From nobody Tue Dec 07 21:03:23 2021 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E327E18DDCBF for ; Tue, 7 Dec 2021 21:03:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J7t7J5t76z3FMx; Tue, 7 Dec 2021 21:03:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 029B826B33; Tue, 7 Dec 2021 21:03:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1B7L3NE1075751; Tue, 7 Dec 2021 21:03:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1B7L3NRg075750; Tue, 7 Dec 2021 21:03:23 GMT (envelope-from git) Date: Tue, 7 Dec 2021 21:03:23 GMT Message-Id: <202112072103.1B7L3NRg075750@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Glen Barber Subject: git: 4dcb330e6f - main - 12.3 relnotes: add SA/EN information since 12.2 List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-doc-all@freebsd.org X-BeenThere: dev-commits-doc-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gjb X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4dcb330e6f9bbc0b206a108f1e29525f2b7ec5a7 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638911005; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jVWziAsAZLUF4x0TiPIl3pfQTNMwm3qe+e92LwSFObE=; b=auwvowl2feKhpTpwWI5dHkxu3LwRlKpEwO86p9geA1RJbvryKcitan+lo4IDtnWF4B7PhE gAQezLqVHJ+OF3J60Un4bVFcvoVbxg/nUQ89fXMrtq9+yR6AD8q93GOSul2S6xZhrZv5Fv 01tP0/RGEC7Wo1RP+WHr8v6HWzS4EFH/S0nMwZXSNs2ujz4rTvkRaX+wGMHhKGiOX1sT3Z xgLFwszUqgAGT769bJeI5xDTHQ1Hyo2bJMU5Zzih0MlMCSVheY+bjd3yawYNvL24wsXfqe iZZMJs2xEzX+zcn5hmHI2Kq+yP7gzztR+sGEoUDbB2LCzNy8Y0Uw8ACh/OVonA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638911005; a=rsa-sha256; cv=none; b=g99WOoIBDkA3hngiTEuY2Xtfo1kho/dn717Da4CNdjPp8AfBnJSFsXK5Jf3aEDp6WXj4Es sG7IpLCVwYqeQl1LhAMcBTGiKIQqzy26+F0Z6Ifi+ICfjXTeeDknPMA3bCPdMjUYiptXSt xdYZQvluRbwnKE35KwqybvNo+vu9UQwz3wT58j5zqBPGV/kX5TY7r2Ez0CcVeutASwUi8T px+Ll3UQ+H0tzebq7d8Kfc8TbD4EWOb2DGN7dUw8nY7USKfJuxvplPYmFoGmtt/39Pt9RJ 3GInu2JIi5pa7mYNmq2AiVFB4t2hf4jaLTMmiYqhRy9Ezg6YlEVujBtKz6t4Kg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by gjb: URL: https://cgit.FreeBSD.org/doc/commit/?id=4dcb330e6f9bbc0b206a108f1e29525f2b7ec5a7 commit 4dcb330e6f9bbc0b206a108f1e29525f2b7ec5a7 Author: Glen Barber AuthorDate: 2021-12-07 17:55:01 +0000 Commit: Glen Barber CommitDate: 2021-12-07 17:55:01 +0000 12.3 relnotes: add SA/EN information since 12.2 Sponsored by: Rubicon Communications, LLC ("Netgate") --- website/content/en/releases/12.3R/relnotes.adoc | 70 +++++++++++++++++-------- 1 file changed, 48 insertions(+), 22 deletions(-) diff --git a/website/content/en/releases/12.3R/relnotes.adoc b/website/content/en/releases/12.3R/relnotes.adoc index d331a6d7d5..54243943a2 100644 --- a/website/content/en/releases/12.3R/relnotes.adoc +++ b/website/content/en/releases/12.3R/relnotes.adoc @@ -59,35 +59,61 @@ This section lists the various Security Advisories and Errata Notices since {rel [[security]] === Security Advisories -[.informaltable] -[cols="1,1,1", frame="none", options="header"] +[width="100%",cols="40%,30%,30%",options="header",] |=== -| Advisory -| Date -| Topic - -// XXX: Pull in static content from the 12.2 errata page. -|No advisories. -| -| - +|Advisory |Date |Topic +|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:31.icmp6.asc[FreeBSD-SA-20:31.icmp6] |1 December 2020 |Use-after-free in error message handling +|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:32.rtsold.asc[FreeBSD-SA-20:32.rtsold] |1 December 2020 |Multiple vulnerabilities +|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:33.openssl.asc[FreeBSD-SA-20:33.openssl] |8 December 2020 |NULL pointer de-reference +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:01.fsdisclosure.asc[FreeBSD-SA-21:01.fsdisclosure] |29 January 2021 |Kernel stack disclosure +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:02.xenoom.asc[FreeBSD-SA-21:02.xenoom] |29 January 2021 |Kernel panic +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:03.pam_login_access.asc[FreeBSD-SA-21:03.pam_login_access] |24 February 2021 |Privilege escalation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:04.jail_remove.asc[FreeBSD-SA-21:04.jail_remove] |24 February 2021 |Privilege escalation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:05.jail_chdir.asc[FreeBSD-SA-21:05.jail_chdir] |24 February 2021 |Privilege escalation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:06.xen.asc[FreeBSD-SA-21:06.xen] |24 February 2021 |Resource leaks +|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-21:07.openssl.asc[FreeBSD-SA-21:07.openssl] |25 March 2021 |Multiple vulnerabilities +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:08.vm.asc[FreeBSD-SA-21:08.vm] |6 April 2021 |Kernel memory disclosure +|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-21:09.accept_filter.asc[FreeBSD-SA-21:09.accept_filter] |6 April 2021 |Privilege escalation or memory disclosure +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:10.jail_mount.asc[FreeBSD-SA-21:10.jail_mount] |6 