Index: head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc	(revision 51201)
@@ -0,0 +1,140 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-17:08.ptrace                                     Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Kernel data leak via ptrace(PT_LWPINFO)
+
+Category:       core
+Module:         ptrace
+Announced:      2017-11-15
+Credits:        John Baldwin
+Affects:        All supported versions of FreeBSD.
+Corrected:      2017-11-10 12:28:43 UTC (stable/11, 11.1-STABLE)
+                2017-11-15 22:39:41 UTC (releng/11.1, 11.1-RELEASE-p4)
+                2017-11-15 22:40:15 UTC (releng/11.0, 11.0-RELEASE-p15)
+                2017-11-10 12:31:58 UTC (stable/10, 10.4-STABLE)
+                2017-11-15 22:40:32 UTC (releng/10.4, 10.4-RELEASE-p3)
+                2017-11-15 22:40:46 UTC (releng/10.3, 10.3-RELEASE-p24)
+CVE Name:       CVE-2017-1086
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The ptrace(2) syscall provides the facility for a debugger to control the
+execution of the target process and to obtain necessary status information
+about it.  The struct ptrace_lwpinfo structure is reported by one of the
+ptrace(2) subcommand and contains a lot of the information about the stopped
+thread (light-weight process or LWP, thus the name).
+
+II.  Problem Description
+
+Not all information in the struct ptrace_lwpinfo is relevant for the state
+of any thread, and the kernel does not fill the irrelevant bytes or short
+strings.  Since the structure filled by the kernel is allocated on the
+kernel stack and copied to userspace, a leak of information of the kernel
+stack of the thread is possible from the debugger.
+
+III. Impact
+
+Some bytes from the kernel stack of the thread using ptrace(PT_LWPINFO)
+call can be observed in userspace.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Afterward, reboot the system.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+Afterward, reboot the system.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-17:08/ptrace.patch
+# fetch https://security.FreeBSD.org/patches/SA-17:08/ptrace.patch.asc
+# gpg --verify ptrace.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/10/                                                        r325643
+releng/10.3/                                                      r325871
+releng/10.4/                                                      r325870
+stable/11/                                                        r325642
+releng/11.0/                                                      r325869
+releng/11.1/                                                      r325868
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1086>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:08.ptrace.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxftfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+audQ+hAA2+cjqNVUJ/Polwo9cu61QxKLEXO1DItlMIFWBxpFpXXlRSLbqH+RGmaO
+6aR4Q1xcOnLm8e57KcLFppl77uOZyO0IJ0lyK6P30ouSxuYIW3aHbW+p3pVYBE+J
+aqF3mNxSh9xQRgXvxUB/CM3w/SMKkxXtkZMvhNSGFCShGQTNpjGfAgIwOZD8mNFi
+WvYbPgzwfeE4tsaStZ91SZ8wf2nxdRXhybDXEOCAJvicP6IqYA1Zfr7RG2N3swK7
+JKLXW7tiVu+zbRYYFiWYX4FIWatIlsTjpD0GyuZs0j2PCEu80z1muFnrp/dGg3Bn
+APGVzIrkFjKvmXfkuFZFPMWCL+u9cUgOMNGkMFDXrLppLL7aXCGrz3BWECg581Pr
+dnUrrz/iEcXGDcnTJ3Ff+OidqdhdpVQz59Ek90TMd5iO+nZ+xeVjVzxdLHb82/wt
+KlgXRpwTg3Q72xDSF84UmRSkk1M/V5AZMrZiy2RjIwtvLqIJ9ZpLAMnrwTTWRDjB
+YurHHNWKjMVkdKCdbpBVGRjNmS6XYS6QukmA4M85d2r0Dmb8J6Gd6juHc3Essrz+
+3qEMKAcYsSWbQ5ZSMywUOzM74Dk+wUTf7jCJ1IsSqn8hYHOqvUSF0ftwXkdS1+cv
+GT25iduAMCdTP15Qp57Wlhv9WCF8eOUoYKHiSpXcVa6XMqazLy4=
+=Uqz2
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/advisories/FreeBSD-SA-17:09.shm.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-17:09.shm.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-17:09.shm.asc	(revision 51201)
@@ -0,0 +1,140 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-17:09.shm                                        Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          POSIX shm allows jails to access global namespace
+
+Category:       core
+Module:         shm
+Announced:      2017-11-15
+Credits:        Whitewinterwolf
+Affects:        FreeBSD 10.x
+Corrected:      2017-11-13 23:21:17 UTC (stable/10, 10.4-STABLE)
+                2017-11-15 22:45:50 UTC (releng/10.4, 10.4-RELEASE-p3)
+                2017-11-15 22:45:13 UTC (releng/10.3, 10.3-RELEASE-p24)
+CVE Name:       CVE-2017-1087
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+POSIX shared memory objects allow realtime inter-process communication by
+sharing a memory area through the use of a named path (see shm_open(2)).
+
+This is used by some multi-process applications to share data between running
+processes, such as a common cache or to implement a producer-consumer model
+where several worker processes handle requests pushed by a producer process.
+
+II.  Problem Description
+
+Named paths are globally scoped, meaning a process located in one jail can
+read and modify the content of POSIX shared memory objects created by a
+process in another jail or the host system.
+
+III. Impact
+
+A malicious user that has access to a jailed system is able to abuse shared
+memory by injecting malicious content in the shared memory region.  This
+memory region might be executed by applications trusting the shared memory,
+like Squid.
+
+This issue could lead to a Denial of Service or local privilege escalation.
+
+IV.  Workaround
+
+No workaround is available, but systems without jails or jails not having
+local users are not vulnerable.
+
+V.   Solution
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+Reboot the system for the update to take effect.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+Reboot the system for the update to take effect.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 10.4, FreeBSD 10-STABLE]
+# fetch https://security.FreeBSD.org/patches/SA-17:09/shm-10.patch
+# fetch https://security.FreeBSD.org/patches/SA-17:09/shm-10.patch.asc
+# gpg --verify shm-10.patch.asc
+
+[FreeBSD 10.3]
+# fetch https://security.FreeBSD.org/patches/SA-17:09/shm-10.3.patch
+# fetch https://security.FreeBSD.org/patches/SA-17:09/shm-10.3.patch.asc
+# gpg --verify shm-10.3.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/10/                                                        r325783
+releng/10.3/                                                      r325873
+releng/10.4/                                                      r325874
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1087>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:09.shm.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxg1fFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+auciExAAhd9IcZrWpAqjKSGQWHrG7wJxrbCyyVVmZeoVQYQCihXJOnp+mhmVoJp5
+zvyjIBG23F/dR8ukRO/LnqzM2bhCj7OcijlvZboH3L4os8iIeB2Tc6k9YlnFQeij
+wYK0CNnQjECf5S4OIBmQ+irpBYATZKk2EEDdmKDltcauSlIhJIzUedGdmMySOFzl
+jpx3+dHNb+D9v4luOgvF3mVTYPpjYmJ2HIYel3m0XdElW+okM+L4Q5Nt4Krm+DDp
+L0fUG5tqS+a++53mNIGeGiBhomD0zZMJZ8LXe/FAACHPWA0yUMhCVrZTwzVTHhA7
+g5W1prFW3WYui7x1qF2LIA+SnGFTWXRlIhlAA/1n94Jl6shHnV6guZbzLAX0zk/C
+6WFydhrYhmPXd3o5uWz+oQQHXQCcHeGrNc+fmPKg/bpkyJvgfLc6YaY2gEQmfIrI
+3w/xqhN8mWVVhpHsHK+Wcz44T9uGH4NlYeDYy3TJ1ECri28fbxufAzr8hgbNRDtw
+B8YTijrPUSjwKBG815oO5JsOmHVCkCkIRx7nW72bHIs8ralXX563HK3RPjlFzr2G
+tzk9DF2w2TUQlgzS4wbZk9lXmlgvV0vRzsz+7jcJe1K+ZgyweNg+QIVet3BvobIA
+zeiRFfZuhH3ExNoJKqfZhBtOiePD0JR6JnkhvjEJm1NoHvoDOAQ=
+=epmQ
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-17:09.shm.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc
===================================================================
--- head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc	(nonexistent)
+++ head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc	(revision 51201)
@@ -0,0 +1,136 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-17:10.kldstat                                    Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Information leak in kldstat(2)
+
+Category:       core
+Module:         kernel
+Announced:      2017-11-15
+Credits:        TJ Corley
+Affects:        All supported versions of FreeBSD.
+Corrected:      2017-11-15 22:34:15 UTC (stable/11, 11.1-STABLE)
+                2017-11-15 22:49:47 UTC (releng/11.1, 11.1-RELEASE-p4)
+                2017-11-15 22:50:20 UTC (releng/11.0, 11.0-RELEASE-p15)
+                2017-11-15 22:35:16 UTC (stable/10, 10.4-STABLE)
+                2017-11-15 22:50:47 UTC (releng/10.4, 10.4-RELEASE-p3)
+                2017-11-15 22:51:08 UTC (releng/10.3, 10.3-RELEASE-p24)
+CVE Name:       CVE-2017-1088
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The kldstat(2) syscall provides information about loaded kld files.  The
+syscall takes a userland argument of struct kld_file_stat which is then
+filled with data about the kld file requested.
+
+II.  Problem Description
+
+The kernel does not properly clear the memory of the kld_file_stat
+structure before filling the data.  Since the structure filled by the
+kernel is allocated on the kernel stack and copied to userspace, a leak
+of information from the kernel stack is possible.
+
+III. Impact
+
+Some bytes from the kernel stack can be observed in userspace.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Afterward, reboot the system.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+Afterward, reboot the system.
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-17:10/kldstat.patch
+# fetch https://security.FreeBSD.org/patches/SA-17:10/kldstat.patch.asc
+# gpg --verify kldstat.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/10/                                                        r325867
+releng/10.3/                                                      r325878
+releng/10.4/                                                      r325877
+stable/11/                                                        r325866
+releng/11.0/                                                      r325876
+releng/11.1/                                                      r325875
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1088>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:10.kldstat.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxhRfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+audjZhAA29uguakBjkQtnAlWceN0BOQlkp03iYQh61dFpdH98f7RQcr5cq77XKrM
+pkONtdEVbZNF9g6sly6n9dq5ivAuC9K1KGPtylMcPzHLTzDtV1B13vk2iwwgqkZ7
+GgB+m305kcL85knaASn3PBYwKTKzGOrhZFUZuTTI4VAnbbEmIwTHnJlVHvNwFDIj
+je1XxdDBr4jq7SdCZH8YW9LZAMDi9b+0hg72u20ZQ66uNeadxN4i9DuWtMeHJHb7
+2aZRtHhdw4imryUpHM4FnCp5zp9V87Gyv4wy7IrkOKYtbl4nWqxqVakL7T9yVmY5
+Q4cGqreYq8bF2aM3LyT26VmDfMOovovHJpCRHf9fvlIMj6ajS39FKWMkEeU23ykg
+EiTNk090h/G3REWiPnWjbxt8VGnFGyLe3K1VQqUvS+LlQ4lc45WCJnEHcpbvXT/E
+TNTQ/85nE4BklV1d9wiLy26C21W92IguZam0HdRYJHgEc9Mug+62MfqDzHf0w5HP
+3pu8IV5KMwEjGxzaiDMETIZU+K5fkdzPDNBhscxZ6OOab4zQ0+pZgdT1CSbXV6Ru
+xuOjSyBdz5vVdbq/298VJJ7hNyoP1MgnyaxPrG2ImNDKjUGqbtOgv0m3ISqtsyfs
+pEvyO2MxWWZqdNhtGJuQpOYyzAMxfJdmdOz1PMFFayQiBR7F0ao=
+=N2rs
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:08/ptrace.patch
===================================================================
--- head/share/security/patches/SA-17:08/ptrace.patch	(nonexistent)
+++ head/share/security/patches/SA-17:08/ptrace.patch	(revision 51201)
@@ -0,0 +1,27 @@
+--- sys/kern/sys_process.c.orig
++++ sys/kern/sys_process.c
+@@ -518,6 +518,7 @@
+     struct ptrace_lwpinfo32 *pl32)
+ {
+ 
++	bzero(pl32, sizeof(*pl32));
+ 	pl32->pl_lwpid = pl->pl_lwpid;
+ 	pl32->pl_event = pl->pl_event;
+ 	pl32->pl_flags = pl->pl_flags;
+@@ -1301,6 +1302,7 @@
+ 		} else
+ #endif
+ 		pl = addr;
++		bzero(pl, sizeof(*pl));
+ 		pl->pl_lwpid = td2->td_tid;
+ 		pl->pl_event = PL_EVENT_NONE;
+ 		pl->pl_flags = 0;
+@@ -1321,8 +1323,6 @@
+ 				pl->pl_siginfo = td2->td_dbgksi.ksi_info;
+ 			}
+ 		}
+-		if ((pl->pl_flags & PL_FLAG_SI) == 0)
+-			bzero(&pl->pl_siginfo, sizeof(pl->pl_siginfo));
+ 		if (td2->td_dbgflags & TDB_SCE)
+ 			pl->pl_flags |= PL_FLAG_SCE;
+ 		else if (td2->td_dbgflags & TDB_SCX)

