User Details
User Details
- User Since
- Nov 2 2014, 4:37 PM (603 w, 6 d)
Yesterday
Yesterday
website: Fix incorrect URL in EN-23:12.
Wed, May 20
Wed, May 20
Add EN-26:13 and SA-26:18 through SA-26:24.
Tue, May 19
Tue, May 19
Sun, May 3
Sun, May 3
website: Fix deeplink for how to read SAs.
Fri, May 1
Fri, May 1
gordon committed R9:b49189e12e15: Update EN/SA templates to remove 13 references. (authored by gordon).
Update EN/SA templates to remove 13 references.
website: 13.5 is now EOL.
gordon committed R9:014c319a0e8b: Fix a couple of typos and tighten up the language. (authored by gordon).
Fix a couple of typos and tighten up the language.
Add EN-26:11 and EN-26:12.
Apr 29 2026
Apr 29 2026
gordon committed R9:f8af2345e0b4: Update credit line for SA-26:13 per submitter request. (authored by gordon).
Update credit line for SA-26:13 per submitter request.
gordon committed R9:51a06c234837: Add EN-26:08 through EN-26:10 and SA-26:12 through SA-26:17. (authored by gordon).
Add EN-26:08 through EN-26:10 and SA-26:12 through SA-26:17.
Apr 28 2026
Apr 28 2026
Apr 21 2026
Apr 21 2026
Correct the 26:11 advisory to be amd64.
gordon committed R9:7eaa453c1d9d: Add EN-26:05 through EN-26:07, SA-26:10, and SA-26:11. (authored by gordon).
Add EN-26:05 through EN-26:07, SA-26:10, and SA-26:11.
Mar 26 2026
Mar 26 2026
Add SA-26:06 through SA-26:09.
gordon committed rG99ec7f9b9e48: rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate() (authored by markj).
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()
gordon committed rGe5ed09ffd592: rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate() (authored by markj).
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()
tcp: plug an mbuf leak
tcp: plug an mbuf leak
gordon committed rG1b00fdc1f3cd: rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate() (authored by markj).
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()
gordon committed rG143293c14f8d: rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate() (authored by markj).
rpcsec_gss: Fix a stack overflow in svc_rpc_gss_validate()
tcp: plug an mbuf leak
Feb 24 2026
Feb 24 2026
Add SA-26:04 and SA-26:05.
Feb 10 2026
Feb 10 2026
Add EN-26:04 and SA-26:03.
Jan 27 2026
Jan 27 2026
gordon committed R9:6b1bdbc6f2b4: Add EN-26:01 through EN-26:03, SA-26:01, and SA-26:02. (authored by gordon).
Add EN-26:01 through EN-26:03, SA-26:01, and SA-26:02.
Jan 19 2026
Jan 19 2026
gordon committed R9:5d208ecb81d6: Extend security-officer keys for another couple years. (authored by gordon).
Extend security-officer keys for another couple years.
Dec 17 2025
Dec 17 2025
gordon committed R9:3285cfd2ac60: Add EN-25:19, EN-25:20, SA-25:11, and SA-25:12. (authored by gordon).
Add EN-25:19, EN-25:20, SA-25:11, and SA-25:12.
Nov 28 2025
Nov 28 2025
Add missing comma in Credits line.
Nov 26 2025
Nov 26 2025
Add SA-25:10 and related patches.
Add UPDATING entries and bump version.
gordon committed rG9b0808259a8a: Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning. (authored by gordon).
Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning.
Add UPDATING entries and bump version.
gordon committed rG18c4eb2cc642: Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning. (authored by gordon).
Add a fix to scrub unsolicited NS RRSets to prevent cache poisoning.
Add UPDATING entry and bump version number.
gordon committed rGdabd406d99a9: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rG2aed524b2329: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rGcd40a23fb249: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rGb01f35a4e19d: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
gordon committed rG2a3a6a177114: Mitigate YXDOMAIN and nodata non-referral answer poisoning. (authored by gordon).
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
Nov 22 2025
Nov 22 2025
gordon committed rG696b0e2209ee: Add backup pkgbase signing key held by security-officer. (authored by gordon).
Add backup pkgbase signing key held by security-officer.
gordon committed rG12ec49d8fac2: Add backup pkgbase signing key held by security-officer. (authored by gordon).
Add backup pkgbase signing key held by security-officer.
gordon updated the diff for D53879: Add backup pkgbase signing key held by security-officer.
gordon retitled D53879: Add backup pkgbase signing key held by security-officer from Add security-officer pkgbase keys to build to Add backup pkgbase signing key held by security-officer.
gordon requested review of D53879: Add backup pkgbase signing key held by security-officer.
Oct 22 2025
Oct 22 2025
libc: Add "Z" as TZ designator for strptime.
libc: Add "Z" as TZ designator for strptime.
libc: Add "Z" as TZ designator for strptime.
Add SA-25:09.
Oct 15 2025
Oct 15 2025
libc: Add "Z" as TZ designator for strptime.
gordon committed R9:a3c08199268b: website: Move 14.2 to unsupported on security page. (authored by gordon).
website: Move 14.2 to unsupported on security page.
