Date: Thu, 5 Feb 2015 19:10:33 +0000 (UTC) From: Glen Barber <gjb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r278272 - in stable/8/release/doc: en_US.ISO8859-1/errata en_US.ISO8859-1/relnotes share/xml Message-ID: <201502051910.t15JAXat090261@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gjb Date: Thu Feb 5 19:10:32 2015 New Revision: 278272 URL: https://svnweb.freebsd.org/changeset/base/278272 Log: Apply r278265 from head: Security Advisory information is included on several pages in the release notes. Rather than duplicating the information between various files, add two new files to include in all pages that currently display the information. Bump copyright year. Move SAs and ENs into their respective files. Add missing ENs and SAs. Remove stale SAs [1]. Reported by: bdrewery (over a year ago) Sponsored by: The FreeBSD Foundation Added: stable/8/release/doc/share/xml/errata.xml - copied, changed from r278271, head/release/doc/share/xml/errata.xml stable/8/release/doc/share/xml/security.xml - copied, changed from r278271, head/release/doc/share/xml/security.xml Modified: stable/8/release/doc/en_US.ISO8859-1/errata/article.xml stable/8/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: stable/8/release/doc/en_US.ISO8859-1/errata/article.xml ============================================================================== --- stable/8/release/doc/en_US.ISO8859-1/errata/article.xml Thu Feb 5 17:46:13 2015 (r278271) +++ stable/8/release/doc/en_US.ISO8859-1/errata/article.xml Thu Feb 5 19:10:32 2015 (r278272) @@ -3,6 +3,8 @@ "../../../share/xml/freebsd50.dtd" [ <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> %release; +<!ENTITY security SYSTEM "../../share/xml/security.xml"> +<!ENTITY errata SYSTEM "../../share/xml/errata.xml"> ]> <!-- FreeBSD errata document. Unlike some of the other RELNOTESng @@ -26,7 +28,7 @@ <pubdate>$FreeBSD$</pubdate> <copyright> - <year>2013</year> + <year>2015</year> <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder> </copyright> @@ -86,95 +88,13 @@ the individual advisories available from <uri xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>; - <informaltable frame="none" pgwide="1"> - <tgroup cols="3"> - <colspec colwidth="1*"/> - <colspec colwidth="1*"/> - <colspec colwidth="3*"/> - <thead> - <row> - <entry>Advisory</entry> - <entry>Date</entry> - <entry>Topic</entry> - </row> - </thead> - - <tbody> - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:01.openssl.asc">SA-12:01.openssl</link></entry>; - <entry>03 May 2012</entry> - - <entry><para>OpenSSL multiple vulnerabilities</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:02.crypt.asc">SA-12:02.crypt</link></entry>; - <entry>30 May 2012</entry> - <entry><para>Incorrect <function>crypt()</function> hashing</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc">SA-12:03.bind</link></entry>; - <entry>12 June 2012</entry> - <entry><para>Incorrect handling of zero-length RDATA fields in &man.named.8;</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc">SA-12:04.sysret</link></entry>; - <entry>12 June 2012</entry> - <entry><para>Privilege escalation when returning from kernel</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:05.bind.asc">SA-12:05.bind</link></entry>; - <entry>6 August 2012</entry> - <entry><para>&man.named.8; DNSSEC validation Denial of Service</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:06.bind.asc">SA-12:06.bind</link></entry>; - <entry>22 November 2012</entry> - <entry><para>Multiple Denial of Service vulnerabilities with &man.named.8;</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:07.hostapd.asc">SA-12:07.hostapd</link></entry>; - <entry>22 November 2012</entry> - <entry><para>Insufficient message length validation for EAP-TLS messages</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-12:08.linux.asc">SA-12:08.linux</link></entry>; - <entry>22 November 2012</entry> - <entry><para>Linux compatibility layer input validation error</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:02.libc.asc">SA-13:02.libc</link></entry>; - <entry>19 February 2013</entry> - <entry><para>glob(3) related resource