April 2021 |Privilege escalation +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:11.smap.asc[FreeBSD-SA-21:11.smap] |26 May 2021 |Mitigation bypass +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:12.libradius.asc[FreeBSD-SA-21:12.libradius] |26 May 2021 |Denial of service +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:13.bhyve.asc[FreeBSD-SA-21:13.bhyve] |24 August 2021 |Missing error handling in bhyve(8) device models +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:14.ggatec.asc[FreeBSD-SA-21:14.ggatec] |24 August 2021 |Remote code execution in ggatec(8) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:15.libfetch.asc[FreeBSD-SA-21:15.libfetch] |24 August 2021 |libfetch out of bounds read +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:16.openssl.asc[FreeBSD-SA-21:16.openssl] |24 August 2021 |Multiple vulnerabilities in OpenSSL +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:17.openssl.asc[FreeBSD-SA-21:17.openssl] |24 August 2021 |Multiple vulnerabilities in OpenSSL |=== [[errata]] === Errata Notices -[.informaltable] -[cols="1,1,1", frame="none", options="header"] +[width="100%",cols="40%,30%,30%",options="header",] |=== -| Errata -| Date -| Topic - -// XXX: Pull in static content from the 12.2 errata page. -|No errata. -| -| - +|Errata |Date |Topic +|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:19.audit.asc[FreeBSD-EN-20:19.audit] |1 December 2020 |execve/fexecve system call auditing +|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:20.tzdata.asc[FreeBSD-EN-20:20.tzdata] |1 December 2020 |Timezone database information update +|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:21.ipfw.asc[FreeBSD-EN-20:21.ipfw] |1 December 2020 |Uninitialized variable +|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:22.callout.asc[FreeBSD-EN-20:22.callout] |1 December 2020 |Race condition in callout CPU migration +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:01.tzdata.asc[FreeBSD-EN-21:01.tzdata] |29 January 2021 |Timezone database information update +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:03.vnet.asc[FreeBSD-EN-21:03.vnet] |29 January 2021 |Panic when destroying VNET and epair simultaneously +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:04.zfs.asc[FreeBSD-EN-21:04.zfs] |29 January 2021 |zfs recv fails to propagate snapshot deletion +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:06.microcode.asc[FreeBSD-EN-21:06.microcode] |24 February 2021 |Boot-time microcode loading causes a boot hang +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:07.caroot.asc[FreeBSD-EN-21:07.caroot] |24 February 2021 |Root certificate bundle update +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:08.freebsd-update.asc[FreeBSD-EN-21:08.freebsd-update] |24 February 2021 |freebsd-update passwd regeneration +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:09.pf.asc[FreeBSD-EN-21:09.pf] |6 April 2021 |net.pf.request_maxcount not settable from loader.conf(5) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:10.lldb.asc[FreeBSD-EN-21:10.lldb] |6 April 2021 |lldb abort on print command +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:11.aesni.asc[FreeBSD-EN-21:11.aesni] |26 May 2021 |Race condition in aesni(4) encrypt-then-auth operations +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:12.divert.asc[FreeBSD-EN-21:12.divert] |26 May 2021 |Kernel double free when transmitting on a divert socket +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:14.pms.asc[FreeBSD-EN-21:14.pms] |26 May 2021 |pms(4) data corruption +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:16.bc.asc[FreeBSD-EN-21:16.bc] |26 May 2021 |dc update +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:17.libradius.asc[FreeBSD-EN-21:17.libradius] |1 June 2021 |Incorrect validation in rad_get_attr(3) +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:19.libcasper.asc[FreeBSD-EN-21:19.libcasper] |30 June 2021 |libcasper assertion failure +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:22.linux_futex.asc[FreeBSD-EN-21:22.linux_futex] |30 June 2021 |Linux compatibility layer futex(2) system call vulnerability +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:24.libcrypto.asc[FreeBSD-EN-21:24.libcrypto] |24 August 2021 |OpenSSL 1.1.1e API functions not exported +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:25.bhyve.asc[FreeBSD-EN-21:25.bhyve] |24 August 2021 |Fix NVMe iovec construction for large IOs +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:27.caroot.asc[FreeBSD-EN-21:27.caroot] |4 November 2021 |Root certificate bundle update +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:28.vmci.asc[FreeBSD-EN-21:28.vmci] |4 November 2021 |Fix kernel panic in vmci driver initialization +|link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:29.tzdata.asc[FreeBSD-EN-21:29.tzdata] |4 November 2021 |Timezone database information update |=== [[userland]]