Assets 2

Highlights:

  • HBSD MFC r341470: ggated: do not expose stack data in sendfail() 370912d [FreeBSD-SA-candidate]
  • MFC r341442, r341443: Plug memory disclosures via ptrace(2). (600baf4) [FreeBSD-SA-candidate]
  • MFC r341484 Always treat firmware request and response sizes as unsigned. (5b0911e) [FreeBSD-SA-18:14.bhyve CVE-2018-17160]
  • MFC r337812,r337814,r337820,r341068: Fix several memory leaks (r337812 & r337814). (4a6ee69) [FreeBSD-SA-candidate]
  • MFC r340968: Plug routing sysctl leaks. (fe7eaf6)
  • MFC r340995 Prevent kernel stack disclosure in signal delivery (ee1166b) [FreeBSD-SA-candidate]
  • MFC r340994 Prevent kernel stack disclosure in getcontext/swapcontext (88ba4e0) [FreeBSD-EN-18:12.mem CVE-2018-17155]
  • netmap updates

Changelog

Oliver Pinter (2):
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      HBSD MFC r341470: ggated: do not expose stack data in sendfail()

Oliver Pinter + (16):
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
      Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

ae (1):
      MFC r341073:   Do not limit the mbuf queue length for keepalive packets.

arybchik (1):
      MFC r340765

cy (4):
      This is a direct commit to the stable/11 branch. This would have been MFC r340754 except that etc/rc.d has been moved in HEAD which would have resulted in a tree conflict if merged.
      MFC r340909:
      MFC r340868:
      MFC r340867:

dab (1):
      MFC r337812,r337814,r337820,r341068:

emaste (2):
      MFC r340095: Remove apparently unused 0-byte files that cause grief on Windows
      MFC r327860: ANSIfy function definitions in sys/vm/

eugen (3):
      MFC r340978-340979: ipfw.8: new section to EXAMPLES: SELECTIVE MIRRORING
      MFC r340110: ipfw(8): clarify layer2 processing abilities
      MFC r340135: Make ng_pptpgre(8) netgraph node be able to restore order for packets reordered in transit instead of dropping them altogether. It uses sequence numbers of PPtPGRE packets.

gjb (2):
      MFC r340983:  Fix NTP query on GCE due to unresolved hostname.
      Document SA-18:13, EN-18:13, EN-18:14, EN-18:15.

gordon (1):
      MFC r341484

kib (2):
      MFC r340922: Avoid unneeded check in vmspace_alloc().
      MFC r341094: Improve sigonstack().

markj (5):
      MFC r340730, r340731: Add taskqueue_quiesce(9) and use it to implement taskq_wait().
      MFC r340968: Plug routing sysctl leaks.
      MFC r340483 (by jtl): Add some additional length checks to the IPv4 fragmentation code.
      MFC r341247: Update the free page count when blacklisting pages.
      MFC r341442, r341443: Plug memory disclosures via ptrace(2).

mmel (1):
      MFC r338317:

oshogbo (1):
      MFC r339502   Add link to the setproctitle_fast function.

sef (1):
      MFC r340442

vangyzen (3):
      MFC r340409
      MFC r340994
      MFC r340995

vmaffione (11):
      MFC r339548
      MFC r339659
      MFC r339685
      MFC r340279
      MFC r340325
      MFC r339639
      MFC r340436
      MFC r340475
      MFC r341144
      MFC r341145
      MFC r341430

yuripv (1):
      MFC r340976: vi: fix UTF-8 detection.

Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100056.10/

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-bootonly.iso) = 6ca4a5de222683ff4716090d55ffd1b19f50e98b7bef0012e94acf6ef73d61e2aaabe87026e2e58f1df4f797e5dd31130a4bac4d5cee82299bb75d215c5d1462
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-disc1.iso) = 40e2a44bd010fb2b1e14b4b8b90ee86ac86cf0bb9f629c9a121cb24ed2e25fc6b5a3e821b770c483e922fd2a5de535b4ecfde9b759888775f51478e2fb183713
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-memstick.img) = 2e57b96f5d9f75b277792052690947a849ca85a0e0860474b37cce06a623a5f566f60738b762ee6966081847be129a821ca199f17b3f286dafdbdbe6e1c70e0e
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-mini-memstick.img) = a216932ecf6c218b7f8984ca55524c18ab85e5bcce163d11effdf889883e28ba6feb4546ff3e28c9e2a29440f147363ae4444e75f56bd18b6a02176db5f8810c

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlwHBLoACgkQgZsRom/9
GI3zlg//dLtnJmc52UuttbSD1NV2h2hv4mNW/UteFjxGtJgdOCkjRGpx3sI4Vm1j
ks5NPMzi4Wy8r9l/bWv+k/bCvkxvjvt8gQKIBbDt8IauB1Bk+uxeWr3IcLn9eiPV
eC0diLLpUzTkbhN9NbnXbbugrrq4AeWFbOl06HIAw9HJolIYtLInOlH9XZToUItR
kbVD+AXjVmfntDWXPtkgCZdEEPe6zYAUgA39iyrcb5X3y+AVc9hDIoOGfPVoMIRR
rhEu1jwJPuT8C6r2hcareVpmfOESJTljh+yNw9iq/brkNXPW2UcPFwwkt7ajubaP
KW22bl9jGTTqA3JhpPHRwqFjyZzItD9TR4qPr/Fu2WTzYACyjNvWyCK/KJOvS6MX
ewepZ06yUhsLEjEiGpllJ4XipUn8c2hbTXLoKE/JOBvwhxIognoQ8yiEE645Vrb8
VCPLab5CK4y+CSZLEA2DWpiuWO7D/Z8pRIbV0tWKh1HrN5QPOjXeDDi+59t/016v
vb/i8YR0GhHgg3mPYCCUUgMey1e7vIjnmcj0OkZRyyx7bi2fP+37C/XBV9L7bFC7
kLO1pAX7hwWOp/H0dbrJCuLyWFLHjkgNODrxmmYk1OeWQoUT9KX1SFfYCKsNlpAn
Pq+17qjcl/Amswrpmw7a/WfXXLiNA46OyOU/aG9r1Z+8/Emd4YA=
=fwqX
-----END PGP SIGNATURE-----

shortlog-HardenedBSD-11-STABLE-v1100056.10.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt