glebius [Tue, 6 Dec 2016 18:49:59 +0000 (18:49 +0000)]
Fix possible login(1) argument injection in telnetd(8). [SA-16:36]
Fix link_ntoa(3) buffer overflow in libc. [SA-16:37]
Fix possible escape from bhyve(8) virtual machine. [SA-16:38]
Fix warnings about valid time zone abbreviations. [EN-16:19]
Update timezone database information. [EN-16:20]
glebius [Mon, 5 Dec 2016 23:09:54 +0000 (23:09 +0000)]
Merge r307359 from stable/10:
Incorporate a change from OpenBSD by millert@OpenBSD.org
Don't warn about valid time zone abbreviations. POSIX
through 2000 says that an abbreviation cannot start with ':', and
cannot contain ',', '-', '+', NUL, or a digit. POSIX from 2001
on changes this rule to say that an abbreviation can contain only
'-', '+', and alphanumeric characters from the portable character
set in the current locale. To be portable to both sets of rules,
an abbreviation must therefore use only ASCII letters." Adapted
from tzcode2015f.
Errata Notice: EN-16:19.tzcode
Submitted by: bapt
Approved by: so
glebius [Tue, 17 May 2016 22:28:11 +0000 (22:28 +0000)]
- Use unsigned version of min() when handling arguments of SETFKEY ioctl.
- Validate that user supplied control message length in sendmsg(2)
is not negative.
Security: SA-16:18
Security: CVE-2016-1886
Security: SA-16:19
Security: CVE-2016-1887
Submitted by: C Turt <cturt hardenedbsd.org>
Approved by: so
glebius [Thu, 14 Jan 2016 09:11:16 +0000 (09:11 +0000)]
o Fix invalid TCP checksums with pf(4). [EN-16:02.pf]
o Fix YP/NIS client library critical bug. [EN-16:03.yplib]
o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]
o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp]
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux]
o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux]
o Fix TCP MD5 signature denial of service. [SA-16:05.tcp]
o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]
glebius [Wed, 4 Nov 2015 11:27:21 +0000 (11:27 +0000)]
o Fix regressions related to SA-15:25 upgrade of NTP. [1]
o Fix kqueue write events never fired for files greater 2GB. [2]
o Fix kpplications exiting due to segmentation violation on a correct
memory address. [3]
The Sun RPC framework uses a netbuf structure to represent the
transport specific form of a universal transport address. The
structure is expected to be opaque to consumers. In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.
In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer. When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.
Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.
Security: FreeBSD-SA-15:24.rpcbind
Security: CVE-2015-7236
Approved by: so
delphij [Thu, 18 Jun 2015 05:36:45 +0000 (05:36 +0000)]
Raise the default for sendmail client connections to 1024-bit DH
parameters to imporve TLS/DH interoperability with newer SSL/TLS
suite, notably OpenSSL after FreeBSD 10.1-RELEASE-p12 (FreeBSD-
SA-15:10.openssl).
This is MFC of r284436 (gshapiro), the original commit message
was:
===
The import of openssl to address the FreeBSD-SA-15:10.openssl security
advisory includes a change which rejects handshakes with DH parameters
below 768 bits. sendmail releases prior to 8.15.2 (not yet released),
defaulted to a 512 bit DH parameter setting for client connections.
This commit chages that default to 1024 bits. sendmail 8.15.2, when
released well use a default of 2048 bits.
===
Reported by: Frank Seltzer
Errata Notice: FreeBSD-EN-15:08.sendmail
Approved by: so
delphij [Fri, 20 Mar 2015 07:12:02 +0000 (07:12 +0000)]
Fix issues with original SA-15:06.openssl commit:
- Revert a portion of ASN1 change per suggested by OpenBSD
and OpenSSL developers. The change was removed from the
formal OpenSSL release and does not solve security issue.
- Properly fix CVE-2015-0209 and CVE-2015-0288.
jfv [Tue, 11 Nov 2014 05:00:51 +0000 (05:00 +0000)]
Update the Intel ixl/ixlv drivers to fix a panic in the boot/install
kernel if the system has a fiber-based Intel XL710 adapter installed.
In addition ixl version 1.2.8 and ixlv version 1.1.18 give:
- Improved VF stability (thanks to Ryan Stone for this)
- RSS fixes
- link detection in the ixlv driver
- new sysctl's added
- corrected media reporting
jhb [Mon, 10 Nov 2014 19:53:39 +0000 (19:53 +0000)]
MFstable10 273998:
Rework the EXAMPLES section to be a bit clearer.
- Add an example of using etcupdate diff.
- Create a subsection on bootstrapping that is below the simple
examples. This should make it clearer that 'etcupdate extract' is
a one-time operation and not part of the common workflow. It also
adds more suggestions on when bootstrapping is needed and additional
steps to make future merges simpler.
gjb [Mon, 3 Nov 2014 09:02:08 +0000 (09:02 +0000)]
Update the hardware page to reflect CPU updates/additions
added in head@r273941.
Since the original commit requires changes to the doc/
repository after the release tag had already happened,
(re)define entities in share/xml/release.ent that reflect
doc@r45900 to prevent build breakage.
Requested by: gavin
Approved by: re (implicit, relnotes)
Sponsored by: The FreeBSD Foundation
mav [Tue, 28 Oct 2014 14:01:58 +0000 (14:01 +0000)]
MFS10 r273767 / MFC r273638:
Revert somewhat hackish geom_disk optimization, committed as part of r256880,
and the following r273143 commit, supposed to workaround introduced issue by
quite innocent-looking change.
