git: 4939946683 - main - website: fix empty SA and EN section in 14.1R and earlier relnotes
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 09 Mar 2026 08:51:42 UTC
The branch main has been updated by vladlen:
URL: https://cgit.FreeBSD.org/doc/commit/?id=493994668334a54e8efd57a7452913f4d936cb82
commit 493994668334a54e8efd57a7452913f4d936cb82
Author: Vladlen Popolitov <vladlen@FreeBSD.org>
AuthorDate: 2026-03-09 08:50:48 +0000
Commit: Vladlen Popolitov <vladlen@FreeBSD.org>
CommitDate: 2026-03-09 08:50:48 +0000
website: fix empty SA and EN section in 14.1R and earlier relnotes
Relnotes of 14.1, 14.0, 13.3, 13.2, 13.1 and 13.0 updated
Reported by: Christian Ullrich <chris@chrullrich.net>
Reviewed by: ziaee
Approved by: ziaee
Differential Revision: https://reviews.freebsd.org/D55706
PR: 282330
---
website/content/en/releases/13.0R/relnotes.adoc | 34 +++-
website/content/en/releases/13.1R/errata.adoc | 1 +
website/content/en/releases/13.1R/relnotes.adoc | 203 +++++++++++++++++++++++-
website/content/en/releases/13.2R/relnotes.adoc | 135 +++++++++++++++-
website/content/en/releases/13.3R/relnotes.adoc | 131 ++++++++++++++-
website/content/en/releases/14.0R/relnotes.adoc | 24 ++-
website/content/en/releases/14.1R/relnotes.adoc | 107 ++++++++++++-
7 files changed, 606 insertions(+), 29 deletions(-)
diff --git a/website/content/en/releases/13.0R/relnotes.adoc b/website/content/en/releases/13.0R/relnotes.adoc
index 046186e239..d39a8b433f 100644
--- a/website/content/en/releases/13.0R/relnotes.adoc
+++ b/website/content/en/releases/13.0R/relnotes.adoc
@@ -74,9 +74,37 @@ This section lists the various Security Advisories and Errata Notices since {rel
| Date
| Topic
-|No advisories.
-|
-|
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:03.pam_login_access.asc[FreeBSD-SA-21:03.pam_login_access]
+| 24 February 2021
+| login.access fails to apply rules
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:04.jail_remove.asc[FreeBSD-SA-21:04.jail_remove]
+| 24 February 2021
+| man:jail_remove[2] fails to kill all jailed processes
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:05.jail_chdir.asc[FreeBSD-SA-21:05.jail_chdir]
+| 24 February 2021
+| man:jail_attach[2] relies on the caller to change the cwd
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:06.xen.asc[FreeBSD-SA-21:06.xen]
+| 24 February 2021
+| Xen grant mapping error handling issues
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:07.openssl.asc[FreeBSD-SA-21:07.openssl]
+| 25 March 2021
+| Multiple vulnerabilities in OpenSSL
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:08.vm.asc[FreeBSD-SA-21:08.vm]
+| 6 April 2021
+| Memory disclosure by stale virtual memory mapping
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:09.accept_filter.asc[FreeBSD-SA-21:09.accept_filter]
+| 6 April 2021
+| double free in man:accept_filter[9] socket configuration interface
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:10.jail_mount.asc[FreeBSD-SA-21:10.jail_mount]
+| 6 April 2021
+| jail escape possible by mounting over jail root
|===
diff --git a/website/content/en/releases/13.1R/errata.adoc b/website/content/en/releases/13.1R/errata.adoc
index b153493574..e09bb8f309 100644
--- a/website/content/en/releases/13.1R/errata.adoc
+++ b/website/content/en/releases/13.1R/errata.adoc
@@ -45,6 +45,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|===
|Advisory |Date |Topic
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:09.elf.asc[FreeBSD-SA-22:09.elf] |9 August 2022 |Out of bound read in elf_note_prpsinfo()
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:10.aio.asc[FreeBSD-SA-22:10.aio] |9 August 2022 |AIO credential reference count leak
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:11.vm.asc[FreeBSD-SA-22:11.vm] |9 August 2022 |Memory disclosure by stale virtual memory mapping
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:12.lib9p.asc[FreeBSD-SA-22:12.lib9p] |9 August 2022 |Missing bounds check in 9p message handling
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:13.zlib.asc[FreeBSD-SA-22:13.zlib] |30 August 2022 |zlib heap buffer overflow
diff --git a/website/content/en/releases/13.1R/relnotes.adoc b/website/content/en/releases/13.1R/relnotes.adoc
index c2171e970c..5103717230 100644
--- a/website/content/en/releases/13.1R/relnotes.adoc
+++ b/website/content/en/releases/13.1R/relnotes.adoc
@@ -59,8 +59,6 @@ After upgrading, sshd (from OpenSSH 8.8p1) will not accept new connections until
After installing the new userland, either reboot (as specified in the source update procedure), or execute `service sshd restart`.
