git: 39ccac62fe - main - Add EN-26:04 and SA-26:03.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 10 Feb 2026 18:17:08 UTC
The branch main has been updated by gordon:
URL: https://cgit.FreeBSD.org/doc/commit/?id=39ccac62fee45238b6eb6016c0c1e24b2eeed904
commit 39ccac62fee45238b6eb6016c0c1e24b2eeed904
Author: Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2026-02-10 18:16:46 +0000
Commit: Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2026-02-10 18:16:46 +0000
Add EN-26:04 and SA-26:03.
Approved by: so
---
website/data/security/advisories.toml | 4 +
website/data/security/errata.toml | 4 +
.../security/advisories/FreeBSD-EN-26:04.arm64.asc | 137 ++++++++++++++++
.../advisories/FreeBSD-SA-26:03.blocklistd.asc | 164 +++++++++++++++++++
.../static/security/patches/EN-26:04/arm64.patch | 22 +++
.../security/patches/EN-26:04/arm64.patch.asc | 16 ++
.../security/patches/SA-26:03/blocklistd.patch | 173 +++++++++++++++++++++
.../security/patches/SA-26:03/blocklistd.patch.asc | 16 ++
8 files changed, 536 insertions(+)
diff --git a/website/data/security/advisories.toml b/website/data/security/advisories.toml
index 6623b3623e..c1c95b201a 100644
--- a/website/data/security/advisories.toml
+++ b/website/data/security/advisories.toml
@@ -1,6 +1,10 @@
# Sort advisories by year, month and day
# $FreeBSD$
+[[advisories]]
+name = "FreeBSD-SA-26:03.blocklistd"
+date = "2026-02-10"
+
[[advisories]]
name = "FreeBSD-SA-26:02.jail"
date = "2026-01-27"
diff --git a/website/data/security/errata.toml b/website/data/security/errata.toml
index 24f08a7faf..63b6c21292 100644
--- a/website/data/security/errata.toml
+++ b/website/data/security/errata.toml
@@ -1,6 +1,10 @@
# Sort errata notices by year, month and day
# $FreeBSD$
+[[notices]]
+name = "FreeBSD-EN-26:04.arm64"
+date = "2026-02-10"
+
[[notices]]
name = "FreeBSD-EN-26:03.vm"
date = "2026-01-27"
diff --git a/website/static/security/advisories/FreeBSD-EN-26:04.arm64.asc b/website/static/security/advisories/FreeBSD-EN-26:04.arm64.asc
new file mode 100644
index 0000000000..a7f6e08e82
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-EN-26:04.arm64.asc
@@ -0,0 +1,137 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-26:04.arm64 Errata Notice
+ The FreeBSD Project
+
+Topic: Kernel panic when dumping process core on arm64
+
+Category: core
+Module: arm64
+Announced: 2026-02-10
+Affects: FreeBSD 15.0
+Corrected: 2026-02-09 16:28:38 UTC (stable/15, 15.0-STABLE)
+ 2026-02-10 17:56:09 UTC (releng/15.0, 15.0-RELEASE-p3)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I. Background
+
+Scalable Vector Extension (SVE) is an extension of the arm64 instruction set
+providing SIMD functionality.
+
+II. Problem Description
+
+When dumping a process core, if SVE is enabled, the kernel will include an ELF
+note in the coredump containing the process' SVE register contents. The
+implementation first checks to see if the process has SVE enabled, as part of
+pre-calculcating the size of the core dump notes, then checks a second time
+when actually populating the note.
+
+III. Impact
+
+The bug could cause a kernel panic.
+
+IV. Workaround
+
+No workaround is available. Non-arm64 systems are not affected, and arm64
+systems without SVE are not affected.
