Tuesday, August 31, 2021

[CentOS-announce] CESA-2021:3327 Important CentOS 7 kernel Security Update

CentOS Errata and Security Advisory 2021:3327 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2021:3327

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
5b19e42e03ab5ffdc24e71ec6c71dd0d4c8a557e482b142cb58bd7eaf529174a bpftool-3.10.0-1160.41.1.el7.x86_64.rpm
f181f4bc3868b84eb350197aee4e79d0466d5aaac0e0a70a37eb58aa7533e228 kernel-3.10.0-1160.41.1.el7.x86_64.rpm
a5f9b329bc1130ffe9bf6f2ced3317e2ad895c4559a82bdf804c8b85e4765b28 kernel-abi-whitelists-3.10.0-1160.41.1.el7.noarch.rpm
22e7b5d6e46a23025f394d1dd9e25e4e5cfd1c5dbb00f74226f20929ee065bd9 kernel-debug-3.10.0-1160.41.1.el7.x86_64.rpm
72dc266e5da09e38d19f4c3904bdb983146af68adbe466120ff8bfecdb4567bf kernel-debug-devel-3.10.0-1160.41.1.el7.x86_64.rpm
e888a6e4abc3928d95ec0b18f8a42febb63ba70ba0371c23615b8823209d9317 kernel-devel-3.10.0-1160.41.1.el7.x86_64.rpm
5573691deaca712e1478b3d889fe322be138680d8955a04b75e3a0066e099ca2 kernel-doc-3.10.0-1160.41.1.el7.noarch.rpm
3c1d7d5a10b6bbb96820657c57af7a774ba60dd1acb011d623b218102b3251f3 kernel-headers-3.10.0-1160.41.1.el7.x86_64.rpm
3ce3178d47c0937ca4073ad24a4d21e17880a93c83bed7d7cdde515bda87c789 kernel-tools-3.10.0-1160.41.1.el7.x86_64.rpm
7c45ba29959e72ceece7bd3f48bcc0ce0a86ebce4677a50e9d95a46e172b5d3b kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64.rpm
69c2b3156d7f7348e92c9b6d94a15da2b8f77e0597041944eb9741c941e07001 kernel-tools-libs-devel-3.10.0-1160.41.1.el7.x86_64.rpm
82af7be38d0c8eb49df265c4c0138bdc35cb7ac26a1b6e3a4d0f0a47d293dc93 perf-3.10.0-1160.41.1.el7.x86_64.rpm
b5008882f07f8c6c00a0b544313ead5522d4d71ffce67d2a4c5c59a41e89e091 python-perf-3.10.0-1160.41.1.el7.x86_64.rpm

Source:
ecb824f2bd03d2d305e5d081734d1dbc420ddcf2a7ce2bcebe7a86f58756b23c kernel-3.10.0-1160.41.1.el7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[USN-5060-2] NTFS-3G vulnerabilities

==========================================================================
Ubuntu Security Notice USN-5060-2
August 31, 2021

ntfs-3g vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

NTFS-3G could be made to execute arbitrary code if it received a specially
crafted image file.

Software Description:
- ntfs-3g: read/write NTFS driver for FUSE

Details:

USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that NTFS-3G incorrectly handled certain image file.
An attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
ntfs-3g 1:2015.3.14AR.1-1ubuntu0.3+esm1

Ubuntu 14.04 ESM:
ntfs-3g 1:2013.1.13AR.1-2ubuntu2+esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5060-2
https://ubuntu.com/security/notices/USN-5060-1
https://launchpad.net/bugs/1942235

[USN-5060-1] NTFS-3G vulnerabilities

==========================================================================
Ubuntu Security Notice USN-5060-1
August 31, 2021

ntfs-3g vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

NTFS-3G could be made to execute arbitrary code if it received a specially
crafted image file.

Software Description:
- ntfs-3g: read/write NTFS driver for FUSE

Details:

It was discovered that NTFS-3G incorrectly handled certain image file.
An attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
ntfs-3g 1:2017.3.23AR.3-3ubuntu4.1

Ubuntu 20.04 LTS:
ntfs-3g 1:2017.3.23AR.3-3ubuntu1.1

Ubuntu 18.04 LTS:
ntfs-3g 1:2017.3.23-2ubuntu0.18.04.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5060-1
https://launchpad.net/bugs/1942235

Package Information:
https://launchpad.net/ubuntu/+source/ntfs-3g/1:2017.3.23AR.3-3ubuntu4.1
https://launchpad.net/ubuntu/+source/ntfs-3g/1:2017.3.23AR.3-3ubuntu1.1
https://launchpad.net/ubuntu/+source/ntfs-3g/1:2017.3.23-2ubuntu0.18.04.3

[USN-5058-1] Thunderbird vulnerabilities

==========================================================================
Ubuntu Security Notice USN-5058-1
August 31, 2021

thunderbird vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

It was discovered that Thunderbird didn't ignore IMAP server responses
prior to completion of the STARTTLS handshake. A person-in-the-middle
could potentially exploit this to trick Thunderbird into showing incorrect
information. (CVE-2021-29969)

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service, or
execute arbitrary code. (CVE-2021-29970, CVE-2021-29976, CVE-2021-29980,
CVE-2021-29984, CVE-2021-29985, CVE-2021-29986, CVE-2021-29988,
CVE-2021-29989, CVE-2021-30547)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
thunderbird 1:78.13.0+build1-0ubuntu0.21.04.2

Ubuntu 20.04 LTS:
thunderbird 1:78.13.0+build1-0ubuntu0.20.04.2

Ubuntu 18.04 LTS:
thunderbird 1:78.13.0+build1-0ubuntu0.18.04.1

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5058-1
CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-29980,
CVE-2021-29984, CVE-2021-29985, CVE-2021-29986, CVE-2021-29988,
CVE-2021-29989, CVE-2021-30547

Package Information:

https://launchpad.net/ubuntu/+source/thunderbird/1:78.13.0+build1-0ubuntu0.21.04.2

https://launchpad.net/ubuntu/+source/thunderbird/1:78.13.0+build1-0ubuntu0.20.04.2

https://launchpad.net/ubuntu/+source/thunderbird/1:78.13.0+build1-0ubuntu0.18.04.1

Monday, August 30, 2021

[USN-5057-1] Squashfs-Tools vulnerability

==========================================================================
Ubuntu Security Notice USN-5057-1
August 31, 2021

squashfs-tools vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

squashfs-tools could be made to overwrite files.

Software Description:
- squashfs-tools: Tools to create and modify squashfs filesystems

Details:

Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
squashfs-tools 1:4.4-2ubuntu0.1

Ubuntu 20.04 LTS:
squashfs-tools 1:4.4-1ubuntu0.1

Ubuntu 18.04 LTS:
squashfs-tools 1:4.3-6ubuntu0.18.04.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5057-1
CVE-2021-40153

Package Information:
https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.4-2ubuntu0.1
https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.4-1ubuntu0.1
https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.3-6ubuntu0.18.04.3

[USN-5054-1] uWSGI vulnerability

==========================================================================
Ubuntu Security Notice USN-5054-1
August 30, 2021

uwsgi vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

uWSGI could be made to crash if it received specially crafted
input.