Property changes on: head/share/security/patches/SA-17:08/ptrace.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:08/ptrace.patch.asc
===================================================================
--- head/share/security/patches/SA-17:08/ptrace.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-17:08/ptrace.patch.asc	(revision 51201)
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxiVfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+aueBbRAApWCpppwWGjGogqxNVVeyROsWzCVGy4MGOT0ngU5mc2uwZA1zwbUZ0m1I
+KGIGQGgkJLaU/pHJfjPmG6QGfGW2XY/VGd6EKY5P7dYXx54uGeb0OXU5e+6HLTMX
+dWPkvAXeRQJuIY5A3L4K9lOiS6sLfpk759RlriuMRpqoBOZ4uQxynplYuuBJ/CRc
+Tezy8LehBys2qDwhQa1wgoK/St5heh7TfOcoaumm9KvO7687DADE7bmU/iQ+XntL
+eB/RVQTZ5yxDNe7z4oDsVwUwHFpwrln76feVDYVVdJFz8/dCszRenFhptrC145rY
+W3o+LuczLdf+70vVY6ajLRypIpcvFEzO7X5DKafNFKG0ZvxrQp190+a4DAKJ6Vgh
+8hB6Poz1aBObeJlnLNKPpcXQDwi3FCxyMardrTJG2bIAjqoS27eqF/RVhJpeXexs
+plG2aRk4CdduOyrTYvvqDw2HkDB36kuE3gyFufV9DwMrPWtPQIEJcW9bPNGBdDi/
+LorKHPCXiX1/M8I9DMgOAmcGkaO/UtTqGFNZRrwuC9j2XpVk4gQfF5LUTdnf7FB3
+R0+/+HWYWpHm+OmuodToYgZ5X4+ftQpQztmvgArBLW83AcUUBL4ic7u5kOJCLUlT
+QEseNpEHQBEIJzkOtq/nui//9kimTOWsC6rw7Raeoh/kUmurMjg=
+=AJBS
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-17:08/ptrace.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:09/shm-10.3.patch
===================================================================
--- head/share/security/patches/SA-17:09/shm-10.3.patch	(nonexistent)
+++ head/share/security/patches/SA-17:09/shm-10.3.patch	(revision 51201)
@@ -0,0 +1,1025 @@
+--- share/man/man9/osd.9.orig
++++ share/man/man9/osd.9
+@@ -25,7 +25,7 @@
+ .\"
+ .\" $FreeBSD$
+ .\"
+-.Dd January 5, 2011
++.Dd March 30, 2016
+ .Dt OSD 9
+ .Os
+ .Sh NAME
+@@ -33,6 +33,9 @@
+ .Nm osd_register ,
+ .Nm osd_deregister ,
+ .Nm osd_set ,
++.Nm osd_reserve ,
++.Nm osd_set_reserved ,
++.Nm osd_free_reserved ,
+ .Nm osd_get ,
+ .Nm osd_del ,
+ .Nm osd_call ,
+@@ -63,6 +66,22 @@
+ .Fa "void *value"
+ .Fc
+ .Ft void *
++.Fo osd_reserve
++.Fa "u_int slot"
++.Fc
++.Ft int
++.Fo osd_set_reserved
++.Fa "u_int type"
++.Fa "struct osd *osd"
++.Fa "u_int slot"
++.Fa "void *rsv"
++.Fa "void *value"
++.Fc
++.Ft void
++.Fo osd_free_reserved
++.Fa "void *rsv"
++.Fc
++.Ft void *
+ .Fo osd_get
+ .Fa "u_int type"
+ .Fa "struct osd *osd"
+@@ -198,6 +217,15 @@
+ .Fa osd .
+ .Pp
+ The
++.Fn osd_set_reserved
++function does the same as
++.Fn osd_set ,
++but with an extra argument
++.Fa rsv
++that is internal-use memory previously allocated via
++.Fn osd_reserve .
++.Pp
++The
+ .Fn osd_get
+ function returns the data pointer associated with a kernel data structure's
+ .Vt struct osd
+@@ -324,6 +352,24 @@
+ .Xr realloc 9
+ calls.
+ .Pp
++It is possible for
++.Fn osd_set
++to fail to allocate this array.  To ensure that such allocation succeeds,
++.Fn osd_reserve
++may be called (in a non-blocking context), and it will pre-allocate the
++memory via
++.Xr malloc 9
++with M_WAITOK.
++Then this pre-allocated memory is passed to
++.Fn osd_set_reserved ,
++which will use it if necessary or otherwise discard it.
++The memory may also be explicitly discarded by calling
++.Fn osd_free_reserved .
++As this method always allocates memory whether or not it is ultimately needed,
++it should be used only rarely, such as in the unlikely event that
++.Fn osd_set
++fails.
++.Pp
+ The
+ .Nm
+ API is geared towards slot identifiers storing pointers to the same underlying
+@@ -359,15 +405,27 @@
+ returns the slot identifier for the newly registered data type.
+ .Pp
+ .Fn osd_set
+-returns zero on success or ENOMEM if the specified type/slot identifier pair
++and
++.Fn osd_set_reserved
++return zero on success or ENOMEM if the specified type/slot identifier pair
+ triggered an internal
+ .Xr realloc 9
+-which failed.
++which failed
++.Fn ( osd_set_reserved
++will always succeed when
++.Fa rsv
++is non-NULL).
+ .Pp
+ .Fn osd_get
+ returns the data pointer for the specified type/slot identifier pair, or NULL if
+ the slot has not been initialised yet.
+ .Pp
++.Fn osd_reserve
++returns a pointer suitable for passing to
++.Fn osd_set_reserved
++or
++.Fn osd_free_reserved .
++.Pp
+ .Fn osd_call
+ returns zero if no method is run or the method for each slot runs successfully.
+ If a method for a slot returns non-zero,
+--- sys/kern/kern_osd.c.orig
++++ sys/kern/kern_osd.c
+@@ -44,6 +44,23 @@
+ 
+ /* OSD (Object Specific Data) */
+ 
++/*
++ * Lock key:
++ *  (m) osd_module_lock
++ *  (o) osd_object_lock
++ *  (l) osd_list_lock
++ */
++struct osd_master {
++	struct sx		 osd_module_lock;
++	struct rmlock		 osd_object_lock;
++	struct mtx		 osd_list_lock;
++	LIST_HEAD(, osd)	 osd_list;		/* (l) */
++	osd_destructor_t	*osd_destructors;	/* (o) */
++	osd_method_t		*osd_methods;		/* (m) */
++	u_int			 osd_ntslots;		/* (m) */
++	const u_int		 osd_nmethods;
++};
++
+ static MALLOC_DEFINE(M_OSD, "osd", "Object Specific Data");
+ 
+ static int osd_debug = 0;
+@@ -62,25 +79,12 @@
+     int list_locked);
+ 
+ /*
+- * Lists of objects with OSD.
+- *
+- * Lock key:
+- *  (m) osd_module_lock
+- *  (o) osd_object_lock
+- *  (l) osd_list_lock
++ * List of objects with OSD.
+  */
+-static LIST_HEAD(, osd)	osd_list[OSD_LAST + 1];		/* (m) */
+-static osd_method_t *osd_methods[OSD_LAST + 1];		/* (m) */
+-static u_int osd_nslots[OSD_LAST + 1];			/* (m) */
+-static osd_destructor_t *osd_destructors[OSD_LAST + 1];	/* (o) */
+-static const u_int osd_nmethods[OSD_LAST + 1] = {
+-	[OSD_JAIL] = PR_MAXMETHOD,
++struct osd_master osdm[OSD_LAST + 1] = {
++	[OSD_JAIL] = { .osd_nmethods = PR_MAXMETHOD },
+ };
+ 
+-static struct sx osd_module_lock[OSD_LAST + 1];
+-static struct rmlock osd_object_lock[OSD_LAST + 1];
+-static struct mtx osd_list_lock[OSD_LAST + 1];
+-
+ static void
+ osd_default_destructor(void *value __unused)
+ {
+@@ -102,12 +106,12 @@
+ 	if (destructor == NULL)
+ 		destructor = osd_default_destructor;
+ 
+-	sx_xlock(&osd_module_lock[type]);
++	sx_xlock(&osdm[type].osd_module_lock);
+ 	/*
+ 	 * First, we try to find unused slot.
+ 	 */
+-	for (i = 0; i < osd_nslots[type]; i++) {
+-		if (osd_destructors[type][i] == NULL) {
++	for (i = 0; i < osdm[type].osd_ntslots; i++) {
++		if (osdm[type].osd_destructors[i] == NULL) {
+ 			OSD_DEBUG("Unused slot found (type=%u, slot=%u).",
+ 			    type, i);
+ 			break;
+@@ -116,31 +120,31 @@
+ 	/*
+ 	 * If no unused slot was found, allocate one.
+ 	 */
+-	if (i == osd_nslots[type]) {
+-		osd_nslots[type]++;
+-		if (osd_nmethods[type] != 0)
+-			osd_methods[type] = realloc(osd_methods[type],
+-			    sizeof(osd_method_t) * osd_nslots[type] *
+-			    osd_nmethods[type], M_OSD, M_WAITOK);
+-		newptr = malloc(sizeof(osd_destructor_t) * osd_nslots[type],
+-		    M_OSD, M_WAITOK);
+-		rm_wlock(&osd_object_lock[type]);
+-		bcopy(osd_destructors[type], newptr,
++	if (i == osdm[type].osd_ntslots) {
++		osdm[type].osd_ntslots++;
++		if (osdm[type].osd_nmethods != 0)
++			osdm[type].osd_methods = realloc(osdm[type].osd_methods,
++			    sizeof(osd_method_t) * osdm[type].osd_ntslots *
++			    osdm[type].osd_nmethods, M_OSD, M_WAITOK);
++		newptr = malloc(sizeof(osd_destructor_t) *
++		    osdm[type].osd_ntslots, M_OSD, M_WAITOK);
++		rm_wlock(&osdm[type].osd_object_lock);
++		bcopy(osdm[type].osd_destructors, newptr,
+ 		    sizeof(osd_destructor_t) * i);
+-		free(osd_destructors[type], M_OSD);
+-		osd_destructors[type] = newptr;
+-		rm_wunlock(&osd_object_lock[type]);
++		free(osdm[type].osd_destructors, M_OSD);
++		osdm[type].osd_destructors = newptr;
++		rm_wunlock(&osdm[type].osd_object_lock);
+ 		OSD_DEBUG("New slot allocated (type=%u, slot=%u).",
+ 		    type, i + 1);
+ 	}
+ 
+-	osd_destructors[type][i] = destructor;
+-	if (osd_nmethods[type] != 0) {
+-		for (m = 0; m < osd_nmethods[type]; m++)
+-			osd_methods[type][i * osd_nmethods[type] + m] =
+-			    methods != NULL ? methods[m] : NULL;
++	osdm[type].osd_destructors[i] = destructor;
++	if (osdm[type].osd_nmethods != 0) {
++		for (m = 0; m < osdm[type].osd_nmethods; m++)
++			osdm[type].osd_methods[i * osdm[type].osd_nmethods + m]
++			    = methods != NULL ? methods[m] : NULL;
+ 	}
+-	sx_xunlock(&osd_module_lock[type]);
++	sx_xunlock(&osdm[type].osd_module_lock);
+ 	return (i + 1);
+ }
+ 
+@@ -151,37 +155,37 @@
+ 
+ 	KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
+ 	KASSERT(slot > 0, ("Invalid slot."));
+-	KASSERT(osd_destructors[type][slot - 1] != NULL, ("Unused slot."));
++	KASSERT(osdm[type].osd_destructors[slot - 1] != NULL, ("Unused slot."));
+ 
+-	sx_xlock(&osd_module_lock[type]);
+-	rm_wlock(&osd_object_lock[type]);
++	sx_xlock(&osdm[type].osd_module_lock);
++	rm_wlock(&osdm[type].osd_object_lock);
+ 	/*
+ 	 * Free all OSD for the given slot.
+ 	 */
+-	mtx_lock(&osd_list_lock[type]);
+-	LIST_FOREACH_SAFE(osd, &osd_list[type], osd_next, tosd)
++	mtx_lock(&osdm[type].osd_list_lock);
++	LIST_FOREACH_SAFE(osd, &osdm[type].osd_list, osd_next, tosd)
+ 		do_osd_del(type, osd, slot, 1);
+-	mtx_unlock(&osd_list_lock[type]);
++	mtx_unlock(&osdm[type].osd_list_lock);
+ 	/*
+ 	 * Set destructor to NULL to free the slot.
+ 	 */
+-	osd_destructors[type][slot - 1] = NULL;
+-	if (slot == osd_nslots[type]) {
+-		osd_nslots[type]--;
+-		osd_destructors[type] = realloc(osd_destructors[type],
+-		    sizeof(osd_destructor_t) * osd_nslots[type], M_OSD,
++	osdm[type].osd_destructors[slot - 1] = NULL;
++	if (slot == osdm[type].osd_ntslots) {
++		osdm[type].osd_ntslots--;
++		osdm[type].osd_destructors = realloc(osdm[type].osd_destructors,
++		    sizeof(osd_destructor_t) * osdm[type].osd_ntslots, M_OSD,
+ 		    M_NOWAIT | M_ZERO);
+-		if (osd_nmethods[type] != 0)
+-			osd_methods[type] = realloc(osd_methods[type],
+-			    sizeof(osd_method_t) * osd_nslots[type] *
+-			    osd_nmethods[type], M_OSD, M_NOWAIT | M_ZERO);
++		if (osdm[type].osd_nmethods != 0)
++			osdm[type].osd_methods = realloc(osdm[type].osd_methods,
++			    sizeof(osd_method_t) * osdm[type].osd_ntslots *
++			    osdm[type].osd_nmethods, M_OSD, M_NOWAIT | M_ZERO);
+ 		/*
+ 		 * We always reallocate to smaller size, so we assume it will
+ 		 * always succeed.
+ 		 */
+-		KASSERT(osd_destructors[type] != NULL &&
+-		    (osd_nmethods[type] == 0 || osd_methods[type] != NULL),
+-		    ("realloc() failed"));
++		KASSERT(osdm[type].osd_destructors != NULL &&
++		    (osdm[type].osd_nmethods == 0 ||
++		     osdm[type].osd_methods != NULL), ("realloc() failed"));
+ 		OSD_DEBUG("Deregistration of the last slot (type=%u, slot=%u).",
+ 		    type, slot);
+ 	} else {
+@@ -188,68 +192,105 @@
+ 		OSD_DEBUG("Slot deregistration (type=%u, slot=%u).",
+ 		    type, slot);
+ 	}
+-	rm_wunlock(&osd_object_lock[type]);
+-	sx_xunlock(&osd_module_lock[type]);
++	rm_wunlock(&osdm[type].osd_object_lock);
++	sx_xunlock(&osdm[type].osd_module_lock);
+ }
+ 
+ int
+ osd_set(u_int type, struct osd *osd, u_int slot, void *value)
+ {
++
++	return (osd_set_reserved(type, osd, slot, NULL, value));
++}
++
++void *
++osd_reserve(u_int slot)
++{
++
++	KASSERT(slot > 0, ("Invalid slot."));
++
++	OSD_DEBUG("Reserving slot array (slot=%u).", slot);
++	return (malloc(sizeof(void *) * slot, M_OSD, M_WAITOK | M_ZERO));
++}
++
++int
++osd_set_reserved(u_int type, struct osd *osd, u_int slot, void *rsv,
++    void *value)
++{
+ 	struct rm_priotracker tracker;
+ 
+ 	KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
+ 	KASSERT(slot > 0, ("Invalid slot."));
+-	KASSERT(osd_destructors[type][slot - 1] != NULL, ("Unused slot."));
++	KASSERT(osdm[type].osd_destructors[slot - 1] != NULL, ("Unused slot."));
+ 
+-	rm_rlock(&osd_object_lock[type], &tracker);
++	rm_rlock(&osdm[type].osd_object_lock, &tracker);
+ 	if (slot > osd->osd_nslots) {
++		void *newptr;
++
+ 		if (value == NULL) {
+ 			OSD_DEBUG(
+ 			    "Not allocating null slot (type=%u, slot=%u).",
+ 			    type, slot);
+-			rm_runlock(&osd_object_lock[type], &tracker);
++			rm_runlock(&osdm[type].osd_object_lock, &tracker);
++			if (rsv)
++				osd_free_reserved(rsv);
+ 			return (0);
+-		} else if (osd->osd_nslots == 0) {
++		}
++
++		/*
++		 * Too few slots allocated here, so we need to extend or create
++		 * the array.
++		 */
++		if (rsv) {
+ 			/*
+-			 * First OSD for this object, so we need to allocate
+-			 * space and put it onto the list.
++			 * Use the reserve passed in (assumed to be
++			 * the right size).
+ 			 */
+-			osd->osd_slots = malloc(sizeof(void *) * slot, M_OSD,
+-			    M_NOWAIT | M_ZERO);
+-			if (osd->osd_slots == NULL) {
+-				rm_runlock(&osd_object_lock[type], &tracker);
+-				return (ENOMEM);
++			newptr = rsv;
++			if (osd->osd_nslots != 0) {
++				memcpy(newptr, osd->osd_slots,
++				    sizeof(void *) * osd->osd_nslots);
++				free(osd->osd_slots, M_OSD);
+ 			}
+-			osd->osd_nslots = slot;
+-			mtx_lock(&osd_list_lock[type]);
+-			LIST_INSERT_HEAD(&osd_list[type], osd, osd_next);
+-			mtx_unlock(&osd_list_lock[type]);
+-			OSD_DEBUG("Setting first slot (type=%u).", type);
+ 		} else {
+-			void *newptr;
+-
+-			/*
+-			 * Too few slots allocated here, needs to extend
+-			 * the array.
+-			 */
+ 			newptr = realloc(osd->osd_slots, sizeof(void *) * slot,
+ 			    M_OSD, M_NOWAIT | M_ZERO);
+ 			if (newptr == NULL) {
+-				rm_runlock(&osd_object_lock[type], &tracker);
++				rm_runlock(&osdm[type].osd_object_lock,
++				    &tracker);
+ 				return (ENOMEM);
+ 			}
+-			osd->osd_slots = newptr;
+-			osd->osd_nslots = slot;
++		}
++		if (osd->osd_nslots == 0) {
++			/*
++			 * First OSD for this object, so we need to put it
++			 * onto the list.
++			 */
++			mtx_lock(&osdm[type].osd_list_lock);
++			LIST_INSERT_HEAD(&osdm[type].osd_list, osd, osd_next);
++			mtx_unlock(&osdm[type].osd_list_lock);
++			OSD_DEBUG("Setting first slot (type=%u).", type);
++		} else
+ 			OSD_DEBUG("Growing slots array (type=%u).", type);
+-		}
+-	}
++		osd->osd_slots = newptr;
++		osd->osd_nslots = slot;
++	} else if (rsv)
++		osd_free_reserved(rsv);
+ 	OSD_DEBUG("Setting slot value (type=%u, slot=%u, value=%p).", type,
+ 	    slot, value);
+ 	osd->osd_slots[slot - 1] = value;
+-	rm_runlock(&osd_object_lock[type], &tracker);
++	rm_runlock(&osdm[type].osd_object_lock, &tracker);
+ 	return (0);
+ }
+ 
++void
++osd_free_reserved(void *rsv)
++{
++
++	OSD_DEBUG("Discarding reserved slot array.");
++	free(rsv, M_OSD);
++}
++
+ void *
+ osd_get(u_int type, struct osd *osd, u_int slot)
+ {
+@@ -258,9 +299,9 @@
+ 
+ 	KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
+ 	KASSERT(slot > 0, ("Invalid slot."));
+-	KASSERT(osd_destructors[type][slot - 1] != NULL, ("Unused slot."));
++	KASSERT(osdm[type].osd_destructors[slot - 1] != NULL, ("Unused slot."));
+ 
+-	rm_rlock(&osd_object_lock[type], &tracker);
++	rm_rlock(&osdm[type].osd_object_lock, &tracker);
+ 	if (slot > osd->osd_nslots) {
+ 		value = NULL;
+ 		OSD_DEBUG("Slot doesn't exist (type=%u, slot=%u).", type, slot);
+@@ -269,7 +310,7 @@
+ 		OSD_DEBUG("Returning slot value (type=%u, slot=%u, value=%p).",
+ 		    type, slot, value);
+ 	}
+-	rm_runlock(&osd_object_lock[type], &tracker);
++	rm_runlock(&osdm[type].osd_object_lock, &tracker);
+ 	return (value);
+ }
+ 
+@@ -278,9 +319,9 @@
+ {
+ 	struct rm_priotracker tracker;
+ 
+-	rm_rlock(&osd_object_lock[type], &tracker);
++	rm_rlock(&osdm[type].osd_object_lock, &tracker);
+ 	do_osd_del(type, osd, slot, 0);
+-	rm_runlock(&osd_object_lock[type], &tracker);
++	rm_runlock(&osdm[type].osd_object_lock, &tracker);
+ }
+ 
+ static void
+@@ -290,7 +331,7 @@
+ 
+ 	KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
+ 	KASSERT(slot > 0, ("Invalid slot."));
+-	KASSERT(osd_destructors[type][slot - 1] != NULL, ("Unused slot."));
++	KASSERT(osdm[type].osd_destructors[slot - 1] != NULL, ("Unused slot."));
+ 
+ 	OSD_DEBUG("Deleting slot (type=%u, slot=%u).", type, slot);
+ 
+@@ -299,7 +340,7 @@
+ 		return;
+ 	}
+ 	if (osd->osd_slots[slot - 1] != NULL) {
+-		osd_destructors[type][slot - 1](osd->osd_slots[slot - 1]);
++		osdm[type].osd_destructors[slot - 1](osd->osd_slots[slot - 1]);
+ 		osd->osd_slots[slot - 1] = NULL;
+ 	}
+ 	for (i = osd->osd_nslots - 1; i >= 0; i--) {
+@@ -313,10 +354,10 @@
