Page MenuHomeFreeBSD

gordon (Gordon Tetlow)
User

Projects

User Details

User Since
Nov 2 2014, 4:37 PM (337 w, 6 h)

Recent Activity

Tue, Apr 6

gordon committed R9:06731fae1bed: Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10. (authored by gordon).
Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10.
Tue, Apr 6, 8:14 PM
gordon added a comment to D26447: add deprecation notice to ftpd.

To be clear, this isn't a referendum on whether we should deprecate ftpd. We are going to deprecate it. There is no need for ftpd to live in the base system. It hasn't been a core system daemon in at least 10 years, probably closer to 15 years. The fact we had to issue an SA against it recently helps remind us of the cost we bear keeping this in tree.

Tue, Apr 6, 7:36 PM
gordon accepted D29608: Add arm64 to freebsd-update section in advisory templates.
Tue, Apr 6, 4:02 PM
gordon added a member for secteam: markj.
Tue, Apr 6, 4:00 PM

Mon, Apr 5

gordon accepted D29575: freebsd-update: improve mandoc db generation.
Mon, Apr 5, 2:57 PM

Fri, Apr 2

gordon committed R9:417c625bf910: Update my key with a longer expiration date. (authored by gordon).
Update my key with a longer expiration date.
Fri, Apr 2, 3:16 AM

Mon, Mar 29

gordon committed R9:37e04be32de5: Update FreeBSD-SA-20:32.rtsold one more time. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold one more time.
Mon, Mar 29, 8:43 PM
gordon committed R9:05b399fb7b74: Fix revision date. (authored by gordon).
Fix revision date.
Mon, Mar 29, 7:06 PM
gordon committed R9:fe2d17971277: Update FreeBSD-SA-20:32.rtsold to include additional CVE. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold to include additional CVE.
Mon, Mar 29, 6:59 PM

Thu, Mar 25

gordon committed R9:98ec8b7512c6: Add FreeBSD-SA-21:07.openssl. (authored by gordon).
Add FreeBSD-SA-21:07.openssl.
Thu, Mar 25, 11:56 PM
gordon committed R10:af61348d61f5: Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version. (authored by gordon).
Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version.
Thu, Mar 25, 11:45 PM
gordon committed R10:c9b4e5e9ae39: Add UPDATING entry for OpenSSL advisory and bump version number. (authored by gordon).
Add UPDATING entry for OpenSSL advisory and bump version number.
Thu, Mar 25, 11:45 PM

Feb 24 2021

gordon committed R9:516370df6584: Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06. (authored by gordon).
Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06.
Feb 24 2021, 5:54 AM

Jan 29 2021

gordon committed R9:ee892c779a71: Fix typo in patch uri. (authored by gordon).
Fix typo in patch uri.
Jan 29 2021, 6:46 PM
gordon committed R9:b9a98e5a01d9: Fixup incorrect reference to a git URI. (authored by gordon).
Fixup incorrect reference to a git URI.
Jan 29 2021, 2:34 AM
gordon committed R9:9030a72250f2: Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02. (authored by gordon).
Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02.
Jan 29 2021, 2:19 AM

Dec 14 2020

gordon committed R9:925bca73c9bf: Add updated text and patch for FreeBSD-SA-20:33.openssl (authored by gordon).
Add updated text and patch for FreeBSD-SA-20:33.openssl
Dec 14 2020, 9:30 PM
gordon committed rS368643: Fix OpenSSL NULL pointer de-reference..
Fix OpenSSL NULL pointer de-reference.
Dec 14 2020, 9:21 PM

Dec 13 2020

gordon committed R9:c70166e8ac6d: For my first commit, add myself to the list of FreeBSD developers. (authored by gordon).
For my first commit, add myself to the list of FreeBSD developers.
Dec 13 2020, 7:22 PM
gordon committed R9:4208f04efd51: Add news item about my new commit bit. (authored by gordon).
Add news item about my new commit bit.
Dec 13 2020, 7:22 PM
gordon committed R9:7c26bef8dbfd: Add my key to the handbook. (authored by gordon).
Add my key to the handbook.
Dec 13 2020, 7:21 PM
gordon committed R9:c1e967113c1d: Add Mike Makonnen for all his work making NetBSD's rc.d system a reality (authored by gordon).
Add Mike Makonnen for all his work making NetBSD's rc.d system a reality
Dec 13 2020, 7:21 PM
gordon committed R9:555e861eef80: Correct spelling. My initials are GT not GW. (authored by gordon).
Correct spelling. My initials are GT not GW.
Dec 13 2020, 7:18 PM
gordon committed R9:1085a904bd0e: Warner Losh did not attend in person. He called in. (authored by gordon).
Warner Losh did not attend in person. He called in.
Dec 13 2020, 7:18 PM
gordon committed R9:99d0b1d09376: Document __FreeBSD_version bump as a result of dynamically-linked root (authored by gordon).
Document __FreeBSD_version bump as a result of dynamically-linked root
Dec 13 2020, 7:00 PM
gordon committed R9:45fa02a1f868: Document version bump for changing /bin and /sbin to default to dynamic (authored by gordon).
Document version bump for changing /bin and /sbin to default to dynamic
Dec 13 2020, 6:55 PM