+
+V. Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your system installed from base system packages:
+
+Systems running a 15.0-RELEASE version of FreeBSD on the amd64 or arm64
+platforms, which were installed using base system packages, can be updated
+via the pkg(8) utility:
+
+# pkg upgrade -r FreeBSD-base
+# shutdown -r +10min "Rebooting for an erratum fix"
+
+2) To update your system installed from binary distribution sets:
+
+Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
+or the i386 platform on FreeBSD 13, which were not installed using base
+system packages, can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an erratum fix"
+
+3) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-26:04/arm64.patch
+# fetch https://security.FreeBSD.org/patches/EN-26:04/arm64.patch.asc
+# gpg --verify arm64.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI. Correction details
+
+This issue is corrected as of the corresponding Git commit hash in the
+following stable and release branches:
+
+Branch/path Hash Revision
+- -------------------------------------------------------------------------
+stable/15/ c70a68bbdbf6 stable/15-n282182
+releng/15.0/ 539bbdbd3b0c releng/15.0-n281006
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292195>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:04.arm64.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmmLdYkACgkQbljekB8A
+Gu9GDxAAr/APqA0OICssli9j4S+QB6rIeuBjXMIvMqpbUHC2s8Sk3lT75QusaXet
+yAeXatOXfUyfYgdggyAomUBIelpLB9u6UmSroaxt/qTOXBx3a8fyvA5h8PR9dIoc
+4CjVNYFt4TyiGvowt+ZxxrnC90v/rWKbS/b3SRAMHoUKdImMIrBd1JAcYj0nvLdK
+GduJ/GE85NhYjXExdSMtE56rFuHoMihFDgDSXgkxyXKjWlVaPyBzBzStucaw9KIl
+b/BuyoKG/Q6vEB1Hv5cgWOnZC9wx6vqZ4OsrLKB9eTZFaBnWFMVLizUVx3PlAdv0
+a1wbrLTqKYmspUn4mIphLVorIuOGED1Rq3HjBGyvZ5sDzqluFqvHUhGfQMam0L8z
+BUgcfBROAollz6VK2fUu1y6gVPPD7FkFeINIn6iyFrHc6TjF4pIqrSq5jra53nCA
+0tdqu+wiqSyZBRwpqKkLyxDrGLywWeZxqQ3PweLaxhgAbgt72qvxq+NRrBvz1hgU
+AioF6hRXwgGgKTadcTd6ffvXsES3EfN8sjJSwAjfyUf6KyAsm0caFkIBctcBsX+M
+AadadpYTh9NnVzNz1DvPi1BR1RRnUmaiJLUKBlQsWjDJ+Hrk+jHFXSAlOfZqLUlj
+sZmUOGDjW7nuu97aa7oeYaYQXQE/cN3IIlzqoZ+dg+jRv2v5dZ4=
+=lHox
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/advisories/FreeBSD-SA-26:03.blocklistd.asc b/website/static/security/advisories/FreeBSD-SA-26:03.blocklistd.asc
new file mode 100644
index 0000000000..fbf716efcd
--- /dev/null
+++ b/website/static/security/advisories/FreeBSD-SA-26:03.blocklistd.asc
@@ -0,0 +1,164 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-26:03.blocklistd Security Advisory
+ The FreeBSD Project
+
+Topic: blocklistd(8) socket leak
+
+Category: core
+Module: blocklistd
+Announced: 2026-02-10
+Affects: FreeBSD 15.0
+Corrected: 2026-02-10 01:39:29 UTC (stable/15, 15.0-STABLE)
+ 2026-02-10 17:56:11 UTC (releng/15.0, 15.0-RELEASE-p3)
+CVE Name: CVE-2026-2261
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I. Background
+
+The blocklistd(8) service keeps a database of IP addresses associated with
+certain adverse events reported by other system services, such as failed ssh
+logins or emails submitted to non-existent recipients. Once an IP address has
+exceeded a configured number of adverse events, blocklistd runs a helper script
+which performs a preprogrammed action, usually adding the IP address to a
+packet filter blocklist. After a certain amount of time has elapsed, the same
+helper script is run again to unblock the address.
