Minimal Scripted Configuration, Eric Radman
2021-06-02 @ 18:45 EDT - Zoom
Configuration management is term that is usually used to describe a
declarative approach to systems, but a new generation of tools has
emerged that take a different tact. By providing only the minimal
scaffolding for writing scripts, it is possible to build configuration
management that scale with the complexity of the environment. In this
discussion we will consider three different architectures: Agent-Server,
Gather-Fact, and Remote Execution.
For Zoom meeting details, email to rsvp AT lists.nycbug.org by noon on
the day of the meeting, and details will be sent on the day of the
meeting. Q&A will be via IRC on libera.chat, channel #nycbug
Eric has administered BSD and Linux systems for 20 years, and has
supported applications using PostgreSQL for nearly as long. He is
usually most content when result of a test or deployment returns in two
or three seconds after typing :w.
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org:8080/mailman/listinfo/announce
Monday, May 31, 2021
[USN-4968-2] LZ4 vulnerability
==========================================================================
Ubuntu Security Notice USN-4968-2
May 31, 2021
lz4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
LZ4 could be made to crash or run programs if it opened a specially crafted
file.
Software Description:
- lz4: Extremely fast compression algorithm
Details:
USN-4968-1 fixed a vulnerability in LZ4. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that LZ4 incorrectly handled certain memory operations.
If a user or automated system were tricked into uncompressing a specially-
crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
liblz4-1 0.0~r131-2ubuntu2+esm1
Ubuntu 14.04 ESM:
liblz4-1 0.0~r114-2ubuntu1+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4968-2
https://ubuntu.com/security/notices/USN-4968-1
CVE-2021-3520
Ubuntu Security Notice USN-4968-2
May 31, 2021
lz4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
LZ4 could be made to crash or run programs if it opened a specially crafted
file.
Software Description:
- lz4: Extremely fast compression algorithm
Details:
USN-4968-1 fixed a vulnerability in LZ4. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that LZ4 incorrectly handled certain memory operations.
If a user or automated system were tricked into uncompressing a specially-
crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
liblz4-1 0.0~r131-2ubuntu2+esm1
Ubuntu 14.04 ESM:
liblz4-1 0.0~r114-2ubuntu1+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4968-2
https://ubuntu.com/security/notices/USN-4968-1
CVE-2021-3520
Thursday, May 27, 2021
IRC Announcement
Since its beginnings, the Fedora Project has used the freenode IRC network for our project communications. Due to a variety of recent changes to that network, the Fedora Project is moving our IRC communications to Libera.Chat.
If you are a current IRC user, please go and register your nick(s) on Libera.Chat ( https://libera.chat/guides/registration#registering ) and rejoin the #fedora related channels you wish to. You can take this opportunity to choose a new secure password and make sure you are connecting via SSL. There is good documentation about choosing an IRC client at https://libera.chat/guides/clients
If you are a Matrix user, we ask for your patience as we get bridges setup on the new network. If you were joined to rooms via the generic freenode bridge, you will need to leave them and rejoin the fedora rooms in matrix (which will be plumbed with the Libera channels)
As of 2021-05-28 our official IRC presence is on irc.libera.chat.
Many Fedora channels have moved over and are ready on Libera.Chat. However, less-used channels have not be automatically setup. If you need a specific #fedora-* IRC channel setup, please file a ticket at http://pagure.io/irc requesting the channel.
New channels should have the same name as they did on freenode. For example: #fedora, #fedora-admin, #fedora-devel, and #fedora-join.
If you would like a fedora IRC 'cloak' you can request it at:
https://fedoraproject.org/wiki/LiberaCloaks
(an IRC cloak obfuscates your client host address and shows 'fedora' instead). Please note that cloaks are not foolproof, there are ways for people to still get your IP, but they do make it more difficult for people to obtain your IP.
Also, look for upcoming exciting announcements around Fedora's Matrix presence.
If you are a current IRC user, please go and register your nick(s) on Libera.Chat ( https://libera.chat/guides/registration#registering ) and rejoin the #fedora related channels you wish to. You can take this opportunity to choose a new secure password and make sure you are connecting via SSL. There is good documentation about choosing an IRC client at https://libera.chat/guides/clients
If you are a Matrix user, we ask for your patience as we get bridges setup on the new network. If you were joined to rooms via the generic freenode bridge, you will need to leave them and rejoin the fedora rooms in matrix (which will be plumbed with the Libera channels)
As of 2021-05-28 our official IRC presence is on irc.libera.chat.
Many Fedora channels have moved over and are ready on Libera.Chat. However, less-used channels have not be automatically setup. If you need a specific #fedora-* IRC channel setup, please file a ticket at http://pagure.io/irc requesting the channel.
New channels should have the same name as they did on freenode. For example: #fedora, #fedora-admin, #fedora-devel, and #fedora-join.
If you would like a fedora IRC 'cloak' you can request it at:
https://fedoraproject.org/wiki/LiberaCloaks
(an IRC cloak obfuscates your client host address and shows 'fedora' instead). Please note that cloaks are not foolproof, there are ways for people to still get your IP, but they do make it more difficult for people to obtain your IP.
Also, look for upcoming exciting announcements around Fedora's Matrix presence.
nb
Re: Fedora elections voting now open
You are reminded that voting in the F34 election cycle is open through
23:59 UTC on Thursday 3 June.
On Thu, May 20, 2021 at 8:00 PM Ben Cotton <bcotton@redhat.com> wrote:
>
> Voting in the Fedora Linux 34 elections is now open. Go to the
> Elections app[1] to cast your vote. Voting closes at 23:59 UTC on
> Thursday 3 June. Don't forget to claim your "I Voted" badge when you
> cast your ballot. Links to candidate interviews are in the Elections
> app and on the Community Blog[2].
>
> [1] https://elections.fedoraproject.org/
> [2] https://communityblog.fedoraproject.org/f34-elections-voting-now-open/
>
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
23:59 UTC on Thursday 3 June.
On Thu, May 20, 2021 at 8:00 PM Ben Cotton <bcotton@redhat.com> wrote:
>
> Voting in the Fedora Linux 34 elections is now open. Go to the
> Elections app[1] to cast your vote. Voting closes at 23:59 UTC on
> Thursday 3 June. Don't forget to claim your "I Voted" badge when you
> cast your ballot. Links to candidate interviews are in the Elections
> app and on the Community Blog[2].
>
> [1] https://elections.fedoraproject.org/
> [2] https://communityblog.fedoraproject.org/f34-elections-voting-now-open/
>
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
F35 Change: Support using a GPT partition table in Kickstart (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/InstallGPTwithKickstart
== Summary ==
Add support for configuring GPT partition table in kickstart without
requiring a custom pre-installation script or a custom boot script.
[[Category:SystemWideChange]]
== Owners ==
* Name: [[User:Davdunc|David Duncan]], [[User:Chrismurphy|Chris
Murphy]], [[User:Salimma|Michel Alexandre Salim]],
[[User:Dcavalca|Davide Cavalca]], [[User:Ngompa|Neal Gompa]],
[[User:Dustymabe|Dusty Mabe]]
* Email: davdunc@amazon.com, chrismurphy@fedoraproject.org,
michel@michel-slm.name, dcavalca@fb.com, ngompa13@gmail.com,
dusty@dustymabe.com
* Products: Fedora Cloud Edition
* Responsible WGs: Fedora Cloud WG
== Detailed Description ==
Fedora Cloud Edition wants to use a GPT partition table; however, it
is not possible
to force the creation of an image with the GPT partition table with
our current tooling
because Anaconda requires setting <code>inst.gpt</code> as a kernel
boot parameter
to do it. This Change proposes to add a way to declare this via kickstart so
that the Cloud Edition image builds can create images using the GPT
partition table
using the current tooling (which is built on Anaconda).
== Benefit to Fedora ==
Users will be able to install systems with a GPT partition table via
kickstart without
requiring an extensive custom pre-installation script or a custom boot
script. Disk images
produced using the Anaconda tooling (Oz/ImageFactory, Lorax) can also
trivially make
images with GPT partition tables. This makes it possible to create
hybrid BIOS+UEFI boot
images, given [[Changes/UnifyGrubConfig|the changes to GRUB
configuration from Fedora Linux 34]].
== Scope ==
* Proposal Owners
** Review and discuss with the Anaconda maintainers and determine the
next steps for support of the inst.gpt in pykickstart
** Work with Anaconda maintainers to implement in Anaconda
* Release engineering: [https://pagure.io/releng/issue/10137 #10137]
* Policies and guidelines: N/A
* Trademark approval: N/A
== How to test ==
Build images using virt-install with kickstarts that have the option
set. Verify that the disk partition table is properly configured as
GPT. Verify that without the option set, it uses legacy MBR.
== User Experience ==
* Allows for the use of the standard pykickstart directive for
specifying the preference for GPT partition.
== Dependencies ==
* Anaconda [https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#inst-gpt
inst.gpt]
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
Add support for configuring GPT partition table in kickstart without
requiring a custom pre-installation script or a custom boot script.
[[Category:SystemWideChange]]
== Owners ==
* Name: [[User:Davdunc|David Duncan]], [[User:Chrismurphy|Chris
Murphy]], [[User:Salimma|Michel Alexandre Salim]],
[[User:Dcavalca|Davide Cavalca]], [[User:Ngompa|Neal Gompa]],
[[User:Dustymabe|Dusty Mabe]]
* Email: davdunc@amazon.com, chrismurphy@fedoraproject.org,
michel@michel-slm.name, dcavalca@fb.com, ngompa13@gmail.com,
dusty@dustymabe.com
* Products: Fedora Cloud Edition
* Responsible WGs: Fedora Cloud WG
== Detailed Description ==
Fedora Cloud Edition wants to use a GPT partition table; however, it
is not possible
to force the creation of an image with the GPT partition table with
our current tooling
because Anaconda requires setting <code>inst.gpt</code> as a kernel
boot parameter
to do it. This Change proposes to add a way to declare this via kickstart so
that the Cloud Edition image builds can create images using the GPT
partition table
using the current tooling (which is built on Anaconda).
== Benefit to Fedora ==
Users will be able to install systems with a GPT partition table via
kickstart without
requiring an extensive custom pre-installation script or a custom boot
script. Disk images
produced using the Anaconda tooling (Oz/ImageFactory, Lorax) can also
trivially make
images with GPT partition tables. This makes it possible to create
hybrid BIOS+UEFI boot
images, given [[Changes/UnifyGrubConfig|the changes to GRUB
configuration from Fedora Linux 34]].
== Scope ==
* Proposal Owners
** Review and discuss with the Anaconda maintainers and determine the
next steps for support of the inst.gpt in pykickstart
** Work with Anaconda maintainers to implement in Anaconda
* Release engineering: [https://pagure.io/releng/issue/10137 #10137]
* Policies and guidelines: N/A
* Trademark approval: N/A
== How to test ==
Build images using virt-install with kickstarts that have the option
set. Verify that the disk partition table is properly configured as
GPT. Verify that without the option set, it uses legacy MBR.
== User Experience ==
* Allows for the use of the standard pykickstart directive for
specifying the preference for GPT partition.