Dec 8 2020

gordon committed rS368463: Fix OpenSSL NULL pointer de-reference..
Fix OpenSSL NULL pointer de-reference.
Dec 8 2020, 7:10 PM

Dec 1 2020

gordon committed rD54726: Add EN-20:19 to EN-20:22, SA-20:31, and SA-20:32..
Add EN-20:19 to EN-20:22, SA-20:31, and SA-20:32.
Dec 1 2020, 7:54 PM
gordon committed rS368257: Add UPDATING entries and bump version..
Add UPDATING entries and bump version.
Dec 1 2020, 7:41 PM
gordon committed rS368256: Fix multiple vulnerabilities in rtsold..
Fix multiple vulnerabilities in rtsold.
Dec 1 2020, 7:39 PM
gordon committed rS368255: Fix ICMPv6 use-after-free in error message handling..
Fix ICMPv6 use-after-free in error message handling.
Dec 1 2020, 7:38 PM
gordon committed rS368254: Fix race condition in callout CPU migration..
Fix race condition in callout CPU migration.
Dec 1 2020, 7:37 PM
gordon committed rS368252: Fix uninitialized variable in ipfw..
Fix uninitialized variable in ipfw.
Dec 1 2020, 7:36 PM
gordon committed rS368251: Update timezone database information..
Update timezone database information.
Dec 1 2020, 7:35 PM
gordon committed rS368249: Fix execve/fexecve system call auditing..
Fix execve/fexecve system call auditing.
Dec 1 2020, 7:34 PM

Oct 23 2020

gordon committed rS366979: Add 12.2-RELEASE configuration..
Add 12.2-RELEASE configuration.
Oct 23 2020, 6:29 PM

Oct 16 2020

gordon committed rS366772: Add 12.2-RC3..
Add 12.2-RC3.
Oct 16 2020, 8:57 PM

Oct 9 2020

gordon committed rS366586: Change job handling to use the same construct I moved to later..
Change job handling to use the same construct I moved to later.
Oct 9 2020, 8:30 PM
gordon committed rS366585: Add 12.2-RC2..
Add 12.2-RC2.
Oct 9 2020, 8:29 PM

Oct 2 2020

gordon committed rS366383: Add 12.2-RC1.
Add 12.2-RC1
Oct 2 2020, 9:16 PM

Sep 25 2020

gordon committed rS366172: Add 12.2-BETA3..
Add 12.2-BETA3.
Sep 25 2020, 8:39 PM

Sep 18 2020

gordon committed rS365885: Add 12.2-BETA2 profile..
Add 12.2-BETA2 profile.
Sep 18 2020, 3:51 PM

Sep 16 2020

gordon accepted D26447: add deprecation notice to ftpd.
Sep 16 2020, 5:24 PM

Sep 15 2020

gordon committed rD54498: Add SA-20:27 to SA-20:30..
Add SA-20:27 to SA-20:30.
Sep 15 2020, 10:00 PM
gordon committed rS365782: Add UPDATING entries and bump version..
Add UPDATING entries and bump version.
Sep 15 2020, 9:49 PM
gordon committed rS365781: Fix ftpd privilege escalation via ftpchroot..
Fix ftpd privilege escalation via ftpchroot.
Sep 15 2020, 9:48 PM
gordon committed rS365780: Fix bhyve SVM guest escape..
Fix bhyve SVM guest escape.
Sep 15 2020, 9:46 PM
gordon committed rS365779: Fix bhyve privilege escalation via VMCS access..
Fix bhyve privilege escalation via VMCS access.
Sep 15 2020, 9:44 PM
gordon committed rS365778: Fix ure device driver susceptible to packet-in-packet attack..
Fix ure device driver susceptible to packet-in-packet attack.
Sep 15 2020, 9:42 PM