Software Description:
- uwsgi: fast, self-healing application container server

Details:

Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module.
An attacker could use this vulnerability to provoke an information disclosure
or potentially remote code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libapache2-mod-proxy-uwsgi 2.0.15-10.2ubuntu2.2
libapache2-mod-ruwsgi 2.0.15-10.2ubuntu2.2
libapache2-mod-uwsgi 2.0.15-10.2ubuntu2.2
uwsgi 2.0.15-10.2ubuntu2.2
uwsgi-core 2.0.15-10.2ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5054-1
CVE-2020-11984

Package Information:
https://launchpad.net/ubuntu/+source/uwsgi/2.0.15-10.2ubuntu2.2

[CentOS-announce] CESA-2021:3295 Important CentOS 7 libsndfile Security Update

CentOS Errata and Security Advisory 2021:3295 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2021:3295

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
d161a8ffe0e1f9856548b6a48619295b25351949a76f0c3447034360be168304 libsndfile-1.0.25-12.el7_9.1.i686.rpm
1b3f8f389416ac835d75a09fd6027e44daad1e8447c349cac349b674506ce80f libsndfile-1.0.25-12.el7_9.1.x86_64.rpm
7e6cf4cf5a25112c185e8d9c2750ce650787af37ded646d8d3923984a1868673 libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm
c18739f0ff30069eb1e908fc713e8ef1e7fa3a75c981a8b45cd1383597e8a1e9 libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm
4d2980f737ca5c15f4f33e1a43a82d6b00ca06a5c6d284643ea2f0b2e7928f76 libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpm

Source:
e9a79f586e5dd346bf8872253a3ca438f11d33e30c3ee6fb9c0cf0b3b4c75781 libsndfile-1.0.25-12.el7_9.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2021:3296 Important CentOS 7 libX11 Security Update

CentOS Errata and Security Advisory 2021:3296 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2021:3296

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
c053243ee1cb35d96150add59e7a1c0861276f5b2a3a9ca734501801a605c029 libX11-1.6.7-4.el7_9.i686.rpm
9d8f852847d542b8ca3a8f7afddddd363dfd43bfa65cfbf6dfc8aa04498417da libX11-1.6.7-4.el7_9.x86_64.rpm
2c6eb5afea1c0a0fa2d5103b42a1dfd64c5d9d81d7974ab2bf5adbf20f29033a libX11-common-1.6.7-4.el7_9.noarch.rpm
a11e1ecb8f7034384a2138c08abe5aa5f4f9996c624112e951eb5a42353bc197 libX11-devel-1.6.7-4.el7_9.i686.rpm
938bca67aabbf5f68ed289ef571582f9e1c3c144f27c0cc38dc3b60c03bb184e libX11-devel-1.6.7-4.el7_9.x86_64.rpm

Source:
5f8ad1a6ada2c9d49312e9f11a7c4a743d6014e87ceb75449c9e25f66eebe698 libX11-1.6.7-4.el7_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2021:3266 CentOS 7 pki-core BugFix Update

CentOS Errata and Bugfix Advisory 2021:3266

Upstream details at : https://access.redhat.com/errata/RHBA-2021:3266

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
76cfa65febb7025f91800c11072204ec3748d9a68501cdf0cfde5a6c5404f0e4 pki-base-10.5.18-16.el7_9.noarch.rpm
769518511a9626c3f684d9b19a35320e0bf5eaad8dc6377c966be0005c590641 pki-base-java-10.5.18-16.el7_9.noarch.rpm
f3aaf1422d162735cb3147c5876e2d569c5ab751c3e355d4f973d16250916a4c pki-ca-10.5.18-16.el7_9.noarch.rpm
a3ad033749fd54a7fd723f8b31abd4dea531eae66ff59e0f48a1e7412fd09051 pki-javadoc-10.5.18-16.el7_9.noarch.rpm
231c99ff7648c2fa512b52e36ee21cfb15033bb178cb5c38c37a3928feedec99 pki-kra-10.5.18-16.el7_9.noarch.rpm
49e9c90df2985998052c0402a2bc848b5090e19a31cd9259e1fd77529e6a3505 pki-server-10.5.18-16.el7_9.noarch.rpm
76b9c89c43e25719214415b156394b6c8108b41639e8116895753032c1480241 pki-symkey-10.5.18-16.el7_9.x86_64.rpm
c328c37ab19654e8c75410894318772e2ded988336a832db854b41d7fdb4f144 pki-tools-10.5.18-16.el7_9.x86_64.rpm

Source:
609c32d63ba58a26b2e4ae59ed3e6a3cb4ed54d3ca4de0c00dd2d3aa17429af0 pki-core-10.5.18-16.el7_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[USN-5056-1] APR vulnerability

==========================================================================
Ubuntu Security Notice USN-5056-1
August 30, 2021

apr vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

APR could be made to expose sensitive information if it received a specially crafted input.

Software Description:
- apr: Apache Portable Runtime Library

Details:

It was discovered that APR incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
libapr1 1.7.0-6ubuntu0.1

Ubuntu 16.04 ESM:
libapr1 1.5.2-3ubuntu0.1~esm1

Ubuntu 14.04 ESM:
libapr1 1.5.0-1ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5056-1
CVE-2021-35940

Package Information:
https://launchpad.net/ubuntu/+source/apr/1.7.0-6ubuntu0.1

[USN-5055-1] GNOME grilo vulnerability

==========================================================================
Ubuntu Security Notice USN-5055-1
August 30, 2021

grilo vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM

Summary:

grilo could be made to allow MITM attacks.

Software Description:
- grilo: Framework for discovering and browsing media - GObject introspect

Details:

Michael Catanzaro discovered that grilo incorrectly handled certain TLS
certificate verification. An attacker could possibly use this issue to
MITM attacks.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
libgrilo-0.3-0 0.3.13-1ubuntu0.1

Ubuntu 20.04 LTS:
libgrilo-0.3-0 0.3.12-1ubuntu0.1

Ubuntu 18.04 LTS:
libgrilo-0.3-0 0.3.4-1ubuntu0.1

Ubuntu 16.04 ESM:
libgrilo-0.2-1 0.2.15-1ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5055-1
CVE-2021-39365

Package Information:
https://launchpad.net/ubuntu/+source/grilo/0.3.13-1ubuntu0.1
https://launchpad.net/ubuntu/+source/grilo/0.3.12-1ubuntu0.1
https://launchpad.net/ubuntu/+source/grilo/0.3.4-1ubuntu0.1

Thursday, August 26, 2021

[USN-5053-1] libssh vulnerability

==========================================================================
Ubuntu Security Notice USN-5053-1
August 26, 2021

libssh vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS

Summary:

libssh could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- libssh: A tiny C SSH library

Details:

