[Midnightbsd-cvs] [MidnightBSD/src] ef5849: Happy new year
Lucas Holt
noreply at github.com
Fri Apr 22 13:57:50 EDT 2022
Branch: refs/heads/stable/2.2
Home: https://github.com/MidnightBSD/src
Commit: ef5849a70777490ebac0189c7bf76b8ab43af987
https://github.com/MidnightBSD/src/commit/ef5849a70777490ebac0189c7bf76b8ab43af987
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M COPYRIGHT
M sys/sys/copyright.h
Log Message:
-----------
Happy new year
Commit: c9f50dacc25baeea74dec6634d4d7b292f4bf16d
https://github.com/MidnightBSD/src/commit/c9f50dacc25baeea74dec6634d4d7b292f4bf16d
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/amd64/amd64/fpu.c
Log Message:
-----------
The hard-coded size for state region 1 (SSE/XMM) was incorrect, effectively
filling the xmm8 through xmm15 registers with arbitrary values on signal
return when the init optimization occurred.
Obtained from: FreeBSD
Commit: 9b14fa82b28bc26dbcc6d2c7b2c2add9196ed259
https://github.com/MidnightBSD/src/commit/9b14fa82b28bc26dbcc6d2c7b2c2add9196ed259
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/dev/hyperv/pcib/vmbus_pcib.c
Log Message:
-----------
A Hyper-V vPCI emulation change can cause SR-IOV (Single-Root I/O
Virtualization) and DDA (Discrete Device Assignment) devices to fail to
operate correctly under Hyper-V.
In recent Hyper-V releases on Windows Server 2022, the vPCI code does
not initialize the last 4 bit of device registers. This behavior change
could result in failure to initialize guest drivers for SR-IOV or DDA
devices.
Obtained from: FreeBSD
Commit: 611a85b63a06cca0cb5518c4018d0453d8e51485
https://github.com/MidnightBSD/src/commit/611a85b63a06cca0cb5518c4018d0453d8e51485
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M crypto/openssl/crypto/bn/bn_sqrt.c
Log Message:
-----------
Fix an openssl vulnerability.
The BN_mod_sqrt() function, which computes a modular square root, contains
a bug that can cause it to loop forever for non-prime moduli. This function
is used when parsing certificates that contain certain forms of elliptic
curves.
A specially crafted certificate with invalid explicit curve parameters may
trigger an infinite loop, leading to a denial of service. Since certificate
parsing happens prior to verification of the certificate signature, any
process that parses an externally supplied certificate may be affected.
Commit: 93bb15330591c176529d163ecc9e567072a0049d
https://github.com/MidnightBSD/src/commit/93bb15330591c176529d163ecc9e567072a0049d
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/net80211/ieee80211_adhoc.c
M sys/net80211/ieee80211_hostap.c
M sys/net80211/ieee80211_input.c
M sys/net80211/ieee80211_input.h
M sys/net80211/ieee80211_ioctl.c
M sys/net80211/ieee80211_mesh.c
M sys/net80211/ieee80211_node.c
M sys/net80211/ieee80211_sta.c
M sys/net80211/ieee80211_wds.c
Log Message:
-----------
The paper "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and
Fragmentation" reported a number of security vulnerabilities in 802.11
specificaiton related to frame aggregation and fragmentation.
