Index: head/share/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc	(revision 47125)
@@ -0,0 +1,134 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-15:14.bsdpatch                                   Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          shell injection vulnerability in patch(1)
+
+Category:       contrib
+Module:         patch
+Announced:      2015-07-28
+Credits:        Martin Natano
+Affects:        FreeBSD 10.x.
+Corrected:      2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
+                2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
+                2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
+                2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
+CVE Name:       CVE-2015-1416
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The patch(1) utility takes a patch file produced by the diff(1) program and
+apply the differences to an original file, producing a patched version.
+
+The patch(1) utility supports certain version control systems, namely SCCS
+and RCS, and attempts to get or check out the file before applying a patch,
+if the original file do not already exist.
+
+II.  Problem Description
+
+Due to insufficient sanitization of the input patch stream, it is possible
+for a patch file to cause patch(1) to run commands in addition to the desired
+SCCS or RCS commands.
+
+III. Impact
+
+This issue could be exploited to execute arbitrary commands as the user
+invoking patch(1) against a specically crafted patch file, which could be
+leveraged to obtain elevated privileges.
+
+IV.  Workaround
+
+No workaround is available, but systems where a privileged user does not
+make use of patches without proper validation are not affected.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+A reboot is not required after updating.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+A reboot is not required after updating.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-15:14/bsdpatch.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:14/bsdpatch.patch.asc
+# gpg --verify bsdpatch.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/10/                                                        r285976
+releng/10.1/                                                      r285978
+releng/10.2/                                                      r285979
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1416>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:14.bsdpatch.asc>
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAEBCgAGBQJVt+JfAAoJEO1n7NZdz2rnmAAP/37DmuKX127SHD4Au3a1xy2F
+90RP1doqTzpq2w3wzn8JPPK/IUxG6yjDWUk097/aadSMSiUWi/RyTERe68ZNHDia
+IkcTnvF1308OM91yAJDogTKyCpomZwWqkhDhT8qRIkRijr7gr0q3SYF2Uqrj+QKy
+fvhJrEEjhv9Lgw8I1qmnxWCpcmkKaW2Fm1eqplYlPOIwJky+2+Ddzv5PcjtQTjye
+tNIkF9D+ILmGFbotKbNPDKSxapreLOsyDnf0W9QMURi7UolF9AClZnerfVZUWy78
+4lJdbC9q5bf/FNUDv2o928hMgG+cc+blaH8AGXGOgxOx3ok0XWp3xEWRJnggyrZX
+P6NN39u6yFSIrYaNHEwYLFGCIeA0nGWVLupq5h6WwJ+mhCpHz90kMw/5unlXc/wS
+mfFVMeoFiqL227qBgB4azQkiBjN/fVsqPcMv/xk0PNYHaRPS/DASRYPSJF2gXY7h
+fjemohKs9wmyc78nyrnayffPQ6hkXvVzw9zMfLJ1XWg/Fa/5X4u/POggivzGI4ia
+yrvp3zd4avNbEVwlirTxxYgQJ1X44JwTP3Tkq11fea9WJcJtjLTWpIwrHSd8PHEg
+n3r4bo52iPyaGORGUw3Zhx93gOse+I3ayXmBEVJLGDONlEdUf/uju0kSIyCXn4ab
+LvnW7evT5KHA0rh5B07E
+=JTtx
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/advisories/FreeBSD-SA-15:15.tcp.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-15:15.tcp.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-15:15.tcp.asc	(revision 47125)
@@ -0,0 +1,187 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-15:15.tcp                                        Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Resource exhaustion in TCP reassembly 
+
+Category:       core
+Module:         inet
+Announced:      2015-07-28
+Credits:        Patrick Kelsey (Norse Corporation)
+Affects:        All supported versions of FreeBSD.
+Corrected:      2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
+                2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
+                2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
+                2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
+                2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)
+                2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)
+                2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE)
+                2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35)
+CVE Name:       CVE-2015-1417
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The Transmission Control Protocol (TCP) of the TCP/IP protocol suite
+provides a connection-oriented, reliable, sequence-preserving data
+stream service.
+
+The underlying simple and potentially unreliable IP datagram
+communication protocol may deliver segments out of order, therefore,
+the TCP receiver would need to reassemble the segments into their
+original sequence to provide a reliable octet stream.  Because the
+reassembly requires additional resources to keep the queued segments,
+historically resource exhaustion in the TCP reassembly path has been
+prevented by limiting the total number of segments that could belong
+to reassembly queues to a small fraction (1/16) of the total number of
+mbuf clusters in the system.
+
+VNET is a technique to virtualize the network stack, first introduced in
+FreeBSD 8.0.  It changes global resources in the network stack into per
+network stack resources, so that a virtual network stack can be attached
+to a jailed prison and the prison can have unrestricted access to the
+virtual network stack.  VNET is not enabled by default and has to be
+enabled by recompiling the kernel.
+
+II.  Problem Description
+
+There is a mistake with the introduction of VNET, which converted the
+global limit on the number of segments that could belong to reassembly
+queues into a per-VNET limit.  Because mbufs are allocated from a
+global pool, in the presence of a sufficient number of VNETs, the
+total number of mbufs attached to reassembly queues can grow to the
+total number of mbufs in the system, at which point all network
+traffic would cease.
+
+III. Impact
+
+An attacker who can establish concurrent TCP connections across a
+sufficient number of VNETs and manipulate the inbound packet streams
+such that the maximum number of mbufs are enqueued on each reassembly
+queue can cause mbuf cluster exhaustion on the target system, resulting
+in a Denial of Service condition.
+
+As the default per-VNET limit on the number of segments that can
+belong to reassembly queues is 1/16 of the total number of mbuf
+clusters in the system, only systems that have 16 or more VNET
+instances are vulnerable.
+
+IV.  Workaround
+
+FreeBSD 8.x, 9.x and 10.x systems that do not make use of VNETs
+(option VIMAGE) are not affected.  The support has to be specifically
+compiled into a custom kernel, so its use is not common.
+
+For affected systems, the system administrators may consider reducing
+the net.inet.tcp.reass.maxsegments tunable to the value of
+kern.ipc.nmbclusters divided by one greater than the total number of
+VNETs that are going to be used in the system in order to prevent a
+Denial of Service via this vulnerability.  For example, if there are
+16 VNETs in the system, the net.inet.tcp.reass.maxsegments tunable
+should be set to kern.ipc.nmbclusters / 17.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and reboot the system.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+And reboot the system.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 10.2]
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp.patch.asc
+# gpg --verify tcp.patch.asc
+
+[FreeBSD 9.3 and 10.1]
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp-9.3-10.1.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp-9.3-10.1.patch.asc
+# gpg --verify tcp-9.3-10.1.patch.asc
+
+[FreeBSD 8.4]
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp-8.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:15/tcp-8.patch.asc
+# gpg --verify tcp-8.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/8/                                                         r285977
+releng/8.4/                                                       r285980
+stable/9/                                                         r285977
+releng/9.3/                                                       r285980
+stable/10/                                                        r285976
+releng/10.1/                                                      r285979
+releng/10.2/                                                      r285978
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1417>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:15.tcp.asc>
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAEBCgAGBQJVt+FcAAoJEO1n7NZdz2rnOAgQAKw0jR1Eb/USmcXlFpfMrmUr
+Z6UWHsPqE9CwDJaFddrFBRyjCsbeBv4LmPyVcOKJoqspEb8P52GtBNDe9vqcco1U
+C+KpcQQKWTQmu170AdLAIRVvLjoNEX0C09ig4XMbKpisrmQ8zLXavTbTw8FlbPXq
+o9t0nFgPKsDfaXJF3Oas41K/NsBj4hdqnfx+R7KeOaJ6sSwiFGbRxqQ+GG3k+79a
+RI+KVLpw4QV/IkhXKzl416o6uk7eWnJu72GohdrxPvXYWHBVSBkSiT7pLl3O5C7r
+7+dpYyF9f4K0gnXLuATNixNS2/lL2WaJANb75ku7WnY2I5Yjx1oM2r5kE2eJ6Z/c
+WXGnDE9/8SOVURqMwnpQgzVGopKZags0+X7FJAYKeW4/nWyUEAmDlQ+9dY7o/I0M
+urFD+bsSxnrlGLLzjX55zKM1qyGlhNokowSusVeNlSEOl8/QV57CuyQDZ0wdAiUd
+R2yl+fFxRKn4AeCMuKkEsoExLhISI7Uuz8Hjia7g0yJWfYjEjAWLcFpan/QmhwcP
+4PMg+2ZuPC0uUoXqCMBqu3d0NAaae4cOCzx8WCZUaaF3DwhRnUcld+XesV/h3SNo
+kn3ygFyOVWrCd7bSsEd00qqUwUN/cp/uYTqlbI9im89Emaa7/mYR/i3sq2/MRagr
+2oio8OdZ8wwRuER4Jpq9
+=PC1V
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-15:15.tcp.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/advisories/FreeBSD-SA-15:16.openssh.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-15:16.openssh.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-15:16.openssh.asc	(revision 47125)
@@ -0,0 +1,188 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-15:16.openssh                                    Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          OpenSSH multiple vulnerabilities
+
+Category:       contrib
+Module:         openssh
+Announced:      2015-07-28
+Affects:        All supported versions of FreeBSD.
+Corrected:      2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
+                2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
+                2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
+                2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
+                2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)
+                2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)
+                2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE)
+                2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35)
+CVE Name:       CVE-2014-2653, CVE-2015-5600
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+OpenSSH is an implementation of the SSH protocol suite, providing an
+encrypted and authenticated transport for a variety of services,
+including remote shell access.
+
+The security of the SSH connection relies on the server authenticating
+itself to the client as well as the user authenticating itself to the
+server.  SSH servers uses host keys to verify their identity.
+
+RFC 4255 has defined a method of verifying SSH host keys using Domain
+Name System Security (DNSSEC), by publishing the key fingerprint using
+DNS with "SSHFP" resource record.  RFC 6187 has defined methods to use
+a signature by a trusted certification authority to bind a given public
+key to a given digital identity with X.509v3 certificates.
+
+The PAM (Pluggable Authentication Modules) library provides a flexible
+framework for user authentication and session setup / teardown.
+
+OpenSSH uses PAM for password authentication by default.
+
+II.  Problem Description
+
+OpenSSH clients does not correctly verify DNS SSHFP records when a server
+offers a certificate. [CVE-2014-2653]
+
+OpenSSH servers which are configured to allow password authentication
+using PAM (default) would allow many password attempts.
+
+III. Impact
+
+A malicious server may be able to force a connecting client to skip DNS
+SSHFP record check and require the user to perform manual host verification
+of the host key fingerprint.  This could allow man-in-the-middle attack
+if the user does not carefully check the fingerprint.  [CVE-2014-2653]
+
+A remote attacker may effectively bypass MaxAuthTries settings, which would
+enable them to brute force passwords. [CVE-2015-5600]
+
+IV.  Workaround
+
+Systems that do not use OpenSSH are not affected.
+
+There is no workaround for CVE-2014-2653, but the problem only affects
+networks where DNSsec and SSHFP is properly configured.  Users who uses
+SSH should always check server host key fingerprints carefully when
+prompted.
+
+System administrators can set:
+
+	UsePAM no
+
+In their /etc/ssh/sshd_config and restart sshd service to workaround the
+problem described as CVE-2015-5600 at expense of losing features provided
+by the PAM framework.
+
+We recommend system administrators to disable password based authentication
+completely, and use key based authentication exclusively in their SSH server
+configuration, when possible.  This would eliminate the possibility of being
+ever exposed to password brute force attack.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+SSH service has to be restarted after the update.  A reboot is recommended
+but not required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+SSH service has to be restarted after the update.  A reboot is recommended
+but not required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 9.3, 10.1, 10.2]
+# fetch https://security.FreeBSD.org/patches/SA-15:16/openssh.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:16/openssh.patch.asc
+# gpg --verify openssh.patch.asc
+
+[FreeBSD 8.4]
+# fetch https://security.FreeBSD.org/patches/SA-15:16/openssh-8.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:16/openssh-8.patch.asc
+# gpg --verify openssh-8.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart the SSH service, or reboot the system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/8/                                                         r285977
+releng/8.4/                                                       r285980
+stable/9/                                                         r285977
+releng/9.3/                                                       r285980
+stable/10/                                                        r285976
+releng/10.1/                                                      r285979
+releng/10.2/                                                      r285978
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653>
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:16.openssh.asc>
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAEBCgAGBQJVt+FdAAoJEO1n7NZdz2rnPxEQAIFMhBzUuAEEeG3GoO6o6DQn
+7ZVPdd+EdijDk0VAZbaa3NyeVGTNSEQhjpL/lSkIQUQT+yEAUUsUCVWu0T8OpCN0
+UT6JlYhV+AwQVyWujlTjspQ3Ba3Kn3o76MCzvdIQWPTzD1yCZqRmpZ1eSjonmySZ
+ts+kVDCV2ZJyWACOdG2GXHSmTraIErn0J1YaLg++c8nHUvb+TNo2/8viBGJINhdP
+bvA6fzYPpAzgaq5EEKevySLUnUfUE2Nx5LGD2CUx/hMu7K8y2h4SR2fKmpyBauNS
+4VHSssX6KjxZCYctCEsUgCokWYzt9fepyBsCiS9Vx4mTwat8Vuiz2zB1lCOwM97v
+iDbkcmR/ixElrXSBb5+wrhOpBLnYtHFTNPx8dRz39wdb1MxJQqyOOb8KtDSlFMmQ
+l5Lk1vTEcZQjWvmCV9XjVlPqcHnX4wNnV+IgUnQTnhQlbe0YgszdLAi5XZDGBmtA
+DHuLfBy1091KYBoP641GRuldsq6/r6DUzyZuQJ+p30BDUEfkUAptIEnQWA2l3Y8W
+/10eels29WJhV9N7WWo4pbADA54+DLvi0T/46R9WRbM9bA/dsqK9G5wmREaKCqmX
+ccQUFrruxJTn7TV4QbN69ABEkOFCyQjqecP2GqA2N/5AAUsV47WC/VtKgOPp4FZ6
+E0SkAoNzIighyNk54U9p
+=6PBw
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-15:16.openssh.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/advisories/FreeBSD-SA-15:17.bind.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-15:17.bind.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-15:17.bind.asc	(revision 47125)
@@ -0,0 +1,139 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-15:17.bind                                       Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          BIND remote denial of service vulnerability
+
+Category:       contrib
+Module:         bind
+Announced:      2015-07-28
+Credits:        ISC
+Affects:        FreeBSD 8.x and FreeBSD 9.x.
+Corrected:      2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)
+                2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)
+                2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE)
+                2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35)
+CVE Name:       CVE-2015-5477
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+BIND 9 is an implementation of the Domain Name System (DNS) protocols.
+The named(8) daemon is an Internet Domain Name Server.
+
+II.  Problem Description
+
+An error in the handling of TKEY queries can be exploited by an attacker
+for use as a denial-of-service vector, as a constructed packet can use
+the defect to trigger a REQUIRE assertion failure, causing BIND to exit.
+
+III. Impact
+
+A remote attacker can trigger a crash of a name server.  Both recursive and
+authoritative servers are affected, and the exposure can not be mitigated
+by either ACLs or configuration options limiting or denying service because
+the exploitable code occurs early in the packet handling, before checks
+enforcing those boundaries.
+
+IV.  Workaround
+
+No workaround is available, but systems that are not running BIND are not
+vulnerable.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+The named service has to be restarted after the update.  A reboot is
+recommended but not required.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+The named service has to be restarted after the update.  A reboot is
+recommended but not required.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch
+# fetch https://security.FreeBSD.org/patches/SA-15:17/bind.patch.asc
+# gpg --verify bind.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart the applicable daemons, or reboot the system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/8/                                                         r285977
+releng/8.4/                                                       r285980
+stable/9/                                                         r285977
+releng/9.3/                                                       r285980
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://kb.isc.org/article/AA-01272>
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:17.bind.asc>
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAEBCgAGBQJVt+FdAAoJEO1n7NZdz2rnmAQQAK66bHEYirTecgswG+eiePfU
+lcX46GdLU/OQ/3MHpmc6XQKz9kpJ+Inh8K8IvAJ1SXH41zk/xOtUgqbkUcgkGrS1
+gBVKUC8SF82ll/1FUlORoJc+g+TQgax00Il/GweRVoL0RpU9S/YSnc6OLc0nWzBq
+osweYaHBNRL6lBmUtAHYu1tyvGvHLlfTNk6NCtUxtWeXKe+urYFx4ViJKCU8dJ+U
+F26nQb/3vH93WOEaNjSDHYWypl9qtous5hpOtXr76ofhID67EyOKmPPEC5+6jP/6
+wkdMu7loVewI5K7ZF+zaNxr8CQESurCRkMX3qJSBNCfSw55sdcfKl4BO65SCxLH7
+vXoh+B+Wbof2n3xAcEJNufOdiRQfTxlP1UMWIy00wvdB+VcOCDdD7TUB1kksxzpy
+aXxePRdKLjvkPDiWy17BBpxq8JIfy+41a+N7Fm/hDgUJOYGDAMr27WJLx8MHzY3k
++B014IVvTnHkf0yo5ue5raTpgUr0TVCfwD3eqJOM9iUuOI8vj9h44FpP6R8KNyQA
+mVI/wikVJfYAgmAkHqqRVEHeA8aWJsVNkmrKLHFDkLDdw6umr7oOHfXQo1hk7k7V
++2JEa09kp2AYNGYZkiFG/7jiCZ9GLCvAzKW1v1g8fRsBl+QA1PjW0Rg7HcRmZiwM
+VfNsARSWl2y/t8Gnrfgx
+=40iD
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-15:17.bind.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:14/bsdpatch.patch
===================================================================
--- head/share/security/patches/SA-15:14/bsdpatch.patch	(nonexistent)
+++ head/share/security/patches/SA-15:14/bsdpatch.patch	(revision 47125)
@@ -0,0 +1,188 @@
+Index: usr.bin/patch/common.h
+===================================================================
+--- usr.bin/patch/common.h	(revision 285926)
++++ usr.bin/patch/common.h	(working copy)
+@@ -43,12 +43,10 @@
+ #define	LINENUM_MAX LONG_MAX
+ 
+ #define	SCCSPREFIX "s."
+-#define	GET "get -e %s"
+-#define	SCCSDIFF "get -p %s | diff - %s >/dev/null"
+ 
+ #define	RCSSUFFIX ",v"
+-#define	CHECKOUT "co -l %s"
+-#define	RCSDIFF "rcsdiff %s > /dev/null"
++#define	CHECKOUT "/usr/bin/co"
++#define	RCSDIFF "/usr/bin/rcsdiff"
+ 
+ #define	ORIGEXT ".orig"
+ #define	REJEXT ".rej"
+Index: usr.bin/patch/inp.c
+===================================================================
+--- usr.bin/patch/inp.c	(revision 285926)
++++ usr.bin/patch/inp.c	(working copy)
+@@ -31,8 +31,10 @@
+ #include <sys/file.h>
+ #include <sys/stat.h>
+ #include <sys/mman.h>
++#include <sys/wait.h>
+ 
+ #include <ctype.h>
++#include <errno.h>
+ #include <libgen.h>
+ #include <stddef.h>
+ #include <stdint.h>
+@@ -133,12 +135,14 @@ reallocate_lines(size_t *lines_allocated)
+ static bool
+ plan_a(const char *filename)
+ {
+-	int		ifd, statfailed;
++	int		ifd, statfailed, devnull, pstat;
+ 	char		*p, *s, lbuf[INITLINELEN];
+ 	struct stat	filestat;
+ 	ptrdiff_t	sz;
+ 	size_t		i;
+ 	size_t		iline, lines_allocated;
++	pid_t		pid;
++	char		*argp[4] = {NULL};
+ 
+ #ifdef DEBUGGING
+ 	if (debug & 8)
+@@ -166,13 +170,14 @@ plan_a(const char *filename)
+ 	}
+ 	if (statfailed && check_only)
+ 		fatal("%s not found, -C mode, can't probe further\n", filename);
+-	/* For nonexistent or read-only files, look for RCS or SCCS versions.  */
++	/* For nonexistent or read-only files, look for RCS versions.  */
++
+ 	if (statfailed ||
+ 	    /* No one can write to it.  */
+ 	    (filestat.st_mode & 0222) == 0 ||
+ 	    /* I can't write to it.  */
+ 	    ((filestat.st_mode & 0022) == 0 && filestat.st_uid != getuid())) {
+-		const char	*cs = NULL, *filebase, *filedir;
++		char	*filebase, *filedir;
+ 		struct stat	cstat;
+ 		char *tmp_filename1, *tmp_filename2;
+ 
+@@ -180,43 +185,26 @@ plan_a(const char *filename)
+ 		tmp_filename2 = strdup(filename);
+ 		if (tmp_filename1 == NULL || tmp_filename2 == NULL)
+ 			fatal("strdupping filename");
++
+ 		filebase = basename(tmp_filename1);
+ 		filedir = dirname(tmp_filename2);
+ 
+-		/* Leave room in lbuf for the diff command.  */
+-		s = lbuf + 20;
+-
+ #define try(f, a1, a2, a3) \
+-	(snprintf(s, buf_size - 20, f, a1, a2, a3), stat(s, &cstat) == 0)
++	(snprintf(lbuf, sizeof(lbuf), f, a1, a2, a3), stat(lbuf, &cstat) == 0)
+ 
+-		if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) ||
+-		    try("%s/RCS/%s%s", filedir, filebase, "") ||
+-		    try("%s/%s%s", filedir, filebase, RCSSUFFIX)) {
+-			snprintf(buf, buf_size, CHECKOUT, filename);
+-			snprintf(lbuf, sizeof lbuf, RCSDIFF, filename);
+-			cs = "RCS";
+-		} else if (try("%s/SCCS/%s%s", filedir, SCCSPREFIX, filebase) ||
+-		    try("%s/%s%s", filedir, SCCSPREFIX, filebase)) {
+-			snprintf(buf, buf_size, GET, s);
+-			snprintf(lbuf, sizeof lbuf, SCCSDIFF, s, filename);
+-			cs = "SCCS";
+-		} else if (statfailed)
+-			fatal("can't find %s\n", filename);
+-
+-		free(tmp_filename1);
+-		free(tmp_filename2);
+-
+ 		/*
+ 		 * else we can't write to it but it's not under a version
+ 		 * control system, so just proceed.
+ 		 */
+-		if (cs) {
++		if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) ||
++		    try("%s/RCS/%s%s", filedir, filebase, "") ||
++		    try("%s/%s%s", filedir, filebase, RCSSUFFIX)) {
+ 			if (!statfailed) {
+ 				if ((filestat.st_mode & 0222) != 0)
+ 					/* The owner can write to it.  */
+ 					fatal("file %s seems to be locked "
+-					    "by somebody else under %s\n",
+-					    filename, cs);
++					    "by somebody else under RCS\n",
++					    filename);
+ 				/*
+ 				 * It might be checked out unlocked.  See if
+ 				 * it's safe to check out the default version
+@@ -224,21 +212,59 @@ plan_a(const char *filename)
+ 				 */
+ 				if (verbose)
+ 					say("Comparing file %s to default "
+-					    "%s version...\n",
+-					    filename, cs);
+-				if (system(lbuf))
++					    "RCS version...\n", filename);
++
++				switch (pid = fork()) {
++				case -1:
++					fatal("can't fork: %s\n",
++					    strerror(errno));
++				case 0:
++					devnull = open("/dev/null", O_RDONLY);
++					if (devnull == -1) {
++						fatal("can't open /dev/null: %s",
++						    strerror(errno));
++					}
++					(void)dup2(devnull, STDOUT_FILENO);
++					argp[0] = strdup(RCSDIFF);
++					argp[1] = strdup(filename);
++					execv(RCSDIFF, argp);
++					exit(127);
++				}
++				pid = waitpid(pid, &pstat, 0);
++				if (pid == -1 || WEXITSTATUS(pstat) != 0) {
+ 					fatal("can't check out file %s: "
+-					    "differs from default %s version\n",
+-					    filename, cs);
++					    "differs from default RCS version\n",
++					    filename);
++				}
+ 			}
++
+ 			if (verbose)
+-				say("Checking out file %s from %s...\n",
+-				    filename, cs);
+-			if (system(buf) || stat(filename, &filestat))
+-				fatal("can't check out file %s from %s\n",
+-				    filename, cs);
++				say("Checking out file %s from RCS...\n",
++				    filename);
++
++			switch (pid = fork()) {
++			case -1:
++				fatal("can't fork: %s\n", strerror(errno));
++			case 0:
++				argp[0] = strdup(CHECKOUT);
++				argp[1] = strdup("-l");
++				argp[2] = strdup(filename);
++				execv(CHECKOUT, argp);
++				exit(127);
++			}
++			pid = waitpid(pid, &pstat, 0);
++			if (pid == -1 || WEXITSTATUS(pstat) != 0 ||
++			    stat(filename, &filestat)) {
++				fatal("can't check out file %s from RCS\n",
++				    filename);
++			}
++		} else if (statfailed) {
++			fatal("can't find %s\n", filename);
+ 		}
++		free(tmp_filename1);
++		free(tmp_filename2);
+ 	}
++
+ 	filemode = filestat.st_mode;
+ 	if (!S_ISREG(filemode))
+ 		fatal("%s is not a normal file--can't patch\n", filename);