====
-////
-XXX: gjb will fill this in just before the release is final
[[security-errata]]
== Security and Errata
@@ -72,7 +70,91 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:31.icmp6.asc[FreeBSD-SA-20:31.icmp6] |1 December 2020 |Use-after-free in error message handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:03.pam_login_access.asc[FreeBSD-SA-21:03.pam_login_access]
+| 24 February 2021
+| login.access fails to apply rules
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:04.jail_remove.asc[FreeBSD-SA-21:04.jail_remove]
+| 24 February 2021
+| man:jail_remove[2] fails to kill all jailed processes
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:05.jail_chdir.asc[FreeBSD-SA-21:05.jail_chdir]
+| 24 February 2021
+| man:jail_attach[2] relies on the caller to change the cwd
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:06.xen.asc[FreeBSD-SA-21:06.xen]
+| 24 February 2021
+| Xen grant mapping error handling issues
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:08.vm.asc[FreeBSD-SA-21:08.vm]
+| 6 April 2021
+| Memory disclosure by stale virtual memory mapping
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:09.accept_filter.asc[FreeBSD-SA-21:09.accept_filter]
+| 6 April 2021
+| double free in man:accept_filter[9] socket configuration interface
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:10.jail_mount.asc[FreeBSD-SA-21:10.jail_mount]
+| 6 April 2021
+| jail escape possible by mounting over jail root
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:11.smap.asc[FreeBSD-SA-21:11.smap]
+| 26 May 2021
+| SMAP bypass
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:12.libradius.asc[FreeBSD-SA-21:12.libradius]
+| 26 May 2021
+| Missing message validation in man:libradius[3]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:13.bhyve.asc[FreeBSD-SA-21:13.bhyve]
+| 24 August 2021
+| Missing error handling in man:bhyve[8] device models
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:14.ggatec.asc[FreeBSD-SA-21:14.ggatec]
+| 24 August 2021
+| Remote code execution in man:ggatec[8]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:15.libfetch.asc[FreeBSD-SA-21:15.libfetch]
+| 24 August 2021
+| libfetch out of bounds read
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:16.openssl.asc[FreeBSD-SA-21:16.openssl]
+| 24 August 2021
+| Multiple OpenSSL vulnerabilities
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:01.vt.asc[FreeBSD-SA-22:01.vt]
+| 11 January 2022
+| vt console buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:02.wifi.asc[FreeBSD-SA-22:02.wifi]
+| 15 March 2022
+| Multiple WiFi issues
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:03.openssl.asc[FreeBSD-SA-22:03.openssl]
+| 15 March 2022
+| OpenSSL certificate parsing infinite loop
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:04.netmap.asc[FreeBSD-SA-22:04.netmap]
+| 6 April 2022
+| Potential jail escape vulnerabilities in netmap
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:05.bhyve.asc[FreeBSD-SA-22:05.bhyve]
+| 6 April 2022
+| Bhyve e82545 device emulation out-of-bounds write
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:06.ioctl.asc[FreeBSD-SA-22:06.ioctl]
+| 6 April 2022
+| mpr/mps/mpt driver ioctl heap out-of-bounds write
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc[FreeBSD-SA-22:07.wifi_meshid]
+| 6 April 2022
+| 802.11 heap buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:08.zlib.asc[FreeBSD-SA-22:08.zlib]
+| 6 April 2022
+| zlib compression out-of-bounds write
+
|===
[[errata]]
@@ -81,9 +163,120 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Errata |Date |Topic
-|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:19.audit.asc[FreeBSD-EN-20:19.audit] |1 December 2020 |execve/fexecve system call auditing
