User Details
User Details
- User Since
- Nov 2 2014, 4:37 PM (554 w, 2 d)
May 16 2025
May 16 2025
Extend lifetime of my key.
May 12 2025
May 12 2025
I’m not entirely sure what kind of approval from secteam is being sought. If someone in core would like to help me understand what kind of review is expected, I’d be happy to undertake it.
Apr 11 2025
Apr 11 2025
Fix missing dot in URI.
Apr 10 2025
Apr 10 2025
Add EN-25:04 through EN-25:08.
Feb 21 2025
Feb 21 2025
Add SA-25:05.openssh.
ssh: Bump VersionAddendum for CVE fixes
gordon committed rG469f61e89ff7: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rGc57fcc2d5307: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
ssh: Bump VersionAddendum for CVE fixes
gordon committed rG3053f92a163c: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rG8d0540600b1e: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
Add updating entries and bump version.
ssh: Bump VersionAddendum for CVE fixes
Add UPDATING entries and bump version.
gordon committed rG1920babc310a: ssh: Fix cases where error codes were not correctly set (authored by emaste).
ssh: Fix cases where error codes were not correctly set
gordon committed rG3ae196925d29: ssh: Don't reply to PING in preauth phase or during KEX (authored by emaste).
ssh: Don't reply to PING in preauth phase or during KEX
Add UPDATING entries and bump version
Jan 30 2025
Jan 30 2025
Jan 29 2025
Jan 29 2025
gordon added a comment to D48719: vmimage.subr: Redirect etcupdate log to stdout.
As long as it doesn't end up as a build product, makes sense to me. Want to update the review with a new patch and we'll go from there?
Move this to the proper name.
gordon committed R9:46c1baa951ca: Add EN-25:01 through EN-25:03 and SA-25:01 through SA-25:04. (authored by gordon).
Add EN-25:01 through EN-25:03 and SA-25:01 through SA-25:04.
Jan 12 2025
Jan 12 2025
gordon committed R9:a8177cef3c88: Update expiration date on existing keys for security-officer. (authored by gordon).
Update expiration date on existing keys for security-officer.
Nov 13 2024
Nov 13 2024
Correct CVE typo for SA-24:17.bhyve.
Oct 29 2024
Oct 29 2024
Add EN-24:17 and SA-24:17 through SA-24:19.
Sep 20 2024
Sep 20 2024
gordon committed R9:a1544a0e91fb: Correct the reference to FreeBSD-SA-24:16.libnv. (authored by gordon).
Correct the reference to FreeBSD-SA-24:16.libnv.
gordon committed R9:87d45d54be03: allanjude is the core team liaison for secteam. (authored by gordon).
allanjude is the core team liaison for secteam.
Sep 19 2024
Sep 19 2024
gordon committed R9:7185d12e8443: security: Fixup incorrect pathes in EN-24:16.pf. (authored by gordon).
security: Fixup incorrect pathes in EN-24:16.pf.
gordon committed R9:6c3d10765376: Add EN-24:16, SA-24:15, and SA-24:16. Update SA-24:05 and SA-24:09. (authored by gordon).
Add EN-24:16, SA-24:15, and SA-24:16. Update SA-24:05 and SA-24:09.
gordon committed rG417e81a40091: libnv: correct the calculation of the structure's size (authored by oshogbo).
libnv: correct the calculation of the structure's size
gordon committed rGe7a790dc3ffe: bhyve: improve input validation in pci_xhci (authored by khorben_defora.org).
bhyve: improve input validation in pci_xhci
Add UPDATING entries and bump revision.
gordon committed rG5f035df278cc: bhyve: improve input validation in pci_xhci (authored by khorben_defora.org).
bhyve: improve input validation in pci_xhci
gordon committed rG2cffa6354d9f: libnv: correct the calculation of the structure's size (authored by oshogbo).
libnv: correct the calculation of the structure's size
Add UPDATING entries and bump revision.
gordon committed rGba46f1174972: bhyve: improve input validation in pci_xhci (authored by khorben_defora.org).
bhyve: improve input validation in pci_xhci
gordon committed rGe9d57be06e23: libnv: correct the calculation of the structure's size (authored by oshogbo).
libnv: correct the calculation of the structure's size
Add UPDATING entries and bump revision.
gordon committed rG3c6c0dcb5acb: bhyve: improve input validation in pci_xhci (authored by khorben_defora.org).
bhyve: improve input validation in pci_xhci
gordon committed rGf67468e6e5e2: libnv: correct the calculation of the structure's size (authored by oshogbo).
libnv: correct the calculation of the structure's size
Add UPDATING entries and bump revision.
Sep 17 2024
Sep 17 2024
gordon committed R9:a7b674fe1cdc: website/security: Reverse sort release table. (authored by gordon).
website/security: Reverse sort release table.
Sep 8 2024
Sep 8 2024
gordon committed rGcab90be6a580: openssl: Remove the specific version numbers from the instructions. (authored by gordon).
openssl: Remove the specific version numbers from the instructions.
Sep 7 2024
Sep 7 2024
openssl: Update upgrade instructions.
Assuming this is a straight import, LGTM.
gordon committed rG3d8501d90e24: openssl: Remove fips module from base system. (authored by gordon).
openssl: Remove fips module from base system.
Sep 4 2024
Sep 4 2024
Add advisories to relavent toml files.
Add EN-24:15 and SA-24:09 through SA-24:14.
gordon committed rG86d01789bf41: calendar: don't setlogin(2) in the -a user handlers (authored by kevans).
calendar: don't setlogin(2) in the -a user handlers
openssl: Import OpenSSL 3.0.15.
