User Details
User Details
- User Since
- Nov 2 2014, 4:37 PM (493 w, 4 d)
Thu, Mar 28
Thu, Mar 28
Add EN-24:05 through EN-24:08, SA-24:03.
gordon committed rG26059a4f2c14: Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks): (authored by dim).
Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks):
gordon committed rGf07351f90aa3: if_wg: use proper barriers around pkt->p_state (authored by kevans).
if_wg: use proper barriers around pkt->p_state
gordon committed rG7a0d63c90932: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
unbound: Vendor import 1.19.1
gordon committed rG8f1f4e60ceb9: if_wg: use proper barriers around pkt->p_state (authored by kevans).
if_wg: use proper barriers around pkt->p_state
kern: fix panic with disabled ttys
gordon committed rGf5ac4e174fdd: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
unbound: Vendor import 1.19.1
gordon committed rGc48fe39ad139: kerberos5: Mitigate the possibility of using an old libcrypto (authored by cy).
kerberos5: Mitigate the possibility of using an old libcrypto
gordon committed rGaaf2c7fdb81a: kerberos: Fix numerous segfaults when using weak crypto (authored by cy).
kerberos: Fix numerous segfaults when using weak crypto
gordon committed rG711422d54795: Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks): (authored by dim).
Merge commit f800c1f3b207 from llvm-project (by Arthur Eubanks):
gordon committed rG56be7cd84447: if_wg: use proper barriers around pkt->p_state (authored by kevans).
if_wg: use proper barriers around pkt->p_state
gordon committed rGd338712beb16: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
kern: fix panic with disabled ttys
Tue, Mar 26
Tue, Mar 26
gordon committed R9:b15cab669f10: We typically use end of the month, not beginning of the month. (authored by gordon).
We typically use end of the month, not beginning of the month.
gordon committed R9:1d175114a6fe: Add 13.3-RELEASE to the security supported table. (authored by gordon).
Add 13.3-RELEASE to the security supported table.
Feb 14 2024
Feb 14 2024
gordon committed R9:a5fb70baa2dc: Update 13.2-STABLE -> 13.3-STABLE based on the commit date. (authored by gordon).
Update 13.2-STABLE -> 13.3-STABLE based on the commit date.
Actually add the SA/EN texts.
gordon committed R9:9689ea6c825a: Add EN-24:01 through EN-24:04, SA-24:01, and SA-24:02. (authored by gordon).
Add EN-24:01 through EN-24:04, SA-24:01, and SA-24:02.
jail: Fix information leak.
bhyveload: use a dirfd to support -h
gordon committed rG154dedade465: EVFILT_SIGNAL: do not use target process pointer on detach (authored by kib).
EVFILT_SIGNAL: do not use target process pointer on detach
gordon committed rG9deb5ca77beb: setusercontext(): Apply personal settings only on matching effective UID (authored by olce).
setusercontext(): Apply personal settings only on matching effective UID
contrib/tzdata: import tzdata 2024a
contrib/tzdata: import tzdata 2023d
gordon committed rG326f58eade21: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
jail: Fix information leak.
bhyveload: use a dirfd to support -h
inpcb: reoder inpcb destruction
gordon committed rGbb06104dce0b: EVFILT_SIGNAL: do not use target process pointer on detach (authored by kib).
EVFILT_SIGNAL: do not use target process pointer on detach
contrib/tzdata: import tzdata 2023d
gordon committed rGc2a9cfc55046: setusercontext(): Apply personal settings only on matching effective UID (authored by olce).
setusercontext(): Apply personal settings only on matching effective UID
contrib/tzdata: import tzdata 2024a
gordon committed rG9d0e3b306e38: Add UPDATING entries and bump the branch version. (authored by gordon).
Add UPDATING entries and bump the branch version.
Dec 26 2023
Dec 26 2023
gordon committed R11:7627c9552c47: security/openssh-portable: Make HPN as BROKEN. (authored by gordon).
security/openssh-portable: Make HPN as BROKEN.
security/openssh-portable: Update to 9.6p1
Dec 22 2023
Dec 22 2023
gordon committed R9:43457adc9a18: Update expiration date on existing keys for security-officer. (authored by gordon).
