User Details
User Details
- User Since
- Nov 2 2014, 4:37 PM (337 w, 6 h)
Tue, Apr 6
Tue, Apr 6
gordon committed R9:06731fae1bed: Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10. (authored by gordon).
Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10.
gordon added a comment to D26447: add deprecation notice to ftpd.
To be clear, this isn't a referendum on whether we should deprecate ftpd. We are going to deprecate it. There is no need for ftpd to live in the base system. It hasn't been a core system daemon in at least 10 years, probably closer to 15 years. The fact we had to issue an SA against it recently helps remind us of the cost we bear keeping this in tree.
Mon, Apr 5
Mon, Apr 5
Fri, Apr 2
Fri, Apr 2
gordon committed R9:417c625bf910: Update my key with a longer expiration date. (authored by gordon).
Update my key with a longer expiration date.
Mon, Mar 29
Mon, Mar 29
gordon committed R9:37e04be32de5: Update FreeBSD-SA-20:32.rtsold one more time. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold one more time.
Fix revision date.
gordon committed R9:fe2d17971277: Update FreeBSD-SA-20:32.rtsold to include additional CVE. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold to include additional CVE.
Thu, Mar 25
Thu, Mar 25
Add FreeBSD-SA-21:07.openssl.
gordon committed R10:af61348d61f5: Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version. (authored by gordon).
Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version.
gordon committed R10:c9b4e5e9ae39: Add UPDATING entry for OpenSSL advisory and bump version number. (authored by gordon).
Add UPDATING entry for OpenSSL advisory and bump version number.
Feb 24 2021
Feb 24 2021
gordon committed R9:516370df6584: Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06. (authored by gordon).
Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06.
Jan 29 2021
Jan 29 2021
Fix typo in patch uri.
Fixup incorrect reference to a git URI.
gordon committed R9:9030a72250f2: Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02. (authored by gordon).
Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02.
Dec 14 2020
Dec 14 2020
gordon committed R9:925bca73c9bf: Add updated text and patch for FreeBSD-SA-20:33.openssl (authored by gordon).
Add updated text and patch for FreeBSD-SA-20:33.openssl
Fix OpenSSL NULL pointer de-reference.
Dec 13 2020
Dec 13 2020
gordon committed R9:c70166e8ac6d: For my first commit, add myself to the list of FreeBSD developers. (authored by gordon).
For my first commit, add myself to the list of FreeBSD developers.
Add news item about my new commit bit.
Add my key to the handbook.
gordon committed R9:c1e967113c1d: Add Mike Makonnen for all his work making NetBSD's rc.d system a reality (authored by gordon).
Add Mike Makonnen for all his work making NetBSD's rc.d system a reality
gordon committed R9:555e861eef80: Correct spelling. My initials are GT not GW. (authored by gordon).
Correct spelling. My initials are GT not GW.
gordon committed R9:1085a904bd0e: Warner Losh did not attend in person. He called in. (authored by gordon).
Warner Losh did not attend in person. He called in.
gordon committed R9:99d0b1d09376: Document __FreeBSD_version bump as a result of dynamically-linked root (authored by gordon).
Document __FreeBSD_version bump as a result of dynamically-linked root
gordon committed R9:45fa02a1f868: Document version bump for changing /bin and /sbin to default to dynamic (authored by gordon).
Document version bump for changing /bin and /sbin to default to dynamic
Dec 8 2020
Dec 8 2020
Fix OpenSSL NULL pointer de-reference.
Dec 1 2020
Dec 1 2020
Add EN-20:19 to EN-20:22, SA-20:31, and SA-20:32.
Add UPDATING entries and bump version.
Fix multiple vulnerabilities in rtsold.
Fix ICMPv6 use-after-free in error message handling.
Fix race condition in callout CPU migration.
Fix uninitialized variable in ipfw.
Update timezone database information.
Fix execve/fexecve system call auditing.
Oct 23 2020
Oct 23 2020
gordon committed rS366979: Add 12.2-RELEASE configuration..
Add 12.2-RELEASE configuration.