+ 		/* No values left for this object. */
+ 		OSD_DEBUG("No more slots left (type=%u).", type);
+ 		if (!list_locked)
+-			mtx_lock(&osd_list_lock[type]);
++			mtx_lock(&osdm[type].osd_list_lock);
+ 		LIST_REMOVE(osd, osd_next);
+ 		if (!list_locked)
+-			mtx_unlock(&osd_list_lock[type]);
++			mtx_unlock(&osdm[type].osd_list_lock);
+ 		free(osd->osd_slots, M_OSD);
+ 		osd->osd_slots = NULL;
+ 		osd->osd_nslots = 0;
+@@ -342,7 +383,7 @@
+ 	int error, i;
+ 
+ 	KASSERT(type >= OSD_FIRST && type <= OSD_LAST, ("Invalid type."));
+-	KASSERT(method < osd_nmethods[type], ("Invalid method."));
++	KASSERT(method < osdm[type].osd_nmethods, ("Invalid method."));
+ 
+ 	/*
+ 	 * Call this method for every slot that defines it, stopping if an
+@@ -349,14 +390,14 @@
+ 	 * error is encountered.
+ 	 */
+ 	error = 0;
+-	sx_slock(&osd_module_lock[type]);
+-	for (i = 0; i < osd_nslots[type]; i++) {
+-		methodfun =
+-		    osd_methods[type][i * osd_nmethods[type] + method];
++	sx_slock(&osdm[type].osd_module_lock);
++	for (i = 0; i < osdm[type].osd_ntslots; i++) {
++		methodfun = osdm[type].osd_methods[i * osdm[type].osd_nmethods +
++		    method];
+ 		if (methodfun != NULL && (error = methodfun(obj, data)) != 0)
+ 			break;
+ 	}
+-	sx_sunlock(&osd_module_lock[type]);
++	sx_sunlock(&osdm[type].osd_module_lock);
+ 	return (error);
+ }
+ 
+@@ -374,14 +415,14 @@
+ 		return;
+ 	}
+ 
+-	rm_rlock(&osd_object_lock[type], &tracker);
++	rm_rlock(&osdm[type].osd_object_lock, &tracker);
+ 	for (i = 1; i <= osd->osd_nslots; i++) {
+-		if (osd_destructors[type][i - 1] != NULL)
++		if (osdm[type].osd_destructors[i - 1] != NULL)
+ 			do_osd_del(type, osd, i, 0);
+ 		else
+ 			OSD_DEBUG("Unused slot (type=%u, slot=%u).", type, i);
+ 	}
+-	rm_runlock(&osd_object_lock[type], &tracker);
++	rm_runlock(&osdm[type].osd_object_lock, &tracker);
+ 	OSD_DEBUG("Object exit (type=%u).", type);
+ }
+ 
+@@ -391,13 +432,13 @@
+ 	u_int i;
+ 
+ 	for (i = OSD_FIRST; i <= OSD_LAST; i++) {
+-		osd_nslots[i] = 0;
+-		LIST_INIT(&osd_list[i]);
+-		sx_init(&osd_module_lock[i], "osd_module");
+-		rm_init(&osd_object_lock[i], "osd_object");
+-		mtx_init(&osd_list_lock[i], "osd_list", NULL, MTX_DEF);
+-		osd_destructors[i] = NULL;
+-		osd_methods[i] = NULL;
++		sx_init(&osdm[i].osd_module_lock, "osd_module");
++		rm_init(&osdm[i].osd_object_lock, "osd_object");
++		mtx_init(&osdm[i].osd_list_lock, "osd_list", NULL, MTX_DEF);
++		LIST_INIT(&osdm[i].osd_list);
++		osdm[i].osd_destructors = NULL;
++		osdm[i].osd_ntslots = 0;
++		osdm[i].osd_methods = NULL;
+ 	}
+ }
+ SYSINIT(osd, SI_SUB_LOCK, SI_ORDER_ANY, osd_init, NULL);
+--- sys/kern/uipc_mqueue.c.orig
++++ sys/kern/uipc_mqueue.c
+@@ -52,6 +52,7 @@
+ #include <sys/kernel.h>
+ #include <sys/systm.h>
+ #include <sys/limits.h>
++#include <sys/malloc.h>
+ #include <sys/buf.h>
+ #include <sys/capsicum.h>
+ #include <sys/dirent.h>
+@@ -60,8 +61,8 @@
+ #include <sys/fcntl.h>
+ #include <sys/file.h>
+ #include <sys/filedesc.h>
++#include <sys/jail.h>
+ #include <sys/lock.h>
+-#include <sys/malloc.h>
+ #include <sys/module.h>
+ #include <sys/mount.h>
+ #include <sys/mqueue.h>
+@@ -131,6 +132,7 @@
+ 	LIST_HEAD(,mqfs_node)	mn_children;
+ 	LIST_ENTRY(mqfs_node)	mn_sibling;
+ 	LIST_HEAD(,mqfs_vdata)	mn_vnodes;
++	const void		*mn_pr_root;
+ 	int			mn_refcount;
+ 	mqfs_type_t		mn_type;
+ 	int			mn_deleted;
+@@ -151,6 +153,11 @@
+ #define	FPTOMQ(fp)	((struct mqueue *)(((struct mqfs_node *) \
+ 				(fp)->f_data)->mn_data))
+ 
++struct mqfs_osd {
++	struct task	mo_task;
++	const void	*mo_pr_root;
++};
++
+ TAILQ_HEAD(msgq, mqueue_msg);
+ 
+ struct mqueue;
+@@ -218,6 +225,7 @@
+ static uma_zone_t		mqnoti_zone;
+ static struct vop_vector	mqfs_vnodeops;
+ static struct fileops		mqueueops;
++static unsigned			mqfs_osd_jail_slot;
+ 
+ /*
+  * Directory structure construction and manipulation
+@@ -235,6 +243,9 @@
+ static void	mqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
+ static void	mqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
+ static int	mqfs_allocv(struct mount *mp, struct vnode **vpp, struct mqfs_node *pn);
++static int	mqfs_prison_create(void *obj, void *data);
++static void	mqfs_prison_destructor(void *data);
++static void	mqfs_prison_remove_task(void *context, int pending);
+ 
+ /*
+  * Message queue construction and maniplation
+@@ -435,6 +446,7 @@
+ 
+ 	node = mqnode_alloc();
+ 	strncpy(node->mn_name, name, namelen);
++	node->mn_pr_root = cred->cr_prison->pr_root;
+ 	node->mn_type = nodetype;
+ 	node->mn_refcount = 1;
+ 	vfs_timestamp(&node->mn_birth);
+@@ -643,6 +655,10 @@
+ {
+ 	struct mqfs_node *root;
+ 	struct mqfs_info *mi;
++	struct prison *pr;
++	osd_method_t methods[PR_MAXMETHOD] = {
++	    [PR_METHOD_CREATE] = mqfs_prison_create,
++	};
+ 
+ 	mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
+ 		NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
+@@ -669,6 +685,13 @@
+ 	    EVENTHANDLER_PRI_ANY);
+ 	mq_fdclose = mqueue_fdclose;
+ 	p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
++
++	/* Note current jails. */
++	mqfs_osd_jail_slot = osd_jail_register(mqfs_prison_destructor, methods);
++	sx_slock(&allprison_lock);
++	TAILQ_FOREACH(pr, &allprison, pr_list)
++		(void)mqfs_prison_create(pr, NULL);
++	sx_sunlock(&allprison_lock);
+ 	return (0);
+ }
+ 
+@@ -678,10 +701,14 @@
+ static int
+ mqfs_uninit(struct vfsconf *vfc)
+ {
++	unsigned slot;
+ 	struct mqfs_info *mi;
+ 
+ 	if (!unloadable)
+ 		return (EOPNOTSUPP);
++	slot = mqfs_osd_jail_slot;
++	mqfs_osd_jail_slot = 0;
++	osd_jail_deregister(slot);
+ 	EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
+ 	mi = &mqfs_data;
+ 	mqfs_destroy(mi->mi_root);
+@@ -799,13 +826,17 @@
+  * Search a directory entry
+  */
+ static struct mqfs_node *
+-mqfs_search(struct mqfs_node *pd, const char *name, int len)
++mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred *cred)
+ {
+ 	struct mqfs_node *pn;
++	const void *pr_root;
+ 
+ 	sx_assert(&pd->mn_info->mi_lock, SX_LOCKED);
++	pr_root = cred->cr_prison->pr_root;
+ 	LIST_FOREACH(pn, &pd->mn_children, mn_sibling) {
+-		if (strncmp(pn->mn_name, name, len) == 0 &&
++		/* Only match names within the same prison root directory */
++		if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) &&
++		    strncmp(pn->mn_name, name, len) == 0 &&
+ 		    pn->mn_name[len] == '\0')
+ 			return (pn);
+ 	}
+@@ -877,7 +908,7 @@
+ 
+ 	/* named node */
+ 	sx_xlock(&mqfs->mi_lock);
+-	pn = mqfs_search(pd, pname, namelen);
++	pn = mqfs_search(pd, pname, namelen, cnp->cn_cred);
+ 	if (pn != NULL)
+ 		mqnode_addref(pn);
+ 	sx_xunlock(&mqfs->mi_lock);
+@@ -1362,6 +1393,7 @@
+ 	struct mqfs_node *pn;
+ 	struct dirent entry;
+ 	struct uio *uio;
++	const void *pr_root;
+ 	int *tmp_ncookies = NULL;
+ 	off_t offset;
+ 	int error, i;
+@@ -1386,10 +1418,18 @@
+ 	error = 0;
+ 	offset = 0;
+ 
++	pr_root = ap->a_cred->cr_prison->pr_root;
+ 	sx_xlock(&mi->mi_lock);
+ 
+ 	LIST_FOREACH(pn, &pd->mn_children, mn_sibling) {
+ 		entry.d_reclen = sizeof(entry);
++
++		/*
++		 * Only show names within the same prison root directory
++		 * (or not associated with a prison, e.g. "." and "..").
++		 */
++		if (pn->mn_pr_root != NULL && pn->mn_pr_root != pr_root)
++			continue;
+ 		if (!pn->mn_fileno)
+ 			mqfs_fileno_alloc(mi, pn);
+ 		entry.d_fileno = pn->mn_fileno;
+@@ -1522,7 +1562,82 @@
+ 
+ #endif /* notyet */
+ 
++
+ /*
++ * Set a destructor task with the prison's root
++ */
++static int
++mqfs_prison_create(void *obj, void *data __unused)
++{
++	struct prison *pr = obj;
++	struct mqfs_osd *mo;
++	void *rsv;
++
++	if (pr->pr_root == pr->pr_parent->pr_root)
++		return(0);
++
++	mo = malloc(sizeof(struct mqfs_osd), M_PRISON, M_WAITOK);
++	rsv = osd_reserve(mqfs_osd_jail_slot);
++	TASK_INIT(&mo->mo_task, 0, mqfs_prison_remove_task, mo);
++	mtx_lock(&pr->pr_mtx);
++	mo->mo_pr_root = pr->pr_root;
++	(void)osd_jail_set_reserved(pr, mqfs_osd_jail_slot, rsv, mo);
++	mtx_unlock(&pr->pr_mtx);
++	return (0);
++}
++
++/*
++ * Queue the task for after jail/OSD locks are released
++ */
++static void
++mqfs_prison_destructor(void *data)
++{
++	struct mqfs_osd *mo = data;
++
++	if (mqfs_osd_jail_slot != 0)
++		taskqueue_enqueue(taskqueue_thread, &mo->mo_task);
++	else
++		free(mo, M_PRISON);
++}
++
++/*
++ * See if this prison root is obsolete, and clean up associated queues if it is
++ */
++static void
++mqfs_prison_remove_task(void *context, int pending)
++{
++	struct mqfs_osd *mo = context;
++	struct mqfs_node *pn, *tpn;
++	const struct prison *pr;
++	const void *pr_root;
++	int found;
++
++	pr_root = mo->mo_pr_root;
++	found = 0;
++	sx_slock(&allprison_lock);
++	TAILQ_FOREACH(pr, &allprison, pr_list) {
++		if (pr->pr_root == pr_root)
++			found = 1;
++	}
++	sx_sunlock(&allprison_lock);
++	if (!found) {
++		/*
++		 * No jails are rooted in this directory anymore,
++		 * so no queues should be either.
++		 */
++		sx_xlock(&mqfs_data.mi_lock);
++		LIST_FOREACH_SAFE(pn, &mqfs_data.mi_root->mn_children,
++		    mn_sibling, tpn) {
++			if (pn->mn_pr_root == pr_root)
++				(void)do_unlink(pn, curthread->td_ucred);
++		}
++		sx_xunlock(&mqfs_data.mi_lock);
++	}
++	free(mo, M_PRISON);
++}
++
++
++/*
+  * Allocate a message queue
+  */
+ static struct mqueue *
+@@ -1982,7 +2097,7 @@
+ 		return (error);
+ 
+ 	sx_xlock(&mqfs_data.mi_lock);
+-	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1);
++	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
+ 	if (pn == NULL) {
+ 		if (!(flags & O_CREAT)) {
+ 			error = ENOENT;
+@@ -2077,7 +2192,7 @@
+ 		return (EINVAL);
+ 
+ 	sx_xlock(&mqfs_data.mi_lock);
+-	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1);
++	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
+ 	if (pn != NULL)
+ 		error = do_unlink(pn, td->td_ucred);
+ 	else
+--- sys/kern/uipc_sem.c.orig
++++ sys/kern/uipc_sem.c
+@@ -44,6 +44,7 @@
+ #include <sys/file.h>
+ #include <sys/filedesc.h>
+ #include <sys/fnv_hash.h>
++#include <sys/jail.h>
+ #include <sys/kernel.h>
+ #include <sys/ksem.h>
+ #include <sys/lock.h>
+@@ -444,12 +445,24 @@
+ static void
+ ksem_info_impl(struct ksem *ks, char *path, size_t size, uint32_t *value)
+ {
++	const char *ks_path, *pr_path;
++	size_t pr_pathlen;
+ 
+ 	if (ks->ks_path == NULL)
+ 		return;
+ 	sx_slock(&ksem_dict_lock);
+-	if (ks->ks_path != NULL)
+-		strlcpy(path, ks->ks_path, size);
++	ks_path = ks->ks_path;
++	if (ks_path != NULL) {
++		pr_path = curthread->td_ucred->cr_prison->pr_path;
++		if (strcmp(pr_path, "/") != 0) {
++			/* Return the jail-rooted pathname. */
++			pr_pathlen = strlen(pr_path);
++			if (strncmp(ks_path, pr_path, pr_pathlen) == 0 &&
++			    ks_path[pr_pathlen] == '/')
++				ks_path += pr_pathlen;
++		}
++		strlcpy(path, ks_path, size);
++	}
+ 	if (value != NULL)
+ 		*value = ks->ks_value;
+ 	sx_sunlock(&ksem_dict_lock);
+@@ -493,6 +506,8 @@
+ 	struct ksem *ks;
+ 	struct file *fp;
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error, fd;
+ 
+@@ -529,10 +544,16 @@
+ 			ks->ks_flags |= KS_ANONYMOUS;
+ 	} else {
+ 		path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
+-		error = copyinstr(name, path, MAXPATHLEN, NULL);
++		pr_path = td->td_ucred->cr_prison->pr_path;
+ 
++		/* Construct a full pathname for jailed callers. */
++		pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++		    : strlcpy(path, pr_path, MAXPATHLEN);
++		error = copyinstr(name, path + pr_pathlen,
++		    MAXPATHLEN - pr_pathlen, NULL);
++
+ 		/* Require paths to start with a '/' character. */
+-		if (error == 0 && path[0] != '/')
++		if (error == 0 && path[pr_pathlen] != '/')
+ 			error = EINVAL;
+ 		if (error) {
+ 			fdclose(fdp, fp, fd, td);
+@@ -668,11 +689,17 @@
+ sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap)
+ {
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error;
+ 
+ 	path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+-	error = copyinstr(uap->name, path, MAXPATHLEN, NULL);
++	pr_path = td->td_ucred->cr_prison->pr_path;
++	pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++	    : strlcpy(path, pr_path, MAXPATHLEN);
++	error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
++	    NULL);
+ 	if (error) {
+ 		free(path, M_TEMP);
+ 		return (error);
+--- sys/kern/uipc_shm.c.orig
++++ sys/kern/uipc_shm.c
+@@ -57,6 +57,7 @@
+ #include <sys/kernel.h>
+ #include <sys/uio.h>
+ #include <sys/signal.h>
++#include <sys/jail.h>
+ #include <sys/ktrace.h>
+ #include <sys/lock.h>
+ #include <sys/malloc.h>
+@@ -711,6 +712,8 @@
+ 	struct shmfd *shmfd;
+ 	struct file *fp;
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	mode_t cmode;
+ 	int fd, error;
+@@ -748,13 +751,19 @@
+ 		shmfd = shm_alloc(td->td_ucred, cmode);
+ 	} else {
+ 		path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
+-		error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
++		pr_path = td->td_ucred->cr_prison->pr_path;
++
++		/* Construct a full pathname for jailed callers. */
++		pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++		    : strlcpy(path, pr_path, MAXPATHLEN);
++		error = copyinstr(uap->path, path + pr_pathlen,
++		    MAXPATHLEN - pr_pathlen, NULL);
+ #ifdef KTRACE
+ 		if (error == 0 && KTRPOINT(curthread, KTR_NAMEI))
+ 			ktrnamei(path);
+ #endif
+ 		/* Require paths to start with a '/' character. */
+-		if (error == 0 && path[0] != '/')
++		if (error == 0 && path[pr_pathlen] != '/')
+ 			error = EINVAL;
+ 		if (error) {
+ 			fdclose(fdp, fp, fd, td);
+@@ -841,11 +850,17 @@
+ sys_shm_unlink(struct thread *td, struct shm_unlink_args *uap)
+ {
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error;
+ 
+ 	path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+-	error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
++	pr_path = td->td_ucred->cr_prison->pr_path;
++	pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++	    : strlcpy(path, pr_path, MAXPATHLEN);
++	error = copyinstr(uap->path, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
++	    NULL);
+ 	if (error) {
+ 		free(path, M_TEMP);
+ 		return (error);
+@@ -1052,11 +1067,23 @@
+ void
+ shm_path(struct shmfd *shmfd, char *path, size_t size)
+ {
++	const char *shm_path, *pr_path;
++	size_t pr_pathlen;
+ 
+ 	if (shmfd->shm_path == NULL)
+ 		return;
+ 	sx_slock(&shm_dict_lock);
+-	if (shmfd->shm_path != NULL)
+-		strlcpy(path, shmfd->shm_path, size);
++	shm_path = shmfd->shm_path;
++	if (shm_path != NULL) {
++		pr_path = curthread->td_ucred->cr_prison->pr_path;
++		if (strcmp(pr_path, "/") != 0) {
++			/* Return the jail-rooted pathname. */
++			pr_pathlen = strlen(pr_path);
++			if (strncmp(shm_path, pr_path, pr_pathlen) == 0 &&
++			    shm_path[pr_pathlen] == '/')
++				shm_path += pr_pathlen;
++		}
++		strlcpy(path, shm_path, size);
++	}
+ 	sx_sunlock(&shm_dict_lock);
+ }
+--- sys/sys/osd.h.orig
++++ sys/sys/osd.h
+@@ -59,6 +59,10 @@
+ void osd_deregister(u_int type, u_int slot);
+ 
+ int osd_set(u_int type, struct osd *osd, u_int slot, void *value);
++void *osd_reserve(u_int slot);
++int osd_set_reserved(u_int type, struct osd *osd, u_int slot, void *rsv,
++    void *value);
++void osd_free_reserved(void *rsv);
+ void *osd_get(u_int type, struct osd *osd, u_int slot);
+ void osd_del(u_int type, struct osd *osd, u_int slot);
+ int osd_call(u_int type, u_int method, void *obj, void *data);
+@@ -71,6 +75,8 @@
+ 	osd_deregister(OSD_THREAD, (slot))
+ #define	osd_thread_set(td, slot, value)					\
+ 	osd_set(OSD_THREAD, &(td)->td_osd, (slot), (value))
++#define	osd_thread_set_reserved(td, slot, rsv, value)			\
++	osd_set_reserved(OSD_THREAD, &(td)->td_osd, (slot), (rsv), (value))
+ #define	osd_thread_get(td, slot)					\
+ 	osd_get(OSD_THREAD, &(td)->td_osd, (slot))
+ #define	osd_thread_del(td, slot)	do {				\
+@@ -88,6 +94,8 @@
+ 	osd_deregister(OSD_JAIL, (slot))
+ #define	osd_jail_set(pr, slot, value)					\
+ 	osd_set(OSD_JAIL, &(pr)->pr_osd, (slot), (value))
++#define	osd_jail_set_reserved(pr, slot, rsv, value)			\
++	osd_set_reserved(OSD_JAIL, &(pr)->pr_osd, (slot), (rsv), (value))
+ #define	osd_jail_get(pr, slot)						\
+ 	osd_get(OSD_JAIL, &(pr)->pr_osd, (slot))
+ #define	osd_jail_del(pr, slot)						\