== Dependencies ==
* Anaconda [https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#inst-gpt
inst.gpt]
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[USN-4967-2] nginx vulnerability
==========================================================================
Ubuntu Security Notice USN-4967-2
May 27, 2021
nginx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
nginx could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
USN-4967-1 fixed a vulnerability in nginx. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
nginx 1.10.3-0ubuntu0.16.04.5+esm1
nginx-common 1.10.3-0ubuntu0.16.04.5+esm1
nginx-core 1.10.3-0ubuntu0.16.04.5+esm1
nginx-extras 1.10.3-0ubuntu0.16.04.5+esm1
nginx-full 1.10.3-0ubuntu0.16.04.5+esm1
nginx-light 1.10.3-0ubuntu0.16.04.5+esm1
Ubuntu 14.04 ESM:
nginx 1.4.6-1ubuntu3.9+esm2
nginx-common 1.4.6-1ubuntu3.9+esm2
nginx-core 1.4.6-1ubuntu3.9+esm2
nginx-extras 1.4.6-1ubuntu3.9+esm2
nginx-full 1.4.6-1ubuntu3.9+esm2
nginx-light 1.4.6-1ubuntu3.9+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4967-2
https://ubuntu.com/security/notices/USN-4967-1
CVE-2021-23017
Ubuntu Security Notice USN-4967-2
May 27, 2021
nginx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
nginx could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
USN-4967-1 fixed a vulnerability in nginx. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
nginx 1.10.3-0ubuntu0.16.04.5+esm1
nginx-common 1.10.3-0ubuntu0.16.04.5+esm1
nginx-core 1.10.3-0ubuntu0.16.04.5+esm1
nginx-extras 1.10.3-0ubuntu0.16.04.5+esm1
nginx-full 1.10.3-0ubuntu0.16.04.5+esm1
nginx-light 1.10.3-0ubuntu0.16.04.5+esm1
Ubuntu 14.04 ESM:
nginx 1.4.6-1ubuntu3.9+esm2
nginx-common 1.4.6-1ubuntu3.9+esm2
nginx-core 1.4.6-1ubuntu3.9+esm2
nginx-extras 1.4.6-1ubuntu3.9+esm2
nginx-full 1.4.6-1ubuntu3.9+esm2
nginx-light 1.4.6-1ubuntu3.9+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4967-2
https://ubuntu.com/security/notices/USN-4967-1
CVE-2021-23017
[USN-4969-2] DHCP vulnerability
==========================================================================
Ubuntu Security Notice USN-4969-2
May 27, 2021
isc-dhcp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
DHCP could be made to crash if it received specially crafted network
traffic.
Software Description:
- isc-dhcp: DHCP server and client
Details:
USN-4969-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
isc-dhcp-client 4.3.3-5ubuntu12.10+esm1
isc-dhcp-server 4.3.3-5ubuntu12.10+esm1
Ubuntu 14.04 ESM:
isc-dhcp-client 4.2.4-7ubuntu12.13+esm1
isc-dhcp-server 4.2.4-7ubuntu12.13+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4969-2
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-25217
Ubuntu Security Notice USN-4969-2
May 27, 2021
isc-dhcp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
DHCP could be made to crash if it received specially crafted network
traffic.
Software Description:
- isc-dhcp: DHCP server and client
Details:
USN-4969-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
isc-dhcp-client 4.3.3-5ubuntu12.10+esm1
isc-dhcp-server 4.3.3-5ubuntu12.10+esm1
Ubuntu 14.04 ESM:
isc-dhcp-client 4.2.4-7ubuntu12.13+esm1
isc-dhcp-server 4.2.4-7ubuntu12.13+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4969-2
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-25217
[USN-4969-1] DHCP vulnerability
==========================================================================
Ubuntu Security Notice USN-4969-1
May 27, 2021
isc-dhcp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
DHCP could be made to crash if it received specially crafted network
traffic.
Software Description:
- isc-dhcp: DHCP server and client
Details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
isc-dhcp-client 4.4.1-2.2ubuntu6.1
isc-dhcp-server 4.4.1-2.2ubuntu6.1
Ubuntu 20.10:
isc-dhcp-client 4.4.1-2.1ubuntu10.1
isc-dhcp-server 4.4.1-2.1ubuntu10.1
Ubuntu 20.04 LTS:
isc-dhcp-client 4.4.1-2.1ubuntu5.20.04.2
isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.2
Ubuntu 18.04 LTS:
isc-dhcp-client 4.3.5-3ubuntu7.3
isc-dhcp-server 4.3.5-3ubuntu7.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-25217
Package Information:
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.2ubuntu6.1
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.1ubuntu10.1
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.1ubuntu5.20.04.2
https://launchpad.net/ubuntu/+source/isc-dhcp/4.3.5-3ubuntu7.3
Ubuntu Security Notice USN-4969-1
May 27, 2021
isc-dhcp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
DHCP could be made to crash if it received specially crafted network
traffic.
Software Description:
- isc-dhcp: DHCP server and client
Details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
isc-dhcp-client 4.4.1-2.2ubuntu6.1
isc-dhcp-server 4.4.1-2.2ubuntu6.1
Ubuntu 20.10:
isc-dhcp-client 4.4.1-2.1ubuntu10.1
isc-dhcp-server 4.4.1-2.1ubuntu10.1
Ubuntu 20.04 LTS:
isc-dhcp-client 4.4.1-2.1ubuntu5.20.04.2
isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.2
Ubuntu 18.04 LTS:
isc-dhcp-client 4.3.5-3ubuntu7.3
isc-dhcp-server 4.3.5-3ubuntu7.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4969-1
CVE-2021-25217
Package Information:
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.2ubuntu6.1
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.1ubuntu10.1
https://launchpad.net/ubuntu/+source/isc-dhcp/4.4.1-2.1ubuntu5.20.04.2
https://launchpad.net/ubuntu/+source/isc-dhcp/4.3.5-3ubuntu7.3
Wednesday, May 26, 2021
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:16.bc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:16.bc Errata Notice
The FreeBSD Project
Topic: dc update
Category: contrib
Module: bc
Announced: 2021-05-26
Affects: FreeBSD 13.0
FreeBSD 12.2 (only when built with option WITH_GH_BC)
Corrected: 2021-04-06 08:44:52 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:32:40 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-04-06 08:44:52 UTC (stable/12, 12.2-STABLE)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The program dc provides a simple stack-based programming language that uses
a reverse Polish notation. Although it is a fully functional language, it
has been used primarily as a computational engine by the program bc, which
implements a more traditional language based on infix notation of operands.
In FreeBSD 13.0 and in custom builds of FreeBSD 12.2-STABLE (with the
non-default option WITH_GH_BC) the traditional implementations of bc and dc
have been replaced by a single program under both names that provides better
POSIX conformance of the bc language, compatibility with GNU bc extensions,
and significantly improved performance of big number calculations.
II. Problem Description
The "P" command of the dc language outputs the top-of-stack value and should
consume it, but in this version leaves it on the stack. This problem only
affects direct dc command scripts that use "P" and rely on its effect on the
stack (i.e., do not terminate after this command and have references to stack
elements that are hidden by the value that has not been removed).
III. Impact
Since dc has been used very little as a general purpose programming language,
only a very small number of dc scripts exist, and most of them are used to
describe the language for educational purposes only. This issue has existed
in this implementation of dc for at least 3 years without having been
noticed.
If a dc script relies on the correct semantics of a "P" instruction, it will
not execute subsequent instructions correctly, which may result in incorrect
output or in an infinite loop.
IV. Workaround
The math/gh-bc port and the gh-bc package have been updated to correct the
issue and are fully compatible with this version in all other aspects.
They can be installed in addition to the base system versions of bc and
dc but may require a change of scripts that use dc to invoke the version
installed below LOCALBASE.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:16/bc.patch
# fetch https://security.FreeBSD.org/patches/EN-21:16/bc.patch.asc
# gpg --verify bc.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 0ca6ce5e976a stable/13-n245186
releng/13.0/ 312510880e2e releng/13.0-n244742
stable/12/ r369589
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:16.bc.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6u0ACgkQ05eS9J6n
5cK2Ww//Th4xtnGjvJ/GSGUq+eLMDPLJzUJhRI0jgjDVqI8tL5JMyxcui1oR0/Ur
+0GvR7JSYJ+WYLLIMHwnP3DYzyHp7ICRhCJoykwa4yKVpcdLcvX0R8Nm+2/fBC02
PDFAvnO4HVdOJdqM5rNzA4/Y150HYj30bDXrry0RKaHKYDgp6SVc9+2T7o5zHJSX
x49TiHSVwHCjvnauIFqqFldTz1eGUMMxlisyxD9sP6efkYS49C/25O/xhwdqmrtx
HvhTdFsOr0FgPsMUSvLVcuYJOcW+/1Q+5CM/rjMyQ1VkdP/5UqFGoXHfZuiTvrRY
9pXjymwk1MyUYzEn3vu7B1ZDqJptZ4DRok4La/ylOlVVWq2hUKYtJUQja9u9O2wt
YjBvdAF/wjkr3t93qwsoWwiTP3tuPADtccfQ18rSNmN12405hAVKfLvvGDQ/mTZn
lnDHOpMQXMvuChYdf2VYOX67S7yhxV4+ThrEJkopcdCOOxYRN8A6ePmPyVg+HqHw
WcAGWWPZjm/o0r2SKJi5SM6cwJUMOQAF/hVw02NiK2uY5aXuZlIVDPgHR/LfoDce
juLKfBWAw3om7nPOF7dDXkJDN/HZ03IQM6DOStK7zvytCctxNq2+eVgSb4g/3yvs
mpvGMP1DLQywSOvmp00B8mLws9rcQbe8rUI6rR2hb9kMCcfTHIU=
=MITo
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:16.bc Errata Notice
The FreeBSD Project
Topic: dc update
Category: contrib
Module: bc
Announced: 2021-05-26
Affects: FreeBSD 13.0
FreeBSD 12.2 (only when built with option WITH_GH_BC)
Corrected: 2021-04-06 08:44:52 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:32:40 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-04-06 08:44:52 UTC (stable/12, 12.2-STABLE)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The program dc provides a simple stack-based programming language that uses
a reverse Polish notation. Although it is a fully functional language, it
has been used primarily as a computational engine by the program bc, which
implements a more traditional language based on infix notation of operands.
In FreeBSD 13.0 and in custom builds of FreeBSD 12.2-STABLE (with the
non-default option WITH_GH_BC) the traditional implementations of bc and dc
have been replaced by a single program under both names that provides better
POSIX conformance of the bc language, compatibility with GNU bc extensions,
and significantly improved performance of big number calculations.
II. Problem Description
The "P" command of the dc language outputs the top-of-stack value and should
consume it, but in this version leaves it on the stack. This problem only
affects direct dc command scripts that use "P" and rely on its effect on the
stack (i.e., do not terminate after this command and have references to stack
elements that are hidden by the value that has not been removed).
III. Impact
Since dc has been used very little as a general purpose programming language,
only a very small number of dc scripts exist, and most of them are used to
describe the language for educational purposes only. This issue has existed
in this implementation of dc for at least 3 years without having been
noticed.
If a dc script relies on the correct semantics of a "P" instruction, it will
not execute subsequent instructions correctly, which may result in incorrect
output or in an infinite loop.
IV. Workaround
The math/gh-bc port and the gh-bc package have been updated to correct the
issue and are fully compatible with this version in all other aspects.
