HardenedBSD-11-STABLE-v1100056.10
·
516 commits
to hardened/11-stable/master
since this release
Highlights:
- HBSD MFC r341470: ggated: do not expose stack data in sendfail() 370912d [FreeBSD-SA-candidate]
- MFC r341442, r341443: Plug memory disclosures via ptrace(2). (600baf4) [FreeBSD-SA-candidate]
- MFC r341484 Always treat firmware request and response sizes as unsigned. (5b0911e) [FreeBSD-SA-18:14.bhyve CVE-2018-17160]
- MFC r337812,r337814,r337820,r341068: Fix several memory leaks (r337812 & r337814). (4a6ee69) [FreeBSD-SA-candidate]
- MFC r340968: Plug routing sysctl leaks. (fe7eaf6)
- MFC r340995 Prevent kernel stack disclosure in signal delivery (ee1166b) [FreeBSD-SA-candidate]
- MFC r340994 Prevent kernel stack disclosure in getcontext/swapcontext (88ba4e0) [FreeBSD-EN-18:12.mem CVE-2018-17155]
- netmap updates
Changelog
Oliver Pinter (2):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
HBSD MFC r341470: ggated: do not expose stack data in sendfail()
Oliver Pinter + (16):
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
ae (1):
MFC r341073: Do not limit the mbuf queue length for keepalive packets.
arybchik (1):
MFC r340765
cy (4):
This is a direct commit to the stable/11 branch. This would have been MFC r340754 except that etc/rc.d has been moved in HEAD which would have resulted in a tree conflict if merged.
MFC r340909:
MFC r340868:
MFC r340867:
dab (1):
MFC r337812,r337814,r337820,r341068:
emaste (2):
MFC r340095: Remove apparently unused 0-byte files that cause grief on Windows
MFC r327860: ANSIfy function definitions in sys/vm/
eugen (3):
MFC r340978-340979: ipfw.8: new section to EXAMPLES: SELECTIVE MIRRORING
MFC r340110: ipfw(8): clarify layer2 processing abilities
MFC r340135: Make ng_pptpgre(8) netgraph node be able to restore order for packets reordered in transit instead of dropping them altogether. It uses sequence numbers of PPtPGRE packets.
gjb (2):
MFC r340983: Fix NTP query on GCE due to unresolved hostname.
Document SA-18:13, EN-18:13, EN-18:14, EN-18:15.
gordon (1):
MFC r341484
kib (2):
MFC r340922: Avoid unneeded check in vmspace_alloc().
MFC r341094: Improve sigonstack().
markj (5):
MFC r340730, r340731: Add taskqueue_quiesce(9) and use it to implement taskq_wait().
MFC r340968: Plug routing sysctl leaks.
MFC r340483 (by jtl): Add some additional length checks to the IPv4 fragmentation code.
MFC r341247: Update the free page count when blacklisting pages.
MFC r341442, r341443: Plug memory disclosures via ptrace(2).
mmel (1):
MFC r338317:
oshogbo (1):
MFC r339502 Add link to the setproctitle_fast function.
sef (1):
MFC r340442
vangyzen (3):
MFC r340409
MFC r340994
MFC r340995
vmaffione (11):
MFC r339548
MFC r339659
MFC r339685
MFC r340279
MFC r340325
MFC r339639
MFC r340436
MFC r340475
MFC r341144
MFC r341145
MFC r341430
yuripv (1):
MFC r340976: vi: fix UTF-8 detection.
Installer images: http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/ISO-IMAGES/HardenedBSD-11-STABLE-v1100056.10/
CHECKSUM.SHA512:
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-bootonly.iso) = 6ca4a5de222683ff4716090d55ffd1b19f50e98b7bef0012e94acf6ef73d61e2aaabe87026e2e58f1df4f797e5dd31130a4bac4d5cee82299bb75d215c5d1462
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-disc1.iso) = 40e2a44bd010fb2b1e14b4b8b90ee86ac86cf0bb9f629c9a121cb24ed2e25fc6b5a3e821b770c483e922fd2a5de535b4ecfde9b759888775f51478e2fb183713
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-memstick.img) = 2e57b96f5d9f75b277792052690947a849ca85a0e0860474b37cce06a623a5f566f60738b762ee6966081847be129a821ca199f17b3f286dafdbdbe6e1c70e0e
SHA512 (HardenedBSD-11-STABLE-v1100056.10-amd64-mini-memstick.img) = a216932ecf6c218b7f8984ca55524c18ab85e5bcce163d11effdf889883e28ba6feb4546ff3e28c9e2a29440f147363ae4444e75f56bd18b6a02176db5f8810c
CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlwHBLoACgkQgZsRom/9
GI3zlg//dLtnJmc52UuttbSD1NV2h2hv4mNW/UteFjxGtJgdOCkjRGpx3sI4Vm1j
ks5NPMzi4Wy8r9l/bWv+k/bCvkxvjvt8gQKIBbDt8IauB1Bk+uxeWr3IcLn9eiPV
eC0diLLpUzTkbhN9NbnXbbugrrq4AeWFbOl06HIAw9HJolIYtLInOlH9XZToUItR
kbVD+AXjVmfntDWXPtkgCZdEEPe6zYAUgA39iyrcb5X3y+AVc9hDIoOGfPVoMIRR
rhEu1jwJPuT8C6r2hcareVpmfOESJTljh+yNw9iq/brkNXPW2UcPFwwkt7ajubaP
KW22bl9jGTTqA3JhpPHRwqFjyZzItD9TR4qPr/Fu2WTzYACyjNvWyCK/KJOvS6MX
ewepZ06yUhsLEjEiGpllJ4XipUn8c2hbTXLoKE/JOBvwhxIognoQ8yiEE645Vrb8
VCPLab5CK4y+CSZLEA2DWpiuWO7D/Z8pRIbV0tWKh1HrN5QPOjXeDDi+59t/016v
vb/i8YR0GhHgg3mPYCCUUgMey1e7vIjnmcj0OkZRyyx7bi2fP+37C/XBV9L7bFC7
kLO1pAX7hwWOp/H0dbrJCuLyWFLHjkgNODrxmmYk1OeWQoUT9KX1SFfYCKsNlpAn
Pq+17qjcl/Amswrpmw7a/WfXXLiNA46OyOU/aG9r1Z+8/Emd4YA=
=fwqX
-----END PGP SIGNATURE-----
shortlog-HardenedBSD-11-STABLE-v1100056.10.txt
CHECKSUM.SHA512.txt
CHECKSUM.SHA512.asc.txt