While there is no clear understanding why, but r273143 is accused in data
corruption in some environments with high I/O load. I personally don't see
any problem in that commit, and possibly it is just a trigger to some other
bug somewhere, but better safe then sorry for now.
gjb [Sun, 26 Oct 2014 17:17:08 +0000 (17:17 +0000)]
MFstable10 r273698:
MFC r273653:
Fix a few issues with creating VOLUME_LABEL for the
installation ISOs:
- TYPE, BRANCH, and REVISION are only defined if
OSRELEASE is not defined, so in situations where
one might set OSRELEASE for an in-house ISO build,
VOLUME_LABEL would be empty.
- makefs(8) limits the volume label to 32 characters,
which for the powerpc64 case, OSRELEASE expands to
FreeBSD-11.0-CURRENT-powerpc-powerpc64. Even with
removing the prefixing 'FreeBSD-', the string is 30
characters long, leaving zero room for suffixing the
type of ISO media (BO for bootonly, CD for cdrom, and
DVD for dvdrom).
Resolve these by defining VOLUME_LABEL when defining
OSRELEASE if unset. If OSRELEASE is defined by the
builder, use the OSRELEASE from that definition as the
VOLUME_LABEL.
In addition, for cases where both TARGET and TARGET_ARCH
are used for the VOLUME_LABEL, use TARGET_ARCH if it
differs from TARGET.
There are probably a few sharp edges here yet, but these
problems are going to affect the powerpc/powerpc64 builds
for 10.1-RELEASE, so the immediate concern is fixing the
underlying problem at hand quickly, and less so about the
elegance of the fix.
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
gjb [Tue, 21 Oct 2014 23:07:30 +0000 (23:07 +0000)]
MFstable10 r273429:
MFC r273402:
Fix an issue where a FreeBSD virtual machine provisioned in
the Microsoft Azure service does not recognize the second
attached disk on the system.
PR: 194376
Approved by: re (delphij)
Sponsored by: The FreeBSD Foundation
tuexen [Mon, 20 Oct 2014 05:17:16 +0000 (05:17 +0000)]
MFC10 r273275 (r273168 in head):
Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a
sent incoming stream reset request was responded with failed
or denied.
Thanks to Peter Bostroem from Google for reporting the issue.
emaste [Mon, 20 Oct 2014 01:45:40 +0000 (01:45 +0000)]
MFS10 r273294 (r273178 in HEAD):
Update vt(4) for UEFI defaults and special keys
vt(4) is the default console for UEFI boot [1], and the bitmapped
kern.vt.spclkeys sysctl has been replaced with individual kern.vt.kbd_*
enable sysctls.
jhb [Fri, 17 Oct 2014 20:39:39 +0000 (20:39 +0000)]
MFS10 273238;
Properly set the timeout in a query_state. The global query_timeout
configuration value is an integer count of seconds, it is not a timeval.
Using memcpy() to copy a timeval from it put garbage into the tv_usec
field.
emaste [Fri, 17 Oct 2014 16:32:27 +0000 (16:32 +0000)]
MFS10 r273232 (HEAD r257302 by rea):
binutils/bfd: fix printf-like format strings for "bfd *" arguments
There is a special format argument '%B' that directly handles values
of type 'bfd *', they must be used instead of '%s'. Manifestations
of this bug can be seen in ld(1) error messages, for example,
http://lists.freebsd.org/pipermail/freebsd-current/2013-August/043580.html
http://lists.freebsd.org/pipermail/freebsd-current/2013-October/045404.html
gjb [Thu, 16 Oct 2014 23:25:38 +0000 (23:25 +0000)]
MFstable10 r273198:
MFC r273093, r273096:
r273093:
Merge the following from ^/projects/release-vmimage:
r272436, r272437, r272792:
r272436:
Remove the first argument to panic(), which was initially
intended to be the exit code, however when a non-zero exit
code was returned to release/Makefile, this would prevent
any remaining (and possibly successful) stages from being
attempted.
r272437:
If the vm-base target fails, prevent the vm-image target
from being run since it cannot possibly succeed.
r272792:
Add /usr/local/bin and /usr/local/sbin to PATH, needed
if third-party software needs to use utilities outside
of the base system during post-install stages (indexinfo
is one culprit).
r273096:
Merge the following from ^/projects/release-vmimage:
r273076, r273077, r273079, r273095:
r273076:
Add a separate make(1) target to release/Makefile to
build FreeBSD virtual machine disk images for use on
the Microsoft Azure service.
For now, this target is not directly connected to the
build, however can be manually invoked.
The 'vm-azure' target invokes {amd64,i386}/mk-azure.sh,
which does the heavy lifting to produce proper VHDs.
mk-azure.sh uses a configuration file, defaulting to
tools/azure.conf if otherwise unset.
r273077:
Clear VM_RC_LIST.
r273079:
Fix signal list to trigger umount(8).
r273095:
Output an informational message when mkimg(1) runs, so it
does not appear that the process has stopped while waiting
for a 'y/n' response when waagent is deprovisioned.
Relnotes: yes
Approved by: re (delphij)
Sponsored by: The FreeBSD Foundation
glebius [Thu, 16 Oct 2014 23:03:04 +0000 (23:03 +0000)]
Merge r273184, r273185 from stable/10:
- Use rn_detachhead() instead of direct free(9) for radix tables.
- Free radix mask entries on main radix destroy.
delphij [Thu, 16 Oct 2014 22:20:38 +0000 (22:20 +0000)]
MFS r273191: MFC r273060:
Use write_psize instead of write_asize when doing vdev_space_update.
Without this change the accounting of L2ARC usage would be wrong and
give 16EB free space because the number became negative and overflows.