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:12.divert.asc[FreeBSD-EN-21:12.divert]
+| 26 May 2021
+| Kernel double free when transmitting on a divert socket
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:13.mpt.asc[FreeBSD-EN-21:13.mpt]
+| 26 May 2021
+| man:mpt[4] I/O errors with a large maxphys value
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:14.pms.asc[FreeBSD-EN-21:14.pms]
+| 26 May 2021
+| man:pms[4] data corruption
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:15.virtio.asc[FreeBSD-EN-21:15.virtio]
+| 26 May 2021
+| man:virtio[4] device probing fails
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:16.bc.asc[FreeBSD-EN-21:16.bc]
+| 26 May 2021
+| dc update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:17.libradius.asc[FreeBSD-EN-21:17.libradius]
+| 1 June 2021
+| Incorrect validation in man:rad_get_attr[3]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:18.libc%2B%2B.asc[FreeBSD-EN-21:18.libc++]
+| 29 June 2021
+| Missing {cpp}20 headers in lib{cpp}
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:19.libcasper.asc[FreeBSD-EN-21:19.libcasper]
+| 29 June 2021
+| libcasper assertion failure
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:20.vlan.asc[FreeBSD-EN-21:20.vlan]
+| 29 June 2021
+| Missing backwards compatibility in man:vlan[4]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:21.ipfw.asc[FreeBSD-EN-21:21.ipfw]
+| 29 June 2021
+| Kernel panic with ipfw link-layer filtering enabled
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:22.linux_futex.asc[FreeBSD-EN-21:22.linux_futex]
+| 29 June 2021
+| Linux compatibility layer man:futex[2] system call vulnerability
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:23.virtio_blk.asc[FreeBSD-EN-21:23.virtio_blk]
+| 24 August 2021
+| man:virtio_blk[4] fails to attach on some hypervisors
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:24.libcrypto.asc[FreeBSD-EN-21:24.libcrypto]
+| 24 August 2021
+| OpenSSL 1.1.1e API functions not exported
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:25.bhyve.asc[FreeBSD-EN-21:25.bhyve]
+| 24 August 2021
+| Fix NVMe iovec construction for large IOs
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:26.libevent.asc[FreeBSD-EN-21:26.libevent]
+| 3 November 2021
+| libevent1 ABI breakage
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:27.caroot.asc[FreeBSD-EN-21:27.caroot]
+| 3 November 2021
+| Root certificate bundle update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:28.vmci.asc[FreeBSD-EN-21:28.vmci]
+| 3 November 2021
+| Fix kernel panic in vmci driver initialization
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-21:29.tzdata.asc[FreeBSD-EN-21:29.tzdata]
+| 3 November 2021
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:01.fsck_ffs.asc[FreeBSD-EN-22:01.fsck_ffs]
+| 11 January 2022
+| fsck_ffs fails to correct certain errors
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:02.xsave.asc[FreeBSD-EN-22:02.xsave]
+| 11 January 2022
+| Incorrect XSAVE state size
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:03.hyperv.asc[FreeBSD-EN-22:03.hyperv]
+| 11 January 2022
+| vPCI compatibility improvements with certain Hyper-V releases
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:05.tail.asc[FreeBSD-EN-22:05.tail]
+| 11 January 2022
+| tail -F fails to follow some types of log rotation
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:06.libalias.asc[FreeBSD-EN-22:06.libalias]
+| 11 January 2022
+| Incorrect fragmented IPv4 packet handling in libalias
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:07.la57.asc[FreeBSD-EN-22:07.la57]
+| 1 February 2022
+| Intel CPU LA57 boot failure
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:10.zfs.asc[FreeBSD-EN-22:10.zfs]
+| 15 March 2022