Property changes on: head/share/security/patches/SA-17:09/shm-10.3.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:09/shm-10.3.patch.asc
===================================================================
--- head/share/security/patches/SA-17:09/shm-10.3.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-17:09/shm-10.3.patch.asc	(revision 51201)
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxjRfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+auenfg/9E6q50Ghg4zZdsQCasxVQbKIChpZhSnWsLYPBj/6p7OvYuDEEFCmD5Em0
+OVymwJZw1Ist+toQ9SmbNbkylkNW8Nsh5ZL1/LjK3/4/T6bcN4QprV3HSuUyRBVd
+uN3nNw7bU7tYC0mrUi5e9V7OMW3FeQD3yusEnppe8MKjWYYSlElVJuGYoc1Wl10B
+uHe2WThVEPVqkF2BQexQCo4PyszA5vH1/YseoBgW+gRBIcqHqVsH0RIC3H9shIL1
+0QaeA+H/03xBtpWaZcBALYCyPWajKq5bQTSqMx6tikfNlWCWAc0LFjgpgtj+yujW
+isMyDxTqdYhPGn4Rpfz7JH/OImMdICH/+9f5i0but90DD/eGo38XY7QwypZzR0eR
+itCpyPLeqPJgOajSP76kVyMCr8LwmKnOrDDf1AFCjUNdrJrQybJdDHRbOOUr9arp
+qyOLMDrEhjuSlcvi4jvoHufhyZ8CZESASgrB1vR3fsib0UBfcbK2DFBvQAdD55tf
+LIYdf7+CcgjKxcALewL1uCOY1lmrYW1fA4SEevVQAjmuGpTQm2wFAQX86TrzMKjl
+sj6MXJkI6Nawe4L/T7EnhIytEdcka7bfTHaBtzhLR1bRo8DoGk/WJkUtQNWm5kF3
+UNeChno3BxTBZZK5OvVZ3lB0u4/O1UXM/zZkp0JHj1R0npNsWpw=
+=uZpC
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-17:09/shm-10.3.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:09/shm-10.patch
===================================================================
--- head/share/security/patches/SA-17:09/shm-10.patch	(nonexistent)
+++ head/share/security/patches/SA-17:09/shm-10.patch	(revision 51201)
@@ -0,0 +1,361 @@
+--- sys/kern/uipc_mqueue.c.orig
++++ sys/kern/uipc_mqueue.c
+@@ -52,6 +52,7 @@
+ #include <sys/kernel.h>
+ #include <sys/systm.h>
+ #include <sys/limits.h>
++#include <sys/malloc.h>
+ #include <sys/buf.h>
+ #include <sys/capsicum.h>
+ #include <sys/dirent.h>
+@@ -60,8 +61,8 @@
+ #include <sys/fcntl.h>
+ #include <sys/file.h>
+ #include <sys/filedesc.h>
++#include <sys/jail.h>
+ #include <sys/lock.h>
+-#include <sys/malloc.h>
+ #include <sys/module.h>
+ #include <sys/mount.h>
+ #include <sys/mqueue.h>
+@@ -131,6 +132,7 @@
+ 	LIST_HEAD(,mqfs_node)	mn_children;
+ 	LIST_ENTRY(mqfs_node)	mn_sibling;
+ 	LIST_HEAD(,mqfs_vdata)	mn_vnodes;
++	const void		*mn_pr_root;
+ 	int			mn_refcount;
+ 	mqfs_type_t		mn_type;
+ 	int			mn_deleted;
+@@ -218,6 +220,7 @@
+ static uma_zone_t		mqnoti_zone;
+ static struct vop_vector	mqfs_vnodeops;
+ static struct fileops		mqueueops;
++static unsigned			mqfs_osd_jail_slot;
+ 
+ /*
+  * Directory structure construction and manipulation
+@@ -235,6 +238,7 @@
+ static void	mqfs_fileno_alloc(struct mqfs_info *mi, struct mqfs_node *mn);
+ static void	mqfs_fileno_free(struct mqfs_info *mi, struct mqfs_node *mn);
+ static int	mqfs_allocv(struct mount *mp, struct vnode **vpp, struct mqfs_node *pn);
++static int	mqfs_prison_remove(void *obj, void *data);
+ 
+ /*
+  * Message queue construction and maniplation
+@@ -435,6 +439,7 @@
+ 
+ 	node = mqnode_alloc();
+ 	strncpy(node->mn_name, name, namelen);
++	node->mn_pr_root = cred->cr_prison->pr_root;
+ 	node->mn_type = nodetype;
+ 	node->mn_refcount = 1;
+ 	vfs_timestamp(&node->mn_birth);
+@@ -643,6 +648,9 @@
+ {
+ 	struct mqfs_node *root;
+ 	struct mqfs_info *mi;
++	osd_method_t methods[PR_MAXMETHOD] = {
++	    [PR_METHOD_REMOVE] = mqfs_prison_remove,
++	};
+ 
+ 	mqnode_zone = uma_zcreate("mqnode", sizeof(struct mqfs_node),
+ 		NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0);
+@@ -669,6 +677,7 @@
+ 	    EVENTHANDLER_PRI_ANY);
+ 	mq_fdclose = mqueue_fdclose;
+ 	p31b_setcfg(CTL_P1003_1B_MESSAGE_PASSING, _POSIX_MESSAGE_PASSING);
++	mqfs_osd_jail_slot = osd_jail_register(NULL, methods);
+ 	return (0);
+ }
+ 
+@@ -682,6 +691,7 @@
+ 
+ 	if (!unloadable)
+ 		return (EOPNOTSUPP);
++	osd_jail_deregister(mqfs_osd_jail_slot);
+ 	EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
+ 	mi = &mqfs_data;
+ 	mqfs_destroy(mi->mi_root);
+@@ -801,13 +811,17 @@
+  * Search a directory entry
+  */
+ static struct mqfs_node *
+-mqfs_search(struct mqfs_node *pd, const char *name, int len)
++mqfs_search(struct mqfs_node *pd, const char *name, int len, struct ucred *cred)
+ {
+ 	struct mqfs_node *pn;
++	const void *pr_root;
+ 
+ 	sx_assert(&pd->mn_info->mi_lock, SX_LOCKED);
++	pr_root = cred->cr_prison->pr_root;
+ 	LIST_FOREACH(pn, &pd->mn_children, mn_sibling) {
+-		if (strncmp(pn->mn_name, name, len) == 0 &&
++		/* Only match names within the same prison root directory */
++		if ((pn->mn_pr_root == NULL || pn->mn_pr_root == pr_root) &&
++		    strncmp(pn->mn_name, name, len) == 0 &&
+ 		    pn->mn_name[len] == '\0')
+ 			return (pn);
+ 	}
+@@ -879,7 +893,7 @@
+ 
+ 	/* named node */
+ 	sx_xlock(&mqfs->mi_lock);
+-	pn = mqfs_search(pd, pname, namelen);
++	pn = mqfs_search(pd, pname, namelen, cnp->cn_cred);
+ 	if (pn != NULL)
+ 		mqnode_addref(pn);
+ 	sx_xunlock(&mqfs->mi_lock);
+@@ -1364,6 +1378,7 @@
+ 	struct mqfs_node *pn;
+ 	struct dirent entry;
+ 	struct uio *uio;
++	const void *pr_root;
+ 	int *tmp_ncookies = NULL;
+ 	off_t offset;
+ 	int error, i;
+@@ -1388,10 +1403,18 @@
+ 	error = 0;
+ 	offset = 0;
+ 
++	pr_root = ap->a_cred->cr_prison->pr_root;
+ 	sx_xlock(&mi->mi_lock);
+ 
+ 	LIST_FOREACH(pn, &pd->mn_children, mn_sibling) {
+ 		entry.d_reclen = sizeof(entry);
++
++		/*
++		 * Only show names within the same prison root directory
++		 * (or not associated with a prison, e.g. "." and "..").
++		 */
++		if (pn->mn_pr_root != NULL && pn->mn_pr_root != pr_root)
++			continue;
+ 		if (!pn->mn_fileno)
+ 			mqfs_fileno_alloc(mi, pn);
+ 		entry.d_fileno = pn->mn_fileno;
+@@ -1525,6 +1548,38 @@
+ #endif /* notyet */
+ 
+ /*
++ * See if this prison root is obsolete, and clean up associated queues if it is.
++ */
++static int
++mqfs_prison_remove(void *obj, void *data __unused)
++{
++	const struct prison *pr = obj;
++	const struct prison *tpr;
++	struct mqfs_node *pn, *tpn;
++	int found;
++
++	found = 0;
++	TAILQ_FOREACH(tpr, &allprison, pr_list) {
++		if (tpr->pr_root == pr->pr_root && tpr != pr && tpr->pr_ref > 0)
++			found = 1;
++	}
++	if (!found) {
++		/*
++		 * No jails are rooted in this directory anymore,
++		 * so no queues should be either.
++		 */
++		sx_xlock(&mqfs_data.mi_lock);
++		LIST_FOREACH_SAFE(pn, &mqfs_data.mi_root->mn_children,
++		    mn_sibling, tpn) {
++			if (pn->mn_pr_root == pr->pr_root)
++				(void)do_unlink(pn, curthread->td_ucred);
++		}
++		sx_xunlock(&mqfs_data.mi_lock);
++	}
++	return (0);
++}
++
++/*
+  * Allocate a message queue
+  */
+ static struct mqueue *
+@@ -1984,7 +2039,7 @@
+ 		return (error);
+ 
+ 	sx_xlock(&mqfs_data.mi_lock);
+-	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1);
++	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
+ 	if (pn == NULL) {
+ 		if (!(flags & O_CREAT)) {
+ 			error = ENOENT;
+@@ -2079,7 +2134,7 @@
+ 		return (EINVAL);
+ 
+ 	sx_xlock(&mqfs_data.mi_lock);
+-	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1);
++	pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
+ 	if (pn != NULL)
+ 		error = do_unlink(pn, td->td_ucred);
+ 	else
+--- sys/kern/uipc_sem.c.orig
++++ sys/kern/uipc_sem.c
+@@ -44,6 +44,7 @@
+ #include <sys/file.h>
+ #include <sys/filedesc.h>
+ #include <sys/fnv_hash.h>
++#include <sys/jail.h>
+ #include <sys/kernel.h>
+ #include <sys/ksem.h>
+ #include <sys/lock.h>
+@@ -444,12 +445,24 @@
+ static void
+ ksem_info_impl(struct ksem *ks, char *path, size_t size, uint32_t *value)
+ {
++	const char *ks_path, *pr_path;
++	size_t pr_pathlen;
+ 
+ 	if (ks->ks_path == NULL)
+ 		return;
+ 	sx_slock(&ksem_dict_lock);
+-	if (ks->ks_path != NULL)
+-		strlcpy(path, ks->ks_path, size);
++	ks_path = ks->ks_path;
++	if (ks_path != NULL) {
++		pr_path = curthread->td_ucred->cr_prison->pr_path;
++		if (strcmp(pr_path, "/") != 0) {
++			/* Return the jail-rooted pathname. */
++			pr_pathlen = strlen(pr_path);
++			if (strncmp(ks_path, pr_path, pr_pathlen) == 0 &&
++			    ks_path[pr_pathlen] == '/')
++				ks_path += pr_pathlen;
++		}
++		strlcpy(path, ks_path, size);
++	}
+ 	if (value != NULL)
+ 		*value = ks->ks_value;
+ 	sx_sunlock(&ksem_dict_lock);
+@@ -493,6 +506,8 @@
+ 	struct ksem *ks;
+ 	struct file *fp;
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error, fd;
+ 
+@@ -529,10 +544,16 @@
+ 			ks->ks_flags |= KS_ANONYMOUS;
+ 	} else {
+ 		path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
+-		error = copyinstr(name, path, MAXPATHLEN, NULL);
++		pr_path = td->td_ucred->cr_prison->pr_path;
+ 
++		/* Construct a full pathname for jailed callers. */
++		pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++		    : strlcpy(path, pr_path, MAXPATHLEN);
++		error = copyinstr(name, path + pr_pathlen,
++		    MAXPATHLEN - pr_pathlen, NULL);
++
+ 		/* Require paths to start with a '/' character. */
+-		if (error == 0 && path[0] != '/')
++		if (error == 0 && path[pr_pathlen] != '/')
+ 			error = EINVAL;
+ 		if (error) {
+ 			fdclose(td, fp, fd);
+@@ -668,11 +689,17 @@
+ sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap)
+ {
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error;
+ 
+ 	path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+-	error = copyinstr(uap->name, path, MAXPATHLEN, NULL);
++	pr_path = td->td_ucred->cr_prison->pr_path;
++	pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++	    : strlcpy(path, pr_path, MAXPATHLEN);
++	error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
++	    NULL);
+ 	if (error) {
+ 		free(path, M_TEMP);
+ 		return (error);
+--- sys/kern/uipc_shm.c.orig
++++ sys/kern/uipc_shm.c
+@@ -57,6 +57,7 @@
+ #include <sys/kernel.h>
+ #include <sys/uio.h>
+ #include <sys/signal.h>
++#include <sys/jail.h>
+ #include <sys/ktrace.h>
+ #include <sys/lock.h>
+ #include <sys/malloc.h>
+@@ -712,6 +713,8 @@
+ 	struct shmfd *shmfd;
+ 	struct file *fp;
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	mode_t cmode;
+ 	int fd, error;
+@@ -749,13 +752,19 @@
+ 		shmfd = shm_alloc(td->td_ucred, cmode);
+ 	} else {
+ 		path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
+-		error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
++		pr_path = td->td_ucred->cr_prison->pr_path;
++
++		/* Construct a full pathname for jailed callers. */
++		pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++		    : strlcpy(path, pr_path, MAXPATHLEN);
++		error = copyinstr(uap->path, path + pr_pathlen,
++		    MAXPATHLEN - pr_pathlen, NULL);
+ #ifdef KTRACE
+ 		if (error == 0 && KTRPOINT(curthread, KTR_NAMEI))
+ 			ktrnamei(path);
+ #endif
+ 		/* Require paths to start with a '/' character. */
+-		if (error == 0 && path[0] != '/')
++		if (error == 0 && path[pr_pathlen] != '/')
+ 			error = EINVAL;
+ 		if (error) {
+ 			fdclose(td, fp, fd);
+@@ -842,11 +851,17 @@
+ sys_shm_unlink(struct thread *td, struct shm_unlink_args *uap)
+ {
+ 	char *path;
++	const char *pr_path;
++	size_t pr_pathlen;
+ 	Fnv32_t fnv;
+ 	int error;
+ 
+ 	path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
+-	error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
++	pr_path = td->td_ucred->cr_prison->pr_path;
++	pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
++	    : strlcpy(path, pr_path, MAXPATHLEN);
++	error = copyinstr(uap->path, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
++	    NULL);
+ 	if (error) {
+ 		free(path, M_TEMP);
+ 		return (error);
+@@ -1053,11 +1068,23 @@
+ void
+ shm_path(struct shmfd *shmfd, char *path, size_t size)
+ {
++	const char *shm_path, *pr_path;
++	size_t pr_pathlen;
+ 
+ 	if (shmfd->shm_path == NULL)
+ 		return;
+ 	sx_slock(&shm_dict_lock);
+-	if (shmfd->shm_path != NULL)
+-		strlcpy(path, shmfd->shm_path, size);
++	shm_path = shmfd->shm_path;
++	if (shm_path != NULL) {
++		pr_path = curthread->td_ucred->cr_prison->pr_path;
++		if (strcmp(pr_path, "/") != 0) {
++			/* Return the jail-rooted pathname. */
++			pr_pathlen = strlen(pr_path);
++			if (strncmp(shm_path, pr_path, pr_pathlen) == 0 &&
++			    shm_path[pr_pathlen] == '/')
++				shm_path += pr_pathlen;
++		}
++		strlcpy(path, shm_path, size);
++	}
+ 	sx_sunlock(&shm_dict_lock);
+ }

