User Details
User Details
- User Since
- Nov 2 2014, 4:37 PM (364 w, 2 d)
Aug 25 2021
Aug 25 2021
gordon committed R9:fcb8b2e379ce: Update template to have NNNNNN instead of XXXXXX. (authored by gordon).
Update template to have NNNNNN instead of XXXXXX.
Aug 24 2021
Aug 24 2021
Correct URL for patch.
gordon committed R9:0f385ddd4d39: Add EN-21:23 to EN-21:25 and SA-21:13 to SA-21:17. (authored by gordon).
Add EN-21:23 to EN-21:25 and SA-21:13 to SA-21:17.
Add UPDATING entries and bump version.
Fix multiple vulnerabilities in OpenSSL.
Fix remote code execution in ggatec(8).
Fix libfetch out of bounds read.
Add UPDATING entries and bump version
gordon committed R10:a7db88b5db58: Fix missing error handling in bhyve(8) device models. (authored by gordon).
Fix missing error handling in bhyve(8) device models.
Fix multiple vulnerabilities in OpenSSL.
Fix multiple OpenSSL vulnerabilities.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
gordon committed R10:b6dad073f555: Fix missing error handling in bhyve(8) device models. (authored by gordon).
Fix missing error handling in bhyve(8) device models.
Fix NVMe iovec construction for large IOs.
gordon committed R10:01819b58294a: Fix OpenSSL 1.1.1e API functions not being exported. (authored by gordon).
Fix OpenSSL 1.1.1e API functions not being exported.
Add UPDATING entries and bump version.
Fix multiple OpenSSL vulnerabilities.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
gordon committed R10:ec08bc89d4b3: Fix missing error handling in bhyve(8) device models. (authored by gordon).
Fix missing error handling in bhyve(8) device models.
Fix NVMe iovec construction for large IOs.
gordon committed R10:3ef67fed446a: Fix OpenSSL 1.1.1e API functions not being exported. (authored by gordon).
Fix OpenSSL 1.1.1e API functions not being exported.
gordon committed R10:f66e34809906: Fix virtio_blk(4) failing to attach on some hypervisors. (authored by gordon).
Fix virtio_blk(4) failing to attach on some hypervisors.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
Fix multiple OpenSSL vulnerabilities.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
Fix multiple OpenSSL vulnerabilities.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
Fix multiple OpenSSL vulnerabilities.
Fix libfetch out of bounds read.
Fix remote code execution in ggatec(8).
Jun 30 2021
Jun 30 2021
Add EN-21:18 through EN-21:22.
Jun 27 2021
Jun 27 2021
gordon added a comment to D30807: rename /usr/share/certs/blacklisted.
I agree with the three state model. Trusted, untrusted, and distrusted are fine. But for non-native English speakers, that nuance between un- and dis- may be too difficult. How about knownbad?
Jun 17 2021
Jun 17 2021
Jun 15 2021
Jun 15 2021
Jun 1 2021
Jun 1 2021
Add EN-21:17.
May 27 2021
May 27 2021
gordon committed R9:72551dc01164: Add EN-21:11 to EN-21:16, SA-21:11, and SA-21:12. (authored by gordon).
Add EN-21:11 to EN-21:16, SA-21:11, and SA-21:12.
Apr 6 2021
Apr 6 2021
gordon committed R9:06731fae1bed: Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10. (authored by gordon).
Add EN-21:09, EN-21:10, and SA-21:08 through SA-21:10.
gordon added a comment to D26447: add deprecation notice to ftpd.
To be clear, this isn't a referendum on whether we should deprecate ftpd. We are going to deprecate it. There is no need for ftpd to live in the base system. It hasn't been a core system daemon in at least 10 years, probably closer to 15 years. The fact we had to issue an SA against it recently helps remind us of the cost we bear keeping this in tree.
Apr 5 2021
Apr 5 2021
Apr 2 2021
Apr 2 2021
gordon committed R9:417c625bf910: Update my key with a longer expiration date. (authored by gordon).
Update my key with a longer expiration date.
Mar 29 2021
Mar 29 2021
gordon committed R9:37e04be32de5: Update FreeBSD-SA-20:32.rtsold one more time. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold one more time.
Fix revision date.
gordon committed R9:fe2d17971277: Update FreeBSD-SA-20:32.rtsold to include additional CVE. (authored by gordon).
Update FreeBSD-SA-20:32.rtsold to include additional CVE.