They can be installed in addition to the base system versions of bc and
dc but may require a change of scripts that use dc to invoke the version
installed below LOCALBASE.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:16/bc.patch
# fetch https://security.FreeBSD.org/patches/EN-21:16/bc.patch.asc
# gpg --verify bc.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 0ca6ce5e976a stable/13-n245186
releng/13.0/ 312510880e2e releng/13.0-n244742
stable/12/ r369589
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:16.bc.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6u0ACgkQ05eS9J6n
5cK2Ww//Th4xtnGjvJ/GSGUq+eLMDPLJzUJhRI0jgjDVqI8tL5JMyxcui1oR0/Ur
+0GvR7JSYJ+WYLLIMHwnP3DYzyHp7ICRhCJoykwa4yKVpcdLcvX0R8Nm+2/fBC02
PDFAvnO4HVdOJdqM5rNzA4/Y150HYj30bDXrry0RKaHKYDgp6SVc9+2T7o5zHJSX
x49TiHSVwHCjvnauIFqqFldTz1eGUMMxlisyxD9sP6efkYS49C/25O/xhwdqmrtx
HvhTdFsOr0FgPsMUSvLVcuYJOcW+/1Q+5CM/rjMyQ1VkdP/5UqFGoXHfZuiTvrRY
9pXjymwk1MyUYzEn3vu7B1ZDqJptZ4DRok4La/ylOlVVWq2hUKYtJUQja9u9O2wt
YjBvdAF/wjkr3t93qwsoWwiTP3tuPADtccfQ18rSNmN12405hAVKfLvvGDQ/mTZn
lnDHOpMQXMvuChYdf2VYOX67S7yhxV4+ThrEJkopcdCOOxYRN8A6ePmPyVg+HqHw
WcAGWWPZjm/o0r2SKJi5SM6cwJUMOQAF/hVw02NiK2uY5aXuZlIVDPgHR/LfoDce
juLKfBWAw3om7nPOF7dDXkJDN/HZ03IQM6DOStK7zvytCctxNq2+eVgSb4g/3yvs
mpvGMP1DLQywSOvmp00B8mLws9rcQbe8rUI6rR2hb9kMCcfTHIU=
=MITo
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:15.virtio
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:15.virtio Errata Notice
The FreeBSD Project
Topic: virtio(4) device probing fails
Category: core
Module: virtio
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-04-03 06:09:50 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:32:40 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
VirtIO is a specification for para-virtualized I/O in a virtual machine
(VM). It defines an interface for efficient I/O between the hypervisor
and VM.
II. Problem Description
The virtio(4) driver on FreeBSD implemented support of the legacy
interface, which was released before the specification was formalized,
requiring certain characteristics that were different on some VMM
implementations.
III. Impact
FreeBSD will not boot on certain VMM implementations.
IV. Workaround
No workaround is available.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:15/virtio.patch
# fetch https://security.FreeBSD.org/patches/EN-21:15/virtio.patch.asc
# gpg --verify virtio.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 2e107638eac2 stable/13-n245094
releng/13.0/ 61acb3179a90 releng/13.0-n244741
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:15.virtio.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cLlmA/5AR5G9Ifb34fJVhj4PT4rUiSj41mbdECbNKTgdPD2zBkedAI9Nc4w2xcG
+/i7hhePMCe8jfIwgw6eWW3UlJWx9XAtR0r/HsPxUt+glopPNcK9xr2OSY2h/jSo
EkFE3JdhTvSwapIH4VNku1PULXXMQWxI3E5Ccd4mEFz/uchq7Q83koE136M2UyXR
XXk9AsxmuNrG/dlWi5MhbUuljqkXY2O160ErIrNivHiOVHIxtiX/snEX6Q4srE2Q
YmdAC07p64xB+3c2ZkFrA/4Khp/XRO8wRwbNE8FhGiVUwlYL2a/BB1Ldq84UbdOl
ISEPr564SfhV2bSFs7PM6iHRXdD46K0/7O42X6ZswIhwN1IN+mkTW/LkYdPMpLn2
S7lmV9ulgOBkAqHQ//+7gcOMPerNXwZ0Rcnf8SY8aOqOkgIVIXG0XocOl/nBJ9CZ
Syq7vuFly9EijTYtLonNv3XtTjB9Z5UjwBJPnmNGS6JYgbJQVpjllchLkb+cv5Kt
jVnC5YiuOAaNJ8XjqfjhyHXZrSkVmdYINRohn1y2tojNkn3jRMCYJMB0EvIugCqU
oCKmMn8R3m87723ylm5CykXmxgkSR3rfsvwzvioEFojcC+sgB5H5tdcP0XLvqg52
DP9Rnq+j0YfNs/Ud+dcIpI4/7ANduVu+WKsd58w+H3lPmkrP9aE=
=Cr4I
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:15.virtio Errata Notice
The FreeBSD Project
Topic: virtio(4) device probing fails
Category: core
Module: virtio
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-04-03 06:09:50 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:32:40 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
VirtIO is a specification for para-virtualized I/O in a virtual machine
(VM). It defines an interface for efficient I/O between the hypervisor
and VM.
II. Problem Description
The virtio(4) driver on FreeBSD implemented support of the legacy
interface, which was released before the specification was formalized,
requiring certain characteristics that were different on some VMM
implementations.
III. Impact
FreeBSD will not boot on certain VMM implementations.
IV. Workaround
No workaround is available.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:15/virtio.patch
# fetch https://security.FreeBSD.org/patches/EN-21:15/virtio.patch.asc
# gpg --verify virtio.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 2e107638eac2 stable/13-n245094
releng/13.0/ 61acb3179a90 releng/13.0-n244741
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:15.virtio.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cLlmA/5AR5G9Ifb34fJVhj4PT4rUiSj41mbdECbNKTgdPD2zBkedAI9Nc4w2xcG
+/i7hhePMCe8jfIwgw6eWW3UlJWx9XAtR0r/HsPxUt+glopPNcK9xr2OSY2h/jSo
EkFE3JdhTvSwapIH4VNku1PULXXMQWxI3E5Ccd4mEFz/uchq7Q83koE136M2UyXR
XXk9AsxmuNrG/dlWi5MhbUuljqkXY2O160ErIrNivHiOVHIxtiX/snEX6Q4srE2Q
YmdAC07p64xB+3c2ZkFrA/4Khp/XRO8wRwbNE8FhGiVUwlYL2a/BB1Ldq84UbdOl
ISEPr564SfhV2bSFs7PM6iHRXdD46K0/7O42X6ZswIhwN1IN+mkTW/LkYdPMpLn2
S7lmV9ulgOBkAqHQ//+7gcOMPerNXwZ0Rcnf8SY8aOqOkgIVIXG0XocOl/nBJ9CZ
Syq7vuFly9EijTYtLonNv3XtTjB9Z5UjwBJPnmNGS6JYgbJQVpjllchLkb+cv5Kt
jVnC5YiuOAaNJ8XjqfjhyHXZrSkVmdYINRohn1y2tojNkn3jRMCYJMB0EvIugCqU
oCKmMn8R3m87723ylm5CykXmxgkSR3rfsvwzvioEFojcC+sgB5H5tdcP0XLvqg52
DP9Rnq+j0YfNs/Ud+dcIpI4/7ANduVu+WKsd58w+H3lPmkrP9aE=
=Cr4I
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:14.pms
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:14.pms Errata Notice
The FreeBSD Project
Topic: pms(4) data corruption
Category: core
Module: pms
Announced: 2021-05-26
Affects: FreeBSD 12.2 and later.
Corrected: 2021-04-23 01:05:42 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:30:23 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-04-23 01:11:07 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:15 UTC (releng/12.2, 12.2-RELEASE-p7)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
pms(4) is a driver for PMC-Sierra disk controllers.
II. Problem Description
Two problems are fixed by this update.
First, the pms(4) driver did not correctly handle the new kern.maxphys
value set in FreeBSD 13.0. The devices supported by the driver impose a
limit on the maximum I/O size, and this limit is smaller than the new
default.
Second, the pms(4) driver did not correctly handle some error cases in
the I/O path and would falsely report success to upper layers.
III. Impact
The bugs may cause data corruption.
IV. Workaround
No workaround is available. Systems not using pms(4) are unaffected.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 13.0]
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.13.patch
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.13.patch.asc
# gpg --verify pms.13.patch.asc
[FreeBSD 12.2]
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.12.patch
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.12.patch.asc
# gpg --verify pms.12.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 6514cb18d94e stable/13-n245322
releng/13.0/ b62d492067ba releng/13.0-n244736
stable/12/ r369655
releng/12.2/ r369861
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:14.pms.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cJZWg/8DEsOaseewourLWezA+HeV2aHfsNf96qa4O7oAOUGtCm7nKi7jodIiLB1
DiX8YqskrVav36lLxgyQazSCF84xB1YsNP4EiOzjeIoZyirR8+KiG37CunGhUDPg
8mPCE1+WBzHlcDwAEexldi+b88ehEqADbZiGWAsBcXYqhwaXoF6zUkgp5WFRWKzu
Kiq7Wjs7FGkAp38O4UKduybpubSyUjHCeShEGyZvevJQE4kAZKzv1+Q+spUeIBLP
P99p+vidIFIpX4uq0GgjF1GLuz4ym1tRZwu4jlJ0Vhr0KjqTWwxoMZ0m+0+SwKit
dqPLQ/rj1vBiCScU7rIS49wfT6vtujH9gPt4GI5mTY8++4hDkfRvS4D5we9RgIo+
0j3NIAf0cb47V6nPSOBwAqkFwjtGu7rhtGgmmp1Pmf0v8I/EqRCgIekexMVW294u
L9pyH3LalHqi/GcuMn8emTPiJ6+5a1e+EBKXtnoX5tJvenkSXAl6eV7BuETaaMOc
zvMheSzvcnn+h2jIA1Mizfv9BIglRNakIxzJpSxugQWTzAQ7PutzqSaLCsn9byp3
590cBmbmVdAFEuqIdz5I/d3BwpF24myNmYFtRlxT115jaOV8ta2qKg4GryMOCUL2
R+zE2+d1JT+/Ra1wm2vfWIUb1pPQUIIvQ8m2rGhiok0Nlc7C7O0=
=nfsk
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:14.pms Errata Notice
The FreeBSD Project
Topic: pms(4) data corruption
Category: core
Module: pms
Announced: 2021-05-26
Affects: FreeBSD 12.2 and later.
Corrected: 2021-04-23 01:05:42 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:30:23 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-04-23 01:11:07 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:15 UTC (releng/12.2, 12.2-RELEASE-p7)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
pms(4) is a driver for PMC-Sierra disk controllers.
II. Problem Description
Two problems are fixed by this update.
First, the pms(4) driver did not correctly handle the new kern.maxphys
value set in FreeBSD 13.0. The devices supported by the driver impose a
limit on the maximum I/O size, and this limit is smaller than the new
default.
Second, the pms(4) driver did not correctly handle some error cases in
the I/O path and would falsely report success to upper layers.
III. Impact
The bugs may cause data corruption.
IV. Workaround
No workaround is available. Systems not using pms(4) are unaffected.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 13.0]
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.13.patch
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.13.patch.asc
# gpg --verify pms.13.patch.asc
[FreeBSD 12.2]
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.12.patch
# fetch https://security.FreeBSD.org/patches/EN-21:14/pms.12.patch.asc
# gpg --verify pms.12.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 6514cb18d94e stable/13-n245322
releng/13.0/ b62d492067ba releng/13.0-n244736
stable/12/ r369655
releng/12.2/ r369861
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:14.pms.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cJZWg/8DEsOaseewourLWezA+HeV2aHfsNf96qa4O7oAOUGtCm7nKi7jodIiLB1
DiX8YqskrVav36lLxgyQazSCF84xB1YsNP4EiOzjeIoZyirR8+KiG37CunGhUDPg
8mPCE1+WBzHlcDwAEexldi+b88ehEqADbZiGWAsBcXYqhwaXoF6zUkgp5WFRWKzu
Kiq7Wjs7FGkAp38O4UKduybpubSyUjHCeShEGyZvevJQE4kAZKzv1+Q+spUeIBLP
P99p+vidIFIpX4uq0GgjF1GLuz4ym1tRZwu4jlJ0Vhr0KjqTWwxoMZ0m+0+SwKit
dqPLQ/rj1vBiCScU7rIS49wfT6vtujH9gPt4GI5mTY8++4hDkfRvS4D5we9RgIo+
0j3NIAf0cb47V6nPSOBwAqkFwjtGu7rhtGgmmp1Pmf0v8I/EqRCgIekexMVW294u
L9pyH3LalHqi/GcuMn8emTPiJ6+5a1e+EBKXtnoX5tJvenkSXAl6eV7BuETaaMOc
zvMheSzvcnn+h2jIA1Mizfv9BIglRNakIxzJpSxugQWTzAQ7PutzqSaLCsn9byp3
590cBmbmVdAFEuqIdz5I/d3BwpF24myNmYFtRlxT115jaOV8ta2qKg4GryMOCUL2
R+zE2+d1JT+/Ra1wm2vfWIUb1pPQUIIvQ8m2rGhiok0Nlc7C7O0=
=nfsk
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:13.mpt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:13.mpt Errata Notice
The FreeBSD Project
Topic: mpt(4) I/O errors with a large maxphys value
Category: core
Module: mpt
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-04-24 00:43:14 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:29:54 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
mpt(4) is a driver for LSI disk controllers.