Property changes on: head/share/security/patches/SA-17:09/shm-10.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:09/shm-10.patch.asc
===================================================================
--- head/share/security/patches/SA-17:09/shm-10.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-17:09/shm-10.patch.asc	(revision 51201)
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxjBfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+aud+NQ//brfNPCYRN11P4LroaBUcy5Ylz8uA95mE/MwU1R9jA0LBpIvKmuzZQ0C1
+vaw8CCk2NfKZdod+/6MtPq5ngHSkaFpLEpT91T4z6CnjwDFkWtGWbSmOP6w9dtJY
+tl2lU2MsQYe6xCbW6Idf45gWEbca7S3pkjc8Qrun1Eofl86OmNLcHvbQQDn0LzLv
+/Albm3zqNusBJRY4GN7lcAbN8GjuYcXgqgvP4x9UkW2oUWBwaUxFieW+TqfDtQC0
+a1G7OFit+kF9vDaWKM6dALPc5etV5WsUl/W1/qCpja32IZ9Dc8fiKMapp3/p2+xe
+B5iA8UOa+PzOReoIc/PsCy1oKpor5vvJA5h70APfvUHwodb4slNPK15ZxynK9llE
+vHIN+fY/Xfjz0NM5xEz9QhOHue7H9nNtIHQSdy9wZzXT/s8rmf+5MWFgyKtMQac3
+Mat/RRZu+eLGvshQrnAseXvpmbGv7B06qOr81zx+K353rXrBm+V+5Z9ftvt2Ajlg
+YfPN4ExjXSsn2m8piuPuJT/6uyfo/NKdQrT9G4GLJi/gW9FSvAMMx7kT47U6MEFq
+FjYP70Z3JO/lCJz/yQHg6+LLR69GEFyqX54zrOfsYxfobLiiDJurcWHaVEnvVIes
+Sqc8fw2SPz74rL2GwkQttPTqJzGfXwKJGljcG5Yfr8l+0ZxLUFs=
+=4WnF
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-17:09/shm-10.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:10/kldstat.patch
===================================================================
--- head/share/security/patches/SA-17:10/kldstat.patch	(nonexistent)
+++ head/share/security/patches/SA-17:10/kldstat.patch	(revision 51201)
@@ -0,0 +1,75 @@
+--- sys/compat/freebsd32/freebsd32_misc.c.orig
++++ sys/compat/freebsd32/freebsd32_misc.c
+@@ -3331,8 +3331,8 @@
+ int
+ freebsd32_kldstat(struct thread *td, struct freebsd32_kldstat_args *uap)
+ {
+-	struct kld_file_stat stat;
+-	struct kld32_file_stat stat32;
++	struct kld_file_stat *stat;
++	struct kld32_file_stat *stat32;
+ 	int error, version;
+ 
+ 	if ((error = copyin(&uap->stat->version, &version, sizeof(version)))
+@@ -3342,17 +3342,22 @@
+ 	    version != sizeof(struct kld32_file_stat))
+ 		return (EINVAL);
+ 
+-	error = kern_kldstat(td, uap->fileid, &stat);
+-	if (error != 0)
+-		return (error);
+-
+-	bcopy(&stat.name[0], &stat32.name[0], sizeof(stat.name));
+-	CP(stat, stat32, refs);
+-	CP(stat, stat32, id);
+-	PTROUT_CP(stat, stat32, address);
+-	CP(stat, stat32, size);
+-	bcopy(&stat.pathname[0], &stat32.pathname[0], sizeof(stat.pathname));
+-	return (copyout(&stat32, uap->stat, version));
++	stat = malloc(sizeof(*stat), M_TEMP, M_WAITOK | M_ZERO);
++	stat32 = malloc(sizeof(*stat32), M_TEMP, M_WAITOK | M_ZERO);
++	error = kern_kldstat(td, uap->fileid, stat);
++	if (error == 0) {
++		bcopy(&stat->name[0], &stat32->name[0], sizeof(stat->name));
++		CP(*stat, *stat32, refs);
++		CP(*stat, *stat32, id);
++		PTROUT_CP(*stat, *stat32, address);
++		CP(*stat, *stat32, size);
++		bcopy(&stat->pathname[0], &stat32->pathname[0],
++		    sizeof(stat->pathname));
++		error = copyout(stat32, uap->stat, version);
++	}
++	free(stat, M_TEMP);
++	free(stat32, M_TEMP);
++	return (error);
+ }
+ 
+ int
+--- sys/kern/kern_linker.c.orig
++++ sys/kern/kern_linker.c
+@@ -1229,7 +1229,7 @@
+ int
+ sys_kldstat(struct thread *td, struct kldstat_args *uap)
+ {
+-	struct kld_file_stat stat;
++	struct kld_file_stat *stat;
+ 	int error, version;
+ 
+ 	/*
+@@ -1242,10 +1242,12 @@
+ 	    version != sizeof(struct kld_file_stat))
+ 		return (EINVAL);
+ 
+-	error = kern_kldstat(td, uap->fileid, &stat);
+-	if (error != 0)
+-		return (error);
+-	return (copyout(&stat, uap->stat, version));
++	stat = malloc(sizeof(*stat), M_TEMP, M_WAITOK | M_ZERO);
++	error = kern_kldstat(td, uap->fileid, stat);
++	if (error == 0)
++		error = copyout(stat, uap->stat, version);
++	free(stat, M_TEMP);
++	return (error);
+ }
+ 
+ int