exhaustion</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:03.openssl.asc">SA-13:03.openssl</link></entry>; - <entry>02 April 2013</entry> - <entry><para>OpenSSL multiple vulnerabilities</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:04.bind.asc">SA-13:04.bind</link></entry>; - <entry>02 April 2013</entry> - <entry><para>BIND remote denial of service</para></entry> - </row> - - <row> - <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:05.nfsserver.asc">SA-13:05.nfsserver</link></entry>; - <entry>29 April 2013</entry> - <entry><para>Insufficient input validation in the NFS server</para></entry> - </row> - </tbody> - </tgroup> - </informaltable> + &security; + </sect1> + + <sect1 xml:id="errata"> + <title>Errata Notices</title> + + &errata; </sect1> <sect1 xml:id="open-issues"> Modified: stable/8/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- stable/8/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Feb 5 17:46:13 2015 (r278271) +++ stable/8/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Feb 5 19:10:32 2015 (r278272) @@ -3,6 +3,8 @@ "../../../share/xml/freebsd50.dtd" [ <!ENTITY % release PUBLIC "-//FreeBSD//ENTITIES Release Specification//EN" "release.ent"> %release; +<!ENTITY security SYSTEM "../../share/xml/security.xml"> +<!ENTITY errata SYSTEM "../../share/xml/errata.xml"> ]> <article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"> @@ -13,7 +15,7 @@ <pubdate>$FreeBSD$</pubdate> <copyright> - <year>2011</year> + <year>2015</year> <holder role="mailto:doc@FreeBSD.org">The &os; Documentation Project</holder> </copyright> @@ -101,33 +103,13 @@ advisories available from <uri xlink:href="http://security.FreeBSD.org/">http://security.FreeBSD.org/</uri>.</para>; - <informaltable frame="none" pgwide="1"> - <tgroup cols="3"> - <colspec colwidth="1*"/> - <colspec colwidth="1*"/> - <colspec colwidth="3*"/> - <thead> - <row> - <entry>Advisory</entry> - <entry>Date</entry> - <entry>Topic</entry> - </row> - </thead> - - <tbody> - <row> - <entry><uri xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc">SA-10:08.bzip2</uri></entry>; - <entry>20 September 2010</entry> - <entry><para>Integer overflow in bzip2 decompression</para></entry> - </row> - <row> - <entry><uri xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc">SA-10:10.openssl</uri></entry>; - <entry>29 November 2010</entry> - <entry><para>OpenSSL multiple vulnerabilities</para></entry> - </row> - </tbody> - </tgroup> - </informaltable> + &security; + </sect2> + + <sect2 xml:id="errata"> + <title>Errata Notices</title> + + &errata; </sect2> <sect2 xml:id="kernel"> Copied and modified: stable/8/release/doc/share/xml/errata.xml (from r278271, head/release/doc/share/xml/errata.xml) ============================================================================== --- head/release/doc/share/xml/errata.xml Thu Feb 5 17:46:13 2015 (r278271, copy source) +++ stable/8/release/doc/share/xml/errata.xml Thu Feb 5 19:10:32 2015 (r278272) @@ -19,9 +19,97 @@ <tbody> <row> - <entry><para>No errata notices.</para></entry> - <entry><para> </para></entry> - <entry><para> </para></entry> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:01.fxp.asc">FreeBSD-EN-13:01.fxp</link></entry>; + <entry>28 June 2013</entry> + <entry><para>Fixed a problem where &man.dhclient.8; would + infinitely try to intialize &man.fxp.4;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:02.vtnet.asc">FreeBSD-EN-13:02.vtnet</link></entry>; + <entry>28 June 2013</entry> + <entry><para>Fixed a problem frames sent to additional MAC + addresses are not forwarded to the &man.vtnet.4; + interface</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:04.freebsd-update.asc">FreeBSD-EN-13:04.freebsd-update</link></entry>; + <entry>26 October 2013</entry> + <entry><para>Multiple fixes</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-13:05.freebsd-update.asc">FreeBSD-EN-13:05.freebsd-update</link></entry>; + <entry>28 November 2013</entry> + <entry><para>Fix INDEX generation</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:01.random.asc">FreeBSD-EN-14:01.random</link></entry>; + <entry>14 January 2014</entry> + <entry><para>Disable hardware