1 files changed, 0 insertions, 169 deletions
diff --git a/share/security/advisories/FreeBSD-SA-14:20.rtsold.asc b/share/security/advisories/FreeBSD-SA-14:20.rtsold.asc
deleted file mode 100644
index 2d3772ea8e..0000000000
--- a/share/security/advisories/FreeBSD-SA-14:20.rtsold.asc
+++ /dev/null
@@ -1,169 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-=============================================================================
-FreeBSD-SA-14:20.rtsold                                     Security Advisory
-                                                          The FreeBSD Project
-
-Topic:          rtsold(8) remote buffer overflow vulnerability
-
-Category:       core
-Module:         rtsold
-Announced:      2014-10-21
-Credits:        Florian Obser, Hiroki Sato
-Affects:        FreeBSD 9.1 and later.
-Corrected:      2014-10-21 20:20:07 UTC (stable/10, 10.1-PRERELEASE)
-                2014-10-21 20:20:36 UTC (releng/10.1, 10.1-RC2-p1)
-                2014-10-21 20:20:36 UTC (releng/10.1, 10.1-RC1-p1)
-                2014-10-21 20:20:36 UTC (releng/10.1, 10.1-BETA3-p1)
-                2014-10-21 20:21:10 UTC (releng/10.0, 10.0-RELEASE-p10)
-                2014-10-21 20:20:17 UTC (stable/9, 9.3-STABLE)
-                2014-10-21 20:21:10 UTC (releng/9.3, 9.3-RELEASE-p3)
-                2014-10-21 20:21:10 UTC (releng/9.2, 9.2-RELEASE-p13)
-                2014-10-21 20:21:10 UTC (releng/9.1, 9.1-RELEASE-p20)
-CVE Name:       CVE-2014-3954
-
-For general information regarding FreeBSD Security Advisories,
-including descriptions of the fields above, security branches, and the
-following sections, please visit <URL:http://security.FreeBSD.org/>.
-
-I.   Background
-
-As part of the stateless addess autoconfiguration (SLAAC) mechanism,
-IPv6 routers periodically broadcast router advertisement messages on
-attached networks to inform hosts of the correct network prefix,
-router address and MTU, as well as additional network parameters such
-as the DNS servers (RDNSS), DNS search list (DNSSL) and whether a
-stateful configuration service is available.  Hosts that have recently
-joined the network can broadcast a router solicitation message to
-solicit an immediate advertisement instead of waiting for the next
-periodic advertisement.
-
-The router solicitation daemon, rtsold(8), broadcasts router
-solicitation messages at startup or when the state of an interface
-changes from passive to active.  Incoming router advertisement
-messages are first processed by the kernel and then passed on to
-rtsold(8), which handles the DNS and stateful configuration options.
-
-II.  Problem Description
-
-Due to a missing length check in the code that handles DNS parameters,
-a malformed router advertisement message can result in a stack buffer
-overflow in rtsold(8).
-
-III. Impact
-
-Receipt of a router advertisement message with a malformed DNSSL
-option, for instance from a compromised host on the same network, can
-cause rtsold(8) to crash.
-
-While it is theoretically possible to inject code into rtsold(8)
-through malformed router advertisement messages, it is normally
-compiled with stack protection enabled, rendering such an attack
-extremely difficult.
-
-When rtsold(8) crashes, the existing DNS configuration will remain in
-force, and the kernel will continue to receive and process periodic
-router advertisements.
-
-IV.  Workaround
-
-No workaround is available, but systems that do not run rtsold(8) are
-not affected.
-
-As a general rule, SLAAC should not be used on networks where trusted
-and untrusted hosts coexist in the same broadcast domain.
-
-V.   Solution
-
-Perform one of the following:
-
-1) Upgrade your vulnerable system to a supported FreeBSD stable or
-release / security branch (releng) dated after the correction date.
-
-2) To update your vulnerable system via a binary patch:
-
-Systems running a RELEASE version of FreeBSD on the i386 or amd64
-platforms can be updated via the freebsd-update(8) utility:
-
-# freebsd-update fetch
-# freebsd-update install
-
-3) To update your vulnerable system via a source code patch:
-
-The following patches have been verified to apply to the applicable
-FreeBSD release branches.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-# fetch http://security.FreeBSD.org/patches/SA-14:20/rtsold.patch
-# fetch http://security.FreeBSD.org/patches/SA-14:20/rtsold.patch.asc
-# gpg --verify rtsold.patch.asc
-
-b) Apply the patch.  Execute the following commands as root:
-
-# cd /usr/src
-# patch < /path/to/rtsold.patch
-
-c) Recompile rtsold.  Execute the following commands as root:
-
-# cd /usr/src/usr.sbin/rtsold
-# make && make install
-
-4) Restart the affected service
-
-To restart the affected service after updating the system, either
-reboot the system or execute the following command as root:
-
-# service rtsold restart
-
-VI.  Correction details
-
-The following list contains the correction revision numbers for each
-affected branch.
-
-Branch/path                                                      Revision
-- -------------------------------------------------------------------------
-stable/9/                                                         r273412
-releng/9.1/                                                       r273415
-releng/9.2/                                                       r273415
-releng/9.3/                                                       r273415
-stable/10/                                                        r273411
-releng/10.0/                                                      r273415
-releng/10.1/                                                      r273414
-- -------------------------------------------------------------------------
-
-To see which files were modified by a particular revision, run the
-following command, replacing NNNNNN with the revision number, on a
-machine with Subversion installed:
-
-# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
-
-Or visit the following URL, replacing NNNNNN with the revision number:
-
-<URL:http://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
-
-VII. References
-
-<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3954>
-
-The latest revision of this advisory is available at
-<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-14:20.rtsold.asc>
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAEBAgAGBQJURsSoAAoJEO1n7NZdz2rn5GsP/2y0fUJYVdsZjA4VtUcLFp4Q
-nhjGO3I4NOXZAj3c+bWwbw/Bmg7juFVXiAdLgcpK8UuTT+0znAkEcGoG+uA9q6K1
-PoFjTmXoukIqtu4sd5Gxp74+xVqY41XOuwanHNMiCbvGEbInxoCs3t56C7Ai1/9m
-DXhDCukNEH9JZv5qUS5L7IcosuQs2l1viU9oUA/hSfVeI9IFKp8SItDthwtLVrXe
-bgr50oQdCtwR3gx3Dwkg//er3JCsSJ0ixJO0bGGaqnGLPq7gwmJf8zKy10EE2fri
-AMpUcYMsO+MqhE+PyyuW9MJaPpX+zghZac75UYPh0EckIn8m2p6QGYXcDtZ18qR8
-uq4JCk5nDARKuy7kraEuNJgFzNIBN/wVwOSqaF4n43vhmsuiKF9uzePrtEhB7xoN
-7vT66EXXkCgiqQrQVJ6IH5LzoUJtYVDZTWLWU66r919qbQzYQFU7uslaGF8rgVIg
-HZOfEbDto3dvULmbVHkaWiyotKYSKXZROBTKvTOWVs+BX37zQgg4PGuU6CqatB8R
-Sltg2kxycQXoIm5XiiSL18RTgxEWb+DKfw8e/691EM1/F3XIQVNX11wJpeZwL/sf
-zE9TtTnmqpIBPGIe7aURgJWwX/iA4ljAqB1t5DmgIQrJMXovMXnAVMIu4L2jy+gY
-eRy82+SI3pc3thChv2hv
-=L56U
------END PGP SIGNATURE-----