+
+The blocklistd service was previously known as blacklistd and is present under
+both names in FreeBSD 15.0-RELEASE.
+
+II. Problem Description
+
+Due to a programming error, blocklistd leaks a socket descriptor for each
+adverse event report it receives.
+
+Once a certain number of leaked sockets is reached, blocklistd
+becomes unable to run the helper script: a child process is forked, but
+this child dereferences a null pointer and crashes before it is able to
+exec the helper. At this point, blocklistd still records adverse events
+but is unable to block new addresses or unblock addresses whose database
+entries have expired.
+
+Once a second, much higher number of leaked sockets is reached,
+blocklistd becomes unable to receive new adverse event reports.
+
+III. Impact
+
+An attacker may take advantage of this by triggering a large number of adverse
+events from sacrificial IP addresses to effectively disable blocklistd before
+launching an attack.
+
+Even in the absence of attacks or probes by would-be attackers, adverse events
+will occur regularly in the course of normal operations, and blocklistd will
+gradually run out file descriptors and become ineffective.
+
+The accumulation of open sockets may have knock-on effects on other parts of
+the system, resulting in a general slowdown until blocklistd is restarted.
+
+IV. Workaround
+
+The issue can be mitigated to a certain extent by regularly restarting
+the blocklistd service.
+
+However, a determined attacker with access to a sufficiently large pool
+of sacrificial IP addresses will be able to disable blocklistd in a
+matter of minutes, or hours at most.
+
+V. Solution
+
+Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your vulnerable system installed from base system packages:
+
+Systems running a 15.0-RELEASE version of FreeBSD on the amd64 or arm64
+platforms, which were installed using base system packages, can be updated
+via the pkg(8) utility:
+
+# pkg upgrade -r FreeBSD-base
+
+2) To update your vulnerable system installed from binary distribution sets:
+
+Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
+or the i386 platform on FreeBSD 13, which were not installed using base
+system packages, can be updated via the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+3) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-26:03/blocklistd.patch
+# fetch https://security.FreeBSD.org/patches/SA-26:03/blocklistd.patch.asc
+# gpg --verify blocklistd.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart the applicable daemons, or reboot the system.
+
+VI. Correction details
+
+This issue is corrected as of the corresponding Git commit hash in the
+following stable and release branches:
+
+Branch/path Hash Revision