Oct 14 2025
Oct 14 2025
gordon requested review of D53083: Update strptime to accept ISO8601 timezone of "Z".
Sep 30 2025
Sep 30 2025
Add EN-25:18 and SA-25:08.
freebsd-update: Library ordering
freebsd-update: Library ordering
Add UPDATING entries and bump version.
Fix issue from OpenSSL.
Add UPDATING entries and bump version.
freebsd-update: Library ordering
Fix multiple security issues in OpenSSL.
Add UPDATING entries and bump version.
Fix multiple security issues in OpenSSL.
Fix issue from OpenSSL.
Fix multiple security issues in OpenSSL.
Fix multiple security issues in OpenSSL.
Fix multiple security issues in OpenSSL.
Sep 18 2025
Sep 18 2025
Seems fine to me. I haven't tested at all, just reviewed the change on Phab. Everything here makes as much sense as I can make out of it (take that for what you will :-)
Sep 17 2025
Sep 17 2025
gordon added a comment to D52554: OpenSSL: update Makefiles to reflect 3.5.1 release.
Looking at what should be in the legacy provider, I fell down this rabbit hole by looking at a completely stock build of 3.5.4-dev on my Mac (I should probably check on a FreeBSD system and see if it is any different, but that would require a small amount of effort and I'm about to go to a dinner) and see this list as the primary objects that end up in the legacy provider:
Sep 16 2025
Sep 16 2025
gordon added a comment to D52554: OpenSSL: update Makefiles to reflect 3.5.1 release.
How did you come up with these changes? What was the methodology that got this changeset?
Correct release patch information.
Add EN-25:15 through EN-25:17.
gordon committed rG751971e55454: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
gordon committed rG722746b39e6e: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
Add UPDATING entries and bump version.
gordon committed rGd1e981cbf3bd: vfs_syscalls.c: Fix handling of offset args for copy_file_range (authored by rmacklem).
vfs_syscalls.c: Fix handling of offset args for copy_file_range
gordon committed rG99012995b4c6: arm64: prevent panic when using syscall mux + large arg call (mmap) (authored by jmg).
arm64: prevent panic when using syscall mux + large arg call (mmap)
Add UPDATING entries and bump version.
Add UPDATING entries and bump version.
gordon committed rGc07b1838f9c9: bnxt: Fix BASE-T, 40G AOC, 1G-CX, autoneg and unknown media lists (authored by Kevin Bowling <kbowling@FreeBSD.org>).
bnxt: Fix BASE-T, 40G AOC, 1G-CX, autoneg and unknown media lists
Aug 8 2025
Aug 8 2025
Add EN-25:12 through EN-25:14 and SA-25:07.
libarchive: merge from vendor branch
gordon committed rGa3bd81ddfe29: net80211: fix TKIP trailer trimming w/ no rx parameters given (authored by adrian).
net80211: fix TKIP trailer trimming w/ no rx parameters given
gordon committed rGce4fe4c4bfcd: Add a new sysctl in order to diffrentiate UEFI architectures (authored by vexeduxr).
Add a new sysctl in order to diffrentiate UEFI architectures
libarchive: merge from vendor branch
Add UPDATING entries and bump version.
gordon committed rG97f34921d77b: route: fix `route -n monitor` when its output is redirected (authored by Oleg Streejak <oleg@pcbtech.ru>).
route: fix `route -n monitor` when its output is redirected
libarchive: merge from vendor branch
Add UPDATING entries and bump version.
gordon committed rG168703212b61: route: fix `route -n monitor` when its output is redirected (authored by Oleg Streejak <oleg@pcbtech.ru>).
route: fix `route -n monitor` when its output is redirected
Add UPDATING entries and bump version.
Jul 2 2025
Jul 2 2025
Add EN-25:09 through EN-25:11 and SA-25:06.
gordon committed rG575644144d5c: ena: Bump driver version to v2.8.1 (authored by akiyano_amazon.com).
ena: Bump driver version to v2.8.1
gordon committed rG35c2729211d9: ena: Fix misconfiguration when requesting regular LLQ (authored by darinzon_amazon.com).
ena: Fix misconfiguration when requesting regular LLQ
Add UPDATING entries and bump version.
gordon committed rGca1f7650a80d: ena: Bump driver version to v2.8.1 (authored by akiyano_amazon.com).
ena: Bump driver version to v2.8.1
gordon committed rG95e9c54b3961: Fix Use-after-free in multi-threaded xz decoder. (authored by gordon).
Fix Use-after-free in multi-threaded xz decoder.
gordon committed rG89104be0ddae: ena: Fix misconfiguration when requesting regular LLQ (authored by darinzon_amazon.com).
ena: Fix misconfiguration when requesting regular LLQ
gordon committed rG4d9c4ecf6a48: Fix corruption in ZFS replication streams from encrypted datasets. (authored by gordon).
Fix corruption in ZFS replication streams from encrypted datasets.