Add SA-19:01, SA-19:02, EN-19:06, and EN-19:07.

Approved by: so
author: Gordon Tetlow <gordon@FreeBSD.org> 2019-02-05 18:38:28 +0000
committer: Gordon Tetlow <gordon@FreeBSD.org> 2019-02-05 18:38:28 +0000
commit: 09a1676909023f171459e4238b22253c6f98d9e9 (patch)
tree: d7d0ad8b12fd33668f9cdef743a27eb2c8ca3344 /share/security/advisories
parent: 2cf5c6c843fea75ac72c22217f6916b13ff122a6 (diff)
4 files changed, 528 insertions, 0 deletions
diff --git a/share/security/advisories/FreeBSD-EN-19:06.dtrace.asc b/share/security/advisories/FreeBSD-EN-19:06.dtrace.asc
new file mode 100644
index 0000000000..f037ef6c08
--- /dev/null
+++ b/share/security/advisories/FreeBSD-EN-19:06.dtrace.asc
@@ -0,0 +1,124 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-19:06.dtrace                                         Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          DTrace incompatibility with SMAP-enabled systems
+
+Category:       core
+Module:         dtrace
+Announced:      2019-02-05
+Credits:        Mateusz Guzik
+Affects:        FreeBSD 12.0
+Corrected:      2018-12-19 23:29:44 UTC (stable/12, 12.0-STABLE)
+                2019-02-05 17:54:09 UTC (releng/12.0, 12.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+DTrace is a dynamic tracing framework that can be used to analyze the kernel
+and userspace applications in various ways.
+
+II.  Problem Description
+
+When tracing userspace applications, the kernel component of DTrace may need
+to access userspace memory.  With the addition of SMAP support to the amd64
+kernel, the kernel is not able to arbitrarily access userspace memory: it
+must set a CPU flag to enable access.  The code used by DTrace to perform
+such accesses was not updated accordingly.
+
+III. Impact
+
+The problem means that certain DTrace actions do not work on SMAP-enabled
+systems.  This does not affect the application being traced.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+2) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +30 "Rebooting for errata update"
+
+3) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-19:06/dtrace.patch
+# fetch https://security.FreeBSD.org/patches/EN-19:06/dtrace.patch.asc
+# gpg --verify dtrace.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/12/                                                        r342267
+releng/12.0/                                                      r343783
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:06.dtrace.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlxZ1WhfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cLzHA/+MVR5AHgEorzgRkpiqRzSlmbE6VyhF07lgY5CvRLFGp4mUbspZICcwtk5
+ZOeA8MuDFiLo1p6Fo2JykJ25ipxM+cCbMlx4jO5lILwq40bYfejHiYrmC/gdfR7/
+YcuNR3DpCw4llYIXFAcyw7SXG92jYNi9kKOSol7Fji8Zq2qDTSWTFqKsoJ2Pk3rJ
+LfiQaekux00JlY3TOyt6QtPWSdlkhM4WAITWp4pUkGuNT/nIA2iED5N2ohgSraxa
+dtBp/r8BHHbwog9wOQEHPIRN/Di7Kv02CZk13zJySmV+yZiPlR0YWZ4gI6i69cyD
+rqTfO9kU2yjaqSBIFKMuGGysswZq7ii/+cULHuHVdJLuHDdh/9jZuI9O8VujGqVh
+rU8THFHOtli/nGXNdPQP3jn84SDH7jPr1SgcFv1s3/FPHXVfZW9Uq558G9ZDujgg
+pAtwMYiixMHpNr+j7qJr6DCTh22BR7FjYQg1iPVzIzgTYJ+I6ZH/cexVxXOS2S4T
+O793AjmvOVaXsWB7tzhewTKVBam3upbRH7WmTMdD9z6dIlWtl6xKSgHvyarHVHpA
+/y5H3VcK4suh/NIHlD+ln/hooFtmPIxsJnmInaXKq7Eg/C9mQx3x7h7qQFvWffD8
+cHOVGf3LCrH76unfc7AI7YafnD67Tgm09/sbgjVnScEpVW4E6Pc=
+=3+kY
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-EN-19:07.lle.asc b/share/security/advisories/FreeBSD-EN-19:07.lle.asc
new file mode 100644
index 0000000000..e8a8d618f9
--- /dev/null
+++ b/share/security/advisories/FreeBSD-EN-19:07.lle.asc
@@ -0,0 +1,129 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-19:07.lle                                            Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          LLE table lookup code race condition
+
+Category:       core
+Module:         net
+Announced:      2019-02-05
+Credits:        Mark Johnston
+Affects:        FreeBSD 12.0
+Corrected:      2019-01-25 20:24:53 UTC (stable/12, 12.0-STABLE)
+                2019-02-05 17:59:50 UTC (releng/12.0, 12.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+A LLE (link layer entry) table stores information about hosts on a network
+and is used to translate between network layer addresses and data link layer
+addresses.  The ARP cache, for example, is implemented using an LLE table.