Commit: 63441d8ae0b47dba75448b0936347fa0d8704555
https://github.com/MidnightBSD/src/commit/63441d8ae0b47dba75448b0936347fa0d8704555
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M contrib/tzdata/CONTRIBUTING
M contrib/tzdata/Makefile
M contrib/tzdata/NEWS
A contrib/tzdata/SECURITY
M contrib/tzdata/africa
M contrib/tzdata/antarctica
M contrib/tzdata/asia
M contrib/tzdata/australasia
M contrib/tzdata/backward
M contrib/tzdata/backzone
M contrib/tzdata/checktab.awk
M contrib/tzdata/europe
M contrib/tzdata/leap-seconds.list
M contrib/tzdata/leapseconds
M contrib/tzdata/northamerica
M contrib/tzdata/southamerica
M contrib/tzdata/theory.html
M contrib/tzdata/version
M contrib/tzdata/ziguard.awk
M contrib/tzdata/zone.tab
M contrib/tzdata/zone1970.tab
Log Message:
-----------
tzdata 2022a
Commit: 45752dcd1b513edb56961a09e29b7e4fabea16dc
https://github.com/MidnightBSD/src/commit/45752dcd1b513edb56961a09e29b7e4fabea16dc
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/net80211/ieee80211_adhoc.c
M sys/net80211/ieee80211_hostap.c
M sys/net80211/ieee80211_sta.c
M sys/net80211/ieee80211_wds.c
Log Message:
-----------
Fix some build issues
Commit: f1ae15de540ec088c5f5ddfaec566e124de0aaba
https://github.com/MidnightBSD/src/commit/f1ae15de540ec088c5f5ddfaec566e124de0aaba
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M contrib/zlib/ChangeLog
M contrib/zlib/README
M contrib/zlib/contrib/README.contrib
A contrib/zlib/contrib/ada/buffer_demo.adb
A contrib/zlib/contrib/ada/mtest.adb
A contrib/zlib/contrib/ada/read.adb
A contrib/zlib/contrib/ada/readme.txt
A contrib/zlib/contrib/ada/test.adb
A contrib/zlib/contrib/ada/zlib-streams.adb
A contrib/zlib/contrib/ada/zlib-streams.ads
A contrib/zlib/contrib/ada/zlib-thin.adb
A contrib/zlib/contrib/ada/zlib-thin.ads
A contrib/zlib/contrib/ada/zlib.adb
A contrib/zlib/contrib/ada/zlib.ads
A contrib/zlib/contrib/ada/zlib.gpr
R contrib/zlib/contrib/asm686/README.686
R contrib/zlib/contrib/asm686/match.S
A contrib/zlib/contrib/blast/Makefile
A contrib/zlib/contrib/blast/README
A contrib/zlib/contrib/blast/blast.c
A contrib/zlib/contrib/blast/blast.h
A contrib/zlib/contrib/blast/test.pk
A contrib/zlib/contrib/blast/test.txt
A contrib/zlib/contrib/delphi/ZLib.pas
A contrib/zlib/contrib/delphi/ZLibConst.pas
A contrib/zlib/contrib/delphi/readme.txt
A contrib/zlib/contrib/delphi/zlibd32.mak
A contrib/zlib/contrib/dotzlib/DotZLib.build
A contrib/zlib/contrib/dotzlib/DotZLib.chm
A contrib/zlib/contrib/dotzlib/DotZLib.sln
A contrib/zlib/contrib/dotzlib/DotZLib/AssemblyInfo.cs
A contrib/zlib/contrib/dotzlib/DotZLib/ChecksumImpl.cs
A contrib/zlib/contrib/dotzlib/DotZLib/CircularBuffer.cs
A contrib/zlib/contrib/dotzlib/DotZLib/CodecBase.cs
A contrib/zlib/contrib/dotzlib/DotZLib/Deflater.cs
A contrib/zlib/contrib/dotzlib/DotZLib/DotZLib.cs
A contrib/zlib/contrib/dotzlib/DotZLib/DotZLib.csproj
A contrib/zlib/contrib/dotzlib/DotZLib/GZipStream.cs
A contrib/zlib/contrib/dotzlib/DotZLib/Inflater.cs
A contrib/zlib/contrib/dotzlib/DotZLib/UnitTests.cs
A contrib/zlib/contrib/dotzlib/LICENSE_1_0.txt
A contrib/zlib/contrib/dotzlib/readme.txt