Oct 16 2020
Oct 16 2020
Oct 9 2020
Oct 9 2020
Change job handling to use the same construct I moved to later.
Oct 2 2020
Oct 2 2020
Sep 25 2020
Sep 25 2020
Sep 18 2020
Sep 18 2020
Sep 16 2020
Sep 16 2020
Sep 15 2020
Sep 15 2020
Add UPDATING entries and bump version.
Fix ftpd privilege escalation via ftpchroot.
gordon committed rS365780: Fix bhyve SVM guest escape..
Fix bhyve SVM guest escape.
Fix bhyve privilege escalation via VMCS access.
Fix ure device driver susceptible to packet-in-packet attack.
Sep 14 2020
Sep 14 2020
brooks is no longer on the core team and hence not the secteam liason.
gordon committed rS365720: Partially revert r346018 and use the if/then construct instead of shell..
Partially revert r346018 and use the if/then construct instead of shell.
Sep 13 2020
Sep 13 2020
Rework wait logic and add additional output.
Sep 12 2020
Sep 12 2020
Add additional output to show we are actually doing something.
Forgot to add the wait to the end of the script.
Add needed patch for 12.2-BETA1 to prevent spurious changes through
Sep 11 2020
Sep 11 2020
gordon committed rS365635: Add 12.2-BETA1 configuration..
Add 12.2-BETA1 configuration.
Sep 6 2020
Sep 6 2020
Update credits to include Moshe Kol.
Sep 3 2020
Sep 3 2020
Add missing credit for Henrique L. Amorim.
Exclude mandoc.db from freebsd-update data
LGTM
Sep 2 2020
Sep 2 2020
Add EN-20:17, EN-20:18, and SA-20:24 to SA-20:26.
Add UPDATING entries and bump version.
gordon committed rS365257: Fix dhclient heap overflow..
Fix dhclient heap overflow.
gordon committed rS365256: Fix SCTP socket use-after-free..
Fix SCTP socket use-after-free.
Fix IPv6 Hop-by-Hop options use-after-free.
Fix getfsstat compatibility system call panic.
Fix FreeBSD Linux ABI kernel panic.
gordon added inline comments to D26225: add an entry for X.509 certificate subjAltName otherName field.
Aug 7 2020
Aug 7 2020
Aug 5 2020
Aug 5 2020
Add EN-20:16 and SA-20:21 through SA-20:23.
Add UPDATING entries and bump version.
Fix sendmsg(2) privilege escalation.
Fix multiple vulnerabilities in sqlite3.
Fix memory corruption in USB network device drivers.
Fix vmx driver packet loss and degraded performance.
Jul 9 2020
Jul 9 2020
gordon committed rD54322: Fix the patch urls (pki -> kpi)..
Fix the patch urls (pki -> kpi).
Jul 8 2020
Jul 8 2020
Add EN-20:13 through EN-20:15, and SA-20:18 through SA-20:20.
Up my size limit due to large patches (unbound).
Add UPDATING entries and bump version.
Fix multiple vulnerabilities in unbound.
Fix multiple vulnerabilities in unbound.
Fix multiple vulnerabilities in unbound.
Fix IPv6 socket option race condition and use after free.
Fix posix_spawnp(3) buffer overflow.
Fix kernel panic in mps(4) driver.
Fix kernel panic in LinuxKPI subsystem.
Fix host crash in bhyve with PCI device passthrough.
Jun 30 2020
Jun 30 2020
I think this looks good to me. @kib, can you weigh in on the symbol versioning being used here? Should we also update the Symbol.map file as well? What's the protocol around that look like?
Jun 29 2020
Jun 29 2020
gordon added a comment to D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.
gordon added a comment to D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.
This feels heavy handed (abort and KILL). Would we be better to mirror the actual API and return NULL to indicate this doesn't work?
Jun 25 2020
Jun 25 2020
Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility.
gordon requested review of D25451: Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility..
Jun 23 2020
Jun 23 2020
gordon requested review of D24824: Add proper links for the html output of vuln.xml..
gordon requested review of D24945: Turn off SSLv3..