Property changes on: head/share/security/patches/SA-15:14/bsdpatch.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:14/bsdpatch.patch.asc
===================================================================
--- head/share/security/patches/SA-15:14/bsdpatch.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:14/bsdpatch.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FwAAoJEO1n7NZdz2rno1wP/1dqyumvREi7i84Ab2ew+X+x
+YNbhqkhP/Q0+uwF68nbV1StAyuPZ85fSTy//19W0L3YU31vkZgz2B5N6Vl1Walpx
+UGk/6LGm2U8xzRRSOgThSthbUbXI4cAAjxmAuUkgd5br9g8KZo+h9LQNKpv+6Caa
+OCsTKZMwA81ImiOODCvJ9FQy7hQVBSQhssCVEZScU7aR+86FRhNy0a6tHX1Y8dkk
+LLhOJprZgG6JHR9fr+g0fCSjerYWKml4QlgpbXy/Fp3mIYfsnf8K9MaKa3KBLjOZ
+AoggAB/tNA+e9imXy8En/J5aZqMwhjDZNrWHACaDXB9kMrNEE8Nwp3gFMgpURGWf
+NFd8x+5SDv6yG+1xM1X/ywP9mVDQqySactLnGoEF77ANNEFVat9KafbPESckiqa7
+qw83IaO5/9P/IaZik+19SzOsJ9sZGRaco70HfAZA9r/SD+SLc+4U1PAdY0QxGdB6
+n7Ap088KK/GfiIF4ra5AqNDFquEWTPdkVqb+55Lv7eKgg1/S0rm7Ou7Z/lbBQerw
+QIJzcem/KDcPJxM3tkxumqMdzggwUCPtrxB6vDEjLMKSN/33I2iYD47UhP+rFjw5
+cdnrrqVgw0zt+p5vAubJJegk+aVWfy7QRcHaQb/FA5MYkOVKQP69lboa7PX4M+Pn
+EjipG4vadjqdZaYzuBhF
+=fzsn
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:14/bsdpatch.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp-8.patch
===================================================================
--- head/share/security/patches/SA-15:15/tcp-8.patch	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp-8.patch	(revision 47125)
@@ -0,0 +1,203 @@
+Index: sys/netinet/tcp_reass.c
+===================================================================
+--- sys/netinet/tcp_reass.c	(revision 285923)
++++ sys/netinet/tcp_reass.c	(working copy)
+@@ -80,29 +80,25 @@ static int tcp_reass_sysctl_qsize(SYSCTL_HANDLER_A
+ SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0,
+     "TCP Segment Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_maxseg) = 0;
+-#define	V_tcp_reass_maxseg		VNET(tcp_reass_maxseg)
++static int tcp_reass_maxseg = 0;
+ SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, maxsegments,
+     CTLTYPE_INT | CTLFLAG_RDTUN,
+-    &VNET_NAME(tcp_reass_maxseg), 0, &tcp_reass_sysctl_maxseg, "I",
++    &tcp_reass_maxseg, 0, &tcp_reass_sysctl_maxseg, "I",
+     "Global maximum number of TCP Segments in Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_qsize) = 0;
+-#define	V_tcp_reass_qsize		VNET(tcp_reass_qsize)
+-SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
++static int tcp_reass_qsize = 0;
++SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
+     CTLTYPE_INT | CTLFLAG_RD,
+-    &VNET_NAME(tcp_reass_qsize), 0, &tcp_reass_sysctl_qsize, "I",
++    &tcp_reass_qsize, 0, &tcp_reass_sysctl_qsize, "I",
+     "Global number of TCP Segments currently in Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_overflows) = 0;
+-#define	V_tcp_reass_overflows		VNET(tcp_reass_overflows)
+-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
++static int tcp_reass_overflows = 0;
++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
+     CTLTYPE_INT | CTLFLAG_RD,
+-    &VNET_NAME(tcp_reass_overflows), 0,
++    &tcp_reass_overflows, 0,
+     "Global number of TCP Segment Reassembly Queue Overflows");
+ 
+-static VNET_DEFINE(uma_zone_t, tcp_reass_zone);
+-#define	V_tcp_reass_zone		VNET(tcp_reass_zone)
++static uma_zone_t tcp_reass_zone;
+ 
+ /* Initialize TCP reassembly queue */
+ static void
+@@ -109,34 +105,25 @@ static void
+ tcp_reass_zone_change(void *tag)
+ {
+ 
+-	V_tcp_reass_maxseg = nmbclusters / 16;
+-	uma_zone_set_max(V_tcp_reass_zone, V_tcp_reass_maxseg);
++	tcp_reass_maxseg = nmbclusters / 16;
++	uma_zone_set_max(tcp_reass_zone, tcp_reass_maxseg);
+ }
+ 
+ void
+-tcp_reass_init(void)
++tcp_reass_global_init(void)
+ {
+ 
+-	V_tcp_reass_maxseg = nmbclusters / 16;
++	tcp_reass_maxseg = nmbclusters / 16;
+ 	TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments",
+-	    &V_tcp_reass_maxseg);
+-	V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
++	    &tcp_reass_maxseg);
++	tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
+ 	    NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
+-	uma_zone_set_max(V_tcp_reass_zone, V_tcp_reass_maxseg);
++	uma_zone_set_max(tcp_reass_zone, tcp_reass_maxseg);
+ 	EVENTHANDLER_REGISTER(nmbclusters_change,
+ 	    tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY);
+ }
+ 
+-#ifdef VIMAGE
+ void
+-tcp_reass_destroy(void)
+-{
+-
+-	uma_zdestroy(V_tcp_reass_zone);
+-}
+-#endif
+-
+-void
+ tcp_reass_flush(struct tcpcb *tp)
+ {
+ 	struct tseg_qent *qe;
+@@ -146,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp)
+ 	while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) {
+ 		LIST_REMOVE(qe, tqe_q);
+ 		m_freem(qe->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, qe);
++		uma_zfree(tcp_reass_zone, qe);
+ 		tp->t_segqlen--;
+ 	}
+ 
+@@ -158,7 +145,7 @@ tcp_reass_flush(struct tcpcb *tp)
+ static int
+ tcp_reass_sysctl_maxseg(SYSCTL_HANDLER_ARGS)
+ {
+-	V_tcp_reass_maxseg = uma_zone_get_max(V_tcp_reass_zone);
++	tcp_reass_maxseg = uma_zone_get_max(tcp_reass_zone);
+ 	return (sysctl_handle_int(oidp, arg1, arg2, req));
+ }
+ 
+@@ -165,7 +152,7 @@ tcp_reass_sysctl_maxseg(SYSCTL_HANDLER_ARGS)
+ static int
+ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_ARGS)
+ {
+-	V_tcp_reass_qsize = uma_zone_get_cur(V_tcp_reass_zone);
++	tcp_reass_qsize = uma_zone_get_cur(tcp_reass_zone);
+ 	return (sysctl_handle_int(oidp, arg1, arg2, req));
+ }
+ 
+@@ -213,7 +200,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 */
+ 	if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) &&
+ 	    tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) {
+-		V_tcp_reass_overflows++;
++		tcp_reass_overflows++;
+ 		TCPSTAT_INC(tcps_rcvmemdrop);
+ 		m_freem(m);
+ 		*tlenp = 0;
+@@ -232,7 +219,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 * Use a temporary structure on the stack for the missing segment
+ 	 * when the zone is exhausted. Otherwise we may get stuck.
+ 	 */
+-	te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT);
++	te = uma_zalloc(tcp_reass_zone, M_NOWAIT);
+ 	if (te == NULL) {
+ 		if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) {
+ 			TCPSTAT_INC(tcps_rcvmemdrop);
+@@ -283,7 +270,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 				TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp);
+ 				m_freem(m);
+ 				if (te != &tqs)
+-					uma_zfree(V_tcp_reass_zone, te);
++					uma_zfree(tcp_reass_zone, te);
+ 				tp->t_segqlen--;
+ 				/*
+ 				 * Try to present any queued data
+@@ -320,7 +307,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 		nq = LIST_NEXT(q, tqe_q);
+ 		LIST_REMOVE(q, tqe_q);
+ 		m_freem(q->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, q);
++		uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	}
+@@ -359,7 +346,7 @@ present:
+ 		else
+ 			sbappendstream_locked(&so->so_rcv, q->tqe_m);
+ 		if (q != &tqs)
+-			uma_zfree(V_tcp_reass_zone, q);
++			uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	} while (q && q->tqe_th->th_seq == tp->rcv_nxt);
+Index: sys/netinet/tcp_subr.c
+===================================================================
+--- sys/netinet/tcp_subr.c	(revision 285923)
++++ sys/netinet/tcp_subr.c	(working copy)
+@@ -375,7 +375,6 @@ tcp_init(void)
+ 	tcp_tw_init();
+ 	syncache_init();
+ 	tcp_hc_init();
+-	tcp_reass_init();
+ 
+ 	TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack);
+ 	V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole),
+@@ -385,6 +384,8 @@ tcp_init(void)
+ 	if (!IS_DEFAULT_VNET(curvnet))
+ 		return;
+ 
++	tcp_reass_global_init();
++
+ 	/* XXX virtualize those bellow? */
+ 	tcp_delacktime = TCPTV_DELACK;
+ 	tcp_keepinit = TCPTV_KEEP_INIT;
+@@ -424,7 +425,6 @@ void
+ tcp_destroy(void)
+ {
+ 
+-	tcp_reass_destroy();
+ 	tcp_hc_destroy();
+ 	syncache_destroy();
+ 	tcp_tw_destroy();
+Index: sys/netinet/tcp_var.h
+===================================================================
+--- sys/netinet/tcp_var.h	(revision 285923)
++++ sys/netinet/tcp_var.h	(working copy)
+@@ -653,11 +653,8 @@ char 	*tcp_log_addrs(struct in_conninfo *, struct
+ char	*tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *,
+ 	    const void *);
+ int	 tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *);
+-void	 tcp_reass_init(void);
++void	 tcp_reass_global_init(void);
+ void	 tcp_reass_flush(struct tcpcb *);
+-#ifdef VIMAGE
+-void	 tcp_reass_destroy(void);
+-#endif
+ void	 tcp_input(struct mbuf *, int);
+ u_long	 tcp_maxmtu(struct in_conninfo *, int *);
+ u_long	 tcp_maxmtu6(struct in_conninfo *, int *);