+LLEs typically expire after some period, so there exist mechanisms to
+automatically remove them from their tables upon expiration.
+
+II.  Problem Description
+
+The LLE table lookup code for IPv4 and IPv6 contains a race which results in
+a condition where the expiry period of an LLE is extended after it has been
+removed from the table and freed.  By the time that the updated timer fires,
+the LLE structure has been freed, and so the timer code is operating on freed
+memory.
+
+III. Impact
+
+When the race is triggered, the result is typically a kernel panic.  It may
+otherwise cause undefined system behavior.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+2) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +30 "Rebooting for errata update"
+
+3) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-19:07/lle.patch
+# fetch https://security.FreeBSD.org/patches/EN-19:07/lle.patch.asc
+# gpg --verify lle.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/12/                                                        r343454
+releng/12.0/                                                      r343787
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234296>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-19:07.lle.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlxZ1XtfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cIYyA/8Da9XcP30o/+jISmHXjSx+livOJKyPu5UTAm7Xw4Pg8j3GR2xblzAsWie
+YAT56/V88yzeY+u/3UOWG2XNAViWlzBAsfrqphJEcMuGdTwslgVlVRpzLyQeh4hY
+whDkvYzPmjcxuX8+Agj/Ytwo+Q35bSfGNhls2OBSHnkqNL7HNhFePUWm5oVnlczL
+APHsknLRAAhZF8UYR+PdAT5x/9exLJStmGXdAeVT4HCfx8b/AvZ/lr3b4Jwa+8fq
+tCAsISOTOftGsTTpwgtWDebJ4jJB2l71EBBlWuj76yColhK9k1zhacauK3lOxoEw
+cpUHgLcY+ochSijBOZIw7IScVHvR05jry7VzL7oxe1oDn3HNkbTt6pwdNgL5ftzQ
+Cv7vjMGLdSfr7QyAVc/nZhg1x0mBKu+Dj0leQ9ZcjedrB0CIwslhmMYdlTCYWksA
+x06NwrPRzDohtnYM4n2KZBfPQw40vxsJLP8e+hnRpyliXWtOaYdw5GZoUcwublMZ
+TU7Y1n8s1C5L5KuJoYgs9jLS48nXgcSZc9pxjyGRcFQTsk/A5y4sckWImFurU9AT
+cYR3nHlaGJR/TZVNtR6sU1VhzunHg8ARlvoZivsFyVS7bUC+EIUzfQvZqHEUPycR
+RwX+/exDyXQSvhQVfqT1ngLwQ8e/GutI8WZ1ZFy+T6Mh6jeacPQ=
+=zCSg
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-SA-19:01.syscall.asc b/share/security/advisories/FreeBSD-SA-19:01.syscall.asc
new file mode 100644
index 0000000000..7dcb0e4de0
--- /dev/null
+++ b/share/security/advisories/FreeBSD-SA-19:01.syscall.asc
@@ -0,0 +1,139 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-19:01.syscall                                    Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          System call kernel data register leak
+
+Category:       core
+Module:         kernel
+Announced:      2019-02-05
+Credits:        Konstantin Belousov
+Affects:        All supported versions of FreeBSD.