It was discovered that libssh incorrectly handled rekeying. A remote
attacker could use this issue to cause libssh to crash, resulting in a
denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
libssh-4 0.9.5-1ubuntu0.1

Ubuntu 20.04 LTS:
libssh-4 0.9.3-2ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5053-1
CVE-2021-3634

Package Information:
https://launchpad.net/ubuntu/+source/libssh/0.9.5-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libssh/0.9.3-2ubuntu2.2

[CentOS-announce] CEBA-2021:0852 CentOS 7 grub2 BugFix Update

CentOS Errata and Bugfix Advisory 2021:0852

Upstream details at : https://access.redhat.com/errata/RHBA-2021:0852

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
87b4bf85d74acb5f568e2cb39c5b3f1c972eba5db5f0219021c385fcf2d29732 grub2-2.02-0.87.el7.centos.6.x86_64.rpm
91c532ed3ffc0c3a3ff8c2e0c2f2eea28b1497fd586422e4640ae48504011029 grub2-common-2.02-0.87.el7.centos.6.noarch.rpm
51c06da7ce2ef116cd43474b64056e939ccb0ae0e6198dd907ee842fdc5005b9 grub2-efi-aa64-modules-2.02-0.87.el7.centos.6.noarch.rpm
660894a2c18d390472d0f133b53c845c1ecffde9327004870721603cd1f91b48 grub2-efi-ia32-2.02-0.87.el7.centos.6.x86_64.rpm
fede7faa428def30a78d440b2dfd020e0a972bca7601dbd552274dc2f98434c9 grub2-efi-ia32-cdboot-2.02-0.87.el7.centos.6.x86_64.rpm
62597c6811ab1a4372c93868c223a056ac2947a911f6b318ab3df4ead1b06de3 grub2-efi-ia32-modules-2.02-0.87.el7.centos.6.noarch.rpm
c4c001caa89f5bff6fb1c4dbee4050dbbb93bd7c79c16d2c309103992c0b7987 grub2-efi-x64-2.02-0.87.el7.centos.6.x86_64.rpm
1a506ab0d1bb5fe446384f454d2e3cccb4d626df0d87e0effd61680d6a9d026b grub2-efi-x64-cdboot-2.02-0.87.el7.centos.6.x86_64.rpm
664f64a4a6b87e761d7b0bc0efba577178e77a23ec390ffb222b9caee6c3206a grub2-efi-x64-modules-2.02-0.87.el7.centos.6.noarch.rpm
ec3383b51ed106826513f9c2945df6ff25b528b122a9b848b069c9e8d6cb5e46 grub2-i386-modules-2.02-0.87.el7.centos.6.noarch.rpm
504528b2f64bf9e246a93ff851b9fbf624d77355d1d57587ae1acaa4522c8fcb grub2-pc-2.02-0.87.el7.centos.6.x86_64.rpm
27bf800e475fe735de26f8983bba34eab9261ed1b48593690d77e5bc7d0acde1 grub2-pc-modules-2.02-0.87.el7.centos.6.noarch.rpm
87c30f42a079f461de618eaafd1eeb3225bf684cb0b4fe11da401f0550be3c80 grub2-ppc64le-modules-2.02-0.87.el7.centos.6.noarch.rpm
324c9d5ad49eb48866d128a022079508c40c45aa4d4176abc382f606369448d0 grub2-ppc64-modules-2.02-0.87.el7.centos.6.noarch.rpm
938086442b2d90233bb54c18a12a65965685e408b96dafa4e36c18a4179676df grub2-ppc-modules-2.02-0.87.el7.centos.6.noarch.rpm
201819cd83614093dbe14240fec542722aadee2886e13b2006ee8f6f0c063950 grub2-tools-2.02-0.87.el7.centos.6.x86_64.rpm
f020458306c1798b97bbe293da7347160996bd9a1e89d548f4012bde28cc4a52 grub2-tools-extra-2.02-0.87.el7.centos.6.x86_64.rpm
dfcf30fce1599be0699955042c34db80273d1dc14cc38af5a8f91b02ab70060b grub2-tools-minimal-2.02-0.87.el7.centos.6.x86_64.rpm

Source:
c575ebbcc17a418bb3b82a5c81b1fc6b3534a7fad4271f6614a9740f7c14c7a0 grub2-2.02-0.87.el7.centos.6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[USN-5051-3] OpenSSL vulnerability

==========================================================================
Ubuntu Security Notice USN-5051-3
August 26, 2021

openssl1.0 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

OpenSSL could be made to crash or expose sensitive information
if it received a specially crafted ASN.1 string.

Software Description:
- openssl1.0: Secure Socket Layer (SSL) cryptographic library and tools

Details:

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the
corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS.

Original advisory details:

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libssl1.0.0 1.0.2n-1ubuntu5.7

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-1
CVE-2021-3712

Package Information:
https://launchpad.net/ubuntu/+source/openssl1.0/1.0.2n-1ubuntu5.7

[USN-5051-2] OpenSSL vulnerability

==========================================================================
Ubuntu Security Notice USN-5051-2
August 26, 2021

openssl vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

OpenSSL could be made to crash or expose sensitive information
if it received a specially crafted ASN.1 string.

Software Description:
- openssl: Secure Socket Layer (SSL) cryptographic library and tools

Details:

USN-5051-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
libssl1.0.0 1.0.2g-1ubuntu4.20+esm1

Ubuntu 14.04 ESM:
libssl1.0.0 1.0.1f-1ubuntu2.27+esm3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-1
CVE-2021-3712

Ubuntu 20.04.3 LTS released

The Ubuntu team is pleased to announce the release of Ubuntu 20.04.3 LTS
(Long-Term Support) for its Desktop, Server, and Cloud products, as well
as other flavours of Ubuntu with long-term support.

Like previous LTS series, 20.04.3 includes hardware enablement stacks
for use on newer hardware. This support is offered on all architectures.

Ubuntu Server defaults to installing the GA kernel; however you may
select the HWE kernel from the installer bootloader.

As usual, this point release includes many updates, and updated
installation media has been provided so that fewer updates will need to
be downloaded after installation. These include security updates and
corrections for other high-impact bugs, with a focus on maintaining
stability and compatibility with Ubuntu 20.04 LTS.

Kubuntu 20.04.3 LTS, Ubuntu Budgie 20.04.3 LTS, Ubuntu MATE 20.04.3 LTS,
Lubuntu 20.04.3 LTS, Ubuntu Kylin 20.04.3 LTS, Ubuntu Studio 20.04.3 LTS,
and Xubuntu 20.04.3 LTS are also now available. More details can be found
in their individual release notes:

https://wiki.ubuntu.com/FocalFossa/ReleaseNotes#Official_flavours

Maintenance updates will be provided for 5 years for Ubuntu Desktop,
Ubuntu Server, Ubuntu Cloud, and Ubuntu Core. All the remaining
flavours will be supported for 3 years. Additional security support is
available with ESM (Extended Security Maintenance).