+| ZFS writes fail to update file size
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:11.zfs.asc[FreeBSD-EN-22:11.zfs]
+| 15 March 2022
+| ZFS man:lseek[2] inconsistencies
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:12.zfs.asc[FreeBSD-EN-22:12.zfs]
+| 15 March 2022
+| ZFS panic upon concurrent 'zfs list' calls
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:14.tzdata.asc[FreeBSD-EN-22:14.tzdata]
+| 22 March 2022
+| Timezone database information update
+
|===
-////
[[userland]]
== Userland
diff --git a/website/content/en/releases/13.2R/relnotes.adoc b/website/content/en/releases/13.2R/relnotes.adoc
index 222d3eda7b..575079f1ef 100644
--- a/website/content/en/releases/13.2R/relnotes.adoc
+++ b/website/content/en/releases/13.2R/relnotes.adoc
@@ -76,8 +76,6 @@ After installing the user-level components with the second invocation of freebsd
For example, older versions of `sshd` failed to process incoming connections correctly after the new [.filename]#/usr/sbin/sshd# was installed; rebooting started a new `sshd` and other daemons.
====
-////
-XXX: gjb will fill this in just before the release is final
[[security-errata]]
== Security and Errata
@@ -89,7 +87,67 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:31.icmp6.asc[FreeBSD-SA-20:31.icmp6] |1 December 2020 |Use-after-free in error message handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:03.openssl.asc[FreeBSD-SA-22:03.openssl]
+| 15 March 2022
+| OpenSSL certificate parsing infinite loop
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:04.netmap.asc[FreeBSD-SA-22:04.netmap]
+| 6 April 2022
+| Potential jail escape vulnerabilities in netmap
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:05.bhyve.asc[FreeBSD-SA-22:05.bhyve]
+| 6 April 2022
+| Bhyve e82545 device emulation out-of-bounds write
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:06.ioctl.asc[FreeBSD-SA-22:06.ioctl]
+| 6 April 2022
+| mpr/mps/mpt driver ioctl heap out-of-bounds write
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc[FreeBSD-SA-22:07.wifi_meshid]
+| 6 April 2022
+| 802.11 heap buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:08.zlib.asc[FreeBSD-SA-22:08.zlib]
+| 6 April 2022
+| zlib compression out-of-bounds write
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:09.elf.asc[FreeBSD-SA-22:09.elf]
+| 9 August 2022
+| Out of bound read in elf_note_prpsinfo()
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:11.vm.asc[FreeBSD-SA-22:11.vm]
+| 9 August 2022
+| Memory disclosure by stale virtual memory mapping
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:12.lib9p.asc[FreeBSD-SA-22:12.lib9p]
+| 9 August 2022
+| Missing bounds check in 9p message handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:13.zlib.asc[FreeBSD-SA-22:13.zlib]
+| 30 August 2022
+| zlib heap buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:14.heimdal.asc[FreeBSD-SA-22:14.heimdal]
+| 15 November 2022
+| Multiple vulnerabilities in Heimdal [REVISED]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-22:15.ping.asc[FreeBSD-SA-22:15.ping]
+| 29 November 2022
+| Stack overflow in man:ping[8]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:01.geli.asc[FreeBSD-SA-23:01.geli]
+| 8 February 2023
+| GELI silently omits the keyfile if read from stdin
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:02.openssh.asc[FreeBSD-SA-23:02.openssh]
+| 16 February 2023
+| OpenSSH pre-authentication double free
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:03.openssl.asc[FreeBSD-SA-23:03.openssl]
+| 16 February 2023
+| Multiple vulnerabilities in OpenSSL
+
|===
[[errata]]
@@ -98,9 +156,76 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Errata |Date |Topic
-|link:https://www.freebsd.org/security/advisories/FreeBSD-EN-20:19.audit.asc[FreeBSD-EN-20:19.audit] |1 December 2020 |execve/fexecve system call auditing