+Corrected:      2019-02-05 17:52:06 UTC (stable/12, 12.0-STABLE)
+                2019-02-05 18:05:05 UTC (releng/12.0, 12.0-RELEASE-p3)
+                2019-02-05 17:54:02 UTC (stable/11, 11.2-STABLE)
+                2019-02-05 18:07:45 UTC (releng/11.2, 11.2-RELEASE-p9)
+CVE Name:       CVE-2019-5595
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+The FreeBSD/amd64 architecture defines the SYSCALL instruction for syscalls,
+and uses registers calling conventions for passing syscalls arguments and
+return values in addition to the registers usage imposed by the SYSCALL and
+SYSRET instructions in long mode.  In particular, the arguments are passed in
+registers specified by the C ABI, and the content of the registers specified
+as caller-save, is undefined after the return from syscall.
+
+II.  Problem Description
+
+The callee-save registers are used by kernel and for some of them (%r8, %r10,
+and for non-PTI configurations, %r9) the content is not sanitized before
+return from syscalls, potentially leaking sensitive information.
+
+III. Impact
+
+Typically an address of some kernel data structure used in the syscall
+implementation, is exposed.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and reboot.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10m "Rebooting for security update"
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 12.0]
+# fetch https://security.FreeBSD.org/patches/SA-19:01/syscall.patch
+# fetch https://security.FreeBSD.org/patches/SA-19:01/syscall.patch.asc
+# gpg --verify syscall.patch.asc
+
+[FreeBSD 11.2]
+# fetch https://security.FreeBSD.org/patches/SA-19:01/syscall.11.2.patch
+# fetch https://security.FreeBSD.org/patches/SA-19:01/syscall.11.2.patch.asc
+# gpg --verify syscall.patch.11.2.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/12/                                                        r343781
+releng/12.0/                                                      r343788
+stable/11/                                                        r343782
+releng/11.2/                                                      r343789
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5595>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:01.syscall.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlxZ1X9fFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cKPZBAAlwCVtNNIuq0s8FB9LjLaVJww1WWmbVJbhw1TJyBV2yRCkWwGDLag3dJ0
+EH8HwpWeL41lppjFeL6OMDZ2+wUnuShv3pAUGwodSRXsKWsp+aWqMPcNJifkVPxs
+DENrziUHnXkbOnbnP25eA12j0ztCz8FjKoDh+wrjuY4BL8jzBK4ZJtmYaubrFEcD
+GDStnEcvCNYDK8tf0rUW2lpv4oStTex5gFpZALPjq0g28kHPuctYzoOXOf9/So1i
+0kwdstsIdgydsDCHv5nXij7IDohNo+5KEJuee1cIptKftmxPLuonXyP0PiO3WA0h
+XQck1BbM5ENNm/0SOExctcqS+APXLf/VPhd2JwUPszRcYBV40pdqchkihoRXAKHs
+Dthv+9k9KrgwUO0wsrOvIzK8vjnVC2unUCXnFNX3OD2pfxCjKvl1grKQ2lAsP4Pu
+aP2VgPZyHbFKWQdOGaqOtM94CzXseXyYN3hgkNq+gPgDjkd7Xw8q5vu8d2QY/aYj
+Re4aEfUOzf9S22SQT9g4kx2QfEnUuJnnae3BMeBqWGngtQ7TnTHWrw3wGhxxC2S8
+iou+BzeCv9MRn74Fpzr/xnGRUwT+0wFJVd9N9QdpErRA59oo6X4TXNl6AvKHvxY7
+1UurBJ5MqUGUUIeJg8Qv5HpgJML3BiotDbk+LwmMx7T2IL1dJdk=
+=Aktj
+-----END PGP SIGNATURE-----
diff --git a/share/security/advisories/FreeBSD-SA-19:02.fd.asc b/share/security/advisories/FreeBSD-SA-19:02.fd.asc
new file mode 100644
index 0000000000..ea29bd13d8
--- /dev/null
+++ b/share/security/advisories/FreeBSD-SA-19:02.fd.asc
@@ -0,0 +1,136 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-19:02.fd                                         Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          File description reference count leak
+
+Category:       core
+Module:         unix
+Announced:      2019-02-05
+Credits:        Peter Holm
+Affects:        FreeBSD 12.0
+Corrected:      2019-02-05 17:56:22 UTC (stable/12, 12.0-STABLE)
+                2019-02-05 18:11:15 UTC (releng/12.0, 12.0-RELEASE-p3)
+                2019-02-05 17:57:30 UTC (stable/11, 11.2-STABLE)
+CVE Name:       CVE-2019-5596
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+UNIX-domain sockets are used for inter-process communication.  It is
+possible to use UNIX-domain sockets to transfer rights, encoded as file
+descriptors, to another process.