Property changes on: head/share/security/patches/SA-15:15/tcp-8.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp-8.patch.asc
===================================================================
--- head/share/security/patches/SA-15:15/tcp-8.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp-8.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FwAAoJEO1n7NZdz2rn4a0QAJNILy1kqMl42ffd2sO4NOmy
+hHJ18P1zAEFb2Q5HdbQOVnY8ssJWlbXK8kf0S0m/gw+xQ+SXnz6JtLDIqxhM/4kP
+r+s3ae3hVOLoNf0oz9Qdpbv/eZcfqfZSTFxiPXZC8J1pRH7qE7pH6jybfTHpNczg
+7NrtgmK2poMgOrIkDUoUK8Xb5Pjg2Pfz07nEYuESA6yVUrlEk8izZq9HFos2eOff
+gpfwjVr1zm5s8rIX/YP0oUKBcsdUlgk6zF6JCnOhO5cysy0rzMcz+HBMo0CigDS/
+kmeQu59JpHVY4E//LGvNTXAVqOSEnERdSSZqcc7sZaqyEfJXRSYrrnq/57c9YnVm
+qc/Q9D0kvEQhwzQgGJUG6OmKG3fkBTT44+rwlzB3TVBNXNoZNeY7uoOi/OyPu4JT
+ejZse+Qq7X/f5oZT2CNScHkW/jLYBnFGwHGmyg5AZUf0evN8GvO6Z1yMxmnUzBqE
+6J3oO6re/8I7L78PqTjXGh36rK6a2MZF/J5t24JilSvLgyhZx4VNDDHgv87KqCdA
+fSMKaoyn6UwvVR/j1XP3ACcukBLjuFjsgH25Q97ESgijnte050DgabOBmsBawwVb
+MCAZdSw3iczhCE9nrpNehX5zdnw9XYy70HJN8hVVfGjdyjzJazEkC8a+U+teHrTp
+v3p8ijYPt0dRz8siZusT
+=ETv1
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:15/tcp-8.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch
===================================================================
--- head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch	(revision 47125)
@@ -0,0 +1,194 @@
+Index: sys/netinet/tcp_reass.c
+===================================================================
+--- sys/netinet/tcp_reass.c	(revision 285923)
++++ sys/netinet/tcp_reass.c	(working copy)
+@@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL_HANDLER_A
+ static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0,
+     "TCP Segment Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_maxseg) = 0;
+-#define	V_tcp_reass_maxseg		VNET(tcp_reass_maxseg)
+-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
+-    &VNET_NAME(tcp_reass_maxseg), 0,
++static int tcp_reass_maxseg = 0;
++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
++    &tcp_reass_maxseg, 0,
+     "Global maximum number of TCP Segments in Reassembly Queue");
+ 
+-SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
++SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
+     (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I",
+     "Global number of TCP Segments currently in Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_overflows) = 0;
+-#define	V_tcp_reass_overflows		VNET(tcp_reass_overflows)
+-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
++static int tcp_reass_overflows = 0;
++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
+     CTLTYPE_INT | CTLFLAG_RD,
+-    &VNET_NAME(tcp_reass_overflows), 0,
++    &tcp_reass_overflows, 0,
+     "Global number of TCP Segment Reassembly Queue Overflows");
+ 
+-static VNET_DEFINE(uma_zone_t, tcp_reass_zone);
+-#define	V_tcp_reass_zone		VNET(tcp_reass_zone)
++static uma_zone_t tcp_reass_zone;
+ 
+ /* Initialize TCP reassembly queue */
+ static void
+@@ -105,37 +102,28 @@ tcp_reass_zone_change(void *tag)
+ {
+ 
+ 	/* Set the zone limit and read back the effective value. */
+-	V_tcp_reass_maxseg = nmbclusters / 16;
+-	V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone,
+-	    V_tcp_reass_maxseg);
++	tcp_reass_maxseg = nmbclusters / 16;
++	tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone,
++	    tcp_reass_maxseg);
+ }
+ 
+ void
+-tcp_reass_init(void)
++tcp_reass_global_init(void)
+ {
+ 
+-	V_tcp_reass_maxseg = nmbclusters / 16;
++	tcp_reass_maxseg = nmbclusters / 16;
+ 	TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments",
+-	    &V_tcp_reass_maxseg);
+-	V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
++	    &tcp_reass_maxseg);
++	tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
+ 	    NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
+ 	/* Set the zone limit and read back the effective value. */
+-	V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone,
+-	    V_tcp_reass_maxseg);
++	tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone,
++	    tcp_reass_maxseg);
+ 	EVENTHANDLER_REGISTER(nmbclusters_change,
+ 	    tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY);
+ }
+ 
+-#ifdef VIMAGE
+ void
+-tcp_reass_destroy(void)
+-{
+-
+-	uma_zdestroy(V_tcp_reass_zone);
+-}
+-#endif
+-
+-void
+ tcp_reass_flush(struct tcpcb *tp)
+ {
+ 	struct tseg_qent *qe;
+@@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp)
+ 	while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) {
+ 		LIST_REMOVE(qe, tqe_q);
+ 		m_freem(qe->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, qe);
++		uma_zfree(tcp_reass_zone, qe);
+ 		tp->t_segqlen--;
+ 	}
+ 
+@@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_ARGS)
+ {
+ 	int qsize;
+ 
+-	qsize = uma_zone_get_cur(V_tcp_reass_zone);
++	qsize = uma_zone_get_cur(tcp_reass_zone);
+ 	return (sysctl_handle_int(oidp, &qsize, 0, req));
+ }
+ 
+@@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 */
+ 	if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) &&
+ 	    tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) {
+-		V_tcp_reass_overflows++;
++		tcp_reass_overflows++;
+ 		TCPSTAT_INC(tcps_rcvmemdrop);
+ 		m_freem(m);
+ 		*tlenp = 0;
+@@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 * Use a temporary structure on the stack for the missing segment
+ 	 * when the zone is exhausted. Otherwise we may get stuck.
+ 	 */
+-	te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT);
++	te = uma_zalloc(tcp_reass_zone, M_NOWAIT);
+ 	if (te == NULL) {
+ 		if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) {
+ 			TCPSTAT_INC(tcps_rcvmemdrop);
+@@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 				TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp);
+ 				m_freem(m);
+ 				if (te != &tqs)
+-					uma_zfree(V_tcp_reass_zone, te);
++					uma_zfree(tcp_reass_zone, te);
+ 				tp->t_segqlen--;
+ 				/*
+ 				 * Try to present any queued data
+@@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 		nq = LIST_NEXT(q, tqe_q);
+ 		LIST_REMOVE(q, tqe_q);
+ 		m_freem(q->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, q);
++		uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	}
+@@ -353,7 +341,7 @@ present:
+ 		else
+ 			sbappendstream_locked(&so->so_rcv, q->tqe_m);
+ 		if (q != &tqs)
+-			uma_zfree(V_tcp_reass_zone, q);
++			uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	} while (q && q->tqe_th->th_seq == tp->rcv_nxt);
+Index: sys/netinet/tcp_subr.c
+===================================================================
+--- sys/netinet/tcp_subr.c	(revision 285923)
++++ sys/netinet/tcp_subr.c	(working copy)
+@@ -375,7 +375,6 @@ tcp_init(void)
+ 	tcp_tw_init();
+ 	syncache_init();
+ 	tcp_hc_init();
+-	tcp_reass_init();
+ 
+ 	TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack);
+ 	V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole),
+@@ -385,6 +384,8 @@ tcp_init(void)
+ 	if (!IS_DEFAULT_VNET(curvnet))
+ 		return;
+ 
++	tcp_reass_global_init();
++
+ 	/* XXX virtualize those bellow? */
+ 	tcp_delacktime = TCPTV_DELACK;
+ 	tcp_keepinit = TCPTV_KEEP_INIT;
+@@ -432,7 +433,6 @@ void
+ tcp_destroy(void)
+ {
+ 
+-	tcp_reass_destroy();
+ 	tcp_hc_destroy();
+ 	syncache_destroy();
+ 	tcp_tw_destroy();
+Index: sys/netinet/tcp_var.h
+===================================================================
+--- sys/netinet/tcp_var.h	(revision 285923)
++++ sys/netinet/tcp_var.h	(working copy)
+@@ -666,11 +666,8 @@ char	*tcp_log_addrs(struct in_conninfo *, struct t
+ char	*tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *,
+ 	    const void *);
+ int	 tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *);
+-void	 tcp_reass_init(void);
++void	 tcp_reass_global_init(void);
+ void	 tcp_reass_flush(struct tcpcb *);
+-#ifdef VIMAGE
+-void	 tcp_reass_destroy(void);
+-#endif
+ void	 tcp_input(struct mbuf *, int);
+ u_long	 tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *);
+ u_long	 tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *);