M contrib/zlib/contrib/gcc_gvmat64/gvmat64.S
A contrib/zlib/contrib/infback9/README
A contrib/zlib/contrib/infback9/infback9.c
A contrib/zlib/contrib/infback9/infback9.h
A contrib/zlib/contrib/infback9/inffix9.h
A contrib/zlib/contrib/infback9/inflate9.h
A contrib/zlib/contrib/infback9/inftree9.c
A contrib/zlib/contrib/infback9/inftree9.h
A contrib/zlib/contrib/iostream/test.cpp
A contrib/zlib/contrib/iostream/zfstream.cpp
A contrib/zlib/contrib/iostream/zfstream.h
A contrib/zlib/contrib/iostream2/zstream.h
A contrib/zlib/contrib/iostream2/zstream_test.cpp
A contrib/zlib/contrib/iostream3/README
A contrib/zlib/contrib/iostream3/TODO
A contrib/zlib/contrib/iostream3/test.cc
A contrib/zlib/contrib/iostream3/zfstream.cc
A contrib/zlib/contrib/iostream3/zfstream.h
A contrib/zlib/contrib/minizip/Makefile
A contrib/zlib/contrib/minizip/Makefile.am
A contrib/zlib/contrib/minizip/MiniZip64_Changes.txt
A contrib/zlib/contrib/minizip/MiniZip64_info.txt
A contrib/zlib/contrib/minizip/configure.ac
A contrib/zlib/contrib/minizip/crypt.h
A contrib/zlib/contrib/minizip/ioapi.c
A contrib/zlib/contrib/minizip/ioapi.h
A contrib/zlib/contrib/minizip/iowin32.c
A contrib/zlib/contrib/minizip/iowin32.h
A contrib/zlib/contrib/minizip/make_vms.com
A contrib/zlib/contrib/minizip/miniunz.c
A contrib/zlib/contrib/minizip/miniunzip.1
A contrib/zlib/contrib/minizip/minizip.1
A contrib/zlib/contrib/minizip/minizip.c
A contrib/zlib/contrib/minizip/minizip.pc.in
A contrib/zlib/contrib/minizip/mztools.c
A contrib/zlib/contrib/minizip/mztools.h
A contrib/zlib/contrib/minizip/unzip.c
A contrib/zlib/contrib/minizip/unzip.h
A contrib/zlib/contrib/minizip/zip.c
A contrib/zlib/contrib/minizip/zip.h
A contrib/zlib/contrib/pascal/example.pas
A contrib/zlib/contrib/pascal/readme.txt
A contrib/zlib/contrib/pascal/zlibd32.mak
A contrib/zlib/contrib/pascal/zlibpas.pas
A contrib/zlib/contrib/puff/Makefile
A contrib/zlib/contrib/puff/README
A contrib/zlib/contrib/puff/puff.c
A contrib/zlib/contrib/puff/puff.h
A contrib/zlib/contrib/puff/pufftest.c
A contrib/zlib/contrib/puff/zeros.raw
A contrib/zlib/contrib/testzlib/testzlib.c
A contrib/zlib/contrib/testzlib/testzlib.txt
A contrib/zlib/contrib/untgz/Makefile
A contrib/zlib/contrib/untgz/Makefile.msc
A contrib/zlib/contrib/untgz/untgz.c
A contrib/zlib/contrib/vstudio/readme.txt
A contrib/zlib/contrib/vstudio/vc10/miniunz.vcxproj
A contrib/zlib/contrib/vstudio/vc10/miniunz.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc10/minizip.vcxproj
A contrib/zlib/contrib/vstudio/vc10/minizip.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc10/testzlib.vcxproj
A contrib/zlib/contrib/vstudio/vc10/testzlib.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc10/testzlibdll.vcxproj
A contrib/zlib/contrib/vstudio/vc10/testzlibdll.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc10/zlib.rc
A contrib/zlib/contrib/vstudio/vc10/zlibstat.vcxproj
A contrib/zlib/contrib/vstudio/vc10/zlibstat.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc10/zlibvc.def
A contrib/zlib/contrib/vstudio/vc10/zlibvc.sln
A contrib/zlib/contrib/vstudio/vc10/zlibvc.vcxproj