+
+II.  Problem Description
+
+FreeBSD 12.0 attempts to handle the case where the receiving process does
+not provide a sufficiently large buffer for an incoming control message
+containing rights.  In particular, to avoid leaking the corresponding
+descriptors into the receiving process' descriptor table, the kernel handles
+the truncation case by closing descriptors referenced by the discarded
+message.
+
+The code which performs this operation failed to release a reference obtained
+on the file corresponding to a received right.  This bug can be used to cause
+the reference counter to wrap around and free the file structure.
+
+III. Impact
+
+A local user can exploit the bug to gain root privileges or escape from
+a jail.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Perform one of the following:
+
+1) Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and reboot.
+
+2) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the i386 or amd64
+platforms can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +30 "Rebooting for security update"
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 12.0]
+# fetch https://security.FreeBSD.org/patches/SA-19:02/fd.patch
+# fetch https://security.FreeBSD.org/patches/SA-19:02/fd.patch.asc
+# gpg --verify fd.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+The following list contains the correction revision numbers for each
+affected branch.
+
+Branch/path                                                      Revision
+- -------------------------------------------------------------------------
+stable/12/                                                        r343785
+releng/12.0/                                                      r343790
+stable/11/                                                        r343786
+- -------------------------------------------------------------------------
+
+To see which files were modified by a particular revision, run the
+following command, replacing NNNNNN with the revision number, on a
+machine with Subversion installed:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5596>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:02.fd.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlxZ1YFfFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
+MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
+5cK7+w/+JeFIVM0QQC1R4wJFmT3bBaRumxGCx5PN5Ufe7ub/ztwsKQKJeps1aiS3
+fzw3Ck1K7+joeG+cNwZNihmAyEa2Hgk+FDhQBX531yrwF1jQ2A2oKGfkhs5e02Ng
+k16MV9pVlNP1zQ3wFVBjFCCvBuVJ0A8XTxALY7ivZlj2edgSH1eL4SaP1mrSD2Xu
+pR2amN7WkAaIqvATK0VkWjYp6kUXtI8CBtdP3hpKz88rpYoZfWxupqtghnxgjIqt
+iuTOhbemvYuBvB+ErbtU/6Z4ffoHt9Csrk2MM56/RZRwyHmtC4CFqtxClrUpOoa2
+2OcEbR8cZyEardSES78UBjbTwlOTVd5F4o86Q1bKytHjI72ycB5yKZkyiHmdJCjs
+EhlaDC/rnHxdYGvBuiLqFcNU5tJiGawZZwyozCQz67dGD89QzKQurKEWQ1YJvMsW
+ZwwJRSHrllUyJQBdqV/R3Qoaz2koeE9633jtqHDdUYKCZAgeFdic/6u9r4Rx2Nj5
+JpTZU01bwvxNZPf35WbI2L+JbygR40b3FYbZ3skBqZylp+EkPGPxGpHGAxdKWeOy
+rzGBukIuWnLy9pmJ574oTZymw8Psvu2DJL3Csngak1HkcA9mA5vjnDBvk9mvqTgo
+YCfCewlfFwVa/exSK3q5oI9hxse0KvQI4cH2+c2b7NDMS9+DpTY=
+=pr7t
+-----END PGP SIGNATURE-----
author	Gordon Tetlow <gordon@FreeBSD.org>	2019-02-05 18:38:28 +0000
committer	Gordon Tetlow <gordon@FreeBSD.org>	2019-02-05 18:38:28 +0000
commit	09a1676909023f171459e4238b22253c6f98d9e9 (patch)
tree	d7d0ad8b12fd33668f9cdef743a27eb2c8ca3344 /share/security/advisories
parent	2cf5c6c843fea75ac72c22217f6916b13ff122a6 (diff)