II. Problem Description
The mpt(4) driver did not correctly handle I/O requests larger than or
equal to 2MB and would incorrectly report errors. The I/O request size
is limited by the value of the kern.maxphys tunable and the default
value is below this threshold.
III. Impact
With kern.maxphys set to 2MB or larger, I/O to mpt(4) devices will not
work correctly.
IV. Workaround
To work around the problem, ensure that the kern.maxphys value is kept
at its default value.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:13/mpt.patch
# fetch https://security.FreeBSD.org/patches/EN-21:13/mpt.patch.asc
# gpg --verify mpt.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ f0077b4c1dcf stable/13-n245384
releng/13.0/ a8a91efa74e0 releng/13.0-n244734
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:13.mpt.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cJB6A//bXZXr5CaQJeZYCt88W4EXHaf9vZSLE0p3umoNE2V7bXFsfKPN+mQJKmB
KFOHD8PZstnG0MX4D30t8gzxeLaadO3XhzifE8bRCa49Xiibdg0eL/XqQWylyVkm
Qpyi4QIqmfPijNVFFf9FFv+1I+ERhF66isqzcWravucZZn+nV26eKaPBSPzRv7pz
qbDxW3JHXNZOo6qJJiN71mPwlOleiY4ZcIsR1iz0uf2Uo7qu69YyecPkDnj0lbxT
2CrH2JV7sLXRkAHn9gujk50nu4iyUkWFsgo7dQZ34yEFXqicQMMAkiFpVadJvFgz
FXcLVBbKCuuI0yr5vV6/jms36FQVBtWlZGJx/BKg5jGhj8deSireP4BsyttfWdQA
6zLGtyKghFAmG9o9XCzOtast9LUd0ggK3RIe4GzxImWe2mWAnQPEp7QQD0sqmYzW
XDzF5rwHzdYDTtnp+fQ9rLKhKsunMwk3tCslnb3sO4Ai2bXm+wjV4t6nresmAZDT
fJlKU8XyIhzHy33rUe1JGhv+iuNbORA7dS07XYrB70T80HOFMNo1vOy4NE2A41TJ
plPXCjIdOZBkZsmy16uYLMnljRzYgBLejr/4QnSbKxEtUGJiog8osnGnFC6wCzgy
XyscM8G2tL6jvmAVuKDLDiiBRZtc7ZEGHGjTpABLccPOmbcq4fk=
=Ch28
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:13.mpt Errata Notice
The FreeBSD Project
Topic: mpt(4) I/O errors with a large maxphys value
Category: core
Module: mpt
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-04-24 00:43:14 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:29:54 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
mpt(4) is a driver for LSI disk controllers.
II. Problem Description
The mpt(4) driver did not correctly handle I/O requests larger than or
equal to 2MB and would incorrectly report errors. The I/O request size
is limited by the value of the kern.maxphys tunable and the default
value is below this threshold.
III. Impact
With kern.maxphys set to 2MB or larger, I/O to mpt(4) devices will not
work correctly.
IV. Workaround
To work around the problem, ensure that the kern.maxphys value is kept
at its default value.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:13/mpt.patch
# fetch https://security.FreeBSD.org/patches/EN-21:13/mpt.patch.asc
# gpg --verify mpt.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ f0077b4c1dcf stable/13-n245384
releng/13.0/ a8a91efa74e0 releng/13.0-n244734
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:13.mpt.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6uwACgkQ05eS9J6n
5cJB6A//bXZXr5CaQJeZYCt88W4EXHaf9vZSLE0p3umoNE2V7bXFsfKPN+mQJKmB
KFOHD8PZstnG0MX4D30t8gzxeLaadO3XhzifE8bRCa49Xiibdg0eL/XqQWylyVkm
Qpyi4QIqmfPijNVFFf9FFv+1I+ERhF66isqzcWravucZZn+nV26eKaPBSPzRv7pz
qbDxW3JHXNZOo6qJJiN71mPwlOleiY4ZcIsR1iz0uf2Uo7qu69YyecPkDnj0lbxT
2CrH2JV7sLXRkAHn9gujk50nu4iyUkWFsgo7dQZ34yEFXqicQMMAkiFpVadJvFgz
FXcLVBbKCuuI0yr5vV6/jms36FQVBtWlZGJx/BKg5jGhj8deSireP4BsyttfWdQA
6zLGtyKghFAmG9o9XCzOtast9LUd0ggK3RIe4GzxImWe2mWAnQPEp7QQD0sqmYzW
XDzF5rwHzdYDTtnp+fQ9rLKhKsunMwk3tCslnb3sO4Ai2bXm+wjV4t6nresmAZDT
fJlKU8XyIhzHy33rUe1JGhv+iuNbORA7dS07XYrB70T80HOFMNo1vOy4NE2A41TJ
plPXCjIdOZBkZsmy16uYLMnljRzYgBLejr/4QnSbKxEtUGJiog8osnGnFC6wCzgy
XyscM8G2tL6jvmAVuKDLDiiBRZtc7ZEGHGjTpABLccPOmbcq4fk=
=Ch28
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:12.divert
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:12.divert Errata Notice
The FreeBSD Project
Topic: Kernel double free when transmitting on a divert socket
Category: core
Module: divert(4)
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-05-10 13:36:08 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:30:51 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
divert(4) sockets are a facility that permit firewalls to transmit a
copy of a packet to a userspace process. They may also be used by
userspace programs to inject packets into the IP packet processing
stack. In the FreeBSD base system, the only user of divert(4) sockets
is natd(8).
II. Problem Description
A bug in the error handling of transmission on a divert(4) socket could
result in a double free of an mbuf.
III. Impact
Systems making use of divert(4) may misbehave or panic in a
non-deterministic manner.
IV. Workaround
No workaround is available. Systems not making use of divert(4) sockets
are unaffected. divert(4) sockets appear in sockstat(8) output as using
protocol "div".
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:12/divert.patch
# fetch https://security.FreeBSD.org/patches/EN-21:12/divert.patch.asc
# gpg --verify divert.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ eafeee082c50 stable/13-n245578
releng/13.0/ 22b58630d6ba releng/13.0-n244737
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255104>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:12.divert.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6usACgkQ05eS9J6n
5cJ/mw//SPzrCBbMJBWgwhQiJpI50BRgXWBFneThy2f5+2LWsg5gh1OJjqhqk+s9
6PAHxujsUM15zAUQhwv5g+Z6g1l9j2Zy4kPsCN/QJR1zL51zqabOdOnqmAOom6gQ
nbXS2Fsh43dqCx3S+uEviC7U62kbU7CRXAhCI3wsHwRAyvzuXcUWizazp1hYllDE
IZ5LqJG/t9ZrMgMd3KabCoIVHFgPANZaBpSSFPhnDZxz7mvGVN4XtX2RYOht9f2B
xN05YSwmSLcB8EE1TQmjgcD6/K3hrPvkeFC0qSe9F66SJakuX19vfiWF2mrN/SO1
fIILHtCaHcs2IWVzKK4FG01t3r3o7TkAnux+R4T7aMMh8LGbYiGtYCrlzaIN45aZ
bEA4aNqpZl1J1DtnthTnhNsd3R6Cq7f/hjtGNxYrSp6QLECPb4FhqVUig7m3p0s4
a3Y5m3govOnTaRppmSt7aoXGd/yQDDc4YfIbqkWa/z3IabbW+cVUH5+uexmdLy+y
WJl/sNqznQPKPGDtPq39Ez1Pt6+TsOAowG4TXbNmaIk8C00KjFWnr+XcNS4GAhnd
QK+B2N9TQpBTSgwVMhDnjNIptEjE75VmpW3yAlQt6FL1DlVcAgZ5dgVeGHHPI+NZ
ONMpO+ifh/sRUDLH4QMviMoNi23ngkFdjo1Cq10DrIrxP4wDh6E=
=yWIx
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:12.divert Errata Notice
The FreeBSD Project
Topic: Kernel double free when transmitting on a divert socket
Category: core
Module: divert(4)
Announced: 2021-05-26
Affects: FreeBSD 13.0
Corrected: 2021-05-10 13:36:08 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:30:51 UTC (releng/13.0, 13.0-RELEASE-p1)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
divert(4) sockets are a facility that permit firewalls to transmit a
copy of a packet to a userspace process. They may also be used by
userspace programs to inject packets into the IP packet processing
stack. In the FreeBSD base system, the only user of divert(4) sockets
is natd(8).
II. Problem Description
A bug in the error handling of transmission on a divert(4) socket could
result in a double free of an mbuf.
III. Impact
Systems making use of divert(4) may misbehave or panic in a
non-deterministic manner.
IV. Workaround
No workaround is available. Systems not making use of divert(4) sockets
are unaffected. divert(4) sockets appear in sockstat(8) output as using
protocol "div".
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:12/divert.patch
# fetch https://security.FreeBSD.org/patches/EN-21:12/divert.patch.asc
# gpg --verify divert.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ eafeee082c50 stable/13-n245578
releng/13.0/ 22b58630d6ba releng/13.0-n244737
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
VII. References
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255104>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:12.divert.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6usACgkQ05eS9J6n
5cJ/mw//SPzrCBbMJBWgwhQiJpI50BRgXWBFneThy2f5+2LWsg5gh1OJjqhqk+s9
6PAHxujsUM15zAUQhwv5g+Z6g1l9j2Zy4kPsCN/QJR1zL51zqabOdOnqmAOom6gQ
nbXS2Fsh43dqCx3S+uEviC7U62kbU7CRXAhCI3wsHwRAyvzuXcUWizazp1hYllDE
IZ5LqJG/t9ZrMgMd3KabCoIVHFgPANZaBpSSFPhnDZxz7mvGVN4XtX2RYOht9f2B
xN05YSwmSLcB8EE1TQmjgcD6/K3hrPvkeFC0qSe9F66SJakuX19vfiWF2mrN/SO1
fIILHtCaHcs2IWVzKK4FG01t3r3o7TkAnux+R4T7aMMh8LGbYiGtYCrlzaIN45aZ
bEA4aNqpZl1J1DtnthTnhNsd3R6Cq7f/hjtGNxYrSp6QLECPb4FhqVUig7m3p0s4
a3Y5m3govOnTaRppmSt7aoXGd/yQDDc4YfIbqkWa/z3IabbW+cVUH5+uexmdLy+y
WJl/sNqznQPKPGDtPq39Ez1Pt6+TsOAowG4TXbNmaIk8C00KjFWnr+XcNS4GAhnd
QK+B2N9TQpBTSgwVMhDnjNIptEjE75VmpW3yAlQt6FL1DlVcAgZ5dgVeGHHPI+NZ
ONMpO+ifh/sRUDLH4QMviMoNi23ngkFdjo1Cq10DrIrxP4wDh6E=
=yWIx
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:12.libradius
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-21:12.libradius Security Advisory
The FreeBSD Project
Topic: Missing message validation in libradius(3)
Category: core
Module: libradius
Announced: 2021-05-26
Credits: leommxj and Swings from Chaitin Security Research Lab
Affects: All supported versions of FreeBSD.