Property changes on: head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch.asc
===================================================================
--- head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FwAAoJEO1n7NZdz2rn4MsP/1RRuWMRR2G2slK+cuaUhzHI
+Zmr11d2Wf3MfnV4gyS36bei8RKUSlg1HpPoztjheMerfFuK+vV+thkysakKdAAkC
+P5p5rqZSoQZ4rLjFFQwDkM0tm5CZQeVMiosz2KGHzEHUF/RVKeQ3tuOFWrEIyUdq
+DzHsrS67CBW7KQzoauN/7p+RDtepajSgRPMcsIZ6SyMqhHCX/3ugSXANnexJw5It
+YBbImj3PnIsMsKNvPLFx8zAvJxM4aEIhUfiJfpYlVXEVeSyIoxMRmrjDcrW8zrU9
+1c1qx4s0nRRsnv7qKK79W4XES4ebppNUbtFk6wdJKdt1kzMvEAFNm0P5Li86aTTn
+hksIS3DW3zcFFgMCHl6levunXKBv/Jot7DP8sfYGbxMRHbAI/Gs+QnxzLEPFeU7I
+1BGrrVbE3f+sRgDirblhfVQdUsjTNQN7UzEs1Da4jTnfqKiE9o+cLe9uoXoRNLjJ
+tnI/lK/XFh7fAczIaloOzClwid63W8cVe7SRIYFa2edAGzcnR4+AK+ZFFVadxUJ1
+kQiO12nfnDFA00/FYrgm8jfwL4luINUrq9iQQCoSH6FJZ8H/W2jgZd/s6VCAd/bN
+lwDok1Mn1r3Mkr8MAnh7XhAHWUFdEjXljPkcRTCOj4+NRmfpalLBnMroH12ofzl4
+1C+wnnPtqXm2GysW0U/K
+=KVcG
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:15/tcp-9.3-10.1.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp.patch
===================================================================
--- head/share/security/patches/SA-15:15/tcp.patch	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp.patch	(revision 47125)
@@ -0,0 +1,194 @@
+Index: sys/netinet/tcp_reass.c
+===================================================================
+--- sys/netinet/tcp_reass.c	(revision 285923)
++++ sys/netinet/tcp_reass.c	(working copy)
+@@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL_HANDLER_A
+ static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0,
+     "TCP Segment Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_maxseg) = 0;
+-#define	V_tcp_reass_maxseg		VNET(tcp_reass_maxseg)
+-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
+-    &VNET_NAME(tcp_reass_maxseg), 0,
++static int tcp_reass_maxseg = 0;
++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
++    &tcp_reass_maxseg, 0,
+     "Global maximum number of TCP Segments in Reassembly Queue");
+ 
+-SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
++SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments,
+     (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I",
+     "Global number of TCP Segments currently in Reassembly Queue");
+ 
+-static VNET_DEFINE(int, tcp_reass_overflows) = 0;
+-#define	V_tcp_reass_overflows		VNET(tcp_reass_overflows)
+-SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
++static int tcp_reass_overflows = 0;
++SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows,
+     CTLFLAG_RD,
+-    &VNET_NAME(tcp_reass_overflows), 0,
++    &tcp_reass_overflows, 0,
+     "Global number of TCP Segment Reassembly Queue Overflows");
+ 
+-static VNET_DEFINE(uma_zone_t, tcp_reass_zone);
+-#define	V_tcp_reass_zone		VNET(tcp_reass_zone)
++static uma_zone_t tcp_reass_zone;
+ 
+ /* Initialize TCP reassembly queue */
+ static void
+@@ -105,37 +102,28 @@ tcp_reass_zone_change(void *tag)
+ {
+ 
+ 	/* Set the zone limit and read back the effective value. */
+-	V_tcp_reass_maxseg = nmbclusters / 16;
+-	V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone,
+-	    V_tcp_reass_maxseg);
++	tcp_reass_maxseg = nmbclusters / 16;
++	tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone,
++	    tcp_reass_maxseg);
+ }
+ 
+ void
+-tcp_reass_init(void)
++tcp_reass_global_init(void)
+ {
+ 
+-	V_tcp_reass_maxseg = nmbclusters / 16;
++	tcp_reass_maxseg = nmbclusters / 16;
+ 	TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments",
+-	    &V_tcp_reass_maxseg);
+-	V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
++	    &tcp_reass_maxseg);
++	tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent),
+ 	    NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
+ 	/* Set the zone limit and read back the effective value. */
+-	V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone,
+-	    V_tcp_reass_maxseg);
++	tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone,
++	    tcp_reass_maxseg);
+ 	EVENTHANDLER_REGISTER(nmbclusters_change,
+ 	    tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY);
+ }
+ 
+-#ifdef VIMAGE
+ void
+-tcp_reass_destroy(void)
+-{
+-
+-	uma_zdestroy(V_tcp_reass_zone);
+-}
+-#endif
+-
+-void
+ tcp_reass_flush(struct tcpcb *tp)
+ {
+ 	struct tseg_qent *qe;
+@@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp)
+ 	while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) {
+ 		LIST_REMOVE(qe, tqe_q);
+ 		m_freem(qe->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, qe);
++		uma_zfree(tcp_reass_zone, qe);
+ 		tp->t_segqlen--;
+ 	}
+ 
+@@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_ARGS)
+ {
+ 	int qsize;
+ 
+-	qsize = uma_zone_get_cur(V_tcp_reass_zone);
++	qsize = uma_zone_get_cur(tcp_reass_zone);
+ 	return (sysctl_handle_int(oidp, &qsize, 0, req));
+ }
+ 
+@@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 */
+ 	if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) &&
+ 	    tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) {
+-		V_tcp_reass_overflows++;
++		tcp_reass_overflows++;
+ 		TCPSTAT_INC(tcps_rcvmemdrop);
+ 		m_freem(m);
+ 		*tlenp = 0;
+@@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 	 * Use a temporary structure on the stack for the missing segment
+ 	 * when the zone is exhausted. Otherwise we may get stuck.
+ 	 */
+-	te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT);
++	te = uma_zalloc(tcp_reass_zone, M_NOWAIT);
+ 	if (te == NULL) {
+ 		if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) {
+ 			TCPSTAT_INC(tcps_rcvmemdrop);
+@@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 				TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp);
+ 				m_freem(m);
+ 				if (te != &tqs)
+-					uma_zfree(V_tcp_reass_zone, te);
++					uma_zfree(tcp_reass_zone, te);
+ 				tp->t_segqlen--;
+ 				/*
+ 				 * Try to present any queued data
+@@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphdr *th, int
+ 		nq = LIST_NEXT(q, tqe_q);
+ 		LIST_REMOVE(q, tqe_q);
+ 		m_freem(q->tqe_m);
+-		uma_zfree(V_tcp_reass_zone, q);
++		uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	}
+@@ -353,7 +341,7 @@ present:
+ 		else
+ 			sbappendstream_locked(&so->so_rcv, q->tqe_m);
+ 		if (q != &tqs)
+-			uma_zfree(V_tcp_reass_zone, q);
++			uma_zfree(tcp_reass_zone, q);
+ 		tp->t_segqlen--;
+ 		q = nq;
+ 	} while (q && q->tqe_th->th_seq == tp->rcv_nxt);
+Index: sys/netinet/tcp_subr.c
+===================================================================
+--- sys/netinet/tcp_subr.c	(revision 285923)
++++ sys/netinet/tcp_subr.c	(working copy)
+@@ -376,7 +376,6 @@ tcp_init(void)
+ 	tcp_tw_init();
+ 	syncache_init();
+ 	tcp_hc_init();
+-	tcp_reass_init();
+ 
+ 	TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack);
+ 	V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole),
+@@ -386,6 +385,8 @@ tcp_init(void)
+ 	if (!IS_DEFAULT_VNET(curvnet))
+ 		return;
+ 
++	tcp_reass_global_init();
++
+ 	/* XXX virtualize those bellow? */
+ 	tcp_delacktime = TCPTV_DELACK;
+ 	tcp_keepinit = TCPTV_KEEP_INIT;
+@@ -433,7 +434,6 @@ void
+ tcp_destroy(void)
+ {
+ 
+-	tcp_reass_destroy();
+ 	tcp_hc_destroy();
+ 	syncache_destroy();
+ 	tcp_tw_destroy();
+Index: sys/netinet/tcp_var.h
+===================================================================
+--- sys/netinet/tcp_var.h	(revision 285923)
++++ sys/netinet/tcp_var.h	(working copy)
+@@ -679,11 +679,8 @@ char	*tcp_log_addrs(struct in_conninfo *, struct t
+ char	*tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *,
+ 	    const void *);
+ int	 tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *);
+-void	 tcp_reass_init(void);
++void	 tcp_reass_global_init(void);
+ void	 tcp_reass_flush(struct tcpcb *);
+-#ifdef VIMAGE
+-void	 tcp_reass_destroy(void);
+-#endif
+ void	 tcp_input(struct mbuf *, int);
+ u_long	 tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *);
+ u_long	 tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *);