Update expiration date on existing keys for security-officer.
Dec 20 2023
Dec 20 2023
Correct details on path.
gordon requested review of D43132: Update to openssh-portable v9.6p1..
Dec 19 2023
Dec 19 2023
Add SA-23:19.openssh.
gordon committed rG69bd68ba30c0: Implement "strict key exchange" in ssh and sshd. (authored by gordon).
Implement "strict key exchange" in ssh and sshd.
gordon committed rGc78c31d2ef40: Add an UPDATING entry and bump the branch version. (authored by gordon).
Add an UPDATING entry and bump the branch version.
gordon committed rG4edf3b80733e: Add an UPDATING entry and bump the branch version. (authored by gordon).
Add an UPDATING entry and bump the branch version.
gordon committed rGb9856d61e99d: Implement "strict key exchange" in ssh and sshd. (authored by gordon).
Implement "strict key exchange" in ssh and sshd.
Dec 18 2023
Dec 18 2023
gordon committed rG3bafcb9744c9: Implement "strict key exchange" in ssh and sshd. (authored by gordon).
Implement "strict key exchange" in ssh and sshd.
gordon committed rG673d1ead65c9: Implement "strict key exchange" in ssh and sshd. (authored by gordon).
Implement "strict key exchange" in ssh and sshd.
gordon committed rG92f58c69a14c: Implement "strict key exchange" in ssh and sshd. (authored by gordon).
Implement "strict key exchange" in ssh and sshd.
Vendor import of OpenSSH 9.6p1
Dec 12 2023
Dec 12 2023
Add SA-23:18.nfsclient.
Dec 5 2023
Dec 5 2023
Add EN-23:17 through EN-23:22 and SA-23:17.
Update EN-23:15 for 13.2.
Dec 1 2023
Dec 1 2023
Fix typo in the commit hash.
Add EN-23:15 and EN-23:16.
gordon committed rG7769487a50ff: dnode_is_dirty: check dnode and its data for dirtiness (authored by rob.norris_klarasystems.com).
dnode_is_dirty: check dnode and its data for dirtiness
gordon committed rG0bb76997ce58: zfs: cherry-pick commit from master (authored by rob.norris_klarasystems.com).
zfs: cherry-pick commit from master
gordon committed rG154870526943: zfs: cherry-pick commit from master (authored by rob.norris_klarasystems.com).
zfs: cherry-pick commit from master
zfs: cherry-pick commit from master
Add UPDATING entries and bump version.
Add UPDATING entries and bump version.
Add UPDATING entries and bump version.
gordon committed rG8c25d614b8c9: zfs: cherry-pick commit from master (authored by rob.norris_klarasystems.com).
zfs: cherry-pick commit from master
gordon committed rG78b4c762b20b: compiler-rt: avoid segfaults when re-exec'ing with ASLR (authored by dim).
compiler-rt: avoid segfaults when re-exec'ing with ASLR
Nov 29 2023
Nov 29 2023
Fix correction dates/revisions on SA-23:15.
Nov 8 2023
Nov 8 2023
gordon added inline comments to D42506: Document dropping i386 support for SAs and ENs for FreeBSD 14.
gordon committed R9:4c85a69d0f11: Add EN-23:13, EN-23:14, SA-23:15, and SA-23:16. (authored by gordon).
Add EN-23:13, EN-23:14, SA-23:15, and SA-23:16.
Nov 3 2023
Nov 3 2023
Vendor import of pam_passwdqc v2.0.3.
gordon added a comment to D42449: Check to see if ZFS is available before invoking bectl.
I mostly just noticed this on a fresh UFS based install. Do you think it would be good to have both checks (one in bectl and one in freebsd-update)?
Nov 2 2023
Nov 2 2023
gordon added a reviewer for D42449: Check to see if ZFS is available before invoking bectl: allanjude.
gordon added reviewers for D42449: Check to see if ZFS is available before invoking bectl: emaste, kevans.
gordon requested review of D42449: Check to see if ZFS is available before invoking bectl.