To get Ubuntu 20.04.3 LTS
-------------------------

In order to download Ubuntu 20.04.3 LTS, visit:

https://ubuntu.com/download

Users of Ubuntu 18.04 LTS will be offered an automatic upgrade to
20.04.3 LTS via Update Manager. For further information about upgrading,
see:

https://help.ubuntu.com/community/FocalUpgrades

As always, upgrades to the latest version of Ubuntu are entirely free of
charge.

We recommend that all users read the 20.04.3 LTS release notes, which
document caveats and workarounds for known issues, as well as more
in-depth notes on the release itself. They are available at:

https://wiki.ubuntu.com/FocalFossa/ReleaseNotes

If you have a question, or if you think you may have found a bug but
aren't sure, you can try asking in any of the following places:

#ubuntu on irc.libera.chat
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
https://ubuntuforums.org
https://askubuntu.com


Help Shape Ubuntu
-----------------

If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at:

https://discourse.ubuntu.com/contribute


About Ubuntu
------------

Ubuntu is a full-featured Linux distribution for desktops, laptops,
clouds and servers, with a fast and easy installation and regular
releases. A tightly-integrated selection of excellent applications is
included, and an incredible variety of add-on software is just a few
clicks away.

Professional services including support are available from Canonical and
hundreds of other companies around the world. For more information
about support, visit:

https://ubuntu.com/support


More Information
----------------

You can learn more about Ubuntu and about this release on our website
listed below:

https://ubuntu.com/

To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:

https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

On behalf of the Ubuntu Release Team,
Łukasz 'sil2100' Zemczak


--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

Wednesday, August 25, 2021

[lfs-announce] Linux From Scratch 11.0-rc3 Released

The Linux From Scratch community announces the release of LFS Version
11.0-rc3. It is a preliminary release of LFS-11.0.

This version of the Linux From Scratch book has been released due to a
critical security vulnerability in openssl. This vulnerability has been
fixed in LFS 11.0-rc3 by updating to the latest version: openssl-1.1.1l
(version 1.1.1 lower case L). Usage of LFS 11.0-rc1 or LFS 11.0-rc2 is
deemed unsafe and insecure.

In addition to the above, we took the opportunity to update several
other packages from the recent -rc releases to the latest stable
versions: e2fsprogs, meson, the linux kernel, util-linux, and libcap.

You can read the book online [0], or download [1] to read locally.

In coordination with this release, a new version of LFS using the
systemd package is also being released. This package implements the
newer systemd style of system initialization and control and is
consistent with LFS in most packages.

You can read the systemd version of the book online [2], or download [3]
to read locally.

Please direct any comments about this release to the LFS development
team at lfs-dev@lists.linuxfromscratch.org. Please note that
registration for the lfs-dev mailing list is required to avoid junk email.

-- Bruce Dubbs
linuxfromscratch.org


[0] https://linuxfromscratch.org/lfs/view/11.0-rc3/
[1] https://linuxfromscratch.org/lfs/downloads/11.0-rc3/
[2] https://linuxfromscratch.org/lfs/view/11.0-systemd-rc3/
[3] https://linuxfromscratch.org/lfs/downloads/11.0-systemd-rc3/

[USN-5052-1] MongoDB vulnerability

==========================================================================
Ubuntu Security Notice USN-5052-1
August 26, 2021

mongodb vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

MongoDB could provide unintended access.

Software Description:
- mongodb: Document-oriented database

Details:

MongoDB would fail to properly invalidate existing sessions for deleted
users. This could allow a remote authenticated attacker to gain elevated
privileges if their user account was recreated with elevated privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
mongodb-clients 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2
mongodb-server 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2
mongodb-server-core 1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2

Ubuntu 18.04 LTS:
mongodb-clients 1:3.6.3-0ubuntu1.3
mongodb-server 1:3.6.3-0ubuntu1.3
mongodb-server-core 1:3.6.3-0ubuntu1.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5052-1
CVE-2019-2386

Package Information:
https://launchpad.net/ubuntu/+source/mongodb/1:3.6.9+really3.6.8+90~g8e540c0b6d-0ubuntu5.2
https://launchpad.net/ubuntu/+source/mongodb/1:3.6.3-0ubuntu1.3

[USN-5037-2] Firefox regression

==========================================================================
Ubuntu Security Notice USN-5037-2
August 25, 2021

firefox regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

USN-5037-1 caused a regression in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a
regression that caused Firefox to repeatedly prompt for a password. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, trick a user into accepting unwanted permissions, or execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
firefox 91.0.2+build1-0ubuntu0.21.04.1

Ubuntu 20.04 LTS:
firefox 91.0.2+build1-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
firefox 91.0.2+build1-0ubuntu0.18.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5037-2
https://ubuntu.com/security/notices/USN-5037-1
https://launchpad.net/bugs/1941496

Package Information:

https://launchpad.net/ubuntu/+source/firefox/91.0.2+build1-0ubuntu0.21.04.1

https://launchpad.net/ubuntu/+source/firefox/91.0.2+build1-0ubuntu0.20.04.1

https://launchpad.net/ubuntu/+source/firefox/91.0.2+build1-0ubuntu0.18.04.1

Tuesday, August 24, 2021

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:17.openssl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-21:17.openssl Security Advisory
The FreeBSD Project

Topic: Multiple vulnerabilities in OpenSSL

Category: contrib
Module: openssl
Announced: 2021-08-24
Affects: FreeBSD 12.2 and FreeBSD 11.4
Corrected: 2021-02-18 23:55:09 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:22 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-02-19 16:21:03 UTC (stable/11, 11.4-STABLE)
2021-08-24 18:31:34 UTC (releng/11.4, 11.4-RELEASE-p13)
CVE Name: CVE-2021-23840, CVE-2021-23841

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a
collaborative effort to develop a robust, commercial-grade, full-featured
Open Source toolkit for the Transport Layer Security (TLS) protocol. It is
also a general-purpose cryptography library.

II. Problem Description

This advisory covers two distinct OpenSSL issues:

Calls to EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()
may overflow the output length argument in some cases where the input
length is close to the maximum permissable length for an integer on the
platform. In such cases the return value from the function call will be
1 (indicating success), but the output length value will be negative.
[CVE-2021-23840]

The OpenSSL public API function X509_issuer_and_serial_hash() attempts
to create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it fails to correctly
handle any errors that may occur while parsing the issuer field (which
might occur if the issuer field is maliciously constructed).
[CVE-2021-23841]

III. Impact

The integer overflow in EVP_*Update() could cause applications to behave
incorrectly or crash leading to a potential denial of service attack.

The X509_issuer_and_serial_hash() issue may result in a NULL pointer
dereference and a crash leading to a potential denial of service attack.

IV. Workaround

No workaround is available.

The function X509_issuer_and_serial_hash() is never directly called by
OpenSSL itself so applications are only vulnerable if they use this
function directly and they use it on certificates that may have been
obtained from untrusted sources.