Property changes on: head/share/security/patches/SA-15:15/tcp.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:15/tcp.patch.asc
===================================================================
--- head/share/security/patches/SA-15:15/tcp.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:15/tcp.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FwAAoJEO1n7NZdz2rnao8P/jUT5a0o9qZ9PjyVQCaMYGpz
+y7HZylgcfVMxLGipVqS0H9vwoF7EgGwHSPn5U3YT3LxXJ5ptuGrDUfOHy5vtm6eT
+AEDGKrR22sd7Thz+U821jlTKo9PLQr51bBwUjRhs4FHuAbCNX8A+Enjdb7Fo1oox
+1AJBLbnvcZAwfRdURAtj864Mx81lQ58+AC1tKW4vlagd75tsoew7MEjPrW1ObTSy
+Pl7R9SV8EnTianAyuoMZSQaGgA9kkPuG8e21+PhfQG9+enP3D2Sgad4VWfcV8KAd
+CwyJDJ7Tu8mY7FvYmd0XZr5GfM634FGV9M/wGnDXslSZgFNSt83IULmnKIuKNnjJ
+p3Map3//tZchR4/DT04q5fxcX1rWiGN+RbjYzHtttfr8i/h1rRq7BK2BWn1oM4h0
+AzMKR4N1AEaa1huTZoucuaPWZ4P+6pMUm1uSd0SuJkhZuF2Lj/BlD+SlSANEYAjr
+ajWh5hjTordmV/HXaNIcwZDIn5EN9pVm4UHcPD4x5z5eQ3r2w2kssfKusNWa5EUL
+Hqh+PuNS00e2Opp6cF+tBUF+1zJyOYEWSMlYmYDG/J+MhlRWmOr5FobGCa7dUHYt
+KvgkHmef/5Z45mTFIiD5jygNYNuxs3L0xUXFxd+2XlXPu9fKfXHtaV7aS1VozIpR
+rSHM3bqswflAY+A0FHK1
+=kwzI
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:15/tcp.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:16/openssh-8.patch
===================================================================
--- head/share/security/patches/SA-15:16/openssh-8.patch	(nonexistent)
+++ head/share/security/patches/SA-15:16/openssh-8.patch	(revision 47125)
@@ -0,0 +1,89 @@
+Index: crypto/openssh/auth2-chall.c
+===================================================================
+--- crypto/openssh/auth2-chall.c	(revision 285923)
++++ crypto/openssh/auth2-chall.c	(working copy)
+@@ -82,6 +82,7 @@ struct KbdintAuthctxt
+ 	void *ctxt;
+ 	KbdintDevice *device;
+ 	u_int nreq;
++	u_int devices_done;
+ };
+ 
+ #ifdef USE_PAM
+@@ -169,9 +170,14 @@ kbdint_next_device(KbdintAuthctxt *kbdintctxt)
+ 
+ 		if (len == 0)
+ 			break;
+-		for (i = 0; devices[i]; i++)
+-			if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
++		for (i = 0; devices[i]; i++) {
++			if ((kbdintctxt->devices_done & (1 << i)) != 0)
++				continue;
++			if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) {
+ 				kbdintctxt->device = devices[i];
++				kbdintctxt->devices_done |= 1 << i;
++			}
++		}
+ 		t = kbdintctxt->devices;
+ 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
+ 		xfree(t);
+Index: crypto/openssh/sshconnect.c
+===================================================================
+--- crypto/openssh/sshconnect.c	(revision 285923)
++++ crypto/openssh/sshconnect.c	(working copy)
+@@ -1141,29 +1141,39 @@ verify_host_key(char *host, struct sockaddr *hosta
+ {
+ 	int flags = 0;
+ 	char *fp;
++	Key *plain = NULL;
+ 
+ 	fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+ 	debug("Server host key: %s %s", key_type(host_key), fp);
+ 	xfree(fp);
+ 
+-	/* XXX certs are not yet supported for DNS */
+-	if (!key_is_cert(host_key) && options.verify_host_key_dns &&
+-	    verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
+-		if (flags & DNS_VERIFY_FOUND) {
+-
+-			if (options.verify_host_key_dns == 1 &&
+-			    flags & DNS_VERIFY_MATCH &&
+-			    flags & DNS_VERIFY_SECURE)
+-				return 0;
+-
+-			if (flags & DNS_VERIFY_MATCH) {
+-				matching_host_key_dns = 1;
+-			} else {
+-				warn_changed_key(host_key);
+-				error("Update the SSHFP RR in DNS with the new "
+-				    "host key to get rid of this message.");
++	if (options.verify_host_key_dns) {
++		/*
++		 * XXX certs are not yet supported for DNS, so downgrade
++		 * them and try the plain key.
++		 */
++		plain = key_from_private(host_key);
++		if (key_is_cert(plain))
++			key_drop_cert(plain);
++		if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) {
++			if (flags & DNS_VERIFY_FOUND) {
++				if (options.verify_host_key_dns == 1 &&
++				    flags & DNS_VERIFY_MATCH &&
++				    flags & DNS_VERIFY_SECURE) {
++					key_free(plain);
++					return 0;
++				}
++				if (flags & DNS_VERIFY_MATCH) {
++					matching_host_key_dns = 1;
++				} else {
++					warn_changed_key(plain);
++					error("Update the SSHFP RR in DNS "
++					    "with the new host key to get rid "
++					    "of this message.");
++				}
+ 			}
+ 		}
++		key_free(plain);
+ 	}
+ 
+ 	return check_host_key(host, hostaddr, options.port, host_key, RDRW,