Property changes on: head/share/security/patches/SA-17:10/kldstat.patch
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/security/patches/SA-17:10/kldstat.patch.asc
===================================================================
--- head/share/security/patches/SA-17:10/kldstat.patch.asc	(nonexistent)
+++ head/share/security/patches/SA-17:10/kldstat.patch.asc	(revision 51201)
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxj1fFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
+RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
+aud7chAApmeYQat1/fM0tufIYLhiq1sNIqJWoVg1mRRIfKQWIiq1qscyke6zZvOw
+AVYGEiMuLjb38cdwkJ1iASiA3HQ7tEBf/qBtOA4pxPvndGYeJE5Iubvkj57Jp0qb
+xjJ21APFcxsAnqYZWz8drUEj0LhEBj/bMEcYYPcqtTZDOFy+6rjzQQZluKnDOUEL
+J5FUjT7ekUAKLKPMqv1FvOZ6NwoZ2aOnI7pOZA/UOe+wPFF4aFfKfpcT7tcx7XFs
+iFiyirKBq2tjLGYUqcR4U8/kDk0QVeyfGarcDU9UUDSu4cNzZu6h5p3nnVPMOHqW
+lQMfONobxHwQy37Eg58W4f4cMDiOQSa48oMhE4Ai3/VDpwyBn6DYqw9BqisSZZZO
+xw4Fkvvjwg0wGWgkMpgrHaan+ubyjFNcBg6RuXrODm0RDWAR3pzc0bZQzwd8tlYq
+Fsku+bdaHW6VtUFFcSIXAfakFQX0F/99WW+Oy4+QzkA10oXKY9LJeFDBAAwY5mJm
+SPHWrcVo08mjDO5XV642HV7K+1YWZ3l8jA2b22UlU2s6slgz+AO51DV+RONlze/E
+qp25CnKkK8DUmtZ5zjXAGUfm/iA0rrSFAqHsB9xQSx5ht7Hk+EpV3d7FzeVKI0Sl
+V2TCk/SHCKVwNDg53/eXl7zWsY41CBw5L2b6oAvcyuipZJOAloA=
+=oLz2
+-----END PGP SIGNATURE-----

