FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F11.4 2021-08-24T18:02:42Z 2021-08-24T18:02:42Z Gordon Tetlow gordon@FreeBSD.org 2021-08-24T18:02:42Z urn:sha1:fab38dac650664eb614ab28ff2535d97bec21e89 Approved by: so Security: SA-21:15.libfetch Security: CVE-2021-36159 2021-06-29T17:08:35Z Mariusz Zaborski oshogbo@FreeBSD.org 2021-06-18T09:41:40Z urn:sha1:cf827dced1015c707c3f5919ddbc0727e7ddb571 Approved by: so Reported by: Arrigo Marchiori <ardovm (at) yahoo.it> (cherry picked from commit b4fe6fbab236a0fd37ebafb4d3bb15856f99596c) 2021-06-29T17:08:28Z Mariusz Zaborski oshogbo@FreeBSD.org 2021-06-09T21:46:51Z urn:sha1:3d2c68f5378391e4edba9f1a9b0c9a994ba09f6e Casper services expect that the first 3 descriptors (stdin/stdout/stderr) will point to /dev/null. Which Casper will ensure later. The Casper services are forked from the original process. If the initial process closes one of those descriptors, Casper may reuse one of them for it on purpose. If this is the case, then renumarate the descriptors used by Casper to higher numbers. This is done already after the fork, so it doesn't break the parent process. Approved by: so Security: EN-21:19.libcasper PR: 255339 Reported by: Borja Marcos <borjam (at) sarenet.es> Tested by: jkim@ (cherry picked from commit aa310ebfba3d49a0b6b03a103b969731a8136a73) (cherry picked from commit 6c0a51837f4ba242ea723a887c3b6120d9335c8f) 2021-06-01T20:32:50Z Mark Johnston markj@FreeBSD.org 2021-05-28T14:41:43Z urn:sha1:4e2e151b2099f3815ef1d170efc727c4b7cec98c The length of the attribute header needs to be excluded when comparing the attribute length against the length of the packet. Otherwise, validation may incorrectly fail when fetching the final attribute in a message. Approved by: so Security: FreeBSD-EN-21:17.libradius Fixes: 8d5c78130 ("libradius: Fix input validation bugs") Reported by: Peter Eriksson Tested by: Peter Eriksson Sponsored by: The FreeBSD Foundation (cherry picked from commit 6bb5699d2b59491097bc21ffa3c097cdd4853f89) (cherry picked from commit f9972532343bb1eb101bf7afef2966972eea3b5e) 2021-05-26T20:39:59Z Mark Johnston markj@FreeBSD.org 2021-05-25T17:59:09Z urn:sha1:4027ac420dab08abe2882db0cd6fd7ed8762071f Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) (cherry picked from commit 5e90dfc54f864651fd98087c6e1f1cbce203b20c) 2021-02-24T01:34:52Z Mark Johnston markj@FreeBSD.org 2021-02-23T22:01:29Z urn:sha1:3ea0e6b45274a296b859a3171070834a2e33c5fd PR: 252194 Approved by: so Security: CVE-2020-25580 Security: FreeBSD-SA-21:03.pam_login_access (cherry picked from commit 6ab923cbca8759503a08683a5978b9ebf5efd607) (cherry picked from commit dae05d22d64ea218abe5883be539c2b41c20b1fb) 2021-02-24T01:34:48Z Jamie Gritton jamie@FreeBSD.org 2021-02-19T22:13:35Z urn:sha1:bc0d9b9b84ec5f8c463488c46721dd71fc803ceb jail_attach(2) performs an internal chroot operation, leaving it up to the calling process to assure the working directory is inside the jail. Add a matching internal chdir operation to the jail's root. Also ignore kern.chroot_allow_open_directories, and always disallow the operation if there are any directory descriptors open. Approved by: so Security: CVE-2020-25582 Security: FreeBSD-SA-21:05.jail_chdir Reported by: mjg Approved by: markj, kib (cherry picked from commit d4380c0cdd0517dc038403dd5c99242ce78bdeb5) (cherry picked from commit 570121808a76b85b2709502fb15618dd1e5296f1) 2021-01-29T00:07:08Z Dimitry Andric dim@FreeBSD.org 2020-09-12T16:33:05Z urn:sha1:7b67d47c70cca47f65fbbc9d8607b7516c2a82ee There have been several mentions on our mailing lists about missing atomic functions in our system libraries (e.g. __atomic_load_8 and friends), and recently I saw __bswapdi2 and __bswapsi2 mentioned too. To address this, add implementations for the functions from compiler-rt to the system compiler support libraries, e.g. libcompiler_rt.a and and libgcc_s.so. This also needs a small fixup in compiler-rt's atomic.c, to ensure that 32-bit mips can build correctly. Bump __FreeBSD_version to make it easier for port maintainers to detect when these functions were added. Differential Revision: https://reviews.freebsd.org/D26159 MFC r364782: After r364753, there should be no need to suppress -Watomic-alignment warnings anymore for compiler-rt's atomic.c. This occurred because the IS_LOCK_FREE_8 macro was not correctly defined to 0 for mips, and this caused the compiler to emit a runtime call to __atomic_is_lock_free(), and that triggers the warning. MFC r365509: Follow-up r364753 by enabling compiler-rt's atomic implementation only for clang, as it uses clang specific builtins, and does not compile correctly with gcc. Note that gcc packages usually come with their own libatomic, providing these primitives. MFC r365588: Follow-up r364753 by only using arm's stdatomic.c implementation, as it already covers the functions in compiler-rt's atomic.c, leading to conflicts when linking. PR: 230888 (cherry picked from commit 7c73d99e6cf7b69630856acac4a2ab82f5c9f218) Approved by: so 2020-07-08T20:22:38Z Gordon Tetlow gordon@FreeBSD.org 2020-07-08T20:22:38Z urn:sha1:9a1fa54dd1f9eb9560c4cc136b88f90fd9d4ed4e Approved by: so Security: FreeBSD-SA-20:19.unbound Security: CVE-2020-12662 Security: CVE-2020-12663 2020-07-08T20:08:05Z Gordon Tetlow gordon@FreeBSD.org 2020-07-08T20:08:05Z urn:sha1:6dfa236dcd29f6d0b1c8f62251bd6214e4f91467 Approved by: so Security: FreeBSD-SA-20:18.posix_spawnp Security: CVE-2020-7458