Property changes on: head/share/security/patches/SA-15:16/openssh-8.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:16/openssh-8.patch.asc
===================================================================
--- head/share/security/patches/SA-15:16/openssh-8.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:16/openssh-8.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FxAAoJEO1n7NZdz2rnH7cP/2bAQDMzE4S6t+gt28nd7aSh
+GquAc96zD52sDz+IKyOBqQA9wsrHDnoaVQjQpavhx2qxsf+rsEvEejtvX1zdtH5o
+DfNz5kArYTgw5F/MuvgXBAgwEZqPamRZdi96KuL8gGCu0nFlTx7S/jayyickPrsk
+S03hXfDSZsFUi6bGHo+lMK0aaunZ26wSRuVU7Pb0JjtUiGgsM/YDy9uW2STTzGMl
+E8iyjHUM8gfM7q/xmFXFIxWC3L5IkurjvCGd7RXltyagHRPxzj1N6NYu4jXQgogZ
+yr9N2lDSZZaS3yoextvpR9lg+J2qDysgMEbsR0GPG1fsc/po8YuPvpT1cak8Vtk8
+fQVs4MJMMwMfUW2QwIBnjNqA0V8unHCtd5ViDOnpHM7g+enHqCXNWxhidKSasZi/
+0+RwFnyYi+JZs2aSpmAJdeQXuPKcNkXg8fhiU/SaRo7jFWwfgHhfj600b/To+l2J
+0h6U5RmXi0RAJiibm6NqgJ/q7/lJTDNGyauM22AAWd47m75/2aO5uH0k4nZRaLbd
+yi69978sXpw15jflP674lFOjVWMDZf2hZcNr2E8TJsriuYSymX0FcA/zSQ/3NhaR
+1AqutoKu2zpqk5diXEKdov+rJ+kaEp0S+0tRxSWNh4eRORlt8ORvvtTS4UgaJHZg
+yGBXrZcEks5bxpFSI2ys
+=NdGQ
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:16/openssh-8.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:16/openssh.patch
===================================================================
--- head/share/security/patches/SA-15:16/openssh.patch	(nonexistent)
+++ head/share/security/patches/SA-15:16/openssh.patch	(revision 47125)
@@ -0,0 +1,90 @@
+Index: crypto/openssh/auth2-chall.c
+===================================================================
+--- crypto/openssh/auth2-chall.c	(revision 285923)
++++ crypto/openssh/auth2-chall.c	(working copy)
+@@ -82,6 +82,7 @@ struct KbdintAuthctxt
+ 	void *ctxt;
+ 	KbdintDevice *device;
+ 	u_int nreq;
++	u_int devices_done;
+ };
+ 
+ #ifdef USE_PAM
+@@ -168,11 +169,15 @@ kbdint_next_device(Authctxt *authctxt, KbdintAuthc
+ 		if (len == 0)
+ 			break;
+ 		for (i = 0; devices[i]; i++) {
+-			if (!auth2_method_allowed(authctxt,
++			if ((kbdintctxt->devices_done & (1 << i)) != 0 ||
++			    !auth2_method_allowed(authctxt,
+ 			    "keyboard-interactive", devices[i]->name))
+ 				continue;
+-			if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0)
++			if (strncmp(kbdintctxt->devices, devices[i]->name,
++			    len) == 0) {
+ 				kbdintctxt->device = devices[i];
++				kbdintctxt->devices_done |= 1 << i;
++			}
+ 		}
+ 		t = kbdintctxt->devices;
+ 		kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL;
+Index: crypto/openssh/sshconnect.c
+===================================================================
+--- crypto/openssh/sshconnect.c	(revision 285923)
++++ crypto/openssh/sshconnect.c	(working copy)
+@@ -1247,29 +1247,39 @@ verify_host_key(char *host, struct sockaddr *hosta
+ {
+ 	int flags = 0;
+ 	char *fp;
++	Key *plain = NULL;
+ 
+ 	fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
+ 	debug("Server host key: %s %s", key_type(host_key), fp);
+ 	free(fp);
+ 
+-	/* XXX certs are not yet supported for DNS */
+-	if (!key_is_cert(host_key) && options.verify_host_key_dns &&
+-	    verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) {
+-		if (flags & DNS_VERIFY_FOUND) {
+-
+-			if (options.verify_host_key_dns == 1 &&
+-			    flags & DNS_VERIFY_MATCH &&
+-			    flags & DNS_VERIFY_SECURE)
+-				return 0;
+-
+-			if (flags & DNS_VERIFY_MATCH) {
+-				matching_host_key_dns = 1;
+-			} else {
+-				warn_changed_key(host_key);
+-				error("Update the SSHFP RR in DNS with the new "
+-				    "host key to get rid of this message.");
++	if (options.verify_host_key_dns) {
++		/*
++		 * XXX certs are not yet supported for DNS, so downgrade
++		 * them and try the plain key.
++		 */
++		plain = key_from_private(host_key);
++		if (key_is_cert(plain))
++			key_drop_cert(plain);
++		if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) {
++			if (flags & DNS_VERIFY_FOUND) {
++				if (options.verify_host_key_dns == 1 &&
++				    flags & DNS_VERIFY_MATCH &&
++				    flags & DNS_VERIFY_SECURE) {
++					key_free(plain);
++					return 0;
++				}
++				if (flags & DNS_VERIFY_MATCH) {
++					matching_host_key_dns = 1;
++				} else {
++					warn_changed_key(plain);
++					error("Update the SSHFP RR in DNS "
++					    "with the new host key to get rid "
++					    "of this message.");
++				}
+ 			}
+ 		}
++		key_free(plain);
+ 	}
+ 
+ 	return check_host_key(host, hostaddr, options.port, host_key, RDRW,