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 12.2]
# fetch https://security.FreeBSD.org/patches/SA-21:17/openssl.12.patch
# fetch https://security.FreeBSD.org/patches/SA-21:17/openssl.12.patch.asc
# gpg --verify openssl.12.patch.asc

[FreeBSD 11.4]
# fetch https://security.FreeBSD.org/patches/SA-21:17/openssl.11.patch
# fetch https://security.FreeBSD.org/patches/SA-21:17/openssl.11.patch.asc
# gpg --verify openssl.11.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

Restart all daemons that use the library, or reboot the system.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/12/ r369284
releng/12.2/ r370397
stable/11/ r369299
releng/11.4/ r370389
- -------------------------------------------------------------------------

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://www.openssl.org/news/secadv/20210216.txt>

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:17.openssl.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV18ACgkQ05eS9J6n
5cIngA/9Hncs91cNHSVTuvNvrATmpxpnCyiphivR297oiDKRCOoHxA7W8AAigSQH
gNM8XGZ8aANmoGfh7M86V5Dvlq0qeRn0Pe8cEus53OumEqpbSkMu97ftv7gFkM/S
+uEEoNA+pK/lrupQQ7gAHwWbzaNumJwGXpH/FLh865TjngvI2hFW41TfMxHQvymf
tAIzRdg/QYASnXTXBn56ad0i34v+/Z4Cz6XFJ4bBkqPJpiCvzJPWB37CSxw1D6YM
4w5yBhu7db1VJKLP89/YnRnsB4ryOE5cCGtg086pa2DdacB63XTEgc/m90UtfHYl
Dk6LVr79SqFPDRukNCTBozcwkHr8aKSg1eR4o2vV3yfq5OUhHmCA9FXstyxXPYe+
DjtSG8X9m/XKiz4Eok2EIv3PwBT29M3lVnKG20kvpxoguOUTg4VLtyyDIZxKmNpY
XC3OAmUViDS9iEA8uqKjUEt5YEsNvs6qIKasZHdznST04nuEimIiMUOD57odwL7M
rAeJu4GBPHJqNQsfFPRddjrVimnUtGHFDW5r4JtqPP5sZZCIBplWuMzay875EYCL
amYGuewZhsacUSgUktsFPrM9z8rd24k86IPn3PEIwsVbubDDz40Q1/v1McgquZ0n
boUnhYSRG5qVgOItsikahk1OpQMQhsXDRo6RotGdl90pqdngNjQ=
=T3/+
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:16.openssl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-21:16.openssl Security Advisory
The FreeBSD Project

Topic: Multiple OpenSSL vulnerabilities

Category: contrib
Module: openssl
Announced: 2021-08-24
Credits: See OpenSSL advisory in references.
Affects: FreeBSD 12.2 and later.
Corrected: 2021-08-24 18:05:48 UTC (stable/13, 13.0-STABLE)
2021-08-24 18:08:04 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:22 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:19 UTC (releng/12.2, 12.2-RELEASE-p10)
CVE Name: CVE-2021-3711, CVE-2021-3712

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a
collaborative effort to develop a robust, commercial-grade, full-featured
Open Source toolkit for the Transport Layer Security (TLS) protocol. It is
also a general-purpose cryptography library.

II. Problem Description

There are two issues fixed in this security advisory:

A bug in the SM2 decryption implementation incorrectly calculates a buffer
needed to hold the plaintext leading to a potential buffer overflow.
[CVE-2021-3711]

ASN1_STRING structures directly constructed, instead of using library
functions, may not be NULL-terminated resulting in library functions causing
a read buffer overrun. [CVE-2021-3712]

III. Impact

Specially crafted decrypted SM2 content could cause attacker chosen data to
overflow the buffer changing application behavior or causing the application
to crash. [CVE-2021-3711]

A specially crafted malicious string can cause an application that directly
constructs the ASN1_STRING structure to crash or disclose memory contents.
[CVE-2021-3712]

IV. Workaround

No workaround is available.

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 13.0]
# fetch https://security.FreeBSD.org/patches/SA-21:16/openssl.13.patch
# fetch https://security.FreeBSD.org/patches/SA-21:16/openssl.13.patch.asc
# gpg --verify openssl.13.patch.asc

[FreeBSD 12.2]
# fetch https://security.FreeBSD.org/patches/SA-21:16/openssl.12.patch
# fetch https://security.FreeBSD.org/patches/SA-21:16/openssl.12.patch.asc
# gpg --verify openssl.12.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

Restart all daemons that use the library, or reboot the system.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 9d31ae318711 stable/13-n246940
releng/13.0/ 2261c814b7fa releng/13.0-n244759
stable/12/ r370385
releng/12.2/ r370396
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://www.openssl.org/news/secadv/20210824.txt>

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711>

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:16.openssl.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV18ACgkQ05eS9J6n
5cLnrA//XoiClJmvm+5GKDzP6IbDIxRyS7NkDxMWY/7Q/QvPs8fFrFdXiD4qJOcz
VTElfioKTv2X7j+X5TO4zRKjg86Lb94gSXtgOLeK2tWticksZ3o5WPLXXjI0ohBo
M1VhMJoJc3p2Oam9yPOdfnllCTJYV5ZqmcBL2FZCYWdkebZWkpHgrImZ53yQ87jm
IK4fy+El47l3Jb2K6P5S1eeW3e3CElbkUgNkSIJsl5Z9hdrTrd3We6FSE8QQjXn+
OsQw5s6VDhHzFG34x9CIhqpjWQTX5izdlaeSunMXHwe3Vp5CoRpl/sq1r53PJG1j
nnY7X4Csgbv48rRm6KXOCHDzEatNvmdnBmEzcanIUXer//tra97Zd/wlWepV0hwK
T4TcJly/74DH+tW6TQ78/UC0EkxeTqc/I1Qu41jBIH1KDfDs7OqKiftHo2wOJjQa
43DlAr6eEbRAZ2l1e+ATJs0r6ao1BCUnB+Fpc4cnBLaft9G3DYCAmWI4wUKRSRAU
n880U3kjSTtVDfLTkUQ33QSg0uqduVEjt9XWe/SV9RoL8xHqtvk/CIS+aFAqPbR4
62yaTQCrUdidkeqn7/XVScCuZ27bWCJpqWHGtihTnm3yfM09NtYIjozyngf2duaJ
0RFuewl1kvYo5Xsu54TuO36dQQdmJU0qayKEpWZ1+NadgJUMAJY=
=8I/t
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:14.ggatec

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-21:14.ggatec Security Advisory
The FreeBSD Project

Topic: Remote code execution in ggatec(8)

Category: core
Module: ggatec
Announced: 2021-08-24
Credits: Johannes Totz
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 17:50:50 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:37:45 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:13 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:15 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-08-24 18:29:35 UTC (stable/11, 11.4-STABLE)
2021-08-24 18:31:29 UTC (releng/11.4, 11.4-RELEASE-p13)
CVE Name: CVE-2021-29630

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I. Background

GEOM Gate is a GEOM module that reflects I/O requests into user mode where
the ggatec(8) daemon fowards those requests to ggated(8), possibly over the
network to another machine.

