1 files changed, 0 insertions, 136 deletions
diff --git a/share/security/advisories/FreeBSD-SA-15:03.sctp.asc b/share/security/advisories/FreeBSD-SA-15:03.sctp.asc
deleted file mode 100644
index 8820150cf0..0000000000
--- a/share/security/advisories/FreeBSD-SA-15:03.sctp.asc
+++ /dev/null
@@ -1,136 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-=============================================================================
-FreeBSD-SA-15:03.sctp                                       Security Advisory
-                                                          The FreeBSD Project
-
-Topic:          SCTP stream reset vulnerability
-
-Category:       core
-Module:         sctp
-Announced:      2015-01-27
-Credits:        Gerasimos Dimitriadis
-Affects:        All supported versions of FreeBSD.
-Corrected:      2015-01-27 19:36:08 UTC (stable/10, 10.1-STABLE)
-                2015-01-27 19:37:02 UTC (releng/10.1, 10.1-RELEASE-p5)
-                2015-01-27 19:37:02 UTC (releng/10.0, 10.0-RELEASE-p17)
-                2015-01-27 19:36:08 UTC (stable/9, 9.3-STABLE)
-                2015-01-27 19:37:02 UTC (releng/9.3, 9.3-RELEASE-p9)
-                2015-01-27 19:36:08 UTC (stable/8, 8.4-STABLE)
-                2015-01-27 19:37:02 UTC (releng/8.4, 8.4-RELEASE-p23)
-CVE Name:       CVE-2014-8613
-
-For general information regarding FreeBSD Security Advisories,
-including descriptions of the fields above, security branches, and the
-following sections, please visit <URL:https://security.FreeBSD.org/>.
-
-I.   Background
-
-SCTP protocol provides reliable, flow-controlled, two-way transmission
-of data.  It is a message oriented protocol and can support the SOCK_STREAM
-and SOCK_SEQPACKET abstractions.
-
-II.  Problem Description
-
-The input validation of received SCTP RE_CONFIG chunks is insufficient,
-and can result in a NULL pointer deference later.
-
-III. Impact
-
-A remote attacker who can send a malformed SCTP packet to a FreeBSD system
-that serves SCTP can cause a kernel panic, resulting in a Denial of
-Service.
-
-IV.  Workaround
-
-On FreeBSD 10.1 or later systems, the system administrator can set
-net.inet.sctp.reconfig_enable to 0 to disable processing of RE_CONFIG
-chunks.  This workaround is not available on earlier FreeBSD releases,
-but systems that do not serve SCTP connections are not vulnerable.
-
-V.   Solution
-
-Perform one of the following:
-
-1) Upgrade your vulnerable system to a supported FreeBSD stable or
-release / security branch (releng) dated after the correction date.
-
-2) To update your vulnerable system via a binary patch:
-
-Systems running a RELEASE version of FreeBSD on the i386 or amd64
-platforms can be updated via the freebsd-update(8) utility:
-
-# freebsd-update fetch
-# freebsd-update install
-
-3) To update your vulnerable system via a source code patch:
-
-The following patches have been verified to apply to the applicable
-FreeBSD release branches.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch
-# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch.asc
-# gpg --verify sctp.patch.asc
-
-b) Apply the patch.  Execute the following commands as root:
-
-# cd /usr/src
-# patch < /path/to/patch
-
-c) Recompile your kernel as described in
-<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
-system.
-
-VI.  Correction details
-
-The following list contains the correction revision numbers for each
-affected branch.
-
-Branch/path                                                      Revision
-- -------------------------------------------------------------------------
-stable/8/                                                         r277807
-releng/8.4/                                                       r277808
-stable/9/                                                         r277807
-releng/9.3/                                                       r277808
-stable/10/                                                        r277807
-releng/10.0/                                                      r277808
-releng/10.1/                                                      r277808
-- -------------------------------------------------------------------------
-
-To see which files were modified by a particular revision, run the
-following command, replacing NNNNNN with the revision number, on a
-machine with Subversion installed:
-
-# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
-
-Or visit the following URL, replacing NNNNNN with the revision number:
-
-<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
-
-VII. References
-
-<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8613>
-
-The latest revision of this advisory is available at
-<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:03.sctp.asc>
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.1.1 (FreeBSD)
-
-iQIcBAEBCgAGBQJUx+qbAAoJEO1n7NZdz2rnR98QAOWIIf7+akuopMxuVnppZKub
-DKCgVAJznitKoxnBtYMAOTcKdf65dQqaAgznAWBRo+USue5LIOI0jjgLuQgepoG6
-eIosPiRXqvMQL6Qqx8ydwM3xiVQd+b9pMiLkh3cfljr1Oh6OV+YSRXC+HBKZXaR6
-sn5kHRR7xFiwV/HsX4RoSik3qPbDl1x66jeN5jL0Wqg2qjCagK6OxGOtkIlt3pDj
-QrYNX/l20hXmvPjRojSEPhY+52X29/nlQjfJg/pwpsmiZJe3cqmfsh1aceUOH1Tu
-BOVxwE3oYWrJ8NZBa2cKReU1Sdvl1FxtlaXwkE+sRBzh1/vA7AZU6jWL7fEV1wv0
-2mZYLoCrSHfBongLMohs4DQ8CCnH3iEoUBRbG9HGwlAh4s9CAre87oIdHHFWRSsg
-oIHxNDG+lk+yNJuOKfjDT+poyuYw7TlBfYN+ifO5UHPOEIH430FWF3B3P2oH4I/M
-7VQRClaxaNiPfAJxa11IwHKWM12yrrM7483AuPqdd1r9OUnx33y1jPY0ByemXv9d
-LE8jJXs0cdR7zCJuV9R8Uif9xkdGLTj9emsqjaS1KxSJrSzPJaah4nkWq8BRmMXK
-3xOxlIM/cGJLU+/cliDy3CqHipU4pt+S4RuAB41xx2k5g9YiAMH178xrfOgrklSH
-xKfAM/gz4YqESK5QPjqO
-=859G
------END PGP SIGNATURE-----