334859
* Rename releng/11.2 to RC2 as part of the 11.2-RELEASE cycle, followingGlen Barber2018-06-081-1/+1
| | | | | | | | | | r334839. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=334840
* Revert releng/11.2 back to RC1 due to an issue discovered withGlen Barber2018-06-081-1/+1
| | | | | | | | | | amd64 ISOs, pending a fix to be committed shortly. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=334838
* Update releng/11.2 to RC2 as part of the 11.2-RELEASE cycle.Glen Barber2018-06-071-1/+1
| | | | | | | | Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Notes: svn path=/releng/11.2/; revision=334818
* MFstable/11 334801Michael Tuexen2018-06-072-3/+2
| | | | | | | | | | | | | | | | | | | | Improve compliance with RFC 4895 and RFC 6458. Silently dicard SCTP chunks which have been requested to be authenticated but are received unauthenticated no matter if support for SCTP authentication has been negotiated. This improves compliance with RFC 4895. When the application uses the SCTP_AUTH_CHUNK socket option to request a chunk to be received in an authenticated way, enable the SCTP authentication extension for the end-point. This improves compliance with RFC 6458. Discussed with: Peter Lei Approved by: re (marius@) Notes: svn path=/releng/11.2/; revision=334802
generated by cgit v1.3 (git 2.53.0) at 2026-05-12 10:30:17 +0000