Errata patches for the kernel have been released for OpenBSD 6.6 and 6.7.
A buffer overflow was discovered in an amdgpu ioctl.
Binary updates for the amd64 and arm64 platforms are available via the
syspatch utility. Source code patches can be found o…
Yesterday, there were multiple advisories affecting MidnightBSD 1.2.x and current.
First, the two directly reported to the project, and the CVEs are registered for MidnightBSD:
CVE-2020-24863
http://www.midnightbsd.org/security/adv/MIDNIGHTBSD-SA-…
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
Dear FreeBSD community,
As of September 30, 2020, FreeBSD 11.3 will reach end-of-life and will no longer
be supported by the FreeBSD Security Team. Users of FreeBSD 11.3 are strongly
encouraged to upgr…
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-SA-20:26.dhclient Security Advisory
The FreeBSD Project
Topic: dhclient heap overflow
Category: core
Module: dhclient
Announced: 2020-09-02
Credits: Shlomi Oberman, JSOF
Affects: All supported versions of FreeBSD.
Corrected: 2020-08-31 21:28:09 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:25:31 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-08-31 21:28:57 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:25:31 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:25:31 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-EN-20:18.getfsstat Errata Notice
The FreeBSD Project
Topic: getfsstat compatibility system call panic
Category: core
Module: getfsstat
Announced: 2020-09-02
Credits: Rodrigo Rubira Branco (BSDaemon), Amazon Web Services
Affects: FreeBSD 11.3 and 11.4
Corrected: 2020-06-20 04:39:52 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:22:14 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:22:14 UTC (releng/11.3, 11.3-RELEASE-p13)
For general information regarding FreeBSD Errata
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-SA-20:25.sctp Security Advisory
The FreeBSD Project
Topic: SCTP socket use-after-free bug
Category: core
Module: kernel
Announced: 2020-09-02
Credits: Megan2013678@protonmail.com
Affects: All supported versions of FreeBSD.
Corrected: 2020-08-24 09:19:05 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:24:32 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-08-24 09:46:36 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:24:32 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:24:32 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE Name:
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-SA-20:24.ipv6 Security Advisory
The FreeBSD Project
Topic: IPv6 Hop-by-Hop options use-after-free bug
Category: core
Module: kernel
Announced: 2020-09-02
Affects: FreeBSD 11.3
Corrected: 2020-05-07 01:28:59 UTC (stable/11, 11.4-PRERELEASE)
2020-09-02 16:23:15 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE Name: CVE-2020-7462
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-EN-20:17.linuxthread Errata Notice
The FreeBSD Project
Topic: FreeBSD Linux ABI kernel panic
Category: core
Module: kernel
Announced: 2020-09-02
Credits: Martin Filla
Henrique L. Amorim, Independent Security Researcher
Rodrigo Rubira Branco (BSDaemon), Amazon Web Services
Affects: All supported versions of FreeBSD.
Corrected: 2020-06-25 05:24:35 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:21:27 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-06-25 05:35:46
Happy to announce the new release of MidnightBSD 1.2.
Short version: This is a security and bug fix release.
Learn more on the release notes page. https://www.midnightbsd.org/notes/
Download now: https://www.midnightbsd.org/download/
Lucas Holt…
MidnightBSD 1.2.7 is now available and includes the following fixes:
Fix several bugs with the base system.
Don’t attempt to measure TSC skew in VMs with dtrace.
Fix a bug with em(4) driver for Intel Gigabit NICs related to link state.
F…
Errata patches for libX11 have been released for OpenBSD 6.6 and 6.7.
An integer overflow in libX11 could lead to a double free.
Additionally, fix a regression in ximcp.
Binary updates for the amd64, i386, and arm64 platforms are available via
the s…
Errata patches for Xorg have been released for OpenBSD 6.6 and 6.7.
Various X server extensions had deficient input validation.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be…
We have released LibreSSL 3.2.1, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.
This is the second development release from the 3.2.x series, which will
eventually be part of OpenBSD 6.8. It includes the following …
Errata patches for LibreSSL have been released for OpenBSD 6.7.
The previous errata patch 019 broke bidirectional SSL_shutdown.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be…
We have released LibreSSL 3.1.4, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.
It includes the following interoperability and bug fixes for the
TLSv1.3 client:
* Improve client certificate selection to allow …
Errata patches for LibreSSL have been released for OpenBSD 6.7.
The TLSv1.3 client could hang, crash, leak memory or not interoperate
with some TLSv1.3 servers.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch ut…
Dear all,
the datacenter that houses:
mail.NetBSD.org
ftp.NetBSD.org
the “real” www.NetBSD.org
wiki.NetBSD.org
www.pkgsrc.org
releng.NetBSD.org
gnats.NetBSD.org
blog.NetBSD.org
cvs.NetBSD.org
anoncvs.NetBSD.org
hgmaster.NetBSD.org
anonhg.NetBSD.org
w…
Errata patches for libX11 have been released for OpenBSD 6.6 and 6.7.
The recent security errata broke X11 input methods.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found…
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-SA-20:22.sqlite Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in sqlite3
Category: contrib
Module: sqlite3
Announced: 2020-08-05
Affects: All supported versions of FreeBSD.
Corrected: 2020-06-15 03:10:53 UTC (stable/12, 12.1-STABLE)
2020-08-05 17:13:08 UTC (releng/12.1, 12.1-RELEASE-p8)
2020-06-15 03:10:53 UTC (stable/11, 11.4-STABLE)
2020-08-05 17:13:08 UTC (releng/11.4, 11.4-RELEASE-p2)
2020-08-05 17:13:08 UTC (releng/11.3, 11.3-RELEASE-p12)
CVE Name: CVE-2020-11655, CVE-2020-11656,
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
=============================================================================
FreeBSD-SA-20:23.sendmsg Security Advisory
The FreeBSD Project
Topic: sendmsg(2) privilege escalation
Category: core
Module: kernel compat32
Announced: 2020-08-05
Credits: m00nbsd working with Trend Micro Zero Day Initiative
Affects: All supported versions of FreeBSD.
Corrected: 2020-08-05 17:07:13 UTC (stable/12, 12.1-STABLE)
2020-08-05 17:14:01 UTC (releng/12.1, 12.1-RELEASE-p8)
2020-08-05 17:08:02 UTC (stable/11, 11.4-STABLE)
2020-08-05 17:14:01 UTC (releng/11.4, 11.4-RELEASE-p2)