Corrected: 2021-05-26 19:45:31 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:36:29 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-05-26 20:39:35 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:23 UTC (releng/12.2, 12.2-RELEASE-p7)
2021-05-26 20:41:31 UTC (stable/11, 11.4-STABLE)
2021-05-26 20:41:58 UTC (releng/11.4, 11.4-RELEASE-p10)
CVE Name: CVE-2021-29629
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
libradius(3) is a client and server library implementing the Remote
Authentication Dial In User Service (RADIUS) protocol. It is used by
pam_radius(8) and mpd5 (available in the ports tree as net/mpd5).
II. Problem Description
libradius did not perform sufficient validation of received messages.
rad_get_attr(3) did not verify that the attribute length is valid before
subtracting the length of the Type and Length fields. As a result, it
could return success while also providing a bogus length of SIZE_T_MAX -
2 for the Value field.
When processing attributes to find an optional authenticator,
is_valid_response() failed to verify that each attribute length is
non-zero and could thus enter an infinite loop.
III. Impact
A server may use libradius(3) to process messages from RADIUS clients.
In this case, a malicious client could trigger a denial-of-service in
the server. A client using libradius(3) to process messages from a
server is susceptible to the same problem.
The impact of the rad_get_attr(3) bug depends on how the returned length
is validated and used by the consumer. It is possible that libradius(3)
applications will crash or enter an infinite loop when calling
rad_get_attr(3) on untrusted RADIUS messages.
IV. Workaround
No workaround is available. Systems not making use of libradius(3) are
unaffected.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 13.0, 12.2]
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.patch
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.patch.asc
# gpg --verify libradius.patch.asc
[FreeBSD 11.4]
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.11.patch
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.11.patch.asc
# gpg --verify libradius.11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the library, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ bec0d2c9c841 stable/13-n245765
releng/13.0/ 7d900abe6269 releng/13.0-n244743
stable/12/ r369859
releng/12.2/ r369864
stable/11/ r369866
releng/11.4/ r369867
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29629>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:12.libradius.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6vMACgkQ05eS9J6n
5cLBUQ//aEsqwU/okABtOEAYbr87TSl0eHpmnNjfLS/OHgkQ7FPIBCpF2ThifBk3
t84F9q5ILOizrc916hT4RzFkTdHwVOGJCk7uEWwYCkHnDOIIzsbKD8Jzv+nKJf2P
hyrm5aVmRyEgwImZFv3158dmaK+AvrrFoWOwZDW+A1zBDrf/EgCKCAFTn9I72wZI
1HoPkO8I4lJYTDKkr1AQ2Xh0fHYwcP5myvGZFwIJftmG6BbETgAzfPPiwiMC/dN4
ZUkyyZI9O+kfzRH+iIchEt+kls7m0eXIt5EQmVAyCj76Npa0zCPXa5pPLJ9no6N7
YT2nuuOGQUeriaMo1P9PeMhGECOcdW96DWuXGKsTjGei70634eADxmv8tjR0Vndm
VPbi3f9O4d8Yqsr+ioNm1dwT8kgbChbTBob/r6NyIWqJVsinIVSI+u9U7aCAlxpK
6grc9FUZDHpGdP2DqdE5iZ4WSkjh7yZR9676sHmIvdnNkUT5LonxP8iDmGbexlLZ
mGAiNNaI19hEeaf+1AyF0l8/VZdvgZsjoSYUtATqYH6aO4xF6MMzirKYtfbphrdj
+BwVyZB4WRU0S71v2zkz7wAlErQnwRI+CYvZFxe7jyMkk5C70btxZllAs9dgYsHE
DL7SugtvoKb/eBtIfSCSf6fe+MW1poIG0G7T26K5crHNiUxHYvY=
=yqoJ
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-SA-21:12.libradius Security Advisory
The FreeBSD Project
Topic: Missing message validation in libradius(3)
Category: core
Module: libradius
Announced: 2021-05-26
Credits: leommxj and Swings from Chaitin Security Research Lab
Affects: All supported versions of FreeBSD.
Corrected: 2021-05-26 19:45:31 UTC (stable/13, 13.0-STABLE)
2021-05-26 20:36:29 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-05-26 20:39:35 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:23 UTC (releng/12.2, 12.2-RELEASE-p7)
2021-05-26 20:41:31 UTC (stable/11, 11.4-STABLE)
2021-05-26 20:41:58 UTC (releng/11.4, 11.4-RELEASE-p10)
CVE Name: CVE-2021-29629
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
libradius(3) is a client and server library implementing the Remote
Authentication Dial In User Service (RADIUS) protocol. It is used by
pam_radius(8) and mpd5 (available in the ports tree as net/mpd5).
II. Problem Description
libradius did not perform sufficient validation of received messages.
rad_get_attr(3) did not verify that the attribute length is valid before
subtracting the length of the Type and Length fields. As a result, it
could return success while also providing a bogus length of SIZE_T_MAX -
2 for the Value field.
When processing attributes to find an optional authenticator,
is_valid_response() failed to verify that each attribute length is
non-zero and could thus enter an infinite loop.
III. Impact
A server may use libradius(3) to process messages from RADIUS clients.
In this case, a malicious client could trigger a denial-of-service in
the server. A client using libradius(3) to process messages from a
server is susceptible to the same problem.
The impact of the rad_get_attr(3) bug depends on how the returned length
is validated and used by the consumer. It is possible that libradius(3)
applications will crash or enter an infinite loop when calling
rad_get_attr(3) on untrusted RADIUS messages.
IV. Workaround
No workaround is available. Systems not making use of libradius(3) are
unaffected.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
[FreeBSD 13.0, 12.2]
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.patch
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.patch.asc
# gpg --verify libradius.patch.asc
[FreeBSD 11.4]
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.11.patch
# fetch https://security.FreeBSD.org/patches/SA-21:12/libradius.11.patch.asc
# gpg --verify libradius.11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the library, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ bec0d2c9c841 stable/13-n245765
releng/13.0/ 7d900abe6269 releng/13.0-n244743
stable/12/ r369859
releng/12.2/ r369864
stable/11/ r369866
releng/11.4/ r369867
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29629>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:12.libradius.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6vMACgkQ05eS9J6n
5cLBUQ//aEsqwU/okABtOEAYbr87TSl0eHpmnNjfLS/OHgkQ7FPIBCpF2ThifBk3
t84F9q5ILOizrc916hT4RzFkTdHwVOGJCk7uEWwYCkHnDOIIzsbKD8Jzv+nKJf2P
hyrm5aVmRyEgwImZFv3158dmaK+AvrrFoWOwZDW+A1zBDrf/EgCKCAFTn9I72wZI
1HoPkO8I4lJYTDKkr1AQ2Xh0fHYwcP5myvGZFwIJftmG6BbETgAzfPPiwiMC/dN4
ZUkyyZI9O+kfzRH+iIchEt+kls7m0eXIt5EQmVAyCj76Npa0zCPXa5pPLJ9no6N7
YT2nuuOGQUeriaMo1P9PeMhGECOcdW96DWuXGKsTjGei70634eADxmv8tjR0Vndm
VPbi3f9O4d8Yqsr+ioNm1dwT8kgbChbTBob/r6NyIWqJVsinIVSI+u9U7aCAlxpK
6grc9FUZDHpGdP2DqdE5iZ4WSkjh7yZR9676sHmIvdnNkUT5LonxP8iDmGbexlLZ
mGAiNNaI19hEeaf+1AyF0l8/VZdvgZsjoSYUtATqYH6aO4xF6MMzirKYtfbphrdj
+BwVyZB4WRU0S71v2zkz7wAlErQnwRI+CYvZFxe7jyMkk5C70btxZllAs9dgYsHE
DL7SugtvoKb/eBtIfSCSf6fe+MW1poIG0G7T26K5crHNiUxHYvY=
=yqoJ
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:11.aesni
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-21:11.aesni Errata Notice
The FreeBSD Project
Topic: Race condition in aesni(4) encrypt-then-auth operations
Category: core
Module: aesni
Announced: 2021-05-26
Affects: FreeBSD 12.2
Corrected: 2021-04-27 19:16:35 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:11 UTC (releng/12.2, 12.2-RELEASE-p7)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The aesni(4) driver provides implementations of various cryptographic
operations using specialized CPU instructions available on contemporary Intel
and AMD CPUs. This provides improved throughput relative to pure software
implementations of the same operations.
II. Problem Description
aesni(4) implements SHA-1 and SHA-2 and can compute HMACs using these
functions. One step of the HMAC computation involves the computation of a
derived key. This step was implemented such that if multiple threads were
concurrently computing an HMAC using the same crypto(9) session, the kernel's
copy of the session key could be corrupted.
III. Impact
This bug could cause aesni(4) to return incorrect digests of input data,
or incorrect report a digest verification failure.
Since the bug is only triggered when multiple threads are sharing a crypto(9)
session, some consumers are unaffected. For example, geli(8) will not trigger
the bug. It is possible to trigger the bug with IPSec or KGSSAPI, or via
crypto(4) if the underlying application is multithreaded and shares sessions
among multiple threads.
IV. Workaround
The aesni(4) kernel module may be unloaded to work around the problem. Note
that this may incur a substantial hit to performance.
Workloads not making use of HMAC-based authentication using aesni(4) are
unaffected. For example, aesni(4) implements AES-GCM, and that implementation
is not susceptible to this problem.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:11/aesni.patch
# fetch https://security.FreeBSD.org/patches/EN-21:11/aesni.patch.asc
# gpg --verify aesni.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/12/ r369665
releng/12.2/ r369860
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251462>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:11.aesni.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6t4ACgkQ05eS9J6n
5cJdUBAAor2SfwygnujBNtepn8miqhACwa2P/8HZo1G68JTrHzRp8U8l/iLhTIwn
FF/aylaIg3uiFkb5V68yi9YKo4a8kIK0U/J805n8WUFFTS5OiwLkI3mLKC3vHMUD
d2gvBaAjPeBNjlNanFp8WpdNsCXvJq9CBXECQnwsnNJ1zpSSsTwm/T48pIeRpk/T
sYpyaLgEjsXl0tx0VkW2wwk7tNSQx0K7BouzqrwbQku18GW9ybETfQh5NE+Mz2+S
T1e3A4y2VNWXpDqCgHwl7+X7NX3FH2wGI56G3Xv781zJY5jq+UjxoXyLGVY56y3P
KvCgqnPavLZgER3ui/bqro3DR3uN6P3hb/Jg/3ChrNVuf9U0hElblWzQ3KQ/y2J8
21YSuVvclMu4cfWfGcOYA8uXBQCUUYHAMKzenzmj9kZYMWaSZHpn/aibaYWZEO/U
hsDfeJRbR1hIVOdKGUmGrcWc2BVAQw/xHyAIn1IEBvCO9JRl09VPLNU6q19mrquH
GoQ0NRaWg6v+spHJeuiv3wreLjr/mfznk+I4Cz/CT3cVbm7b4gJXerObIWKnEyFI
Cj8ySvkhFAVdWcLIOJPrlIgxY5IoVr/raRuKhJ7kmFkELfUd1HK81e9QdpdzKYOH
hKWROGEBMr6bG17rqMY+tZmlx6wKVtf8mJCQHomQSi3Q7J2DRO0=
=KdoV
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-EN-21:11.aesni Errata Notice
The FreeBSD Project
Topic: Race condition in aesni(4) encrypt-then-auth operations
Category: core
Module: aesni
Announced: 2021-05-26
Affects: FreeBSD 12.2
Corrected: 2021-04-27 19:16:35 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:11 UTC (releng/12.2, 12.2-RELEASE-p7)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
The aesni(4) driver provides implementations of various cryptographic
operations using specialized CPU instructions available on contemporary Intel
and AMD CPUs. This provides improved throughput relative to pure software
implementations of the same operations.
