deadsimple BSD Security Advisories and Announcements

FreeBSD Security Advisory FreeBSD-SA-21:17.openssl

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-21:17.openssl Security Advisory
The FreeBSD Project

Topic: Multiple vulnerabilities in OpenSSL

Category: contrib
Module: openssl
Announced: 2021-08-24
Affects: FreeBSD 12.2 and FreeBSD 11.4
Corrected: 2021-02-18 23:55:09 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:22 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-02-19 16:21:03 UTC (stable/11, 11.4-STABLE)
2021-08-24 18:31:34 UTC (releng/11.4, 11.4-RELEASE-p13)
CVE Name: CVE-2021-23840, CVE-2021-23841

For general information regarding FreeBSD

(Read more...)

FreeBSD Security Advisory FreeBSD-SA-21:14.ggatec

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-21:14.ggatec Security Advisory
The FreeBSD Project

Topic: Remote code execution in ggatec(8)

Category: core
Module: ggatec
Announced: 2021-08-24
Credits: Johannes Totz
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 17:50:50 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:37:45 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:13 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:15 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-08-24 18:29:35 UTC (stable/11, 11.4-STABLE)

(Read more...)

FreeBSD Security Advisory FreeBSD-SA-21:13.bhyve

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-21:13.bhyve Security Advisory
The FreeBSD Project

Topic: Missing error handling in bhyve(8) device models

Category: core
Module: bhyve
Announced: 2021-08-24
Credits: Agustin Gianni (GitHub Security Lab)
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 18:29:48 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:33:35 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:33:04 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:13 UTC (releng/12.2, 12.2-RELEASE-p10)

(Read more...)

FreeBSD Security Advisory FreeBSD-SA-21:15.libfetch

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-21:15.libfetch Security Advisory
The FreeBSD Project

Topic: libfetch out of bounds read

Category: core
Module: libfetch
Announced: 2021-08-24
Credits: Samanta Navarro
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 17:59:43 UTC (stable/13, 13.0-STABLE)
2021-08-24 18:00:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:16 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:17 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-08-24 18:29:40 UTC (stable/11, 11.4-STABLE)

(Read more...)

FreeBSD Security Advisory FreeBSD-SA-21:16.openssl

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-21:16.openssl Security Advisory
The FreeBSD Project

Topic: Multiple OpenSSL vulnerabilities

Category: contrib
Module: openssl
Announced: 2021-08-24
Credits: See OpenSSL advisory in references.
Affects: FreeBSD 12.2 and later.
Corrected: 2021-08-24 18:05:48 UTC (stable/13, 13.0-STABLE)
2021-08-24 18:08:04 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:22 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:19 UTC (releng/12.2, 12.2-RELEASE-p10)
CVE Name: CVE-2021-3711, CVE-2021-3712

For

(Read more...)

FreeBSD Errata Notice FreeBSD-EN-21:25.bhyve

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-21:25.bhyve Errata Notice
The FreeBSD Project

Topic: Fix NVMe iovec construction for large IOs

Category: core
Module: bhyve
Announced: 2021-08-24
Affects: FreeBSD 12.2 and later.
Corrected: 2021-07-09 14:24:14 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:25:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-07-09 14:25:45 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:11 UTC (releng/12.2, 12.2-RELEASE-p10)

For general information regarding FreeBSD Errata Notices

(Read more...)

FreeBSD Errata Notice FreeBSD-EN-21:24.libcrypto

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-21:24.libcrypto Errata Notice
The FreeBSD Project

Topic: OpenSSL 1.1.1e API functions not exported

Category: core
Module: libcrypto
Announced: 2021-08-24
Affects: FreeBSD 12.2 and later.
Corrected: 2021-06-09 21:53:42 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:25:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-06-09 21:54:13 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:08 UTC (releng/12.2, 12.2-RELEASE-p10)

For general information regarding FreeBSD Errata Notices and

(Read more...)

FreeBSD Errata Notice FreeBSD-EN-21:23.virtio_blk

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-21:23.virtio_blk Errata Notice
The FreeBSD Project

Topic: virtio_blk(4) fails to attach on some hypervisors

Category: core
Module: virtio_blk
Announced: 2021-08-24
Affects: FreeBSD 13.0
Corrected: 2021-06-28 15:16:29 UTC (stable/13, 13.0-STABLE)
2021-08-24 16:36:55 UTC (releng/13.0, 13.0-RELEASE-p4)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and

(Read more...)

FreeBSD Quarterly Status Report – Second Quarter 2021

–gam434fgcnrxp6ew
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Introduction

This report covers FreeBSD related projects for the period between April and
June, and is the second of four planned reports for 2021.

Some of this reports highlights include but are not limited to work on an
experimental installer, changes to pf, additional work on the Linuxulator,
updates on the state

(Read more...)