II. Problem Description

The ggatec(8) daemon does not validate the size of a response before writing
it to a fixed-sized buffer. This allows to overwrite the stack of ggatec(8).

III. Impact

A malicious ggated(8) or an attacker in a priviledged network position can
overwrite the stack with crafted content and potentially execute arbitrary
code.

IV. Workaround

No workaround is available but systems not using ggatec(8) are not affected.
Neither ggatec(8) nor ggated(8) are enabled by default and need explicit
configuration by the super-user.

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Restart any ggatec(8) instances. Existing ggate devices can be kept alive
and restarted with `ggatec rescue`.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/SA-21:14/ggatec.patch
# fetch https://security.FreeBSD.org/patches/SA-21:14/ggatec.patch.asc
# gpg --verify ggatec.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

Restart the applicable daemons, or reboot the system.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 0729ba2f49c9 stable/13-n246938
releng/13.0/ c8a2cc4ba845 releng/13.0-n244757
stable/12/ r370383
releng/12.2/ r370394
stable/11/ r370381
releng/11.4/ r370387
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29630>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:14.ggatec.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV14ACgkQ05eS9J6n
5cKyqBAAi7eHUJ5Ud4dNJac8zbaj5uIlYF1XUPBfm5XlevfW1b1vgrfrs0QM3Sw5
9efTVTESFUC+T9wVMYO3s9POEwiu3x0A/eRsH2tq9oaZPQKdpAhkEEQ/uqnNRKfm
qHZ8YuSJGT+EWEFp1ib5O4Y78TvjL7ST0+IG/O5vBMKqgsxy29o6tOAy3q9+RVqj
hNQNo7KbXBXEns/I7HN4JssQSjeWOmK65Ty5YAp1VsNGbD/7rSqsCp4P/CatvRQ7
0kzVMb/hkaDn1G7jYOXbAPk+XrUr9cFriChjLuAAyZRBfWcNlPmoxRgNoDVDY44x
elnBAEmSPD9adwy2hoHeusiiUnN7Vrz6DJeox7BSnbQx1lbU+j6qev0EBaMAmEUJ
POxn9wjfth3hdfRSx5p2jSVaD/086BBpMQ9KXojVONgqE7hFF402+ooCnorA2XTh
s08cIy38TEyHoW/rqr3SoXwyvkM3vAjQBmYzocDqocfufQ7UCH+SDFSsORuof+4N
9T2j/UvGqmrQvnMhAsRfbdFImvwUut+ZLJzNqTEjYWlZv58QEKocU0OOvrd2Wb5i
ok2CRIhCy08UnDItFSYI28TaMv8ZiCoWLx7H0+20mQeLaPF45dQWXz1o4FrFHVjx
EdMZpmh9tFU8j5bm0J5l8CpoiTZsqZ41gTrFyEdSnOnS1uvT8jQ=
=6Z2C
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:13.bhyve

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-21:13.bhyve Security Advisory
The FreeBSD Project

Topic: Missing error handling in bhyve(8) device models

Category: core
Module: bhyve
Announced: 2021-08-24
Credits: Agustin Gianni (GitHub Security Lab)
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 18:29:48 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:33:35 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:33:04 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:13 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-08-24 18:33:02 UTC (stable/11, 11.4-STABLE)
2021-08-24 18:31:27 UTC (releng/11.4, 11.4-RELEASE-p13)
CVE Name: CVE-2021-29631

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I. Background

bhyve(8) is a hypervisor that supports running a variety of guest
operating systems in virtual machines. It implements a number of device
models using the VirtIO interface to exchange data between the guest and
the host.

II. Problem Description

Certain VirtIO-based device models failed to handle errors when fetching
I/O descriptors. Such errors could be triggered by a malicious guest.
As a result, the device model code could be tricked into operating on
uninitialized I/O vectors, leading to memory corruption.

III. Impact

A malicious guest may be able to crash the bhyve process. It may be
possible to exploit the memory corruption bugs to achieve arbitrary code
execution in the bhyve process.

IV. Workaround

No workaround is available. Virtual machines are unaffected unless they
use one or more of the following device models:

* virtio-console
* virtio-rnd
* virtio-scsi (available starting in FreeBSD 12.0)
* virtio-9p (available starting in FreeBSD 13.0)

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 13.0]
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.13.patch
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.13.patch.asc
# gpg --verify bhyve.13.patch.asc

[FreeBSD 12.2]
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.12.patch
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.12.patch.asc
# gpg --verify bhyve.12.patch.asc

[FreeBSD 11.4]
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.11.patch
# fetch https://security.FreeBSD.org/patches/SA-21:13/bhyve.11.patch.asc
# gpg --verify bhyve.11.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 20f96f215562 stable/13-n246941
releng/13.0/ ec08bc89d4b3 releng/13.0-n244756
stable/12/ r370400
releng/12.2/ r370393
stable/11/ r370399
releng/11.4/ r370386
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29631>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:13.bhyve.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV10ACgkQ05eS9J6n
5cLrsw//SuInBQjVhNXa1OkC7FcBve+vQCmgThGAxJVrFpRdHxg/q3Vfyza3/V1w
FGUiPPhAsF3wYwK9UqMS5a3dOI3WbaUvH8dDeLd3BLj4AfFE3uTOFC0xzmdBQcm0
2mFbTRkL0Wqb6FpDiswdu1s9jp1JggIa+SGuajl4XaoIyM/tek3PFuEOeE2v2N7E
djKciPwFnsRneFQIOTHVqa0mut5AilNI9WwKZgv3qzqQNnAasBpbiZKG/BhA2mZm
GLm0NtI40BdnIW3mfGYqK3r/tXUi/tcMSHzV2NDOGToB5wHj6Ah1lQ8pUEVnLo0d
TeDrioK/z53wqLhHUSsxdifST6JX0CQ2kf7qb256mE3o9brRyD2s6AM2Bld3r/ov
wzPTIzIGmtaxezCJhZpEPfaul/B2mCTjWkGrxOMROAzeocrIY4pJ5cGmH8XYfGA+
WQOwe+OKHb33qak3mrgGxECv72R/h2PUH5PV14HEj+PW5S03qIHm3iisvGWo6+3C
efqZ9tsiWbPvbF3CFuECOgjUIu5YDf6K83H5/Lnaw9SnANuTj8t8I1yg/RmByWlx
9ucposBVht9h9TcFKNm+REfNCaYwQ3FukfGn/s3ih/iHNcGn1rGjh1t+vN4DNnLl
Ew3GTlSzJqzeO3QvstdrRDvvBNFGDZV6yyZBu3ogPaZc4WAHnHQ=
=suTg
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-21:15.libfetch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-SA-21:15.libfetch Security Advisory
The FreeBSD Project

Topic: libfetch out of bounds read

Category: core
Module: libfetch
Announced: 2021-08-24
Credits: Samanta Navarro
Affects: All supported versions of FreeBSD.
Corrected: 2021-08-24 17:59:43 UTC (stable/13, 13.0-STABLE)
2021-08-24 18:00:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-08-24 18:30:16 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:17 UTC (releng/12.2, 12.2-RELEASE-p10)
2021-08-24 18:29:40 UTC (stable/11, 11.4-STABLE)
2021-08-24 18:31:31 UTC (releng/11.4, 11.4-RELEASE-p13)
CVE Name: CVE-2021-36159

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.