+- -------------------------------------------------------------------------
+stable/15/ 1864a03eb2ac stable/15-n282210
+releng/15.0/ e4781e4e6d88 releng/15.0-n281007
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://www.cve.org/CVERecord?id=CVE-2026-2261>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-26:03.blocklistd.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmmLdZIACgkQbljekB8A
+Gu849BAAnzXfP+LqpZM2dIPVMma5fHyMKNYSCa3nCS5cBSXgnodaM8KW2W0tuPRA
+2NlMU4LUtDng0+UCm3SDVOZRvHL37/2TfaIheCs0QCmLirG78NDweHntEMHQGqUP
+vsdQ1kfdkRm1VJyqE8INsSOdlE8YwCywM+HXjEhjv5VNTzzVZOj3cnlNABgrrCq7
+DcKuCZ9uDZRva+X71YRs3n9ZWghSuONB9ycys2YdYG3fp2wEMUpwEsRFjR1oYWOM
+JjmlvfXJSeNq4vXd425zX3trLunVEqRVEaLtkl3NDx7/fVAN05MrXx5eB7oTBa5X
+9NzFDdQpJZw3Fk7B6cRUZa4v/mPFc2ZrfMKEIrMz+7brVl5InSjvi7ne3ERRujr0
+Db4Kbf9XrAx1NaFXrffU6jmVrhZOz7Z9Y+H+1V7yCYZiShkwz2rrghghcrH3QH0x
+2jJXsT+M5lYDA2oFPc0eXPtlidrmCcWHMVM4b8xkZ/tBCaq31F4T7RWXj0QiO44Z
+7AlV7ejZquknMA0gNmmOrOMW3kQcCUwJA0SBXcQ7WE5sgnQeXdZcl9wWtSkjYuhr
+g1YHde8rNUNcHBC+FPZlru/PsuOrc1/XzdjO4uRpSEK++hOR4ZmLUBThd+u8H9b4
+bA9kCxgNwfuOq9c3hYhFjWme+kxHRLRAdn4un19zLwUvaqLqS0k=
+=1MK1
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/patches/EN-26:04/arm64.patch b/website/static/security/patches/EN-26:04/arm64.patch
new file mode 100644
index 0000000000..49eab05c0b
--- /dev/null
+++ b/website/static/security/patches/EN-26:04/arm64.patch
@@ -0,0 +1,22 @@
+--- sys/arm64/arm64/vfp.c.orig
++++ sys/arm64/arm64/vfp.c
+@@ -934,6 +934,9 @@
+
+ pcb = td->td_pcb;
+
++ if (td == curthread && (pcb->pcb_fpflags & PCB_FP_STARTED) != 0)
++ vfp_save_state(td, pcb);
++
+ /* If there is no SVE support in HW then we don't support NT_ARM_SVE */
+ if (pcb->pcb_sve_len == 0)
+ return (false);
+@@ -955,9 +958,6 @@
+ KASSERT(*sizep == sizeof(struct svereg_header) + buf_size,
+ ("%s: invalid size", __func__));
+
+- if (td == curthread && (pcb->pcb_fpflags & PCB_FP_STARTED) != 0)
+- vfp_save_state(td, pcb);
+-
+ header = buf;
+ memset(header, 0, sizeof(*header));
+
diff --git a/website/static/security/patches/EN-26:04/arm64.patch.asc b/website/static/security/patches/EN-26:04/arm64.patch.asc
new file mode 100644
index 0000000000..8c0aaee022
--- /dev/null
+++ b/website/static/security/patches/EN-26:04/arm64.patch.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmmLdZEACgkQbljekB8A
+Gu8lYQ//XPC/xi9ll2qHWYjM4PTuwuRA5qepfQ0hUJUMXmA6XNYGhnC7npNuvuw3
+njSjg+BkJQoXSSGCRBEBF+eVdbm/QPIgBt9snxW3WF7BRe4YrSKGl8apblgfjkEw
+/6eJHVFrTFFVwKskcwzyHGNuGr5I3Gg1wahKuicLm3FES5+niQ5HW0C/Jfb3VDtX
+ZMxZL8PLUpDwuwK475fRsLHj5w8Cz/DzltGSSDGjmSKeho6WF8bs9z4nJT5BEr5s
+1FmbCTuaUYpmHRcCpHNgCAOVrJdi59VQz/t+tMLtMGLI5G+val6RLqX/MjnZTdAC
+LaelwffoxTSrMjUd3bsqlXEjk44TMT/Ze+aHUjw0CMlG0Eb+69tc1Ld67qXBaw2H