Mar 25 2021
Mar 25 2021
Add FreeBSD-SA-21:07.openssl.
gordon committed R10:af61348d61f5: Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version. (authored by gordon).
Fix multiple OpenSSL vulnerabilities. Add UPDATING and bump version.
gordon committed R10:c9b4e5e9ae39: Add UPDATING entry for OpenSSL advisory and bump version number. (authored by gordon).
Add UPDATING entry for OpenSSL advisory and bump version number.
Feb 24 2021
Feb 24 2021
gordon committed R9:516370df6584: Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06. (authored by gordon).
Add EN-21:06 to EN-21:08 and SA-21:03 to SA-21:06.
Jan 29 2021
Jan 29 2021
Fix typo in patch uri.
Fixup incorrect reference to a git URI.
gordon committed R9:9030a72250f2: Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02. (authored by gordon).
Add EN-21:01 to EN-21:05, SA-21:01, and SA-21:02.
Dec 14 2020
Dec 14 2020
gordon committed R9:925bca73c9bf: Add updated text and patch for FreeBSD-SA-20:33.openssl (authored by gordon).
Add updated text and patch for FreeBSD-SA-20:33.openssl
Fix OpenSSL NULL pointer de-reference.
Dec 13 2020
Dec 13 2020
gordon committed R9:c70166e8ac6d: For my first commit, add myself to the list of FreeBSD developers. (authored by gordon).
For my first commit, add myself to the list of FreeBSD developers.
Add news item about my new commit bit.
Add my key to the handbook.
gordon committed R9:c1e967113c1d: Add Mike Makonnen for all his work making NetBSD's rc.d system a reality (authored by gordon).
Add Mike Makonnen for all his work making NetBSD's rc.d system a reality
gordon committed R9:555e861eef80: Correct spelling. My initials are GT not GW. (authored by gordon).
Correct spelling. My initials are GT not GW.
gordon committed R9:1085a904bd0e: Warner Losh did not attend in person. He called in. (authored by gordon).
Warner Losh did not attend in person. He called in.
gordon committed R9:99d0b1d09376: Document __FreeBSD_version bump as a result of dynamically-linked root (authored by gordon).
Document __FreeBSD_version bump as a result of dynamically-linked root
gordon committed R9:45fa02a1f868: Document version bump for changing /bin and /sbin to default to dynamic (authored by gordon).
Document version bump for changing /bin and /sbin to default to dynamic
Dec 8 2020
Dec 8 2020
Fix OpenSSL NULL pointer de-reference.
Dec 1 2020
Dec 1 2020
Add EN-20:19 to EN-20:22, SA-20:31, and SA-20:32.
Add UPDATING entries and bump version.
Fix multiple vulnerabilities in rtsold.
Fix ICMPv6 use-after-free in error message handling.
Fix race condition in callout CPU migration.
Fix uninitialized variable in ipfw.
Update timezone database information.
Fix execve/fexecve system call auditing.
Oct 23 2020
Oct 23 2020
gordon committed rS366979: Add 12.2-RELEASE configuration..
Add 12.2-RELEASE configuration.
Oct 16 2020
Oct 16 2020
Oct 9 2020
Oct 9 2020
Change job handling to use the same construct I moved to later.
Oct 2 2020
Oct 2 2020
Sep 25 2020
Sep 25 2020
Sep 18 2020
Sep 18 2020
Sep 16 2020
Sep 16 2020
Sep 15 2020
Sep 15 2020
Add UPDATING entries and bump version.
Fix ftpd privilege escalation via ftpchroot.
gordon committed rS365780: Fix bhyve SVM guest escape..
Fix bhyve SVM guest escape.
Fix bhyve privilege escalation via VMCS access.
Fix ure device driver susceptible to packet-in-packet attack.
Sep 14 2020
Sep 14 2020
brooks is no longer on the core team and hence not the secteam liason.
gordon committed rS365720: Partially revert r346018 and use the if/then construct instead of shell..
Partially revert r346018 and use the if/then construct instead of shell.
Sep 13 2020
Sep 13 2020
Rework wait logic and add additional output.
Sep 12 2020
Sep 12 2020
Add additional output to show we are actually doing something.
Forgot to add the wait to the end of the script.
Add needed patch for 12.2-BETA1 to prevent spurious changes through
Sep 11 2020
Sep 11 2020
gordon committed rS365635: Add 12.2-BETA1 configuration..
Add 12.2-BETA1 configuration.