Property changes on: head/share/security/patches/SA-17:10/kldstat.patch.asc
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/share/xml/advisories.xml
===================================================================
--- head/share/xml/advisories.xml	(revision 51200)
+++ head/share/xml/advisories.xml	(revision 51201)
@@ -1,4378 +1,4398 @@
 <?xml version="1.0"?>
 <advisories>
     <cvs:keyword xmlns:cvs="http://www.FreeBSD.org/XML/CVS">
       $FreeBSD$
     </cvs:keyword>
 
   <year>
     <name>2017</name>
 
     <month>
+      <name>11</name>
+
+      <day>
+        <name>15</name>
+
+        <advisory>
+          <name>FreeBSD-SA-17:10.kldstat</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-17:09.shm</name>
+        </advisory>
+
+        <advisory>
+          <name>FreeBSD-SA-17:08.ptrace</name>
+        </advisory>
+      </day>
+    </month>
+
+    <month>
       <name>10</name>
 
       <day>
         <name>17</name>
 
         <advisory>
           <name>FreeBSD-SA-17:07.wpa</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
         <name>10</name>
 
         <advisory>
           <name>FreeBSD-SA-17:06.openssh</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
         <name>12</name>
 
         <advisory>
           <name>FreeBSD-SA-17:05.heimdal</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-17:04.ipfilter</name>
         </advisory>
       </day>
 
       <day>
         <name>12</name>
 
         <advisory>
           <name>FreeBSD-SA-17:03.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
         <name>23</name>
 
         <advisory>
           <name>FreeBSD-SA-17:02.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>11</name>
 
         <advisory>
           <name>FreeBSD-SA-17:01.openssh</name>
         </advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2016</name>
 
     <month>
       <name>12</name>
 
       <day>
         <name>22</name>
 
         <advisory>
           <name>FreeBSD-SA-16:39.ntp</name>
         </advisory>
       </day>
 
       <day>
         <name>6</name>
 
         <advisory>
           <name>FreeBSD-SA-16:38.bhyve</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:37.libc</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:36.telnetd</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
         <name>2</name>
 
         <advisory>
           <name>FreeBSD-SA-16:35.openssl</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:34.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:33.openssh</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
         <name>25</name>
 
         <advisory>
           <name>FreeBSD-SA-16:32.bhyve</name>
         </advisory>
       </day>
 
       <day>
         <name>10</name>
 
         <advisory>
           <name>FreeBSD-SA-16:31.libarchive</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:30.portsnap</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:29.bspatch</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:28.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:27.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
         <name>23</name>
 
         <advisory>
           <name>FreeBSD-SA-16:26.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
         <name>25</name>
 
         <advisory>
           <name>FreeBSD-SA-16:25.bspatch</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
         <name>4</name>
 
         <advisory>
           <name>FreeBSD-SA-16:24.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
         <name>31</name>
 
         <advisory>
           <name>FreeBSD-SA-16:23.libarchive</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:22.libarchive</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:21.43bsd</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:20.linux</name>
         </advisory>
       </day>
 
       <day>
         <name>17</name>
 
         <advisory>
           <name>FreeBSD-SA-16:19.sendmsg</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:18.atkbd</name>
         </advisory>
       </day>
 
       <day>
         <name>4</name>
 
         <advisory>
           <name>FreeBSD-SA-16:17.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
         <name>29</name>
 
         <advisory>
           <name>FreeBSD-SA-16:16.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
         <name>16</name>
 
         <advisory>
           <name>FreeBSD-SA-16:15.sysarch</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:14.openssh</name>
         </advisory>
       </day>
 
       <day>
         <name>10</name>
 
         <advisory>
           <name>FreeBSD-SA-16:13.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:12.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>30</name>
 
         <advisory>
           <name>FreeBSD-SA-16:11.openssl</name>
         </advisory>
       </day>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-16:10.linux</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:09.ntp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:08.bind</name>
         </advisory>
       </day>
 
       <day>
         <name>14</name>
 
         <advisory>
           <name>FreeBSD-SA-16:07.openssh</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:06.bsnmpd</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:05.tcp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:04.linux</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:03.linux</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:02.ntp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-16:01.sctp</name>
         </advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2015</name>
 
     <month>
       <name>12</name>
 
       <day>
         <name>16</name>
 
         <advisory>
           <name>FreeBSD-SA-15:27.bind</name>
         </advisory>
       </day>
 
       <day>
         <name>6</name>
 
         <advisory>
           <name>FreeBSD-SA-15:26.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
         <name>26</name>
 
         <advisory>
           <name>FreeBSD-SA-15:25.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
         <name>29</name>
 
         <advisory>
           <name>FreeBSD-SA-15:24.rpcbind</name>
         </advisory>
       </day>
 
       <day>
         <name>2</name>
 
         <advisory>
           <name>FreeBSD-SA-15:23.bind</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
         <name>25</name>
 
         <advisory>
           <name>FreeBSD-SA-15:22.openssh</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:21.amd64</name>
         </advisory>
       </day>
 
       <day>
         <name>18</name>
 
         <advisory>
           <name>FreeBSD-SA-15:20.expat</name>
         </advisory>
       </day>
 
       <day>
         <name>5</name>
 
         <advisory>
           <name>FreeBSD-SA-15:19.routed</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:18.bsdpatch</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
         <name>28</name>
 
         <advisory>
           <name>FreeBSD-SA-15:17.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:16.openssh</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:15.tcp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:14.bsdpatch</name>
         </advisory>
       </day>
 
       <day>
         <name>21</name>
 
         <advisory>
           <name>FreeBSD-SA-15:13.tcp</name>
         </advisory>
       </day>
 
       <day>
         <name>9</name>
 
         <advisory>
           <name>FreeBSD-SA-15:12.openssl</name>
         </advisory>
       </day>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-15:11.bind</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
         <name>12</name>
 
         <advisory>
           <name>FreeBSD-SA-15:10.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-15:09.ipv6</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:08.bsdinstall</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:07.ntp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
         <name>19</name>
 
         <advisory>
           <name>FreeBSD-SA-15:06.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
         <name>25</name>
 
         <advisory>
           <name>FreeBSD-SA-15:05.bind</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:04.igmp</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-15:03.sctp</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-15:02.kmem</name>
         </advisory>
       </day>
 
       <day>
         <name>14</name>
 
         <advisory>
           <name>FreeBSD-SA-15:01.openssl</name>
         </advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2014</name>
 
     <month>
       <name>12</name>
 
       <day>
         <name>23</name>
 
         <advisory>
           <name>FreeBSD-SA-14:31.ntp</name>
         </advisory>
       </day>
 
       <day>
         <name>17</name>
 
         <advisory>
           <name>FreeBSD-SA-14:30.unbound</name>
         </advisory>
       </day>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:29.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:28.file</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:27.stdio</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>04</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:26.ftp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:25.setlogin</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:24.sshd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>21</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:23.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:22.namei</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:21.routed</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:20.rtsold</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>16</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:19.tcp</name>
 	</advisory>
       </day>
 
       <day>
 	<name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:18.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>8</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:17.kmem</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>24</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:16.file</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:15.iconv</name>
 	</advisory>
       </day>
 
       <day>
 	<name>5</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:14.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:13.pam</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:12.ktrace</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:11.sendmail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:10.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:09.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:08.tcp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:07.devfs</name>
 	</advisory>
       </day>
 
       <day>
 	<name>08</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:06.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:05.nfsserver</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:03.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:02.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-14:01.bsnmpd</name>
 	</advisory>
       </day>
     </month>
 
   </year>
 
   <year>
     <name>2013</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:14.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:13.nullfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:12.ifioctl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:11.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:10.sctp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:09.ip_multicast</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>26</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:08.nfsserver</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:07.bind</name>
 	</advisory>
       </day>
 
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>18</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:06.mmap</name>
 	</advisory>
       </day>
 
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:05.nfsserver</name>
 	</advisory>
       </day>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:03.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:02.libc</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-13:01.bind</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2012</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:08.linux</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:07.hostapd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:05.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>12</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:04.sysret</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:03.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:02.crypt</name>
 	</advisory>
       </day>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-12:01.openssl</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2011</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:10.pam</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:09.pam_ssh</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:08.telnetd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:07.chroot</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:05.unix</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:04.compress</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:03.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:02.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-11:01.mountd</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2010</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:10.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:09.pseudofs</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:08.bzip2</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:07.mbuf</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>27</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:06.nfsclient</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:05.opie</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:04.jail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:03.zfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:02.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-10:01.bind</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2009</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:17.freebsd-update</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:16.rtld</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:15.ssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:14.devfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:13.pipe</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:12.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>10</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:11.ntpd</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:10.ipv6</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:09.pipe</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:08.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:07.libc</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:06.ktimer</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>16</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:05.telnetd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:04.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:03.ntpd</name>
 	</advisory>
       </day>
 
       <day>
 	<name>7</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:02.openssl</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-09:01.lukemftpd</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2008</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:13.protosw</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:12.ftpd</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>24</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:11.arc4random</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>2</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:10.nd6</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:09.icmp6</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:08.nmount</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:07.amd64</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:06.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>17</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:05.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:04.ipsec</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:03.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>18</name>
 
         <release>
           <name>FreeBSD 6.3-RELEASE</name>
         </release>
       </day>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:02.libc</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-08:01.pty</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2007</name>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:10.gtar</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:09.random</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
 	<name>3</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:08.openssl</name>
 	</advisory>
       </day>
     </month>
 
 
     <month>
       <name>8</name>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:07.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:06.tcpdump</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
 	<name>12</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:05.libarchive</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:04.file</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>26</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:03.ipv6</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:02.bind</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
         <name>15</name>
 
         <release>
           <name>FreeBSD 6.2-RELEASE</name>
         </release>
       </day>
 
       <day>
 	<name>11</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-07:01.jail</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2006</name>
 
     <month>
       <name>12</name>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:26.gtar</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:25.kmem</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>11</name>
 
       <day>
 	<name>8</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:24.libarchive</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
 	<name>30</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:22.openssh</name>
 	</advisory>
       </day>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:23.openssl</name>
 	</advisory>
       </day>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:21.gzip</name>
 	</advisory>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:20.bind</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:19.openssl</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>8</name>
 
       <day>
 	<name>23</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:18.ppp</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
 	<name>14</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:17.sendmail</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
 	<name>31</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:16.smbfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:15.ypserv</name>
 	</advisory>
       </day>
 
       <day>
         <name>25</name>
 
         <release>
           <name>FreeBSD 5.5-RELEASE</name>
         </release>
       </day>
 
       <day>
         <name>9</name>
 
         <release>
           <name>FreeBSD 6.1-RELEASE</name>
         </release>
       </day>
 
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>19</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:14.fpu</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:13.sendmail</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:12.opie</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:11.ipsec</name>
 	</advisory>
       </day>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:10.nfs</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:09.openssh</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>2</name>
 