Oct 3 2023
Oct 3 2023
gordon committed R9:802acbe255a5: Update EN-23:09 and add EN-23:12, SA-23:12 through SA-23:14. (authored by gordon).
Update EN-23:09 and add EN-23:12, SA-23:12 through SA-23:14.
gordon committed rG0eb6c273622d: freebsd-update: handle file -> directory on upgrade (authored by emaste).
freebsd-update: handle file -> directory on upgrade
gordon committed rG485912e051bb: arm64: Fix errata workarounds that depend on smccc (authored by andrew).
arm64: Fix errata workarounds that depend on smccc
gordon committed rG193b7e3d0af5: freebsd-update: Fix merging already-updated files (authored by cperciva).
freebsd-update: Fix merging already-updated files
gordon committed rG2d23f6c33431: copy_file_range: require CAP_SEEK capability (authored by oshogbo).
copy_file_range: require CAP_SEEK capability
Add UPDATING entries and bump version.
gordon committed rGbb2ccf50d7f7: msdosfs: zero partially valid extended cluster (authored by gordon).
msdosfs: zero partially valid extended cluster
Add UPDATING entries and bump version.
gordon committed rG7d08a7e6908b: msdosfs: zero partially valid extended cluster (authored by gordon).
msdosfs: zero partially valid extended cluster
gordon committed rGcfb624d7e250: freebsd-update: handle file -> directory on upgrade (authored by emaste).
freebsd-update: handle file -> directory on upgrade
Sep 27 2023
Sep 27 2023
This has enough guard rails that even someone doing something incredibly silly (BASEDIR set to "-r /" would be relatively protected. LGTM.
Sep 9 2023
Sep 9 2023
gordon accepted D26447: add deprecation notice to ftpd.
While I understand there is a lot of passion around ftpd, the reality is the world has moved on and ftp is in the dustbin of history. All major web browsers have dropped support for the protocol entirely, over 2 years ago in fact.
Sep 6 2023
Sep 6 2023
gordon committed R9:34e274ecb610: Add EN-23:09 through EN-23:11, SA-23:10 and SA-23:11. (authored by gordon).
Add EN-23:09 through EN-23:11, SA-23:10 and SA-23:11.
pf: handle multiple IPv6 fragment headers
gordon committed rGe80d2d894ff1: pcib: Allocate the memory BAR with the MSI-X table. (authored by jhb).
pcib: Allocate the memory BAR with the MSI-X table.
gordon committed rG0b39d9de2e71: freebsd-update: Fix merging already-updated files (authored by cperciva).
freebsd-update: Fix merging already-updated files
caroot: add new certs
pf: handle multiple IPv6 fragment headers
Add UPDATING entries and bump version.
gordon committed rGe020f9602809: net80211: fail for unicast traffic without unicast key (authored by domienschepers <schepers.d@northeastern.edu>).
net80211: fail for unicast traffic without unicast key
Add UPDATING entries and bump version.
gordon committed rG7f34ee7cc56b: net80211: fail for unicast traffic without unicast key (authored by domienschepers <schepers.d@northeastern.edu>).
net80211: fail for unicast traffic without unicast key
Aug 1 2023
Aug 1 2023
gordon committed R9:80a22168a18d: Update SA-23:04.pam_krb5 with a pointer to SA-23:09.pam_krb5. (authored by gordon).
Update SA-23:04.pam_krb5 with a pointer to SA-23:09.pam_krb5.
Add EN-23:08 and SA-23:06 through SA-23:09.
Jun 21 2023
Jun 21 2023
gordon committed R9:062b6a21b63e: Add EN-23:05 to EN-23:07, SA-23:04, and SA-23:05. (authored by gordon).
Add EN-23:05 to EN-23:07, SA-23:04, and SA-23:05.
mpr: fix copying of event_mask
mpr: fix copying of event_mask
pam_krb5: Fix spoofing vulnerability