Day: September 2, 2020

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:26.dhclient

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:26.dhclient Security Advisory
The FreeBSD Project

Topic: dhclient heap overflow

Category: core
Module: dhclient
Announced: 2020-09-02
Credits: Shlomi Oberman, JSOF
Affects: All supported versions of FreeBSD.
Corrected: 2020-08-31 21:28:09 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:25:31 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-08-31 21:28:57 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:25:31 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:25:31 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:18.getfsstat

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:18.getfsstat Errata Notice
The FreeBSD Project

Topic: getfsstat compatibility system call panic

Category: core
Module: getfsstat
Announced: 2020-09-02
Credits: Rodrigo Rubira Branco (BSDaemon), Amazon Web Services
Affects: FreeBSD 11.3 and 11.4
Corrected: 2020-06-20 04:39:52 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:22:14 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:22:14 UTC (releng/11.3, 11.3-RELEASE-p13)

For general information regarding FreeBSD Errata

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:25.sctp

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:25.sctp Security Advisory
The FreeBSD Project

Topic: SCTP socket use-after-free bug

Category: core
Module: kernel
Announced: 2020-09-02
Credits: Megan2013678@protonmail.com
Affects: All supported versions of FreeBSD.
Corrected: 2020-08-24 09:19:05 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:24:32 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-08-24 09:46:36 UTC (stable/11, 11.4-STABLE)
2020-09-02 16:24:32 UTC (releng/11.4, 11.4-RELEASE-p3)
2020-09-02 16:24:32 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE Name:

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-20:24.ipv6

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-20:24.ipv6 Security Advisory
The FreeBSD Project

Topic: IPv6 Hop-by-Hop options use-after-free bug

Category: core
Module: kernel
Announced: 2020-09-02
Affects: FreeBSD 11.3
Corrected: 2020-05-07 01:28:59 UTC (stable/11, 11.4-PRERELEASE)
2020-09-02 16:23:15 UTC (releng/11.3, 11.3-RELEASE-p13)
CVE Name: CVE-2020-7462

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following

(Read more...)

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-20:17.linuxthread

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-EN-20:17.linuxthread Errata Notice
The FreeBSD Project

Topic: FreeBSD Linux ABI kernel panic

Category: core
Module: kernel
Announced: 2020-09-02
Credits: Martin Filla
Henrique L. Amorim, Independent Security Researcher
Rodrigo Rubira Branco (BSDaemon), Amazon Web Services
Affects: All supported versions of FreeBSD.
Corrected: 2020-06-25 05:24:35 UTC (stable/12, 12.1-STABLE)
2020-09-02 16:21:27 UTC (releng/12.1, 12.1-RELEASE-p9)
2020-06-25 05:35:46

(Read more...)

ncurses update in DragonFly

ncurses has been upgraded from 6.0 to 6.2 in DragonFly; a 4 year jump.  Perhaps not a huge effect on you, but I want to link to it cause there’s such nice changelogs!