From nobody Wed Dec 20 08:15:10 2023
X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sw5vz45nzz55LMv
	for <dev-commits-doc-all@mlmmj.nyi.freebsd.org>; Wed, 20 Dec 2023 08:15:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sw5vz25ZMz3SWl;
	Wed, 20 Dec 2023 08:15:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703060111;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=c6pDu4xyKoUf0HSP9IQIbPKytVmuEAPeMRdGoHeQ1Dk=;
	b=TmLUopnLQ/Y06BUN0/W3JAnwGR3oiT7tXlkdjt0odMp9jKDTSVml1NEMj0MJaG2r1p4sEV
	JOi+Xvq/FdV06hyWcs4fPk8IbmtpXOVPJCbgpML5jGh+O35c9zCOpswivjaYkPQAosFPXx
	bNHX9kXRpTfyYr5ExPbV4IeDgVmmiy8vzg9g0RiTeNoZIV60J11Z4HIlBBnPbYBS3kLlL4
	JdxkYGou9GGGyop/LLwDWK0whC6I9PZW8Em2QvFby8DML8D15usrtzdMDt+sXJPaBIEfs4
	BH5YhNqgjWK+1stqWJ/Et0Bj+3t6LUFAyXpmc6dqp5SuCRxi75u7lVzs/yf/ZA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703060111; a=rsa-sha256; cv=none;
	b=thH2fKwZqetc7DBpcbAnVqmrojZveW7RDnV8FvnKqgdcqdZnpSAyjk/XiJs8TSPY5Q8D04
	tLrvKP42aN1eMfceY18of4hGmtAIB8W6TJaq1rXrPMzPHyPU2ORUK/5cuXtlDV+BbQbX1+
	c9nji+CT1ln0Sc08CpHQCumgkjE3kUgHEiDt1E8Wq02ZO2uSWeB9yZL9y2OpC2jdsP5GR4
	vPGSfX0iC4EDqcx+CKua4A1jaG3ET3k9d6sL1yi1aSOS/PlXnJduUQNw+E59s2C/4SsBWs
	g5zxYSqTCKMp90C0B4+AwIBGJjp3IS7/FPvrEEqDmHLvVkbQNGtnqHPulqhv+A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703060111;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=c6pDu4xyKoUf0HSP9IQIbPKytVmuEAPeMRdGoHeQ1Dk=;
	b=EvywyK8qazmDSxwfo7fdloUL0cG9nHqSb0QXeiQCeR4pwc8ApIbsMTnWUoIf8n6m6LkXs9
	wOM/wrYgb9TZK6DKqShHi+3dBh6yjscQD3Ie2uccVQlzA072Iiu/UWwKVR6KJSM7jI++pt
	t2iCMs7dR0YJUkkGAbIXYNKVvU36u5cJNY2/jPTzjnCBG8YZVjfleSa8vQjhI6h4KjPFxj
	s9M+tH2wfP1XL9IZEP7Biu8GsdloY+i8qSEukn8beQIIFKtJf1P45GWzjSKTKtqvL5H/Gs
	dxVmpgHfGcmjsMwyyJokfMr25NOWLgkZbkojHadxc4Jg0useY0qzBAPfwkXKgw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sw5vz17dnzgXh;
	Wed, 20 Dec 2023 08:15:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BK8FAFh008003;
	Wed, 20 Dec 2023 08:15:10 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BK8FAnr008000;
	Wed, 20 Dec 2023 08:15:10 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 08:15:10 GMT
Message-Id: <202312200815.3BK8FAnr008000@gitrepo.freebsd.org>
To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org
From: Philip Paeps <philip@FreeBSD.org>
Subject: git: 42099f809c - main - Add advisory affecting 12.4R,
  13.2R and 14.0R
List-Id: Commit messages for all branches of the doc repository <dev-commits-doc-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all
List-Help: <mailto:dev-commits-doc-all+help@freebsd.org>
List-Post: <mailto:dev-commits-doc-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-doc-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-doc-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-doc-all@freebsd.org
X-BeenThere: dev-commits-doc-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: philip
X-Git-Repository: doc
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 42099f809c0bf562ab95cba9e1c08de78bba6434
Auto-Submitted: auto-generated

The branch main has been updated by philip:

URL: https://cgit.FreeBSD.org/doc/commit/?id=42099f809c0bf562ab95cba9e1c08de78bba6434

commit 42099f809c0bf562ab95cba9e1c08de78bba6434
Author:     Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2023-12-20 08:14:36 +0000
Commit:     Philip Paeps <philip@FreeBSD.org>
CommitDate: 2023-12-20 08:14:36 +0000

    Add advisory affecting 12.4R, 13.2R and 14.0R
    
    FreeBSD-SA-23:19.openssh affects all supported releases
    
    Note: While this issue does affect 12.4-STABLE and 12.4-RELEASE, the version
    of OpenSSH in 12.4 is old enough the vendor provided patch does not cleanly
    apply. As 12.4 goes out of support at the end of December and in order to
    quickly get fixes out for 14.0 and 13.2, the FreeBSD Security Team is issuing
    this advisory now while feasibility of a 12.4 backport is investigated. Users
    with 12.4 are encouraged to either implement the documented workaround or
    leverage an up to date version of OpenSSH from the ports/pkg collection.
---
 website/content/en/releases/12.4R/errata.adoc | 1 +
 website/content/en/releases/13.2R/errata.adoc | 1 +
 website/content/en/releases/14.0R/errata.adoc | 1 +
 3 files changed, 3 insertions(+)

diff --git a/website/content/en/releases/12.4R/errata.adoc b/website/content/en/releases/12.4R/errata.adoc
index 42f288d9ca..4a180fff9a 100644
--- a/website/content/en/releases/12.4R/errata.adoc
+++ b/website/content/en/releases/12.4R/errata.adoc
@@ -56,6 +56,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:12.msdosfs.asc[FreeBSD-SA-23:12.msdosfs] |3 October 2023 |msdosfs data disclosure
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:15.stdio.asc[FreeBSD-SA-23:15.stdio] |8 November 2023 |libc stdio buffer overflow
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/13.2R/errata.adoc b/website/content/en/releases/13.2R/errata.adoc
index be279652c3..272735dfd5 100644
--- a/website/content/en/releases/13.2R/errata.adoc
+++ b/website/content/en/releases/13.2R/errata.adoc
@@ -59,6 +59,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:16.cap_net.asc[FreeBSD-SA-23:16.cap_net] |8 November 2023 |Incorrect libcap_net limitation list manipulation
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
 |===
 
 [[errata]]
diff --git a/website/content/en/releases/14.0R/errata.adoc b/website/content/en/releases/14.0R/errata.adoc
index df5fb7d94d..4ce0f28f01 100644
--- a/website/content/en/releases/14.0R/errata.adoc
+++ b/website/content/en/releases/14.0R/errata.adoc
@@ -47,6 +47,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
 |Advisory |Date |Topic
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
 |link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
 |===
 
 [[errata]]