Sep 14 2020

gordon committed rD54490: brooks is no longer on the core team and hence not the secteam liason..
brooks is no longer on the core team and hence not the secteam liason.
Sep 14 2020, 8:59 PM
gordon committed rS365720: Partially revert r346018 and use the if/then construct instead of shell..
Partially revert r346018 and use the if/then construct instead of shell.
Sep 14 2020, 2:45 PM

Sep 13 2020

gordon committed rS365679: Rework wait logic and add additional output..
Rework wait logic and add additional output.
Sep 13 2020, 12:17 AM

Sep 12 2020

gordon committed rS365676: Add additional output to show we are actually doing something..
Add additional output to show we are actually doing something.
Sep 12 2020, 11:23 PM
gordon committed rS365675: Forgot to add the wait to the end of the script..
Forgot to add the wait to the end of the script.
Sep 12 2020, 11:06 PM
gordon committed rS365674: Add parallelization..
Add parallelization.
Sep 12 2020, 11:04 PM
gordon committed rS365660: Add needed patch for 12.2-BETA1 to prevent spurious changes through.
Add needed patch for 12.2-BETA1 to prevent spurious changes through
Sep 12 2020, 3:19 PM

Sep 11 2020

gordon committed rS365635: Add 12.2-BETA1 configuration..
Add 12.2-BETA1 configuration.
Sep 11 2020, 4:03 PM

Sep 6 2020

gordon committed rD54466: Update credits to include Moshe Kol..
Update credits to include Moshe Kol.
Sep 6 2020, 3:44 PM

Sep 3 2020

gordon committed rD54462: Add missing credit for Henrique L. Amorim..
Add missing credit for Henrique L. Amorim.
Sep 3 2020, 7:25 PM
gordon closed D26187: Exclude mandoc.db from freebsd-update data.
Sep 3 2020, 3:58 PM
gordon committed rS365303: Exclude mandoc.db from freebsd-update data.
Exclude mandoc.db from freebsd-update data
Sep 3 2020, 3:58 PM
gordon accepted D26225: add an entry for X.509 certificate subjAltName otherName field.

LGTM

Sep 3 2020, 3:28 AM

Sep 2 2020

gordon committed rD54452: Add EN-20:17, EN-20:18, and SA-20:24 to SA-20:26..
Add EN-20:17, EN-20:18, and SA-20:24 to SA-20:26.
Sep 2 2020, 4:54 PM
gordon committed rS365258: Add UPDATING entries and bump version..
Add UPDATING entries and bump version.
Sep 2 2020, 4:29 PM
gordon committed rS365257: Fix dhclient heap overflow..
Fix dhclient heap overflow.
Sep 2 2020, 4:25 PM
gordon committed rS365256: Fix SCTP socket use-after-free..
Fix SCTP socket use-after-free.
Sep 2 2020, 4:24 PM
gordon committed rS365255: Fix IPv6 Hop-by-Hop options use-after-free..
Fix IPv6 Hop-by-Hop options use-after-free.
Sep 2 2020, 4:23 PM
gordon committed rS365254: Fix getfsstat compatibility system call panic..
Fix getfsstat compatibility system call panic.
Sep 2 2020, 4:22 PM
gordon committed rS365253: Fix FreeBSD Linux ABI kernel panic..
Fix FreeBSD Linux ABI kernel panic.
Sep 2 2020, 4:21 PM
gordon added inline comments to D26225: add an entry for X.509 certificate subjAltName otherName field.
Sep 2 2020, 5:33 AM

Aug 7 2020

gordon committed rD54414: Correct URLs for patches..
Correct URLs for patches.
Aug 7 2020, 8:35 PM

Aug 5 2020

gordon committed rD54399: Add EN-20:16 and SA-20:21 through SA-20:23..
Add EN-20:16 and SA-20:21 through SA-20:23.
Aug 5 2020, 5:31 PM
gordon committed rS363924: Add UPDATING entries and bump version..
Add UPDATING entries and bump version.
Aug 5 2020, 5:14 PM
gordon committed rS363923: Fix sendmsg(2) privilege escalation..
Fix sendmsg(2) privilege escalation.
Aug 5 2020, 5:14 PM
gordon committed rS363922: Fix multiple vulnerabilities in sqlite3..
Fix multiple vulnerabilities in sqlite3.
Aug 5 2020, 5:14 PM
gordon committed rS363921: Fix memory corruption in USB network device drivers..
Fix memory corruption in USB network device drivers.
Aug 5 2020, 5:11 PM
gordon committed rS363920: Fix vmx driver packet loss and degraded performance..
Fix vmx driver packet loss and degraded performance.
Aug 5 2020, 5:10 PM

