git: 2c8a6d2bef - main - Add advisories affecting 13.3R, 14.0R, and 14.1R
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 11 Aug 2024 02:18:15 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/doc/commit/?id=2c8a6d2bef9e1967ac244cbe51b7e4060a3d246c
commit 2c8a6d2bef9e1967ac244cbe51b7e4060a3d246c
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2024-08-11 02:17:39 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2024-08-11 02:17:39 +0000
Add advisories affecting 13.3R, 14.0R, and 14.1R
FreeBSD-SA-24:04.openssh
FreeBSD-SA-24:05.pf
FreeBSD-SA-24:06.ktrace
FreeBSD-SA-24:07.nfsclient
FreeBSD-SA-24:08.openssh
Also include FreeBSD-SA-24:04.openssh in the 13.2R release notes since
the security team patched that release, despite it going out of support
one day before.
---
website/content/en/releases/13.2R/errata.adoc | 1 +
website/content/en/releases/13.3R/errata.adoc | 8 +++++---
website/content/en/releases/14.0R/errata.adoc | 5 +++++
website/content/en/releases/14.1R/errata.adoc | 8 +++++---
4 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/website/content/en/releases/13.2R/errata.adoc b/website/content/en/releases/13.2R/errata.adoc
index d4ac3eb2e6..4185555de0 100644
--- a/website/content/en/releases/13.2R/errata.adoc
+++ b/website/content/en/releases/13.2R/errata.adoc
@@ -63,6 +63,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload] |14 February 2024 |bhyveload(8) host file access
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:02.tty.asc[FreeBSD-SA-24:02.tty] |14 February 2024 |jail(2) information leak
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound] |28 March 2024 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] |1 July 2024 |OpenSSH pre-authentication remote code execution
|===
[[errata]]
diff --git a/website/content/en/releases/13.3R/errata.adoc b/website/content/en/releases/13.3R/errata.adoc
index eeeee74d6a..23a942a8c9 100644
--- a/website/content/en/releases/13.3R/errata.adoc
+++ b/website/content/en/releases/13.3R/errata.adoc
@@ -44,9 +44,11 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-
-|No advisories.||
-
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] |1 July 2024 |OpenSSH pre-authentication remote code execution
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] |7 August 2024 |pf incorrectly matches different ICMPv6 states in the state table
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] |7 August 2024 |ktrace(2) fails to detach when executing a setuid binary
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] |7 August 2024 |NFS client accepts file names containing path separators
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] |7 August 2024 |OpenSSH pre-authentication async signal safety issue
|===
[[errata]]
diff --git a/website/content/en/releases/14.0R/errata.adoc b/website/content/en/releases/14.0R/errata.adoc
index 7b64a0446e..1a4966312d 100644
--- a/website/content/en/releases/14.0R/errata.adoc
+++ b/website/content/en/releases/14.0R/errata.adoc
@@ -51,6 +51,11 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload] |14 February 2024 |bhyveload(8) host file access
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:02.tty.asc[FreeBSD-SA-24:02.tty] |14 February 2024 |jail(2) information leak
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound] |28 March 2024 |Multiple vulnerabilities in unbound
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] |1 July 2024 |OpenSSH pre-authentication remote code execution
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] |7 August 2024 |pf incorrectly matches different ICMPv6 states in the state table
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] |7 August 2024 |ktrace(2) fails to detach when executing a setuid binary
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] |7 August 2024 |NFS client accepts file names containing path separators
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] |7 August 2024 |OpenSSH pre-authentication async signal safety issue
|===
[[errata]]
diff --git a/website/content/en/releases/14.1R/errata.adoc b/website/content/en/releases/14.1R/errata.adoc
index 63b1b44b42..844e05c2c2 100644
--- a/website/content/en/releases/14.1R/errata.adoc
+++ b/website/content/en/releases/14.1R/errata.adoc
@@ -44,9 +44,11 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-
-|No advisories.||
-
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:04.openssh.asc[FreeBSD-SA-24:04.openssh] |1 July 2024 |OpenSSH pre-authentication remote code execution
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:05.pf.asc[FreeBSD-SA-24:05.pf] |7 August 2024 |pf incorrectly matches different ICMPv6 states in the state table
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:06.ktrace.asc[FreeBSD-SA-24:06.ktrace] |7 August 2024 |ktrace(2) fails to detach when executing a setuid binary
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:07.nfsclient.asc[FreeBSD-SA-24:07.nfsclient] |7 August 2024 |NFS client accepts file names containing path separators
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:08.openssh.asc[FreeBSD-SA-24:08.openssh] |7 August 2024 |OpenSSH pre-authentication async signal safety issue
|===
[[errata]]