deadsimple BSD Security Advisories and Announcements

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:33.openssl [REVISED]

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:33.openssl Security Advisory
The FreeBSD Project

Topic: OpenSSL NULL pointer de-reference

Category: contrib
Module: openssl
Announced: 2020-12-08
Affects: All supported versions of FreeBSD.
Corrected: 2020-12-08 18:28:49 UTC (stable/12, 12.2-STABLE)
2020-12-08 19:10:40 UTC (releng/12.2, 12.2-RELEASE-p2)
2020-12-08 19:10:40 UTC (releng/12.1, 12.1-RELEASE-p12)
2020-12-10 23:43:29 UTC (stable/11, 11.4-STABLE)
2020-12-14 21:20:55 UTC (releng/11.4, 11.4-RELEASE-p6)
CVE Name: CVE-2020-1971

Note:

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:33.openssl

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:33.openssl Security Advisory
The FreeBSD Project

Topic: OpenSSL NULL pointer de-reference

Category: contrib
Module: openssl
Announced: 2020-12-08
Affects: All supported versions of FreeBSD.
Corrected: 2020-12-08 18:28:49 UTC (stable/12, 12.2-STABLE)
2020-12-08 19:10:40 UTC (releng/12.2, 12.2-RELEASE-p2)
2020-12-08 19:10:40 UTC (releng/12.1, 12.1-RELEASE-p12)
CVE Name: CVE-2020-1971

Note: The OpenSSL project has published publicly available patches for
versions

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:32.rtsold

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:32.rtsold Security Advisory
The FreeBSD Project

Topic: Multiple vulnerabilities in rtsold

Category: core
Module: rtsold
Announced: 2020-12-01
Credits: Quarkslab Vulnerability Reports
Affects: All supported versions of FreeBSD
Corrected: 2020-12-01 19:35:48 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:39:44 UTC (releng/12.2, 12.2-RELEASE-p1)
2020-12-01 19:39:44 UTC (releng/12.1, 12.1-RELEASE-p11)
2020-12-01 19:36:37 UTC (stable/11, 11.4-STABLE)
2020-12-01 19:39:44 UTC (releng/11.4, 11.4-RELEASE-p5)

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:31.icmp6

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:31.icmp6 Security Advisory
The FreeBSD Project

Topic: ICMPv6 use-after-free in error message handling

Category: core
Module: icmp6
Announced: 2020-12-01
Credits: Maxime Villard
Affects: All supported versions of FreeBSD.
Corrected: 2020-11-05 22:41:54 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:38:52 UTC (releng/12.2, 12.2-RELEASE-p1)
2020-12-01 19:38:52 UTC (releng/12.1, 12.1-RELEASE-p11)
2020-12-01 03:07:26 UTC (stable/11, 11.4-STABLE)
2020-12-01 19:38:52 UTC (releng/11.4,

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:22.callout

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:22.callout Errata Notice
The FreeBSD Project

Topic: Race condition in callout CPU migration

Category: core
Module: callout
Announced: 2020-12-01
Affects: FreeBSD 12.1 and 12.2
Corrected: 2020-11-26 14:57:30 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:37:33 UTC (releng/12.2, 12.2-RELEASE-p1)
2020-12-01 19:37:33 UTC (releng/12.1, 12.1-RELEASE-p11)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:21.ipfw

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:21.ipfw Errata Notice
The FreeBSD Project

Topic: Uninitialized variable in ipfw

Category: core
Module: ipfw
Announced: 2020-12-01
Affects: FreeBSD 12.2
Corrected: 2020-10-18 20:54:15 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:36:36 UTC (releng/12.2, 12.2-RELEASE-p1)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections,

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:20.tzdata

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:20.tzdata Errata Notice
The FreeBSD Project

Topic: Timezone database information update

Category: contrib
Module: zoneinfo
Announced: 2020-12-01
Affects: All supported versions of FreeBSD.
Corrected: 2020-10-23 01:06:33 UTC (stable/12, 12.1-STABLE)
2020-12-01 19:35:48 UTC (releng/12.2, 12.2-RELEASE-p1)
2020-12-01 19:35:48 UTC (releng/12.1, 12.1-RELEASE-p11)
2020-10-23 01:06:42 UTC (stable/11, 11.4-STABLE)
2020-12-01 19:35:48 UTC (releng/11.4, 11.4-RELEASE-p5)

For general information regarding

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:19.audit

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:19.audit Errata Notice
The FreeBSD Project

Topic: execve/fexecve system call auditing

Category: core
Module: kernel
Announced: 2020-12-01
Affects: FreeBSD 12.1 and later.
Corrected: 2020-10-27 13:13:04 UTC (stable/12, 12.2-STABLE)
2020-12-01 19:34:45 UTC (releng/12.2, 12.2-RELEASE-p1)
2020-12-01 19:34:45 UTC (releng/12.1, 12.1-RELEASE-p11)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields

(Read more...)