Jul 9 2020

gordon committed rD54322: Fix the patch urls (pki -> kpi)..
Fix the patch urls (pki -> kpi).
Jul 9 2020, 3:12 PM

Jul 8 2020

gordon committed rD54319: Add EN-20:13 through EN-20:15, and SA-20:18 through SA-20:20..
Add EN-20:13 through EN-20:15, and SA-20:18 through SA-20:20.
Jul 8 2020, 8:50 PM
gordon committed rD54318: Up my size limit due to large patches (unbound)..
Up my size limit due to large patches (unbound).
Jul 8 2020, 8:49 PM
gordon committed rS363030: Add UPDATING entries and bump version..
Add UPDATING entries and bump version.
Jul 8 2020, 8:26 PM
gordon committed rS363029: Fix multiple vulnerabilities in unbound..
Fix multiple vulnerabilities in unbound.
Jul 8 2020, 8:25 PM
gordon committed rS363028: Fix multiple vulnerabilities in unbound..
Fix multiple vulnerabilities in unbound.
Jul 8 2020, 8:23 PM
gordon committed rS363027: Fix multiple vulnerabilities in unbound..
Fix multiple vulnerabilities in unbound.
Jul 8 2020, 8:21 PM
gordon committed rS363026: Fix IPv6 socket option race condition and use after free..
Fix IPv6 socket option race condition and use after free.
Jul 8 2020, 8:11 PM
gordon committed rS363025: Fix posix_spawnp(3) buffer overflow..
Fix posix_spawnp(3) buffer overflow.
Jul 8 2020, 8:08 PM
gordon committed rS363024: Fix kernel panic in mps(4) driver..
Fix kernel panic in mps(4) driver.
Jul 8 2020, 7:58 PM
gordon committed rS363023: Fix kernel panic in LinuxKPI subsystem..
Fix kernel panic in LinuxKPI subsystem.
Jul 8 2020, 7:57 PM
gordon committed rS363022: Fix host crash in bhyve with PCI device passthrough..
Fix host crash in bhyve with PCI device passthrough.
Jul 8 2020, 7:56 PM

Jun 30 2020

gordon accepted D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.

I think this looks good to me. @kib, can you weigh in on the symbol versioning being used here? Should we also update the Symbol.map file as well? What's the protocol around that look like?

Jun 30 2020, 5:25 AM

Jun 29 2020

gordon added a comment to D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.
In D25493#563650, @cem wrote:

Do you intend to MFC OPENSSL_NO_SSL3?

Jun 29 2020, 11:57 PM
gordon added a comment to D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.
In D25493#563618, @cem wrote:

If you know of an example of some software that explicitly invokes every version it knows about (and tries SSLv3 before a TLS version), I've love to see an example.

I'd take returning NULL over the status quo, where we ship SSLv3 in 2020.

Jun 29 2020, 5:58 PM
gordon added a comment to D25493: Replace OPENSSL_NO_SSL3_METHODs with dummies.

This feels heavy handed (abort and KILL). Would we be better to mirror the actual API and return NULL to indicate this doesn't work?

Jun 29 2020, 4:14 PM

Jun 25 2020

gordon committed rS362620: Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility..
Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility.
Jun 25 2020, 7:35 PM
gordon closed D25451: Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility..
Jun 25 2020, 7:35 PM
gordon requested review of D25451: Revert OPENSSL_NO_SSL3_METHOD to keep ABI compatibility..
Jun 25 2020, 2:16 PM

Jun 23 2020

gordon requested review of D24824: Add proper links for the html output of vuln.xml..
Jun 23 2020, 3:28 AM
gordon closed D24945: Turn off SSLv3..
Jun 23 2020, 3:20 AM
gordon requested review of D24945: Turn off SSLv3..
Jun 23 2020, 3:20 AM
gordon closed D24824: Add proper links for the html output of vuln.xml..
Jun 23 2020, 3:17 AM