II. Problem Description
aesni(4) implements SHA-1 and SHA-2 and can compute HMACs using these
functions. One step of the HMAC computation involves the computation of a
derived key. This step was implemented such that if multiple threads were
concurrently computing an HMAC using the same crypto(9) session, the kernel's
copy of the session key could be corrupted.
III. Impact
This bug could cause aesni(4) to return incorrect digests of input data,
or incorrect report a digest verification failure.
Since the bug is only triggered when multiple threads are sharing a crypto(9)
session, some consumers are unaffected. For example, geli(8) will not trigger
the bug. It is possible to trigger the bug with IPSec or KGSSAPI, or via
crypto(4) if the underlying application is multithreaded and shares sessions
among multiple threads.
IV. Workaround
The aesni(4) kernel module may be unloaded to work around the problem. Note
that this may incur a substantial hit to performance.
Workloads not making use of HMAC-based authentication using aesni(4) are
unaffected. For example, aesni(4) implements AES-GCM, and that implementation
is not susceptible to this problem.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-21:11/aesni.patch
# fetch https://security.FreeBSD.org/patches/EN-21:11/aesni.patch.asc
# gpg --verify aesni.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/12/ r369665
releng/12.2/ r369860
- -------------------------------------------------------------------------
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=251462>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:11.aesni.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6t4ACgkQ05eS9J6n
5cJdUBAAor2SfwygnujBNtepn8miqhACwa2P/8HZo1G68JTrHzRp8U8l/iLhTIwn
FF/aylaIg3uiFkb5V68yi9YKo4a8kIK0U/J805n8WUFFTS5OiwLkI3mLKC3vHMUD
d2gvBaAjPeBNjlNanFp8WpdNsCXvJq9CBXECQnwsnNJ1zpSSsTwm/T48pIeRpk/T
sYpyaLgEjsXl0tx0VkW2wwk7tNSQx0K7BouzqrwbQku18GW9ybETfQh5NE+Mz2+S
T1e3A4y2VNWXpDqCgHwl7+X7NX3FH2wGI56G3Xv781zJY5jq+UjxoXyLGVY56y3P
KvCgqnPavLZgER3ui/bqro3DR3uN6P3hb/Jg/3ChrNVuf9U0hElblWzQ3KQ/y2J8
21YSuVvclMu4cfWfGcOYA8uXBQCUUYHAMKzenzmj9kZYMWaSZHpn/aibaYWZEO/U
hsDfeJRbR1hIVOdKGUmGrcWc2BVAQw/xHyAIn1IEBvCO9JRl09VPLNU6q19mrquH
GoQ0NRaWg6v+spHJeuiv3wreLjr/mfznk+I4Cz/CT3cVbm7b4gJXerObIWKnEyFI
Cj8ySvkhFAVdWcLIOJPrlIgxY5IoVr/raRuKhJ7kmFkELfUd1HK81e9QdpdzKYOH
hKWROGEBMr6bG17rqMY+tZmlx6wKVtf8mJCQHomQSi3Q7J2DRO0=
=KdoV
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:11.smap
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-21:11.smap Security Advisory
The FreeBSD Project
Topic: SMAP bypass
Category: core
Module: amd64
Announced: 2021-05-26
Credits: I lost my dog if you see him please contact me at @m00nbsd.
Affects: FreeBSD 12.2 and later.
Corrected: 2021-05-26 19:18:54 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:31:50 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-05-26 19:30:31 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:20 UTC (releng/12.2, 12.2-RELEASE-p7)
CVE Name: CVE-2021-29628
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
Supervisor Mode Access Prevention (SMAP) is a security feature
implemented by contemporary Intel and AMD CPUs. When enabled, it
ensures that accesses to user memory by the kernel trigger a page fault
and a subsequent kernel panic. This helps mitigate the security
implications of kernel bugs that permit an attacker to read from or
write to user memory from the kernel.
The kernel may legitimately need to copy data between userspace and the
kernel. To enable this, SMAP is temporarily disabled in the subroutines
which handle this copying, so only small, specially designated portions
of the kernel should be executed with SMAP disabled.
II. Problem Description
The FreeBSD kernel enables SMAP during boot when the CPU reports that
the SMAP capability is present. Subroutines such as copyin() and
copyout() are responsible for disabling SMAP around the sections of code
that perform user memory accesses.
Such subroutines must handle page faults triggered when user memory is
not mapped. The kernel's page fault handler checks the validity of the
fault, and if it is indeed valid it will map a page and resume copying.
If the fault is invalid, the fault handler returns control to a
trampoline which aborts the operation and causes an error to be
returned. In this second scenario, a bug in the implementation of SMAP
support meant that SMAP would remain disabled until the thread returns
to user mode.
III. Impact
This bug may be used to bypass the protections provided by SMAP for the
duration of a system call. It could thus be combined with other kernel
bugs to craft an exploit.
IV. Workaround
No workaround is available. On hardware that does not implement SMAP,
the bug is inconsequential as the mitigation does not exist in the first
place.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date
and reboot.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for a security update"
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-21:11/smap.patch
# fetch https://security.FreeBSD.org/patches/SA-21:11/smap.patch.asc
# gpg --verify smap.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 876ffe28796c stable/13-n245764
releng/13.0/ f32130a1955e releng/13.0-n244739
stable/12/ r369857
releng/12.2/ r369863
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29628>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6vIACgkQ05eS9J6n
5cJagg//Yy30r/Dq2rgoY7p31CoF/jXDDqNEhqyJTcWoDY2M5THXBficHxWW68lE
YLfndQRgz4oT7QNgxgnW0PYa0iHLiNFxZoI8lOcILpvHereXy0gEvLVPCstY7NY9
+jZnY7seLfSH+Y+VS5sjXbveMSMxovKzpp1rOrHVxJK7YeGY7YDqsK9pQ8Jk+4pE
XlhOvhugL0qE4Fxj4qI5ClGmqDvyNXxlGWWwVtzZV2jYN1bdmZ0g88+HgJI1FcUr
E2KIk1XwVidhQC8GJk9v7D/Bg4nYdq59Dozv4tu9IFfPkV+xl3qbgtXN5qJ0bp+u
Y3NCEgq8Aoz60Xebulw1XBfvJFkLqUEthenYKtMSc9hN+QgAM9c9eQreRawTNezK
aUSl+hUt9D6oVHh1Ki+OIhAgF+pAKN+7ARfcn2Ot57/TNbO1T9/C5mMd/hhQOkyj
wJwj3nSLkUVQTNR9ntyyIj44XFRijtzG4foAJDuozfzC+hD82jSgXpCGnLwH6Gyx
n0yIM1LbDZWrvAJ9W+uQmGJ1nv12Tzt24cDCSQ+zJjuTNfCso3bQ9b/IrXomBAwp
waYpEOujzjaM7XdI9F4vb69XGX9mbKO67MoXgwlVowaRvVUBM0jAkaRo1gknF1sO
CXLuogbOomTHcutlBsXtF0FBphLFx7YA8w4jtWnjnFW7wBzZ5dQ=
=/4r7
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-SA-21:11.smap Security Advisory
The FreeBSD Project
Topic: SMAP bypass
Category: core
Module: amd64
Announced: 2021-05-26
Credits: I lost my dog if you see him please contact me at @m00nbsd.
Affects: FreeBSD 12.2 and later.
Corrected: 2021-05-26 19:18:54 UTC (stable/13, 13.0-STABLE)
2021-05-26 19:31:50 UTC (releng/13.0, 13.0-RELEASE-p1)
2021-05-26 19:30:31 UTC (stable/12, 12.2-STABLE)
2021-05-26 20:40:20 UTC (releng/12.2, 12.2-RELEASE-p7)
CVE Name: CVE-2021-29628
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
Supervisor Mode Access Prevention (SMAP) is a security feature
implemented by contemporary Intel and AMD CPUs. When enabled, it
ensures that accesses to user memory by the kernel trigger a page fault
and a subsequent kernel panic. This helps mitigate the security
implications of kernel bugs that permit an attacker to read from or
write to user memory from the kernel.
The kernel may legitimately need to copy data between userspace and the
kernel. To enable this, SMAP is temporarily disabled in the subroutines
which handle this copying, so only small, specially designated portions
of the kernel should be executed with SMAP disabled.
II. Problem Description
The FreeBSD kernel enables SMAP during boot when the CPU reports that
the SMAP capability is present. Subroutines such as copyin() and
copyout() are responsible for disabling SMAP around the sections of code
that perform user memory accesses.
Such subroutines must handle page faults triggered when user memory is
not mapped. The kernel's page fault handler checks the validity of the
fault, and if it is indeed valid it will map a page and resume copying.
If the fault is invalid, the fault handler returns control to a
trampoline which aborts the operation and causes an error to be
returned. In this second scenario, a bug in the implementation of SMAP
support meant that SMAP would remain disabled until the thread returns
to user mode.
III. Impact
This bug may be used to bypass the protections provided by SMAP for the
duration of a system call. It could thus be combined with other kernel
bugs to craft an exploit.
IV. Workaround
No workaround is available. On hardware that does not implement SMAP,
the bug is inconsequential as the mitigation does not exist in the first
place.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date
and reboot.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for a security update"
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-21:11/smap.patch
# fetch https://security.FreeBSD.org/patches/SA-21:11/smap.patch.asc
# gpg --verify smap.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 876ffe28796c stable/13-n245764
releng/13.0/ f32130a1955e releng/13.0-n244739
stable/12/ r369857
releng/12.2/ r369863
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29628>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:11.smap.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmCu6vIACgkQ05eS9J6n
5cJagg//Yy30r/Dq2rgoY7p31CoF/jXDDqNEhqyJTcWoDY2M5THXBficHxWW68lE
YLfndQRgz4oT7QNgxgnW0PYa0iHLiNFxZoI8lOcILpvHereXy0gEvLVPCstY7NY9
+jZnY7seLfSH+Y+VS5sjXbveMSMxovKzpp1rOrHVxJK7YeGY7YDqsK9pQ8Jk+4pE
XlhOvhugL0qE4Fxj4qI5ClGmqDvyNXxlGWWwVtzZV2jYN1bdmZ0g88+HgJI1FcUr
E2KIk1XwVidhQC8GJk9v7D/Bg4nYdq59Dozv4tu9IFfPkV+xl3qbgtXN5qJ0bp+u
Y3NCEgq8Aoz60Xebulw1XBfvJFkLqUEthenYKtMSc9hN+QgAM9c9eQreRawTNezK
aUSl+hUt9D6oVHh1Ki+OIhAgF+pAKN+7ARfcn2Ot57/TNbO1T9/C5mMd/hhQOkyj
wJwj3nSLkUVQTNR9ntyyIj44XFRijtzG4foAJDuozfzC+hD82jSgXpCGnLwH6Gyx
n0yIM1LbDZWrvAJ9W+uQmGJ1nv12Tzt24cDCSQ+zJjuTNfCso3bQ9b/IrXomBAwp
waYpEOujzjaM7XdI9F4vb69XGX9mbKO67MoXgwlVowaRvVUBM0jAkaRo1gknF1sO
CXLuogbOomTHcutlBsXtF0FBphLFx7YA8w4jtWnjnFW7wBzZ5dQ=
=/4r7
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
您好 想和您洽谈合作
我是靖飞公司朱静,我看到贵公司的产品比较符合我公司的要求,想与你洽谈一下,我来此的目的是为了询问一下与贵公司建立合作关系的可能性,可以加一下我的微信:13962538785 电话也是这个
[USN-4968-1] LZ4 vulnerability
==========================================================================
Ubuntu Security Notice USN-4968-1
May 26, 2021
lz4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
LZ4 could be made to crash or run programs if it opened a specially crafted
file.
Software Description:
- lz4: Extremely fast compression algorithm
Details:
It was discovered that LZ4 incorrectly handled certain memory operations.