       <day>
 	<name>1</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:08.sack</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
       <day>
 	<name>25</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:07.pf</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:06.kmem</name>
 	</advisory>
       </day>
 
       <day>
 	<name>18</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:05.80211</name>
 	</advisory>
       </day>
 
       <day>
 	<name>11</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:04.ipfw</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:03.cpio</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:02.ee</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-06:01.texindex</name>
 	</advisory>
       </day>
     </month>
   </year>
 
   <year>
     <name>2005</name>
 
     <month>
       <name>11</name>
 
       <day>
         <name>4</name>
 
         <release>
           <name>FreeBSD 6.0-RELEASE</name>
         </release>
       </day>
     </month>
 
     <month>
       <name>10</name>
 
       <day>
         <name>11</name>
 
         <advisory>
           <name>FreeBSD-SA-05:21.openssl</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>9</name>
 
       <day>
         <name>7</name>
 
         <advisory>
           <name>FreeBSD-SA-05:20.cvsbug</name>
         </advisory>
       </day>
     </month>
 
     <month>
       <name>7</name>
 
       <day>
         <name>27</name>
 
         <advisory>
           <name>FreeBSD-SA-05:19.ipsec</name>
         </advisory>
 
         <advisory>
           <name>FreeBSD-SA-05:18.zlib</name>
         </advisory>
       </day>
 
       <day>
         <name>20</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:17.devfs</name>
 	</advisory>
       </day>
 
       <day>
         <name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:16.zlib</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>6</name>
 
       <day>
         <name>29</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:15.tcp</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:14.bzip2</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:13.ipfw</name>
 	</advisory>
       </day>
 
       <day>
         <name>9</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:12.bind9</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:11.gzip</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:10.tcpdump</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>5</name>
 
       <day>
         <name>13</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:09.htt</name>
 	</advisory>
       </day>
 
       <day>
 	<name>9</name>
 
 	<release>
 	  <name>FreeBSD 5.4-RELEASE</name>
 	</release>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:08.kmem</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:07.ldt</name>
 	</advisory>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:06.iir</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>4</name>
 
       <day>
 	<name>22</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:05.cvs</name>
 	</advisory>
       </day>
 
       <day>
 	<name>15</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:04.ifconf</name>
 	</advisory>
       </day>
 
       <day>
 	<name>6</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:03.amd64</name>
 	</advisory>
       </day>
 
       <day>
 	<name>4</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:02.sendfile</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>3</name>
 
       <day>
 	<name>28</name>
 
 	<advisory>
 	  <name>FreeBSD-SA-05:01.telnet</name>
 	</advisory>
       </day>
     </month>
 
     <month>
       <name>1</name>
 
 	<day>
 	  <name>25</name>
 
 	  <release>
 	    <name>FreeBSD 4.11-RELEASE</name>
 	  </release>
 	</day>
     </month>
   </year>
 
     <year>
       <name>2004</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>1</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:17.procfs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>11</name>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:16.fetch</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>6</name>
 
 	  <release>
 	    <name>FreeBSD 5.3-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
         <name>10</name>
 
 	<day>
 	  <name>4</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:15.syscons</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>9</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:14.cvs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
         <name>6</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:13.linux</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>7</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:12.jailroute</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>27</name>
 
 	  <release>
 	    <name>FreeBSD 4.10-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:11.msync</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:10.cvs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>5</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:09.kadmind</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-04:08.heimdal</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:07.cvs</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:06.ipv6</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:05.openssl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>2</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:04.tcp</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>26</name>
 
 	  <release>
 	    <name>FreeBSD 5.2.1-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>25</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:03.jail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:02.shmat</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-04:01.mksnap_ffs</name>
 	  </advisory>
 	</day>
 
 
 	<day>
 	  <name>12</name>
 
 	  <release>
 	    <name>FreeBSD 5.2-RELEASE</name>
 	  </release>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2003</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:19.bind</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>27</name>
 
 	  <release>
 	    <name>FreeBSD 4.9-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>5</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:15.openssh</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:18.openssl</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-03:17.procfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>2</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:16.filedesc</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:14.arp</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:13.sendmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:12.openssh</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:11.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1170</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:10.ibcs2</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1164</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:09.signal</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1163</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:08.realpath</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1158</ulink>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>9</name>
 
 	  <release>
 	    <name>FreeBSD 5.1-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>8</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-03:02</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>7</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-03:01</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <release>
 	    <name>FreeBSD 4.8-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:07.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1122</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:06.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1118</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:05.xdr</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1117</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>3</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:04.sendmail</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1112</ulink>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:03.syncookies</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1106</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:02.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1105</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-03:01.cvs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1100</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>19</name>
 
 	  <release>
 	    <name>FreeBSD 5.0-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:44.filedesc</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1090</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2002</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:43.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1084</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:41.smrsh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1082</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:42.resolv</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1083</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:40.kadmind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1081</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>10</name>
 
 	  <release>
 	    <name>FreeBSD 4.7-RELEASE</name>
 	  </release>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:06</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:39.libkvm</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1051</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:05</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:38.signed-error</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1041</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <release>
 	    <name>FreeBSD 4.6.2-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:37.kqueue</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1033</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:36.nfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1032</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:35.ffs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1031</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:33.openssl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1023</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:34.rpc</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1024</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:32.pppd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1022</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:31.openssh</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:30.ktrace</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:29.tcpdump</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:28.resolv</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:04</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <release>
 	    <name>FreeBSD 4.6-RELEASE</name>
 	  </release>
 	</day>
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:27.rc</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:26.accept</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:03</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:25.bzip2</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-02:24.k5su</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:02</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:23.stdio</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1021</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:22.mmap</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:21.tcpip</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/980</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:20.syncache</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/979</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SN-02:01</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:19.squid</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/960</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:18.zlib</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/978</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:17.mod_frontpage</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/954</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:16.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/953</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:15.cyrus-sasl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/952</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:14.pam-pgsql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/951</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:13.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/945</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:12.squid</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/938</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:11.snmp</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/936</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:10.rsync</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/928</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:09.fstatfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/927</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>29</name>
 
 	  <release>
 	    <name>FreeBSD 4.5-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:08.exec</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/923</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:07.k5su</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/912</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:06.sudo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/909</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:05.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/894</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:04.mutt</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/893</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:03.mod_auth_pgsql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/892</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:02.pw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/891</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-02:01.pkg_add</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/898</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2001</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:64.wu-ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/870</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:63.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/871</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>08</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:62.uucp</name>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:61.squid</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:60.procmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <release>
 	    <name>FreeBSD 4.4-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:59.rmuser</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:58.lpd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:57.sendmail</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:56.tcp_wrappers</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:55.procfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:54.ports-telnetd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:53.ipfw</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:52.fragment</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:51.openssl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:50.windowmaker</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:49.telnetd</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:48.tcpdump</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:47.xinetd</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:46.w3m</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:45.samba</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:44.gnupg</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:43.fetchmail</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:42.signal</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:41.hanterm</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:40.fts</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:39.tcp-isn</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:38.sudo</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:37.slrn</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:36.samba</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:35.licq</name>
 	  </advisory>
 	  <advisory>
 	    <name>FreeBSD-SA-01:34.hylafax</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <release>
 	    <name>FreeBSD 4.3-RELEASE</name>
 	  </release>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:33.ftpd-glob</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:32.ipfilter</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:31.ntpd</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:30.ufs-ext2fs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/738</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:29.rwhod</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/732</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:28.timed</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/731</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:27.cfengine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/730</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:26.interbase</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/729</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:23.icecast</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/728</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:25.kerberosIV</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/716</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:24.ssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/715</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:22.dc20ctrl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/714</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:21.ja-elvis</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/713</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:20.mars_nwe</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/712</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:19.ja-klock</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/707</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:18.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/706</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:17.exmh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/705</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:16.mysql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/704</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:15.tinyproxy</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/703</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:14.micq</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/702</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:13.sort</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/701</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:12.periodic</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/700</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:11.inetd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/699</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:10.bind</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/698</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:09.crontab</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/697</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:08.ipfw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/696</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:07.xfree86</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:06.zope</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/669</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:05.stunnel</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/668</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:04.joe</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/667</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:03.bash1</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/666</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:02.syslog-ng</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/665</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-01:01.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/664</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>2000</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:81.ethereal</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/651</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:80.halflifeserver</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/650</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:79.oops</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/649</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:78.bitchx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/648</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:77.procfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/647</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:76.tcsh-csh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/628</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:75.php</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/627</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:74.gaim</name>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:73.thttpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/626</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:72.curl</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/625</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:71.mgetty</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/624</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:70.ppp-nat</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/623</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:69.telnetd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/622</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:68.ncurses</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/621</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:67.gnupg</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/620</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:66.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/619</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:65.xfce</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/618</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:64.global</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/617</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:63.getnameinfo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/589</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:62.top</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/616</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:61.tcpdump</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/615</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>30</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:60.boa</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/586</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:59.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/585</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:58.chpass</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/584</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:57.muh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/570</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:56.lprng</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/569</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:55.xpdf</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/568</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:54.fingerd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/567</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>06</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:52.tcp-iss</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/561</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>27</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:53.catopen</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/562</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:51.mailman</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/550</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:50.listmanager</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/549</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:49.eject</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/548</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:48.xchat</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/547</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:47.pine</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/546</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:46.screen</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/545</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>31</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:45.esound</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/526</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:44.xlock</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/523</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:43.brouted</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/520</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:42.linux</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/530</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:41.elf</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/527</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:40.mopd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/521</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:39.netscape</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/528</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:38.zope</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/525</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:37.cvsweb</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/524</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:36.ntop</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/531</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:35.proftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/522</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:34.dhclient</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/529</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:33.kerberosIV</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/488</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:32.bitchx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/487</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:31.canna</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/486</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:30.openssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/485</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:29.wu-ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/489</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:28.majordomo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/484</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:27.XFree86-4</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/483</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:26.popper</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/482</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:24.libedit</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/481</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:23.ip-options</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/480</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:25.alpha-random</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/473</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:22.apsfilter</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/461</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:21.ssh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/459</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:20.krb5</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/452</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>23</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:19.semconfig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/451</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:18.gnapster.knapster</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/429</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:17.libmytinfo</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/442</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:16.golddig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/439</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:15.imap-uw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/438</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:14.imap-uw</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/441</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:13.generic-nqs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/437</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:12.healthd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/436</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:11.ircii</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/440</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:10.orville-write</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/408</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:09.mtr</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/408</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:08.lynx</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/407</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:07.mh</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/411</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:06.htdig</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/403</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:05.mysql</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/402</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:04.delegate</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/392</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:03.asmon</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/391</ulink>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:02.procfs</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/380</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name>FreeBSD-SA-00:01.make</name>
 	  </advisory>
 
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1999</name>
 
       <month>
 	<name>9</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:06.amd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/318</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>15</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:05.fts</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/313</ulink>
 	  </advisory>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:04.core</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/312</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:03.ftpd</name>
 	    <ulink lang="ja">http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/311</ulink>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:02.profil</name>
 	  </advisory>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-99:01.chflags</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1998</name>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:08.fragment</name>
 	  </advisory>
 	</day>
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>13</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:07.rst</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:06.icmp</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:05.nfs</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>02</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:04.mmap</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>14</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:03.ttcp</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:02.mmap</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1997</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>09</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:06.f00f</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>01</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-98:01.land</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>10</name>
 
 	<day>
 	  <name>29</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:05.open</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>8</name>
 
 	<day>
 	  <name>19</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:04.procfs</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>07</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:03.sysinstall</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>3</name>
 
 	<day>
 	  <name>26</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:02.lpd</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>2</name>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-97:01.setlocale</name>
 	  </advisory>
 
 	</day>
 
       </month>
 
       <month>
 	<name>1</name>
 
 	<day>
 	  <name>18</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:21.talkd</name>
 	  </advisory>
 	</day>
 
       </month>
 
     </year>
 
     <year>
       <name>1996</name>
 
       <month>
 	<name>12</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:20.stack-overflow</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>10</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:19.modstat</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>11</name>
 
 	<day>
 	  <name>25</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:18.lpr</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>7</name>
 
 	<day>
 	  <name>16</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:17.rzsz</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>12</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:16.rdist</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>04</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:15.ppp</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>6</name>
 
 	<day>
 	  <name>28</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:12.perl</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>24</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:14.ipfw</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>05</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:13.comsat</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>5</name>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:11.man</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>17</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:10.mount_union</name>
 	  </advisory>
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:09.vfsload</name>
 	  </advisory>
 	</day>
 
       </month>
 
       <month>
 	<name>4</name>
 
 	<day>
 	  <name>22</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:02.apache</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>21</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:08.syslog</name>
 	  </advisory>
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:01.sliplogin</name>
 	  </advisory>
 	</day>
 
 	<day>
 	  <name>20</name>
 
 	  <advisory>
 	    <name role="old">FreeBSD-SA-96:03.sendmail-suggestion</name>
 	  </advisory>
 	</day>
 
       </month>
     </year>
 
 </advisories>