A contrib/zlib/contrib/vstudio/vc10/zlibvc.vcxproj.filters
A contrib/zlib/contrib/vstudio/vc11/miniunz.vcxproj
A contrib/zlib/contrib/vstudio/vc11/minizip.vcxproj
A contrib/zlib/contrib/vstudio/vc11/testzlib.vcxproj
A contrib/zlib/contrib/vstudio/vc11/testzlibdll.vcxproj
A contrib/zlib/contrib/vstudio/vc11/zlib.rc
A contrib/zlib/contrib/vstudio/vc11/zlibstat.vcxproj
A contrib/zlib/contrib/vstudio/vc11/zlibvc.def
A contrib/zlib/contrib/vstudio/vc11/zlibvc.sln
A contrib/zlib/contrib/vstudio/vc11/zlibvc.vcxproj
A contrib/zlib/contrib/vstudio/vc12/miniunz.vcxproj
A contrib/zlib/contrib/vstudio/vc12/minizip.vcxproj
A contrib/zlib/contrib/vstudio/vc12/testzlib.vcxproj
A contrib/zlib/contrib/vstudio/vc12/testzlibdll.vcxproj
A contrib/zlib/contrib/vstudio/vc12/zlib.rc
A contrib/zlib/contrib/vstudio/vc12/zlibstat.vcxproj
A contrib/zlib/contrib/vstudio/vc12/zlibvc.def
A contrib/zlib/contrib/vstudio/vc12/zlibvc.sln
A contrib/zlib/contrib/vstudio/vc12/zlibvc.vcxproj
A contrib/zlib/contrib/vstudio/vc14/miniunz.vcxproj
A contrib/zlib/contrib/vstudio/vc14/minizip.vcxproj
A contrib/zlib/contrib/vstudio/vc14/testzlib.vcxproj
A contrib/zlib/contrib/vstudio/vc14/testzlibdll.vcxproj
A contrib/zlib/contrib/vstudio/vc14/zlib.rc
A contrib/zlib/contrib/vstudio/vc14/zlibstat.vcxproj
A contrib/zlib/contrib/vstudio/vc14/zlibvc.def
A contrib/zlib/contrib/vstudio/vc14/zlibvc.sln
A contrib/zlib/contrib/vstudio/vc14/zlibvc.vcxproj
A contrib/zlib/contrib/vstudio/vc9/miniunz.vcproj
A contrib/zlib/contrib/vstudio/vc9/minizip.vcproj
A contrib/zlib/contrib/vstudio/vc9/testzlib.vcproj
A contrib/zlib/contrib/vstudio/vc9/testzlibdll.vcproj
A contrib/zlib/contrib/vstudio/vc9/zlib.rc
A contrib/zlib/contrib/vstudio/vc9/zlibstat.vcproj
A contrib/zlib/contrib/vstudio/vc9/zlibvc.def
A contrib/zlib/contrib/vstudio/vc9/zlibvc.sln
A contrib/zlib/contrib/vstudio/vc9/zlibvc.vcproj
M contrib/zlib/crc32.c
M contrib/zlib/crc32.h
M contrib/zlib/deflate.c
M contrib/zlib/deflate.h
A contrib/zlib/doc/crc-doc.1.0.pdf
M contrib/zlib/doc/txtvsbin.txt
M contrib/zlib/gzguts.h
M contrib/zlib/gzlib.c
M contrib/zlib/gzread.c
M contrib/zlib/gzwrite.c
M contrib/zlib/infback.c
M contrib/zlib/inffast.c
M contrib/zlib/inflate.c
M contrib/zlib/inflate.h
M contrib/zlib/inftrees.c
M contrib/zlib/test/example.c
M contrib/zlib/trees.c
M contrib/zlib/zconf.h
M contrib/zlib/zlib.3
M contrib/zlib/zlib.h
M contrib/zlib/zlib.map
M contrib/zlib/zutil.c
M contrib/zlib/zutil.h
M lib/libz/zlib.pc
Log Message:
-----------
Update zlib to 1.2.12
Commit: df7facc8f7d15a50ffbd15649c3e49a876a2ad74
https://github.com/MidnightBSD/src/commit/df7facc8f7d15a50ffbd15649c3e49a876a2ad74
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M usr.sbin/bhyve/pci_e82545.c
Log Message:
-----------
The e1000 network adapters permit a variety of modifications to an Ethernet
packet when it is being transmitted. These include the insertion of IP and
TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation
offload ("TSO"). The e1000 device model uses an on-stack buffer to generate
the modified packet header when simulating these modifications on transmitted
packets.