If a user or automated system were tricked into uncompressing a specially-
crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
liblz4-1 1.9.3-1ubuntu0.1
Ubuntu 20.10:
liblz4-1 1.9.2-2ubuntu0.20.10.1
Ubuntu 20.04 LTS:
liblz4-1 1.9.2-2ubuntu0.20.04.1
Ubuntu 18.04 LTS:
liblz4-1 0.0~r131-2ubuntu3.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4968-1
CVE-2021-3520
Package Information:
https://launchpad.net/ubuntu/+source/lz4/1.9.3-1ubuntu0.1
https://launchpad.net/ubuntu/+source/lz4/1.9.2-2ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/lz4/1.9.2-2ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/lz4/0.0~r131-2ubuntu3.1
Ubuntu Security Notice USN-4968-1
May 26, 2021
lz4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
LZ4 could be made to crash or run programs if it opened a specially crafted
file.
Software Description:
- lz4: Extremely fast compression algorithm
Details:
It was discovered that LZ4 incorrectly handled certain memory operations.
If a user or automated system were tricked into uncompressing a specially-
crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
liblz4-1 1.9.3-1ubuntu0.1
Ubuntu 20.10:
liblz4-1 1.9.2-2ubuntu0.20.10.1
Ubuntu 20.04 LTS:
liblz4-1 1.9.2-2ubuntu0.20.04.1
Ubuntu 18.04 LTS:
liblz4-1 0.0~r131-2ubuntu3.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4968-1
CVE-2021-3520
Package Information:
https://launchpad.net/ubuntu/+source/lz4/1.9.3-1ubuntu0.1
https://launchpad.net/ubuntu/+source/lz4/1.9.2-2ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/lz4/1.9.2-2ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/lz4/0.0~r131-2ubuntu3.1
[USN-4967-1] nginx vulnerability
==========================================================================
Ubuntu Security Notice USN-4967-1
May 26, 2021
nginx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
nginx could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
nginx 1.18.0-6ubuntu8.2
nginx-common 1.18.0-6ubuntu8.2
nginx-core 1.18.0-6ubuntu8.2
nginx-extras 1.18.0-6ubuntu8.2
nginx-full 1.18.0-6ubuntu8.2
nginx-light 1.18.0-6ubuntu8.2
Ubuntu 20.10:
nginx 1.18.0-6ubuntu2.2
nginx-common 1.18.0-6ubuntu2.2
nginx-core 1.18.0-6ubuntu2.2
nginx-extras 1.18.0-6ubuntu2.2
nginx-full 1.18.0-6ubuntu2.2
nginx-light 1.18.0-6ubuntu2.2
Ubuntu 20.04 LTS:
nginx 1.18.0-0ubuntu1.2
nginx-common 1.18.0-0ubuntu1.2
nginx-core 1.18.0-0ubuntu1.2
nginx-extras 1.18.0-0ubuntu1.2
nginx-full 1.18.0-0ubuntu1.2
nginx-light 1.18.0-0ubuntu1.2
Ubuntu 18.04 LTS:
nginx 1.14.0-0ubuntu1.9
nginx-common 1.14.0-0ubuntu1.9
nginx-core 1.14.0-0ubuntu1.9
nginx-extras 1.14.0-0ubuntu1.9
nginx-full 1.14.0-0ubuntu1.9
nginx-light 1.14.0-0ubuntu1.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4967-1
CVE-2021-23017
Package Information:
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu8.2
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu2.2
https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.9
Ubuntu Security Notice USN-4967-1
May 26, 2021
nginx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
nginx could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
nginx 1.18.0-6ubuntu8.2
nginx-common 1.18.0-6ubuntu8.2
nginx-core 1.18.0-6ubuntu8.2
nginx-extras 1.18.0-6ubuntu8.2
nginx-full 1.18.0-6ubuntu8.2
nginx-light 1.18.0-6ubuntu8.2
Ubuntu 20.10:
nginx 1.18.0-6ubuntu2.2
nginx-common 1.18.0-6ubuntu2.2
nginx-core 1.18.0-6ubuntu2.2
nginx-extras 1.18.0-6ubuntu2.2
nginx-full 1.18.0-6ubuntu2.2
nginx-light 1.18.0-6ubuntu2.2
Ubuntu 20.04 LTS:
nginx 1.18.0-0ubuntu1.2
nginx-common 1.18.0-0ubuntu1.2
nginx-core 1.18.0-0ubuntu1.2
nginx-extras 1.18.0-0ubuntu1.2
nginx-full 1.18.0-0ubuntu1.2
nginx-light 1.18.0-0ubuntu1.2
Ubuntu 18.04 LTS:
nginx 1.14.0-0ubuntu1.9
nginx-common 1.14.0-0ubuntu1.9
nginx-core 1.14.0-0ubuntu1.9
nginx-extras 1.14.0-0ubuntu1.9
nginx-full 1.14.0-0ubuntu1.9
nginx-light 1.14.0-0ubuntu1.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4967-1
CVE-2021-23017
Package Information:
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu8.2
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu2.2
https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.9
Tuesday, May 25, 2021
Fedora Linux 32 End Of Life
Hello all,
As of the 25th of May 2021, Fedora Linux 32 has reached its end of
life for updates and support. No further updates, including security
updates, will be available for Fedora 32. All the updates that are
currently in testing won't get pushed to stable. Fedora 33 will
continue to receive updates until approximately one month after the
release of Fedora 35. The maintenance schedule of Fedora releases is
documented on the Fedora Project wiki [0]. The Fedora Project wiki
also contains instructions [1] on how to upgrade from a previous
release of Fedora to a version receiving updates.
Mohan Boddu.
[0] https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
[1] https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
As of the 25th of May 2021, Fedora Linux 32 has reached its end of
life for updates and support. No further updates, including security
updates, will be available for Fedora 32. All the updates that are
currently in testing won't get pushed to stable. Fedora 33 will
continue to receive updates until approximately one month after the
release of Fedora 35. The maintenance schedule of Fedora releases is
documented on the Fedora Project wiki [0]. The Fedora Project wiki
also contains instructions [1] on how to upgrade from a previous
release of Fedora to a version receiving updates.
Mohan Boddu.
[0] https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Maintenance_Schedule
[1] https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[USN-4966-2] libx11 vulnerability
==========================================================================
Ubuntu Security Notice USN-4966-2
May 25, 2021
libx11 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
libx11 could allow unintended access to services.
Software Description:
- libx11: X11 client-side library
Details:
USN-4966-1 fixed a vulnerability in libx11. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libx11-6 2:1.6.3-1ubuntu2.2+esm1
Ubuntu 14.04 ESM:
libx11-6 2:1.6.2-1ubuntu2.1+esm2
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4966-2
https://ubuntu.com/security/notices/USN-4966-1
CVE-2021-31535
Ubuntu Security Notice USN-4966-2
May 25, 2021
libx11 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
libx11 could allow unintended access to services.
Software Description:
- libx11: X11 client-side library
Details:
USN-4966-1 fixed a vulnerability in libx11. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libx11-6 2:1.6.3-1ubuntu2.2+esm1
Ubuntu 14.04 ESM:
libx11-6 2:1.6.2-1ubuntu2.1+esm2
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4966-2
https://ubuntu.com/security/notices/USN-4966-1
CVE-2021-31535
[USN-4965-2] Apport vulnerabilities
==========================================================================
Ubuntu Security Notice USN-4965-2
May 25, 2021
apport vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Apport.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
USN-4965-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
apport 2.20.1-0ubuntu2.30+esm1
python-apport 2.20.1-0ubuntu2.30+esm1
python3-apport 2.20.1-0ubuntu2.30+esm1
Ubuntu 14.04 ESM:
apport 2.14.1-0ubuntu3.29+esm7
python-apport 2.14.1-0ubuntu3.29+esm7
python3-apport 2.14.1-0ubuntu3.29+esm7
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4965-2
https://ubuntu.com/security/notices/USN-4965-1
CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
CVE-2021-32555, CVE-2021-32556, CVE-2021-32557
Ubuntu Security Notice USN-4965-2
May 25, 2021
apport vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Apport.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
USN-4965-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
apport 2.20.1-0ubuntu2.30+esm1
python-apport 2.20.1-0ubuntu2.30+esm1
python3-apport 2.20.1-0ubuntu2.30+esm1
Ubuntu 14.04 ESM:
apport 2.14.1-0ubuntu3.29+esm7
python-apport 2.14.1-0ubuntu3.29+esm7
python3-apport 2.14.1-0ubuntu3.29+esm7
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4965-2
https://ubuntu.com/security/notices/USN-4965-1
CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
CVE-2021-32555, CVE-2021-32556, CVE-2021-32557
[USN-4965-1] Apport vulnerabilities
==========================================================================
Ubuntu Security Notice USN-4965-1
May 25, 2021
apport vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Apport.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
apport 2.20.11-0ubuntu65.1
python3-apport 2.20.11-0ubuntu65.1
Ubuntu 20.10:
apport 2.20.11-0ubuntu50.7
python3-apport 2.20.11-0ubuntu50.7
Ubuntu 20.04 LTS:
apport 2.20.11-0ubuntu27.18
python3-apport 2.20.11-0ubuntu27.18
Ubuntu 18.04 LTS:
apport 2.20.9-0ubuntu7.24
python-apport 2.20.9-0ubuntu7.24
python3-apport 2.20.9-0ubuntu7.24
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4965-1
CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
CVE-2021-32555, CVE-2021-32556, CVE-2021-32557
Package Information:
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu65.1
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu50.7
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.18
https://launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.24
Ubuntu Security Notice USN-4965-1
May 25, 2021
apport vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in Apport.
Software Description:
- apport: automatically generate crash reports for debugging
Details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
apport 2.20.11-0ubuntu65.1
python3-apport 2.20.11-0ubuntu65.1
Ubuntu 20.10:
apport 2.20.11-0ubuntu50.7
python3-apport 2.20.11-0ubuntu50.7
Ubuntu 20.04 LTS:
apport 2.20.11-0ubuntu27.18
python3-apport 2.20.11-0ubuntu27.18
Ubuntu 18.04 LTS:
apport 2.20.9-0ubuntu7.24
python-apport 2.20.9-0ubuntu7.24
python3-apport 2.20.9-0ubuntu7.24
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4965-1
CVE-2021-32547, CVE-2021-32548, CVE-2021-32549, CVE-2021-32550,
CVE-2021-32551, CVE-2021-32552, CVE-2021-32553, CVE-2021-32554,
CVE-2021-32555, CVE-2021-32556, CVE-2021-32557
Package Information:
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu65.1
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu50.7
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.18
https://launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.24
[USN-4966-1] libx11 vulnerability
==========================================================================
Ubuntu Security Notice USN-4966-1
May 25, 2021
libx11 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
libx11 could allow unintended access to services.
Software Description:
- libx11: X11 client-side library
Details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
libx11-6 2:1.7.0-2ubuntu0.1
Ubuntu 20.10:
libx11-6 2:1.6.12-1ubuntu0.1
Ubuntu 20.04 LTS:
libx11-6 2:1.6.9-2ubuntu1.2
Ubuntu 18.04 LTS:
libx11-6 2:1.6.4-3ubuntu0.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4966-1
CVE-2021-31535
Package Information:
https://launchpad.net/ubuntu/+source/libx11/2:1.7.0-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.12-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.9-2ubuntu1.2
https://launchpad.net/ubuntu/+source/libx11/2:1.6.4-3ubuntu0.4
Ubuntu Security Notice USN-4966-1
May 25, 2021
libx11 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
libx11 could allow unintended access to services.