RNGs by default</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:02.mmap.asc">FreeBSD-EN-14:02.mmap</link></entry>; + <entry>14 January 2014</entry> + <entry><para>Fix incorrect coalescing of stack + entry</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:03.pkg.asc">FreeBSD-EN-14:03.pkg</link></entry>; + <entry>15 May 2014</entry> + <entry><para>Add pkg bootstrapping, configuration and public + keys</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:04.kldxref.asc">FreeBSD-EN-14:04.kldxref</link></entry>; + <entry>15 May 2014</entry> + <entry><para>Improve build repeatability for + &man.kldxref.8;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:06.exec.asc">FreeBSD-EN-14:06.exec</link></entry>; + <entry>3 June 2014</entry> + <entry><para>Fix triple-fault when executing from a threaded + process</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:08.heimdal.asc">FreeBSD-EN-14:08.heimdal</link></entry>; + <entry>24 June 2014</entry> + <entry><para>Fix <literal>gss_pseudo_random()</literal> + interoperability issue</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:09.jail.asc">FreeBSD-EN-14:09.jail</link></entry>; + <entry>8 July 2014</entry> + <entry><para>Fix jail fails to start if + WITHOUT_INET/WITHOUT_INET6 is use</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:10.tzdata.asc">FreeBSD-EN-14:10.tzdata</link></entry>; + <entry>21 October 2014</entry> + <entry><para>Time zone data file update</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:12.zfs.asc">FreeBSD-EN-14:12.zfs</link></entry>; + <entry>4 November 2014</entry> + <entry><para>Fix NFSv4 and ZFS cache consistency + issue</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-EN-14:13.freebsd-update.asc">FreeBSD-EN-14:13.freebsd-update</link></entry>; + <entry>23 December 2014</entry> + <entry><para>Fix directory deletion issue</para></entry> </row> </tbody> </tgroup> Copied and modified: stable/8/release/doc/share/xml/security.xml (from r278271, head/release/doc/share/xml/security.xml) ============================================================================== --- head/release/doc/share/xml/security.xml Thu Feb 5 17:46:13 2015 (r278271, copy source) +++ stable/8/release/doc/share/xml/security.xml Thu Feb 5 19:10:32 2015 (r278272) @@ -19,9 +19,202 @@ <tbody> <row> - <entry><para>No advisories.</para></entry> - <entry><para> </para></entry> - <entry><para> </para></entry> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:07.bind.asc">FreeBSD-SA-13:07.bind</link></entry>; + <entry>26 July 2013</entry> + <entry><para>Denial of Service vulnerability in + &man.named.8;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:09.ip_multicast.asc">FreeBSD-SA-13:09.ip_multicast</link></entry>; + <entry>21 August 2013</entry> + <entry><para>Integer overflow in computing the size of + a temporary buffer can result in a buffer which is too + small for the requested operation</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:10.sctp.asc">FreeBSD-SA-13:10.sctp</link></entry>; + <entry>21 August 2013</entry> + <entry><para>Fix a bug that could lead to kernel memory + disclosure with SCTP state cookie</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:12.ifioctl.asc">FreeBSD-SA-13:12.ifioctl</link></entry>; + <entry>10 September 2013</entry> + <entry><para>In IPv6 and NetATM, stop + <literal>SIOCSIFADDR</literal>, + <literal>SIOCSIFBRDADDR</literal>, + <literal>SIOCSIFDSTADDR</literal> and + <literal>SIOCSIFNETMASK</literal> at the socket layer + rather than pass them on to the link layer without + validation or credential checks</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-13:13.nullfs.asc">FreeBSD-SA-13:13.nullfs</link></entry>; + <entry>10 September 2013</entry> + <entry><para>Prevent cross-mount hardlinks between different + nullfs mounts of the same underlying + filesystem</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>; + <entry>14 January 2014</entry> + <entry><para>bsnmpd remote denial of service + vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>; + <entry>14 January 2014</entry> + <entry><para>ntpd distributed reflection Denial of Service + vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>; + <entry>14 January 2014</entry> + <entry><para>BIND remote denial of service + vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>; + <entry>8 April 2014</entry> + <entry><para>NFS deadlock vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>; + <entry>8 April 2014</entry> + <entry><para>ECDSA Cache Side-channel Attack in + OpenSSL</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:08.tcp.asc">FreeBSD-SA-14:08.tcp</link></entry>; + <entry>30 April 2014</entry> + <entry><para>TCP reassembly vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:11.sendmail.asc">FreeBSD-SA-14:11.sendmail</link></entry>; + <entry>5 June 2014</entry> + <entry><para>sendmail improper close-on-exec flag + handling</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:12.ktrace.asc">FreeBSD-SA-14:12.ktrace</link></entry>; + <entry>5 June 2014</entry> + <entry><para>ktrace memory disclosure</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:14.openssl.asc">FreeBSD-SA-14:14.openssl</link></entry>; + <entry>5 June 2014</entry> + <entry><para>OpenSSL multiple vulnerabilities</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:16.file.asc">FreeBSD-SA-14:16.file</link></entry>; + <entry>5 June 2014</entry> + <entry><para>Multiple vulnerabilities in &man.file.1; and + &man.libmagic.3;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:17.kmem.asc">FreeBSD-SA-14:17.kmem</link></entry>; + <entry>8 July 2014</entry> + <entry><para>kernel memory disclosure in control message and + SCTP notifications</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:18.openssl.asc">FreeBSD-SA-14:18.openssl</link></entry>; + <entry>9 September 2014</entry> + <entry><para>Multiple vulnerabilities in + OpenSSL</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:19.tcp.asc">FreeBSD-SA-14:19.tcp</link></entry>; + <entry>16 September 2014</entry> + <entry><para>Denial of Service in TCP packet + processing</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:21.routed.asc">FreeBSD-SA-14:21.routed</link></entry>; + <entry>21 October 2014</entry> + <entry><para>&man.routed.8; denial of service + vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:23.openssl.asc">FreeBSD-SA-14:23.openssl</link></entry>; + <entry>21 October 2014</entry> + <entry><para>Multiple vulnerabilities in + OpenSSL</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:25.setlogin.asc">FreeBSD-SA-14:25.setlogin</link></entry>; + <entry>4 November 2014</entry> + <entry><para>kernel stack disclosure in &man.setlogin.2; and + &man.getlogin.2;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:26.ftp.asc">FreeBSD-SA-14:26.ftp</link></entry>; + <entry>4 November 2014</entry> + <entry><para>Remote command execution in + &man.ftp.1;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:28.file.asc">FreeBSD-SA-14:28.file</link></entry>; + <entry>10 December 2014</entry> + <entry><para>Multiple vulnerabilities in &man.file.1; and + &man.libmagic.3;</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:29.bind.asc">FreeBSD-SA-14:29.bind</link></entry>; + <entry>10 December 2014</entry> + <entry><para>BIND remote denial of service + vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-14:31.ntp.asc">FreeBSD-SA-14:31.ntp</link></entry>; + <entry>23 December 2014</entry> + <entry><para>Multiple vulnerabilities in NTP + suite</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:01.openssl.asc">FreeBSD-SA-15:01.ntp</link></entry>; + <entry>14 January 2015</entry> + <entry><para>Multiple vulnerabilities in + OpenSSL</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:02.kmem.asc">FreeBSD-SA-15:02.kmem</link></entry>; + <entry>27 January 2015</entry> + <entry><para>Fix SCTP SCTP_SS_VALUE kernel memory corruption + and disclosure vulnerability</para></entry> + </row> + + <row> + <entry><link xlink:href="http://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc">FreeBSD-SA-15:03.sctp</link></entry>; + <entry>27 January 2015</entry> + <entry><para>Fix SCTP stream reset + vulnerability</para></entry> </row> </tbody> </tgroup>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502051910.t15JAXat090261>