When checksum offload is requested for a transmitted packet, the e1000 device
model used a guest-provided value to specify the checksum offset in the on-
stack buffer. The offset was not validated for certain packet types.
Obtained from: FreeBSD
Commit: a46d8f642863c5e86714361824325919aa8b5444
https://github.com/MidnightBSD/src/commit/a46d8f642863c5e86714361824325919aa8b5444
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/dev/mpr/mpr_user.c
M sys/dev/mps/mps_user.c
M sys/dev/mpt/mpt_user.c
Log Message:
-----------
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers
allocated a buffer of a caller-specified size, but copied to it a fixed size
header. Other heap content would be overwritten if the specified size was
too small.
Obtained from: FreeBSD
Commit: c95824fc2e2fc449d087eecee92ff823284dce24
https://github.com/MidnightBSD/src/commit/c95824fc2e2fc449d087eecee92ff823284dce24
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/net80211/ieee80211_input.c
Log Message:
-----------
The 802.11 beacon handling routine failed to validate the length of an
IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer.
Obtained from: FreeBSD
Commit: f0b8e5b03f92ed25935333f1a0b3c9024f275bb9
https://github.com/MidnightBSD/src/commit/f0b8e5b03f92ed25935333f1a0b3c9024f275bb9
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/dev/netmap/netmap.c
Log Message:
-----------
The netmap_ioctl() function has a reference counting bug in case of
NETMAP_REQ_PORT_INFO_GET command. When `hdr->nr_name[0] == '\0'`,
the function does not decrease the refcount of "nmd", which is
increased by netmap_mem_find(), causing a refcount leak.
Obtained from: FreeBSD, commit hash 4019787f50a2826e9a4bba6e70868467b3d6081a
Commit: 01d11a57295e728f0f262b8c5b5a8b65c285e11e
https://github.com/MidnightBSD/src/commit/01d11a57295e728f0f262b8c5b5a8b65c285e11e
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/dev/netmap/netmap.c
Log Message:
-----------
An unsanitized field in an option could be abused, causing an integer
overflow followed by kernel memory corruption. This might be used
to escape jails/containers.
Security: CVE-2022-23085
Obtained from: FreeBSD, 606f528decc334d9a56ef760b0815c6d56060dbe
Commit: 5bb1a3916683039c5e24f193a00eba4668be1407
https://github.com/MidnightBSD/src/commit/5bb1a3916683039c5e24f193a00eba4668be1407
Author: Lucas Holt <luke at foolishgames.com>
Date: 2022-04-22 (Fri, 22 Apr 2022)
Changed paths:
M sys/dev/netmap/netmap.c
Log Message:
-----------
netmap: Fix TOCTOU vulnerability in nmreq_copyin
The total size of the user-provided nmreq was first computed and then
trusted during the copyin. This might lead to kernel memory corruption
and escape from jails/containers.
Security: CVE-2022-23084
Obtained from: FreeBSD, 725c70d8153f4bddf95bdd07e2c7b4b9399643f6
Compare: https://github.com/MidnightBSD/src/compare/a134395a298a...5bb1a3916683
More information about the Midnightbsd-cvs
mailing list