Software Description:
- libx11: X11 client-side library
Details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
libx11-6 2:1.7.0-2ubuntu0.1
Ubuntu 20.10:
libx11-6 2:1.6.12-1ubuntu0.1
Ubuntu 20.04 LTS:
libx11-6 2:1.6.9-2ubuntu1.2
Ubuntu 18.04 LTS:
libx11-6 2:1.6.4-3ubuntu0.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4966-1
CVE-2021-31535
Package Information:
https://launchpad.net/ubuntu/+source/libx11/2:1.7.0-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.12-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.9-2ubuntu1.2
https://launchpad.net/ubuntu/+source/libx11/2:1.6.4-3ubuntu0.4
F35 Change: Make btrfs the default file system for Fedora Cloud (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/FedoraCloudBtrfsByDefault
== Summary ==
For cloud installs of Fedora, we want to provide advanced file system
features to users in a transparent fashion. Thus, we are changing the
file system for the Cloud Edition to Btrfs so we can leverage its
features and capabilities to improve the quality of experience for
Cloud users.
== Owners ==
* Name: [[User:Davdunc|David Duncan]], [[User:Chrismurphy|Chris
Murphy]], [[User:Josef|Josef Bacik]], [[User:Salimma|Michel Alexandre
Salim]], [[User:Dcavalca|Davide Cavalca]], [[User:Ngompa|Neal Gompa]],
[[User:Dustymabe|Dusty Mabe]], [[User:Malmond|Matthew Almond]]
* Email: davdunc@amazon.com, chrismurphy@fedoraproject.org,
josef@toxicpanda.com, michel@michel-slm.name, dcavalca@fb.com,
ngompa13@gmail.com, dusty@dustymabe.com, malmond@fb.com
* Products: Fedora Cloud Edition
* Responsible WGs: Fedora Cloud WG
== Detailed Description ==
Fedora Cloud Edition will switch to using Btrfs for its images. The
configuration for the Cloud Edition will match the setup used on the
desktop variants, as this has been very well-tested with production
deployments across multiple Fedora Linux releases now.
This includes the same subvolume layout that is used on the desktop
variants [[Changes/BtrfsByDefault|as introduced in Fedora Linux 33]],
as well as transparent Zstd compression
[[Changes/BtrfsTransparentCompression|as introduced in Fedora Linux
34]].
== Feedback ==
== Benefit to Fedora ==
The benefits are similar to
[[Changes/BtrfsByDefault#Benefit_to_Fedora|the ones for Fedora desktop
variants]]; however, there are specific benefits for Fedora Cloud:
* Adds support to Fedora Cloud for [[Changes/RPMCoW|the Change to
introduce support for Copy-on-Write enhancements to improve
performance to package management]]
* Adds the ability to logically separate contents of the volume
without dividing up the available space
** Transparent compression: significantly reduces write amplification
and improves effective I/O throughput
** Reflinks and snapshots improve efficiency for use cases like
containers (CRI-O, containerd, and Podman support both)
* Storage devices can be flaky, resulting in data corruption; Btrfs
can help mitigate this
** Everything is checksummed and verified on every read
** Corrupt data results in EIO (input/output error), instead of
resulting in application confusion, and isn't replicated into backups
and archives
* Improves system responsiveness under pressure
** Btrfs has been tested in production to have proper IO isolation
capability via cgroups2
** Completes the resource control picture: memory, cpu, IO isolation
* File system resize
** Online shrink and grow are cornerstones of the Btrfs design
* Complex storage setups are… complicated
** Simple and comprehensive command interface. One master command
** Simpler to boot, all code is in the kernel, no initramfs complexities
** Simple and efficient file system replication, including incremental
backups, with <code>btrfs send</code> and <code>btrfs receive</code>
== Scope ==
* Proposal owners:
** Submit PRs for Cloud Edition kickstarts to produce disk images using Btrfs.
* Release engineering: [https://pagure.io/releng/issue/10129 #10129]
* Policies and guidelines: N/A
* Trademark approval: N/A
== Upgrade/compatibility impact ==
Change will not affect upgrades.
== How To Test ==
Once the change lands in Rawhide, spin up the images in AWS, GCP, and
KVM/OpenStack to test to see systems boot and run.
== User Experience ==
* Mostly transparent.
* Space savings and extend hardware life, via compression.
* Utilities for used and free space are expected to behave the same.
No special commands are required.
* More detailed information can be revealed by <code>btrfs</code>
specific commands.
* <code>cp</code> command will create reflink copies
[https://src.fedoraproject.org/rpms/coreutils/c/5d08d14b/ by default.]
== Dependencies ==
None.
== Contingency Plan ==
* Contingency mechanism: Owner will revert changes back to the
previous ext4 configuration
* Contingency deadline: Beta freeze
* Blocks release? Yes
* Blocks product? Cloud
== Documentation ==
Strictly speaking, no extra documentation is required reading for users.
== Release Notes ==
The default file system on the cloud is now Btrfs, following the
desktop change in Fedora Linux 33. Fedora Server, IoT, and CoreOS are
still specifically excluded.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
== Summary ==
For cloud installs of Fedora, we want to provide advanced file system
features to users in a transparent fashion. Thus, we are changing the
file system for the Cloud Edition to Btrfs so we can leverage its
features and capabilities to improve the quality of experience for
Cloud users.
== Owners ==
* Name: [[User:Davdunc|David Duncan]], [[User:Chrismurphy|Chris
Murphy]], [[User:Josef|Josef Bacik]], [[User:Salimma|Michel Alexandre
Salim]], [[User:Dcavalca|Davide Cavalca]], [[User:Ngompa|Neal Gompa]],
[[User:Dustymabe|Dusty Mabe]], [[User:Malmond|Matthew Almond]]
* Email: davdunc@amazon.com, chrismurphy@fedoraproject.org,
josef@toxicpanda.com, michel@michel-slm.name, dcavalca@fb.com,
ngompa13@gmail.com, dusty@dustymabe.com, malmond@fb.com
* Products: Fedora Cloud Edition
* Responsible WGs: Fedora Cloud WG
== Detailed Description ==
Fedora Cloud Edition will switch to using Btrfs for its images. The
configuration for the Cloud Edition will match the setup used on the
desktop variants, as this has been very well-tested with production
deployments across multiple Fedora Linux releases now.
This includes the same subvolume layout that is used on the desktop
variants [[Changes/BtrfsByDefault|as introduced in Fedora Linux 33]],
as well as transparent Zstd compression
[[Changes/BtrfsTransparentCompression|as introduced in Fedora Linux
34]].
== Feedback ==
== Benefit to Fedora ==
The benefits are similar to
[[Changes/BtrfsByDefault#Benefit_to_Fedora|the ones for Fedora desktop
variants]]; however, there are specific benefits for Fedora Cloud:
* Adds support to Fedora Cloud for [[Changes/RPMCoW|the Change to
introduce support for Copy-on-Write enhancements to improve
performance to package management]]
* Adds the ability to logically separate contents of the volume
without dividing up the available space
** Transparent compression: significantly reduces write amplification
and improves effective I/O throughput
** Reflinks and snapshots improve efficiency for use cases like
containers (CRI-O, containerd, and Podman support both)
* Storage devices can be flaky, resulting in data corruption; Btrfs
can help mitigate this
** Everything is checksummed and verified on every read
** Corrupt data results in EIO (input/output error), instead of
resulting in application confusion, and isn't replicated into backups
and archives
* Improves system responsiveness under pressure
** Btrfs has been tested in production to have proper IO isolation
capability via cgroups2
** Completes the resource control picture: memory, cpu, IO isolation
* File system resize
** Online shrink and grow are cornerstones of the Btrfs design
* Complex storage setups are… complicated
** Simple and comprehensive command interface. One master command
** Simpler to boot, all code is in the kernel, no initramfs complexities
** Simple and efficient file system replication, including incremental
backups, with <code>btrfs send</code> and <code>btrfs receive</code>
== Scope ==
* Proposal owners:
** Submit PRs for Cloud Edition kickstarts to produce disk images using Btrfs.
* Release engineering: [https://pagure.io/releng/issue/10129 #10129]
* Policies and guidelines: N/A
* Trademark approval: N/A
== Upgrade/compatibility impact ==
Change will not affect upgrades.
== How To Test ==
Once the change lands in Rawhide, spin up the images in AWS, GCP, and
KVM/OpenStack to test to see systems boot and run.
== User Experience ==
* Mostly transparent.
* Space savings and extend hardware life, via compression.
* Utilities for used and free space are expected to behave the same.
No special commands are required.
* More detailed information can be revealed by <code>btrfs</code>
specific commands.
* <code>cp</code> command will create reflink copies
[https://src.fedoraproject.org/rpms/coreutils/c/5d08d14b/ by default.]
== Dependencies ==
None.
== Contingency Plan ==
* Contingency mechanism: Owner will revert changes back to the
previous ext4 configuration
* Contingency deadline: Beta freeze
* Blocks release? Yes
* Blocks product? Cloud
== Documentation ==
Strictly speaking, no extra documentation is required reading for users.
== Release Notes ==
The default file system on the cloud is now Btrfs, following the
desktop change in Fedora Linux 33. Fedora Server, IoT, and CoreOS are
still specifically excluded.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[USN-4964-1] Exiv2 vulnerabilities
==========================================================================
Ubuntu Security Notice USN-4964-1
May 25, 2021
exiv2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Exiv2.
Software Description:
- exiv2: EXIF/IPTC/XMP metadata manipulation tool
Details:
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29463)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29464)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29473, CVE-2021-32617)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29623)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
exiv2 0.27.3-3ubuntu1.3
libexiv2-27 0.27.3-3ubuntu1.3
Ubuntu 20.10:
exiv2 0.27.3-3ubuntu0.4
libexiv2-27 0.27.3-3ubuntu0.4
Ubuntu 20.04 LTS:
exiv2 0.27.2-8ubuntu2.4
libexiv2-27 0.27.2-8ubuntu2.4
Ubuntu 18.04 LTS:
exiv2 0.25-3.1ubuntu0.18.04.9
libexiv2-14 0.25-3.1ubuntu0.18.04.9
Ubuntu 16.04 ESM:
exiv2 0.25-2.1ubuntu16.04.7+esm2
libexiv2-14 0.25-2.1ubuntu16.04.7+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4964-1
CVE-2021-29463, CVE-2021-29464, CVE-2021-29473, CVE-2021-29623,
CVE-2021-32617
Package Information:
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu1.3
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu0.4
https://launchpad.net/ubuntu/+source/exiv2/0.27.2-8ubuntu2.4
https://launchpad.net/ubuntu/+source/exiv2/0.25-3.1ubuntu0.18.04.9
Ubuntu Security Notice USN-4964-1
May 25, 2021
exiv2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Exiv2.
Software Description:
- exiv2: EXIF/IPTC/XMP metadata manipulation tool
Details:
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29463)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29464)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29473, CVE-2021-32617)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29623)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
exiv2 0.27.3-3ubuntu1.3
libexiv2-27 0.27.3-3ubuntu1.3
Ubuntu 20.10:
exiv2 0.27.3-3ubuntu0.4
libexiv2-27 0.27.3-3ubuntu0.4
Ubuntu 20.04 LTS:
exiv2 0.27.2-8ubuntu2.4
libexiv2-27 0.27.2-8ubuntu2.4
Ubuntu 18.04 LTS:
exiv2 0.25-3.1ubuntu0.18.04.9
libexiv2-14 0.25-3.1ubuntu0.18.04.9
Ubuntu 16.04 ESM:
exiv2 0.25-2.1ubuntu16.04.7+esm2
libexiv2-14 0.25-2.1ubuntu16.04.7+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4964-1
CVE-2021-29463, CVE-2021-29464, CVE-2021-29473, CVE-2021-29623,
CVE-2021-32617
Package Information:
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu1.3
https://launchpad.net/ubuntu/+source/exiv2/0.27.3-3ubuntu0.4
https://launchpad.net/ubuntu/+source/exiv2/0.27.2-8ubuntu2.4
https://launchpad.net/ubuntu/+source/exiv2/0.25-3.1ubuntu0.18.04.9
Subscribe to:
Posts (Atom)