I. Background

libfetch(3) is a multi-protocol file transfer library included with FreeBSD
and used by the fetch(1) command-line tool, pkg(8) package manager, and
others.

II. Problem Description

The passive mode in FTP communication allows an out of boundary read while
libfetch uses strtol to parse the relevant numbers into address bytes. It
does not check if the line ends prematurely. If it does, the for-loop
condition checks for *p == '\0' one byte too late because p++ was already
performed.

III. Impact

The connection buffer size can be controlled by a malicious FTP server
because the size is increased until a newline is encountered (or no more
characters are read). This also allows to move the buffer into more
interesting areas within the address space, potentially parsing relevant
numbers for the attacker. Since these bytes become available to the server
in form of a new TCP connection to a constructed port number or even part of
the IPv6 address this is a potential information leak.

IV. Workaround

No workaround is available.

V. Solution

Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Perform one of the following:

1) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/SA-21:15/libfetch.patch
# fetch https://security.FreeBSD.org/patches/SA-21:15/libfetch.patch.asc
# gpg --verify libfetch.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ a75324d674f5 stable/13-n246939
releng/13.0/ 060510ba8bfb releng/13.0-n244758
stable/12/ r370384
releng/12.2/ r370395
stable/11/ r370382
releng/11.4/ r370388
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749>

<URL:https://gitlab.alpinelinux.org/alpine/apk-tools/-/merge_requests/64>

<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36159>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-21:15.libfetch.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV14ACgkQ05eS9J6n
5cJpVBAApBRBKwxTpmLfH+JJP8JwDwpop407/A54uPFRXzl7ri6D0wlvlHgMb70T
OPnD2pco3gI56GOvRLipnbtrkGZJT0ijsXHMqMK+3O44yoMP8BMNOZauPUVia6FW
6P0aLXqjiJDYZ8N2k+MnnsXQFJKvFt/Vv0D7aHOUettfgyx5YIQX2urjB/hGZIfM
93VMRCsLruixIRgsL6Jt2PvS004HxqJOsaNMg6unp0JWa/vrcCcr4AMzJmu+k0lg
/XtUpNBWdClKSYvDFikNrCz9x8ae6V9wosz5gfeKL+1tctBMxhrMLwBEaWtB7YIc
4Vu9+ZsGRLBpapEE8aLRyApY1xFP0xcDutf1G/tuuz5zK8gObaTrxTcRm6fbyf8C
ejspPabgM3lgKrWjGiI0T3WzYPWJKTZqtGEAtyMAutjpv9+N/p0YEDsCWkvG/zlt
BZ+TbT33oL2N1odzLBNOlJkiR2LQnTcjBgci+jqCVx7CdnYmV2laGF1kIttBCcRN
TOJoOJ1pbK1UXqek77+cCSeTKrlocU6oH3+1W68oLeWtemvzCTxlxLsT/pU/TetC
2fibVyN9P1PMI0VbaktjSN8HX8QWtr1u5kp2AIZPmq5RqL+S7+o90GVFr5f41D7M
QjHGddO+DG77lGyd+KC7zMuG6p8OcDBkdy9Tc0aTVW4JPhnIeyA=
=QN3R
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:25.bhyve

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-21:25.bhyve Errata Notice
The FreeBSD Project

Topic: Fix NVMe iovec construction for large IOs

Category: core
Module: bhyve
Announced: 2021-08-24
Affects: FreeBSD 12.2 and later.
Corrected: 2021-07-09 14:24:14 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:25:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-07-09 14:25:45 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:11 UTC (releng/12.2, 12.2-RELEASE-p10)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I. Background

bhyve(8) is a hypervisor that supports running a variety of guest
operating systems in virtual machines. Newer UEFI code in Red Hat
Enterprise Linux (RHEL) 8.4 and later (as well as applicable variants)
will not boot in newly installed guests.

II. Problem Description

By default, NVMe data transfer operations use a scatter-gather list in
which all entries point to a fixed-size memory region. For example, if
the memory page size is 4KB, a 2MB IO requires 512 entries. Lists
themselves are also fixed in size (default is 512 entries).

Because the list size is fixed, the last entry is special. If the IO
requires more than 512 entries, the last entry in the list contains the
address of the next list of entries. But if the IO requires exactly 512
entries, the last entry points to data.

The NVMe emulation missed this logic and unconditionally treated the
last entry as a pointer to the next list.

III. Impact

When a RHEL 8.4 and later (or variants) are installed as guests within
bhyve(8) on emulated NVMe storage, the system will not boot due to a
newer UEFI driver that is included with these distributions.

IV. Workaround

Installation of a RHEL 8.3 guest and performing an in-place upgrade.

V. Solution

Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

Perform one of the following:

1) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-21:25/bhyve.patch
# fetch https://security.FreeBSD.org/patches/EN-21:25/bhyve.patch.asc
# gpg --verify bhyve.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ a7761d19dacd stable/13-n246220
releng/13.0/ 4f590ee3ed7e releng/13.0-n244755
stable/12/ r370107
releng/12.2/ r370392
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256422>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:25.bhyve.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV10ACgkQ05eS9J6n
5cJQ6A//ad84xTf/SfMMEqlFaQbNtuh4egvTgWRIt8JkkzpTyO+VRMhJ9pJIW0LP
G23xBQYOkUjjb8WvZpQ0iP4PsMHaKzzwiVO2qUZ10IgIJbxjyIbSo/LJxFSUl50K
zwuxtM2LKIc6VDasMsg5B3FkCojlZEckN4HykzK1HHV9PvwCOGMQXdFDklmdKdwx
kGr4tk5r3yG3sgfY98+TdT34Y1jioWzT6LFscXfEWhQQXFa02m+AKPFsXOl+eSVt
O3mgaazyTT4LWiT9ZEj9dN6yJ3aseG4bpq/FIO4bXBOU35ttdsMxtn87muDvXRE3
rYHALHYhsgpNlP1Pa0FD0/syZ8VVV+L5hQ9+n7oPlHOmMVxoDIC/TireyCNtHM0C
yEPWu3rWRBsK0YTuP57ezSRnnaAXqInSmLX1IkmzBSwAoySEED8ONlypPB4qh19M
oUcOE661JAWA84ZP02gZsjjRaZOihv0BVmC0RXkCSe3VGAMuxCKYSLcupwFn34pA
gEe+IL6WpR2fCiR3ncLjvhZrGlBfGDEfGmTRD5ceVMLaZKly8D9IpCuXK62Gi1DA
pjAHJ9T6BmWW5Cxx5eJJESuhRldREf6KAVifB8K/DtWtp2BquILWj9pd4vuUYhz9
eYva+/shAJE5PGKva9k0Erk++bE3Cephnjh9SgnWlZnoeSLcJ3k=
=1wKt
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:24.libcrypto

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-21:24.libcrypto Errata Notice
The FreeBSD Project

Topic: OpenSSL 1.1.1e API functions not exported

Category: core
Module: libcrypto
Announced: 2021-08-24
Affects: FreeBSD 12.2 and later.
Corrected: 2021-06-09 21:53:42 UTC (stable/13, 13.0-STABLE)
2021-08-24 17:25:47 UTC (releng/13.0, 13.0-RELEASE-p4)
2021-06-09 21:54:13 UTC (stable/12, 12.2-STABLE)
2021-08-24 18:32:08 UTC (releng/12.2, 12.2-RELEASE-p10)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I. Background

libcrypto is part of the OpenSSL distribution and provides APIs to
various low-level cryptographic services.

