Day: January 28, 2020

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:02.nmount

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:02.nmount Errata Notice
The FreeBSD Project

Topic: nmount invalid pointer dereference

Category: core
Module: kernel
Announced: 2020-01-28
Credits: Andrew Turner
Affects: FreeBSD 11.3 and FreeBSD 12.0.
Corrected: 2019-10-03 07:17:26 UTC (stable/12, 12.1-STABLE)
2019-10-04 14:10:56 UTC (releng/12.1, 12.1-RELEASE)
2020-01-28 18:54:15 UTC (releng/12.0, 12.0-RELEASE-p13)
2019-10-04 17:27:49 UTC (stable/11, 11.3-STABLE)
2020-01-28 18:54:15 UTC (releng/11.3, 11.3-RELEASE-p6)

For

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:01.ssp

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:01.ssp Errata Notice
The FreeBSD Project

Topic: Imprecise ordering of SSP canary initialization

Category: core
Module: libc
Announced: 2020-01-28
Credits: Kyle Evans
Affects: All supported versions of FreeBSD.
Corrected: 2019-11-25 03:49:38 UTC (stable/12, 12.1-STABLE)
2020-01-28 18:53:14 UTC (releng/12.1, 12.1-RELEASE-p2)
2020-01-28 18:53:14 UTC (releng/12.0, 12.0-RELEASE-p13)
2019-11-25 03:49:38 UTC (stable/11, 11.3-STABLE)
2020-01-28 18:53:14 UTC (releng/11.3,

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:02.ipsec

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:02.ipsec Security Advisory
The FreeBSD Project

Topic: Missing IPsec anti-replay window check

Category: core
Module: kernel
Announced: 2020-01-28
Credits: Jean-Francois HREN
Affects: FreeBSD 12.0 only
Corrected: 2020-01-28 18:56:46 UTC (releng/12.0, 12.0-RELEASE-p13)
CVE Name: CVE-2019-5613

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections,

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:03.thrmisc

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:03.thrmisc Security Advisory
The FreeBSD Project

Topic: kernel stack data disclosure

Category: core
Module: kernel
Announced: 2020-01-28
Credits: Ilja Van Sprundel
Affects: All supported versions of FreeBSD.
Corrected: 2019-11-15 16:40:10 UTC (stable/12, 12.1-STABLE)
2020-01-28 18:57:45 UTC (releng/12.1, 12.1-RELEASE-p2)
2020-01-28 18:57:45 UTC (releng/12.0, 12.0-RELEASE-p13)
2019-11-15 16:40:55 UTC (stable/11, 11.3-STABLE)
2020-01-28 18:57:45 UTC (releng/11.3, 11.3-RELEASE-p6)

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:01.libfetch

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:01.libfetch Security Advisory
The FreeBSD Project

Topic: libfetch buffer overflow

Category: core
Module: libfetch
Announced: 2020-01-28
Credits: Duncan Overbruck
Affects: All supported versions of FreeBSD.
Corrected: 2020-01-28 18:40:55 UTC (stable/12, 12.1-STABLE)
2020-01-28 18:55:25 UTC (releng/12.1, 12.1-RELEASE-p2)
2020-01-28 18:55:25 UTC (releng/12.0, 12.0-RELEASE-p13)
2020-01-28 18:42:06 UTC (stable/11, 11.3-STABLE)
2020-01-28 18:55:25 UTC (releng/11.3, 11.3-RELEASE-p6)
CVE Name:

(Read more...)