Property changes on: head/share/security/patches/SA-15:16/openssh.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:16/openssh.patch.asc
===================================================================
--- head/share/security/patches/SA-15:16/openssh.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:16/openssh.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FxAAoJEO1n7NZdz2rn2NkP/RBSyWex/lwblNKDYQpEu2jZ
+Gc+opzaFAVfWHrlKNhcQDb9haoeuLo7+lJwIS/e1CvtV0opT2AKR/RFLtsYGOAmp
+ydLPigTkw2kfEH/gyDiRxfFcqZ5UzlKIQGPre1/FE2HNjYHOUSnJp+K+cPJ81cJQ
+bYICXuSvnhhpasak/3CwHKGgGKv7YyrE1pGfE79e52M404484VkW1dCqfE+URRr0
+fiDIchhHFKjNM/Ycgr5iyZmisBgtupLC/aIHJzBE+h/tCUjApSTJMyroUB6P70lx
+zeRPVEgcMJQi2K9MPXvuK78Ko4MjqrhVc05ufaqb0aEbBFMBGDyuFf8s5yHiluhK
+YU047m2bbjDny7DJPrqEyg0X7vRCcHXjw0gBju1P3D2lpLdL+t5VX9VEvh0pfnDi
+u7uXZGejhm4Nr5GsNZoNAiLL7wScOS6MVB52Fy0HPL1TqUcCddiyw+rc2rmj4VbH
+ZwlHs4ecMeNyPYGmXvt7Kg4fZ3T19S8EypjrUdKqZbgI+0keNu77QD7/llEck9nu
+ArM/386qrUX+F6V74PpSMNpjN49fMccKqPnImUyrc7EofeTinIfT5Z9Rw+K1xw+D
+QkZtKhQXENNG3FeBWg11jvWywGkfj+4arlxDyfx04SwVYMHlTwMVj37NNaRrUjJ9
+/1HdVB06GZS5dA5thOzB
+=d3dY
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:16/openssh.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:17/bind.patch
===================================================================
--- head/share/security/patches/SA-15:17/bind.patch	(nonexistent)
+++ head/share/security/patches/SA-15:17/bind.patch	(revision 47125)
@@ -0,0 +1,12 @@
+Index: contrib/bind9/lib/dns/tkey.c
+===================================================================
+--- contrib/bind9/lib/dns/tkey.c	(revision 285922)
++++ contrib/bind9/lib/dns/tkey.c	(working copy)
+@@ -650,6 +650,7 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkey
+ 		 * Try the answer section, since that's where Win2000
+ 		 * puts it.
+ 		 */
++		name = NULL;
+ 		if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
+ 					 dns_rdatatype_tkey, 0, &name,
+ 					 &tkeyset) != ISC_R_SUCCESS) {

Property changes on: head/share/security/patches/SA-15:17/bind.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-15:17/bind.patch.asc
===================================================================
--- head/share/security/patches/SA-15:17/bind.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-15:17/bind.patch.asc	(revision 47125)
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.6 (FreeBSD)
+
+iQIcBAABCgAGBQJVt+FxAAoJEO1n7NZdz2rnse8P/2/topHY/AW0sJmsMFGDcCQl
+6nYAyoriO354QXif99lFSMVjY6PeI35N8gLb9560Pcv2RBvyv55Bk9wPsCLIAzId
+KZKmIlgw14kT5n1usyLoMRPbXcn37sKi3xdLOGIrGBP9d8VaCvRWUxC9Qh3pg4fQ
+9dGsbso+5BI15/lqATI5xawu8lljHufwM46BUXpWqK63xyqBAsVNHbOoj+fhneNI
+Bw14K6x1qOQNuv4Ri/39TWp5UCfPrhwZ2qpsIEp9oT7Jgvvs16ErqbY7UoxnD4pF
+Jo4DCH2lZjesSlz05w9iam/PkQed5ltYvCK0rdyTfhjqB/Px6zd0xUvy40Pg+w5G
+VY25+LSSJMtkQe88TbOW+SzcopPYwUZ88CgExoUPyn5Cd7Sv5GsNCAmoXhFA/0Of
+BRT9h9KFD9VE1juAnlgB2Hp1MkBlfoqG2/ytomctvUjFLKRUGLmvkFTgshNqYgD1
+6NDYri4sqDEHeKMhVvVVqTPciCg8kwAX2h1sLBca8fbXsyanzvEieM5RrxJdyaeH
+856lhb2fnRECUdWA9vKModtqI3mUF76tP6/4GI7GdxaCmWWCRpPsJY7eubNEKqVX
+jNT20ymBkchl/GAPshedz+xG7yGdO54wE14dwV9lgFLlup41w83DKQH4vm0DS+q/
+GCgaLCun78PU/GjzYQh7
+=uz3V
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-15:17/bind.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/xml/advisories.xml
===================================================================
--- head/share/xml/advisories.xml	(revision 47124)
+++ head/share/xml/advisories.xml	(revision 47125)
@@ -1,3918 +1,3938 @@
 <?xml version="1.0"?>
 <advisories>
     <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS">
       $FreeBSD$
     </cvs:keyword>
 
   <year>
     <name>2015</name>
 
     <month>
       <name>7</name>
 
       <day>
+        <name>28</name>
+
+        <advisory>
+          <name>FreeBSD-SA-15:17.bind</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-15:16.openssh</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-15:15.tcp</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-15:14.bsdpatch</name>
+        </advisory>
+      </day>
+
+      <day>
         <name>21</name>
 
         <advisory>
           <name>FreeBSD-SA-15:13.tcp</name>
         </advisory>
       </day>
 
       <day>
         <name>9</name>
 
         <advisory>
           <name>FreeBSD-SA-15:12.openssl</name>
         </advisory>
       </day>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-15:11.bind</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
         <name>12</name>
 
         <advisory>
           <name>FreeBSD-SA-15:10.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-15:09.ipv6</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:08.bsdinstall</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:07.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
         <name>19</name>
 
         <advisory>
           <name>FreeBSD-SA-15:06.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
         <name>25</name>
 
         <advisory>
           <name>FreeBSD-SA-15:05.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:04.igmp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-15:03.sctp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:02.kmem</name>
         </advisory>
       </day>
 
       <day>
         <name>14</name>
 
         <advisory>
           <name>FreeBSD-SA-15:01.openssl</name>
         </advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2014</name>
 
     <month>
       <name>12</name>
 
       <day>
         <name>23</name>
 
         <advisory>
           <name>FreeBSD-SA-14:31.ntp</name>
         </advisory>
       </day>
 
       <day>
         <name>17</name>
 
         <advisory>
           <name>FreeBSD-SA-14:30.unbound</name>
         </advisory>
       </day>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:29.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:28.file</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:27.stdio</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>04</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:26.ftp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:25.setlogin</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:24.sshd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>21</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:23.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:22.namei</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:21.routed</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:20.rtsold</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>16</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:19.tcp</name>
 	</advisory>
       </day>
 
       <day>
 	<name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:18.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>8</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:17.kmem</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>24</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:16.file</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:15.iconv</name>
 	</advisory>
       </day>
 
       <day>
 	<name>5</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:14.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:13.pam</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:12.ktrace</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:11.sendmail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:10.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:09.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:08.tcp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:07.devfs</name>
 	</advisory>
       </day>
 
       <day>
 	<name>08</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:06.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:05.nfsserver</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:03.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:02.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:01.bsnmpd</name>
 	</advisory>
       </day>
     </month>
 
   </year>
 
   <year>
     <name>2013</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:14.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:13.nullfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:12.ifioctl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:11.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:10.sctp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:09.ip_multicast</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>26</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:08.nfsserver</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:07.bind</name>
 	</advisory>
       </day>
 
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>18</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:06.mmap</name>
 	</advisory>
       </day>
 
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:05.nfsserver</name>
 	</advisory>
       </day>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:03.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:02.libc</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:01.bind</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2012</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:08.linux</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:07.hostapd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:05.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>12</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:04.sysret</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:03.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:02.crypt</name>
 	</advisory>
       </day>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:01.openssl</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2011</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:10.pam</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:09.pam_ssh</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:08.telnetd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:07.chroot</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:05.unix</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:04.compress</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:03.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:02.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:01.mountd</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2010</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:10.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:09.pseudofs</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:08.bzip2</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:07.mbuf</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>27</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:06.nfsclient</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:05.opie</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:04.jail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:03.zfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:02.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:01.bind</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2009</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:17.freebsd-update</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:16.rtld</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:15.ssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:14.devfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:13.pipe</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:12.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:11.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:10.ipv6</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:09.pipe</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:08.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:07.libc</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:06.ktimer</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>16</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:05.telnetd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:03.ntpd</name>
 	</advisory>
       </day>
 
       <day>
 	<name>7</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:02.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:01.lukemftpd</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2008</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:13.protosw</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:12.ftpd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>24</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:11.arc4random</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:10.nd6</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:09.icmp6</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:08.nmount</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:07.amd64</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>17</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:05.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:04.ipsec</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:03.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>18</name>
 
         <release>
           <name>FreeBSD 6.3-RELEASE</name>
         </release>
       </day>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:02.libc</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:01.pty</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2007</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:10.gtar</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:09.random</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:08.openssl</name>
 	</advisory>
       </day>
     </month>
 
 
     <month>
       <name>8</name>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:07.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:06.tcpdump</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>12</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:05.libarchive</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:04.file</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>26</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:03.ipv6</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:02.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>15</name>
 
         <release>
           <name>FreeBSD 6.2-RELEASE</name>
         </release>
       </day>
 
       <day>
 	<name>11</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:01.jail</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2006</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:26.gtar</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:25.kmem</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>8</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:24.libarchive</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:22.openssh</name>
 	</advisory>
       </day>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:23.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:21.gzip</name>
 	</advisory>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:20.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:19.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:18.ppp</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:17.sendmail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>31</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:16.smbfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:15.ypserv</name>
 	</advisory>
       </day>
 
