Perforce has removed the server components for FreeBSD.
Update timezone database information. [EN-18:06.tzdata]
Fix multiple small kernel memory disclosures. [EN-18:05.mem]
Fix mishandling of x86 debug exceptions. [SA-18:06.debugreg]
Add SA-18:04.vt, SA-18:05.ipsec, EN-18:03.tzdata, EN-18:04.mem.
Add SA-18:04.vt, SA-18:05.ipsec, EN-18:03.tzdata, EN-18:04.mem.
Fix multiple small kernel memory disclosures. [EN-18:04.mem]
Update timezone database information. [EN-18:03.tzdata]
Fix ipsec crash or denial of service. [SA-18:05.ipsec]
Fix vt console memory disclosure. [SA-18:04.vt]
Limit glyph count in vtfont_load to avoid integer overflow.
Add FreeBSD-SA-18:03.speculative_execution.
Add mitigations for two classes of speculative execution vulnerabilities
Update SA-18:01 with revision and a new patch.
Bump newvers and document the updated patch for SA-18:01.ipsec
Correct patches for 10.x along with updated advisory.
Correct patch for ipsec vulnerability.
Fixup the AH patch to properly compile.
Remove myself now that I have commited the NTP patches.
Add the actual patches to the doc repo. This would help people interested
NTP patches are large. Exempt myself from the limit to commit them.
Add actual patches to the doc repo. This would probably help.
Switch order of the SA and EN in the xml to sort properly.
Add SA-18:01, SA-18:02, EN-18:01, EN-18:02.
Update file(1) to new version with security update. [EN-18:02.file]
Update timezone database information. [EN-18:01.tzdata]
Fix multiple vulnerabilities in ntp. [SA-18:02.ntp]
Fix ipsec validation and use-after-free. [SA-18:01.ipsec]
Port r329561 to stable/10. There were structural changes preventing MFC.
Adding cperciva and jmg who may be able to help provide some opinions about how they think this should go.
Okay, based on that, looks good to me.
Would it be better off to just not do checksumming for this and use the source as is?
Fixup include for p4 related ports now that devel/p4 is using source.
This is fine (obviously missing the actual implementation). Adding Dean to the reviewers, he has history in doing assessments of HW TRNG and might be a good collaborator to look at the quality of the bits coming from ccp(4).
Update devel/p4d and devel/p4p to 2016.1/1598719 due to micropatching.
Update so_public_key with new key.
Update PGP key for security-officer.
Looks okay to me but I'm probably not the best person to judge. If anyone else would like to weigh in. Feel free.
Add FreeBSD-SA-17:12.openssl.
Fix multiple OpenSSL vulnerabilities.
Fix error state handling.
Correct spelling: exceprt to excerpt.
gordon added a member for
secteam:
emaste.
Update website to make 11.0 unsupported now that it is EoL.
I don't need the sizelimit exception anymore.
I should have added secteam as well. Sorry about that.
Update SA-17:08 and SA-17:10 to properly give credit to Ilja van Sprundel.
Add SA-17:08, SA-17:09, SA-17:10.
Properly bzero kldstat structure to prevent information leak. [SA-17:10]
Properly bzero kldstat structure to prevent information leak. [SA-17:10]
Properly bzero kldstat structure to prevent information leak. [SA-17:10]
Properly bzero kldstat structure to prevent information leak. [SA-17:10]
Fix namespace issue in POSIX shm implementation for jails. [SA-17:09]
Fix namespace issue in POSIX shm implementation for jails. [SA-17:09]
Fix kernel data leak via ptrace(PT_LWPINFO). [SA-17:08]
Fix kernel data leak via ptrace(PT_LWPINFO). [SA-17:08]
Fix kernel data leak via ptrace(PT_LWPINFO). [SA-17:08]
Fix kernel data leak via ptrace(PT_LWPINFO). [SA-17:08]
Properly bzero kldstat structure to prevent kernel information leak.
Update the secteam with a few additional changes.
Update timezone database information. [EN-17:09]
Update timezone database information. [EN-17:09]
Update timezone database information. [EN-17:09]
Update timezone database information. [EN-17:09]
Generally looks good. Mostly grammar nits and some clarification needed.
Set 11.0 end of life date.
Update SA-17:07 with patches for 10.x.
Fix WPA2 protocol vulnerability. [SA-17:07]
Fix WPA2 protocol vulnerability. [SA-17:07]
Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
Correct copy-paste. 11.1 is p2, not p13.
Fix WPA2 protocol vulnerability. [SA-17:07]
Fix WPA2 protocol vulnerability. [SA-17:07]
MFC r324696: Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
Update wpa_supplicant/hostapd for 2017-01 vulnerability release.