Sep 3 2024
Sep 3 2024
gordon committed rG5946b0c6cbc7: openssl: Avoid type errors in EAI-related name check logic. (authored by Viktor Dukhovni <viktor@openssl.org>).
openssl: Avoid type errors in EAI-related name check logic.
gordon committed rGfbd465f26340: openssl: Bring over fix for CVE-2024-6119 from vendor/openssl-3.0. (authored by gordon).
openssl: Bring over fix for CVE-2024-6119 from vendor/openssl-3.0.
gordon committed rGe60dbfd00b00: Avoid type errors in EAI-related name check logic. (authored by Viktor Dukhovni <viktor@openssl.org>).
Avoid type errors in EAI-related name check logic.
Aug 31 2024
Aug 31 2024
gordon committed rG86dd740dd73a: openssl: Remove fips module from base system. (authored by gordon).
openssl: Remove fips module from base system.
gordon committed rG5a542a605537: release: Redirect etcupdate logfile to /dev/null. (authored by gordon).
release: Redirect etcupdate logfile to /dev/null.
gordon committed rGb8abafb4de41: release: Redirect etcupdate logfile to /dev/null. (authored by gordon).
release: Redirect etcupdate logfile to /dev/null.
Aug 24 2024
Aug 24 2024
gordon committed rGe972e408d19a: release: Redirect etcupdate logfile to /dev/null. (authored by gordon).
release: Redirect etcupdate logfile to /dev/null.
Aug 18 2024
Aug 18 2024
gordon added a reviewer for D46317: release: Don't create an etcupdate logfile during make release.: releng.
Adding all of releng instead of just cperciva
gordon added a comment to D46317: release: Don't create an etcupdate logfile during make release..
Note this is a direct commit to releng/13.4, although it might be better to do a corresponding change to main (slightly different patch needed) -> stable/13 -> releng/13.4.
gordon requested review of D46317: release: Don't create an etcupdate logfile during make release..
Aug 9 2024
Aug 9 2024
SA-24:07: Correct patch paths.
Aug 7 2024
Aug 7 2024
gordon committed R9:a7ac9239fbae: website: Add EN-24:14 and SA-24:05 through SA-24:08. (authored by gordon).
website: Add EN-24:14 and SA-24:05 through SA-24:08.
Aug 4 2024
Aug 4 2024
Not sure who else to get this reviewed by, but we should stop shipping fips.so.
gordon requested review of D46223: openssl: Remove fips module from base system..
gordon committed R9:0e9f122c25a9: website: Retire last remaining bits of 13.2. (authored by gordon).
website: Retire last remaining bits of 13.2.
Jul 15 2024
Jul 15 2024
Update ssh host keys.
Jul 2 2024
Jul 2 2024
Jul 1 2024
Jul 1 2024
Add SA-24:04.openssh.
Jun 19 2024
Jun 19 2024
Add EN-24:10 through EN-24:13.
killpg(): more carefully avoid LoR
gordon committed rGd45cf1d2f124: ldns: Ignore commented-out lines in resolv.conf. (authored by des).
ldns: Ignore commented-out lines in resolv.conf.
gordon committed rGbdf75e830a77: ldns: Ignore commented-out lines in resolv.conf. (authored by des).
ldns: Ignore commented-out lines in resolv.conf.
gordon committed rG2dc3f3a5e231: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
gordon committed rGbdba8eaa3db6: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
Destroy ARC buffer in case of fill error
gordon committed rG8e0e6b428cb8: Merge commit 382f70a877f0 from llvm-project (by Louis Dionne): (authored by dim).
Merge commit 382f70a877f0 from llvm-project (by Louis Dionne):
gordon committed rG0892dff10444: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
Jun 17 2024
Jun 17 2024
Seeing how CIDR has been a thing for around 30 years, erroring without a netmask is the appropriate action here.
Jun 3 2024
Jun 3 2024
gordon committed rGa68e4f7a0652: Migrate from printb to print_bits for locally defined bit fields. (authored by gordon).
Migrate from printb to print_bits for locally defined bit fields.
gordon committed rGc3e9423743d9: Move print_bits to ifconfig.c and make available to other src files. (authored by gordon).
Move print_bits to ifconfig.c and make available to other src files.
gordon updated the diff for D45441: Summary: Migrate from printb to print_bits for locally defined bit fields..
- Move print_bits to ifconfig.c and make available to other src files.
- Migrate from printb to print_bits for locally defined bit fields.
gordon updated the diff for D45441: Summary: Migrate from printb to print_bits for locally defined bit fields..
Address comments from emaste.
gordon added inline comments to D45441: Summary: Migrate from printb to print_bits for locally defined bit fields..
Jun 1 2024
Jun 1 2024
gordon requested review of D45441: Summary: Migrate from printb to print_bits for locally defined bit fields..
May 22 2024
May 22 2024
Update secteam composition.
May 7 2024
May 7 2024
gordon added inline comments to D45102: Disable ICMP (v4) redirects by default.
Apr 24 2024
Apr 24 2024
Add EN-24:09.
gordon committed rG266b3bd3f26d: Unify arc_prune_async() code, fix excessive ARC pruning (authored by mav).
Unify arc_prune_async() code, fix excessive ARC pruning
gordon committed rGbe4f1894ef39: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
Mar 28 2024
Mar 28 2024
Add EN-24:05 through EN-24:08, SA-24:03.
gordon committed rG26059a4f2c14: Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks): (authored by dim).
Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks):
gordon committed rGf07351f90aa3: if_wg: use proper barriers around pkt->p_state (authored by kevans).
if_wg: use proper barriers around pkt->p_state
gordon committed rG7a0d63c90932: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
unbound: Vendor import 1.19.1
gordon committed rG8f1f4e60ceb9: if_wg: use proper barriers around pkt->p_state (authored by kevans).
if_wg: use proper barriers around pkt->p_state
kern: fix panic with disabled ttys