       <day>
         <name>25</name>
 
         <release>
           <name>FreeBSD 5.5-RELEASE</name>
         </release>
       </day>
 
       <day>
         <name>9</name>
 
         <release>
           <name>FreeBSD 6.1-RELEASE</name>
         </release>
       </day>
 
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:14.fpu</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:13.sendmail</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:12.opie</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:11.ipsec</name>
 	</advisory>
       </day>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:10.nfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:09.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:08.sack</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>25</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:07.pf</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:06.kmem</name>
 	</advisory>
       </day>
 
       <day>
 	<name>18</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:05.80211</name>
 	</advisory>
       </day>
 
       <day>
 	<name>11</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:04.ipfw</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:03.cpio</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:02.ee</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:01.texindex</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2005</name>
 
     <month>
       <name>11</name>
 
       <day>
         <name>4</name>
 
         <release>
           <name>FreeBSD 6.0-RELEASE</name>
         </release>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
         <name>11</name>
 
         <advisory>
           <name>FreeBSD-SA-05:21.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-05:20.cvsbug</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-05:19.ipsec</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-05:18.zlib</name>
         </advisory>
       </day>
 
       <day>
         <name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:17.devfs</name>
 	</advisory>
       </day>
 
       <day>
         <name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:16.zlib</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
         <name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:15.tcp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:14.bzip2</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:13.ipfw</name>
 	</advisory>
       </day>
 
       <day>
         <name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:12.bind9</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:11.gzip</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:10.tcpdump</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
         <name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:09.htt</name>
 	</advisory>
       </day>
 
       <day>
 	<name>9</name>
 
 	<release>
 	  <name>FreeBSD 5.4-RELEASE</name>
 	</release>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:08.kmem</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:07.ldt</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:06.iir</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:05.cvs</name>
 	</advisory>
       </day>
 
       <day>
 	<name>15</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:04.ifconf</name>
 	</advisory>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:03.amd64</name>
 	</advisory>
       </day>
 
       <day>
 	<name>4</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:02.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:01.telnet</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
 	<day>
 	  <name>25</name>
 
 	  <release>
 	    <name>FreeBSD 4.11-RELEASE</name>
 	  </release>
 	</day>
     </month>
   </year>
 
     <year>
       <name>2004</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>1</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:17.procfs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>11</name>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:16.fetch</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>6</name>
 
 	  <release>
 	    <name>FreeBSD 5.3-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
         <name>10</name>
 
 	<day>
 	  <name>4</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:15.syscons</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>9</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:14.cvs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>6</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:13.linux</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>7</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:12.jailroute</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>27</name>
 
 	  <release>
 	    <name>FreeBSD 4.10-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:11.msync</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:10.cvs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>5</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:09.kadmind</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-04:08.heimdal</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:07.cvs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:06.ipv6</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:05.openssl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>2</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:04.tcp</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>26</name>
 
 	  <release>
 	    <name>FreeBSD 5.2.1-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>25</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:03.jail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:02.shmat</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:01.mksnap_ffs</name>
 	  </advisory>
 	</day>
 
 
 	<day>
 	  <name>12</name>
 
 	  <release>
 	    <name>FreeBSD 5.2-RELEASE</name>
 	  </release>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2003</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:19.bind</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>27</name>
 
 	  <release>
 	    <name>FreeBSD 4.9-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>5</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:15.openssh</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:18.openssl</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-03:17.procfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>2</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:16.filedesc</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:14.arp</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:13.sendmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:12.openssh</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:11.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1170</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:10.ibcs2</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1164</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:09.signal</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1163</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:08.realpath</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1158</ulink>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>9</name>
 
 	  <release>
 	    <name>FreeBSD 5.1-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>8</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-03:02</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>7</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-03:01</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <release>
 	    <name>FreeBSD 4.8-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:07.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1122</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:06.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1118</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:05.xdr</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1117</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:04.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1112</ulink>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:03.syncookies</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1106</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:02.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1105</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:01.cvs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1100</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>19</name>
 
 	  <release>
 	    <name>FreeBSD 5.0-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:44.filedesc</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1090</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2002</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:43.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1084</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:41.smrsh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1082</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:42.resolv</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1083</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:40.kadmind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1081</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>10</name>
 
 	  <release>
 	    <name>FreeBSD 4.7-RELEASE</name>
 	  </release>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:06</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:39.libkvm</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1051</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:05</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:38.signed-error</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1041</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <release>
 	    <name>FreeBSD 4.6.2-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:37.kqueue</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1033</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:36.nfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1032</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:35.ffs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1031</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:33.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1023</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:34.rpc</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1024</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:32.pppd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1022</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:31.openssh</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:30.ktrace</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:29.tcpdump</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:28.resolv</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:04</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <release>
 	    <name>FreeBSD 4.6-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:27.rc</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:26.accept</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:03</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:25.bzip2</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:24.k5su</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:02</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:23.stdio</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1021</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:22.mmap</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:21.tcpip</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/980</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:20.syncache</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/979</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:01</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:19.squid</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/960</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:18.zlib</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/978</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:17.mod_frontpage</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/954</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:16.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/953</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:15.cyrus-sasl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/952</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:14.pam-pgsql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/951</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:13.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/945</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:12.squid</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/938</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:11.snmp</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/936</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:10.rsync</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/928</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:09.fstatfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/927</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>29</name>
 
 	  <release>
 	    <name>FreeBSD 4.5-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:08.exec</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/923</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:07.k5su</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/912</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:06.sudo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/909</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:05.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/894</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:04.mutt</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/893</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:03.mod_auth_pgsql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/892</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:02.pw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/891</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:01.pkg_add</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/898</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2001</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:64.wu-ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/870</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:63.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/871</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>08</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:62.uucp</name>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:61.squid</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:60.procmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <release>
 	    <name>FreeBSD 4.4-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:59.rmuser</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:58.lpd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:57.sendmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:56.tcp_wrappers</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:55.procfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:54.ports-telnetd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:53.ipfw</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:52.fragment</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:51.openssl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:50.windowmaker</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:49.telnetd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:48.tcpdump</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:47.xinetd</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:46.w3m</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:45.samba</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:44.gnupg</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:43.fetchmail</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:42.signal</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:41.hanterm</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:40.fts</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:39.tcp-isn</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:38.sudo</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:37.slrn</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:36.samba</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:35.licq</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:34.hylafax</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <release>
 	    <name>FreeBSD 4.3-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:33.ftpd-glob</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:32.ipfilter</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:31.ntpd</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:30.ufs-ext2fs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/738</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:29.rwhod</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/732</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:28.timed</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/731</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:27.cfengine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/730</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:26.interbase</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/729</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:23.icecast</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/728</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:25.kerberosIV</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/716</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:24.ssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/715</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:22.dc20ctrl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/714</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:21.ja-elvis</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/713</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:20.mars_nwe</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/712</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:19.ja-klock</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/707</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:18.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/706</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:17.exmh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/705</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:16.mysql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/704</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:15.tinyproxy</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/703</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:14.micq</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/702</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:13.sort</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/701</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:12.periodic</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/700</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:11.inetd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/699</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:10.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/698</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:09.crontab</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/697</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:08.ipfw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/696</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:07.xfree86</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:06.zope</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/669</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:05.stunnel</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/668</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:04.joe</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/667</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:03.bash1</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/666</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:02.syslog-ng</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/665</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:01.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/664</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2000</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:81.ethereal</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/651</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:80.halflifeserver</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/650</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:79.oops</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/649</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:78.bitchx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/648</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:77.procfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/647</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:76.tcsh-csh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/628</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:75.php</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/627</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:74.gaim</name>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:73.thttpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/626</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:72.curl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/625</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:71.mgetty</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/624</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:70.ppp-nat</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/623</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:69.telnetd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/622</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:68.ncurses</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/621</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:67.gnupg</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/620</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:66.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/619</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:65.xfce</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/618</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:64.global</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/617</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:63.getnameinfo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/589</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:62.top</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/616</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:61.tcpdump</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/615</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:60.boa</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/586</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:59.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/585</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:58.chpass</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/584</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:57.muh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/570</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:56.lprng</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/569</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:55.xpdf</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/568</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:54.fingerd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/567</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:52.tcp-iss</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/561</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:53.catopen</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/562</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:51.mailman</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/550</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:50.listmanager</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/549</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:49.eject</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/548</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:48.xchat</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/547</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:47.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/546</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:46.screen</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/545</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:45.esound</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/526</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:44.xlock</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/523</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:43.brouted</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/520</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:42.linux</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/530</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:41.elf</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/527</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:40.mopd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/521</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:39.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/528</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:38.zope</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/525</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:37.cvsweb</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/524</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:36.ntop</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/531</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:35.proftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/522</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:34.dhclient</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/529</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:33.kerberosIV</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/488</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:32.bitchx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/487</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:31.canna</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/486</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:30.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/485</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:29.wu-ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/489</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:28.majordomo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/484</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:27.XFree86-4</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/483</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:26.popper</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/482</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:24.libedit</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/481</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:23.ip-options</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/480</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:25.alpha-random</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/473</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:22.apsfilter</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/461</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:21.ssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/459</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:20.krb5</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/452</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:19.semconfig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/451</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:18.gnapster.knapster</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/429</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:17.libmytinfo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/442</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:16.golddig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/439</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:15.imap-uw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/438</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:14.imap-uw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/441</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:13.generic-nqs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/437</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:12.healthd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/436</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:11.ircii</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/440</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:10.orville-write</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/408</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:09.mtr</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/408</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:08.lynx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/407</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:07.mh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/411</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:06.htdig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/403</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:05.mysql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/402</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:04.delegate</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/392</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:03.asmon</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/391</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:02.procfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/380</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:01.make</name>
 	  </advisory>
 
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1999</name>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:06.amd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/318</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:05.fts</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/313</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:04.core</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/312</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:03.ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/311</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:02.profil</name>
 	  </advisory>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:01.chflags</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1998</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:08.fragment</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:07.rst</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:06.icmp</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:05.nfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:04.mmap</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:03.ttcp</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:02.mmap</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1997</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:06.f00f</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:01.land</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:05.open</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:04.procfs</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:03.sysinstall</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:02.lpd</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:01.setlocale</name>
 	  </advisory>
 
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:21.talkd</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1996</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:20.stack-overflow</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:19.modstat</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>25</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:18.lpr</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:17.rzsz</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:16.rdist</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:15.ppp</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:12.perl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:14.ipfw</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:13.comsat</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:11.man</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:10.mount_union</name>
 	  </advisory>
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:09.vfsload</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:02.apache</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:08.syslog</name>
 	  </advisory>
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:01.sliplogin</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:03.sendmail-suggestion</name>
 	  </advisory>
 	</day>
 
       </month>
     </year>
 
 </advisories>