+/bAMB6BMpSG0tpxEGjV+RqVaU3CE1F8udcDeqOEWwzTm5pipl7N4flELyt+v29/1
+kqnyOOT6DUl8Gfvz65791/4THMv6wVpoXzL9bXv6N/OmjoiVarVMIPugHllOrAhZ
+OdOmRZj9Qqp/VJTYvuIbheP0uHwdcR6Nhest6TAoh30lg/B9bQTs70mCkv+fQ5sB
+knw2cDADpS1n3RMKGLKfzNgkKSUExnV+zDDg7+VK7HXdbq6TH6L2bYVZeDSAs/VE
+K06QlnExJzo7gJgUsBlKyBgGMfS6Db/i9Mtb4Kk+H2qb66cZjlk=
+=8f4X
+-----END PGP SIGNATURE-----
diff --git a/website/static/security/patches/SA-26:03/blocklistd.patch b/website/static/security/patches/SA-26:03/blocklistd.patch
new file mode 100644
index 0000000000..a411292473
--- /dev/null
+++ b/website/static/security/patches/SA-26:03/blocklistd.patch
@@ -0,0 +1,173 @@
+--- contrib/blocklist/bin/blacklistd.c.orig
++++ contrib/blocklist/bin/blacklistd.c
+@@ -191,7 +191,7 @@
+ }
+
+ if (getremoteaddress(bi, &rss, &rsl) == -1)
+- return;
++ goto out;
+
+ if (debug || bi->bi_msg[0]) {
+ sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&rss);
+@@ -204,12 +204,12 @@
+
+ if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) == NULL) {
+ (*lfun)(LOG_DEBUG, "no rule matched");
+- return;
++ goto out;
+ }
+
+
+ if (state_get(state, &c, &dbi) == -1)
+- return;
++ goto out;
+
+ if (debug) {
+ char b1[128], b2[128];
+@@ -269,6 +269,8 @@
+ state_put(state, &c, &dbi);
+
+ out:
++ close(bi->bi_fd);
++
+ if (debug) {
+ char b1[128], b2[128];
+ (*lfun)(LOG_DEBUG, "%s: final db state for %s: count=%d/%d "
+--- contrib/blocklist/bin/blocklistd.c.orig
++++ contrib/blocklist/bin/blocklistd.c
+@@ -191,7 +191,7 @@
+ }
+
+ if (getremoteaddress(bi, &rss, &rsl) == -1)
+- return;
++ goto out;
+
+ if (debug || bi->bi_msg[0]) {
+ sockaddr_snprintf(rbuf, sizeof(rbuf), "%a:%p", (void *)&rss);
+@@ -204,12 +204,12 @@
+
+ if (conf_find(bi->bi_fd, bi->bi_uid, &rss, &c) == NULL) {
+ (*lfun)(LOG_DEBUG, "no rule matched");
+- return;
++ goto out;
+ }
+
+
+ if (state_get(state, &c, &dbi) == -1)
+- return;
++ goto out;
+
+ if (debug) {
+ char b1[128], b2[128];
+@@ -269,6 +269,8 @@
+ state_put(state, &c, &dbi);
+
+ out:
++ close(bi->bi_fd);
++
+ if (debug) {
+ char b1[128], b2[128];
+ (*lfun)(LOG_DEBUG, "%s: final db state for %s: count=%d/%d "
+--- contrib/blocklist/port/popenve.c.orig
++++ contrib/blocklist/port/popenve.c
+@@ -111,11 +111,25 @@
+ #endif
+ }
+
+- if ((cur = malloc(sizeof(*cur))) != NULL)
+- return cur;
++ if ((cur = malloc(sizeof(*cur))) != NULL) {
++ if (**type == 'r') {
++ cur->fp = fdopen(pdes[0], *type);
++#ifdef _REENTRANT
++ cur->fd = pdes[0];
++#endif
++ } else {
++ cur->fp = fdopen(pdes[1], *type);
++#ifdef _REENTRANT
++ cur->fd = pdes[1];
++#endif
++ }
++ if (cur->fp != NULL)
++ return cur;
++ }
+ serrno = errno;
+ (void)close(pdes[0]);
+ (void)close(pdes[1]);
++ free(cur);
+ errno = serrno;
+ return NULL;
+ }
+@@ -125,16 +139,6 @@
+ {
+ struct pid *old;
+