II. Problem Description

New API functions added in OpenSSL 1.1.1e and later were not publicly
exported to applications.

III. Impact

Applications trying to use new API functions added in OpenSSL 1.1.1e
or later would fail to build with a link error.

IV. Workaround

No workaround is available. However, the APIs added in OpenSSL 1.1.1e
and later are obscure and not used by many applications. In particular,
none of the affected APIs are used by applications using libssl from
OpenSSL for Transport Layer Security (TLS).

V. Solution

Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

Perform one of the following:

1) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

2) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-21:17/libcrypto.patch
# fetch https://security.FreeBSD.org/patches/EN-21:17/libcrypto.patch.asc
# gpg --verify libcrypto.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ f8edb3f9c725 stable/13-n245963
releng/13.0/ 3ef67fed446a releng/13.0-n244754
stable/12/ r369974
releng/12.2/ r370391
- -------------------------------------------------------------------------

For FreeBSD 13 and later:

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

For FreeBSD 12 and earlier:

Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:

# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>

VII. References

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:24.libcrypto.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV10ACgkQ05eS9J6n
5cLiZxAAlg4s2mnbSDWTcyyDFSiriek2RFyqT6SR0FkHAod+zYzIrZNfLGM5431N
0Wr15eSkLqUKpbG88eE44N3aqVQSDnhmgGw5R4v+n//y4M8YywiW78inIB09Wpvl
XvfckpBgj8hAHvh2P54nP52m5Vxo0/WUHCNXi7VQFfjWyFxwUxcUnlumC/CpEqGI
GWNB9ZzVg9x7U7ykDd+MtRFRoURYHzZyTUlfpcJD0eS9bWi4JzYWmJElkwehSvI2
Ey0Mf2ynslbhEmUlFrnBRMmFVg1D12aVQApfn69+AB2twYyScjZXMoz6P1vwAEmg
wrNE1yVb27MB1MK9+t6yuRVgd/S7BFrQ7NLnl/jOa21eAHBE1Ac21BvifrYiJr3I
D2BH859RxUXzer/MU1vGGoTdZkujubaDsVWJqobFcnHC+flnfkzTLNiJxT65eI7n
fqwz1UoeHdeDs6hpkGH5uecsae3GOZSNW307eEvJKeQg6JbzaREKh4cth+0fCA32
xzxVD4BiMgjdCkRe0mESQUSrW3jsHqNm0L721iY71TqF4/FRylkvHIseIljEW1cp
zmt37+buvEtHuYHsmhNRvdJLJVPRnA6Lhn+VQ0IKObZW5WVxo3dbqSITPg/SuzLu
CWjUVXb3uUFc1xM3CtSQL+6k3cy6EYIw713rbrq+hApnCEf2/UE=
=T9UL
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-21:23.virtio_blk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-21:23.virtio_blk Errata Notice
The FreeBSD Project

Topic: virtio_blk(4) fails to attach on some hypervisors

Category: core
Module: virtio_blk
Announced: 2021-08-24
Affects: FreeBSD 13.0
Corrected: 2021-06-28 15:16:29 UTC (stable/13, 13.0-STABLE)
2021-08-24 16:36:55 UTC (releng/13.0, 13.0-RELEASE-p4)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I. Background

VirtIO is a specification for para-virtualized I/O in a virtual machine
(VM). It defines an interface for efficient I/O between the hypervisor
and VM. virtio_blk(4) is a driver handling VirtIO block devices.

II. Problem Description

The virtio_blk(4) driver sends commands to the host to query disk
identifiers before acknowledging to the host that the driver is ready.

III. Impact

Affected versions of FreeBSD will not boot under some hypervisors, or
under the presence of modern and non-transitional VirtIO block devices.

IV. Workaround

No workaround is available. FreeBSD running in QEMU emulator is not
affected by this issue.

V. Solution

Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date and reboot.

Perform one of the following:

1) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum update"

2) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/EN-21:23/virtio_blk.patch
# fetch https://security.FreeBSD.org/patches/EN-21:23/virtio_blk.patch.asc
# gpg --verify virtio_blk.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

VI. Correction details

This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:

Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 6fd5a4a6f3ac stable/13-n246114
releng/13.0/ f66e34809906 releng/13.0-n244753
- -------------------------------------------------------------------------

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

VII. References

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-21:23.virtio_blk.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmElV04ACgkQ05eS9J6n
5cK9NQ//cT8k06JwzqJ1rh09OK/XM9GWxXDuI/YHV4bQ8zc15aSM+PoS2FHgpcDy
BaoyDBp1pFgvx/QxbWdHUYam1SZac3vqbe7qfw/QKQopC8sjgdbqTxcCPmk8qh/r
upfqaLmtlxYBxxKEPtr1DUVUzt+qqT6jWK6cCR6KjXKFGQNh0DiYGopmiwPbQzYQ
s2nLnQqX5UwgSLNPgY95Aam1RsKiQcSgPkegmKvbhHdgYoal7EDJ8htMnSHBYkhV
K/tQ98572xKwpywpQEXvDehaGgov7XQellvA9LchKnONfrRDu23I3Ud7WmA/APwk
YFRQs6S2kQGjmUIOLYb+Ey+xROOSmiIePA7e1/hVOtdkhkaeUNqXbBVyQKmHBv6k
oipHzgnDQ87wlCV9NT77TevvGc7uzJ4iI9nwvecnLDeLEL8Fuuy7QaBd3KGgbEaN
p2C4jBWkfjppvNovR4bCIj6uhgwKuxR6m/IH9oM38I/vtIsr03/ozX6fJT5SGrk3
XbxhXC7suolWZcKKlIQc+ReZnHOrR/4p1sHG3DcKYzP3Y9NjBUYwR+uf6WCB+v+y
/jADR/Co88bEkKTK7Dexfz8cK9QQO8NvK6jkNkx7Q46ZagHgQaNVYKASsYeLcW13
ns3qKL8E7lOgJtcSX+1l39iJ9nYGdERMP7BwkuFO3iSAQP5e1mM=
=Cc2A
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"