+- /* POSIX.2 B.3.2.2 "popen() shall ensure that any streams
+- from previous popen() calls that remain open in the
+- parent process are closed in the new child process. */
+- for (old = pidlist; old; old = old->next)
+-#ifdef _REENTRANT
+- (void)close(old->fd); /* don't allow a flush */
+-#else
+- (void)close(fileno(old->fp)); /* don't allow a flush */
+-#endif
+-
+ if (type[0] == 'r') {
+ (void)close(pdes[0]);
+ if (pdes[1] != STDOUT_FILENO) {
+@@ -150,31 +154,30 @@
+ (void)close(pdes[0]);
+ }
+ }
++
++ /* POSIX.2 B.3.2.2 "popen() shall ensure that any streams
++ from previous popen() calls that remain open in the
++ parent process are closed in the new child process. */
++ for (old = pidlist; old; old = old->next) {
++#ifdef _REENTRANT
++ (void)close(old->fd); /* don't allow a flush */
++#else
++ (void)close(fileno(old->fp)); /* don't allow a flush */
++#endif
++ }
+ }
+
+ static void
+ pdes_parent(int *pdes, struct pid *cur, pid_t pid, const char *type)
+ {
+- FILE *iop;
+-
+- /* Parent; assume fdopen can't fail. */
+- if (*type == 'r') {
+- iop = fdopen(pdes[0], type);
+-#ifdef _REENTRANT
+- cur->fd = pdes[0];
+-#endif
++ /* Parent */
++ if (*type == 'r')
+ (void)close(pdes[1]);
+- } else {
+- iop = fdopen(pdes[1], type);
+-#ifdef _REENTRANT
+- cur->fd = pdes[1];
+-#endif
++ else
+ (void)close(pdes[0]);
+- }
+
+ /* Link into list of file descriptors. */
+- cur->fp = iop;
+- cur->pid = pid;
++ cur->pid = pid;
+ cur->next = pidlist;
+ pidlist = cur;
+ }
+@@ -200,7 +203,7 @@
+ #ifdef _REENTRANT
+ (void)rwlock_rdlock(&pidlist_lock);
+ #endif
+- switch (pid = vfork()) {
++ switch (pid = fork()) {
+ case -1: /* Error. */
+ serrno = errno;
+ #ifdef _REENTRANT
diff --git a/website/static/security/patches/SA-26:03/blocklistd.patch.asc b/website/static/security/patches/SA-26:03/blocklistd.patch.asc
new file mode 100644
index 0000000000..faf670e149
--- /dev/null
+++ b/website/static/security/patches/SA-26:03/blocklistd.patch.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmmLdZMACgkQbljekB8A
+Gu8QYQ//aJxjOxEDunwQsv8aCspVlGm6up5wiUFnh6xF3aXytVbCJDBT4pALRAFD
+ZSDD1GloBuZZnFQ9J1936gRYV646XKy0LX2BChWCggeKknT8hnzTa/V90IbXD6Vs
+t2qgN2kjLceRXR95nDl4GLPh7eaob2Ha+skPwXoRA/gEM0zhO7F2m5aaNh1EXtjh
+PvfuHAM2Q12nQXiM6dBmQaFhdK9JvVVYE8OUjn6ZiRPDaqSMR4rVusy50RpXMn0c
+lEaI17FZZ7AQfS4c8SwrCiWcemkJJlGWHjhbIN8tH6PxehE5mMyaCT5lIzOg1cdg
+SIbJzx1yRGmdFpY7xL56Jw36LrEjHiV6j3mok61qLq+KLa+02Eb7p24KjUsNX/qI
+v6v6dYnKeZ98bJmSR6WzPx8oz7+TyR/MrsxCYyNGKyXBXQ59VJXQ9S9Rpl3MyR74
+KYwtKbokIEQbE6wVTh30AAcCgC/jNaE1MGsf3fwVMW1Gq8N+9z7QmNnhAPyzTyuZ
+UVExbGU95dRe+hsdU2Gjtk0o9LzwLIXtynsKUapIeCuHd/QhshxuXx60xxyzG+J9
+KrpuFzbl0+tnhgp78aFkCJoCqSqJp16ZNmc6hpnKacnxnkMDvr1sGSRB27M6TZtZ
+HFZij7LwR93nHKRdcyxc6A+hLTO2TLBALvZDGabI5/xHGGrrJKw=
+=6vju
+-----END PGP SIGNATURE-----