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:14.tzdata.asc[FreeBSD-EN-22:14.tzdata]
+| 22 March 2022
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:16.kqueue.asc[FreeBSD-EN-22:16.kqueue]
+| 9 August 2022
+| man:kevent[2] timers fire too often
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:17.cam.asc[FreeBSD-EN-22:17.cam]
+| 9 August 2022
+| Kernel memory corruption during SCSI error recovery
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:19.pam_exec.asc[FreeBSD-EN-22:19.pam_exec]
+| 9 August 2022
+| NULL pointer dereference in man:pam_exec[8]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:20.tzdata.asc[FreeBSD-EN-22:20.tzdata]
+| 30 August 2022
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:21.zfs.asc[FreeBSD-EN-22:21.zfs]
+| 1 November 2022
+| ZFS B-Tree use-after-free
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:22.tzdata.asc[FreeBSD-EN-22:22.tzdata]
+| 1 November 2022
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:23.vm.asc[FreeBSD-EN-22:23.vm]
+| 1 November 2022
+| Memory pages become unreclaimable
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:24.zfs.asc[FreeBSD-EN-22:24.zfs]
+| 1 November 2022
+| ZFS snapshot directories not accessible over NFS
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:25.tcp.asc[FreeBSD-EN-22:25.tcp]
+| 28 August 2022
+| Possible data corruption with TCP SACK retransmissions
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:26.cam.asc[FreeBSD-EN-22:26.cam]
+| 1 November 2022
+| CAM man:ioctl[2] compatibility breakage
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:27.loader.asc[FreeBSD-EN-22:27.loader]
+| 1 November 2022
+| UEFI loader failing to boot older amd64 kernels
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-22:28.heimdal.asc[FreeBSD-EN-22:28.heimdal]
+| 29 November 2022
+| Regression in Heimdal KDC
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:01.tzdata.asc[FreeBSD-EN-23:01.tzdata]
+| 8 February 2022
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:02.sdhci.asc[FreeBSD-EN-23:02.sdhci]
+| 8 February 2023
+| man:sdhci[4] broken write-protect settings
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:03.ena.asc[FreeBSD-EN-23:03.ena]
+| 8 February 2023
+| ena driver crash after reset in 7th gen AWS instance types
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:04.ixgbe.asc[FreeBSD-EN-23:04.ixgbe]
+| 8 February 2023
+| ixgbe incorrectly reports input errors for 82599ES
+
|===
-////
[[userland]]
== Userland
diff --git a/website/content/en/releases/13.3R/relnotes.adoc b/website/content/en/releases/13.3R/relnotes.adoc
index fad01dc7a3..4f769fc445 100644
--- a/website/content/en/releases/13.3R/relnotes.adoc
+++ b/website/content/en/releases/13.3R/relnotes.adoc
@@ -76,8 +76,6 @@ After installing the user-level components with the second invocation of freebsd
For example, older versions of `sshd` failed to process incoming connections correctly after the new [.filename]#/usr/sbin/sshd# was installed; rebooting started a new `sshd` and other daemons.
====
-////
-XXX: Release Engineering Lead will fill this in just before the release is final
[[security-errata]]
== Security and Errata
@@ -89,7 +87,71 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Advisory |Date |Topic
-|link:https://www.freebsd.org/security/advisories/FreeBSD-SA-20:31.icmp6.asc[FreeBSD-SA-20:31.icmp6] |1 December 2020 |Use-after-free in error message handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:04.pam_krb5.asc[FreeBSD-SA-23:04.pam_krb5]
+| 21 June 2023
+| Network authentication attack via pam_krb5
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:06.ipv6.asc[FreeBSD-SA-23:06.ipv6]
+| 1 August 2023
+| Remote denial of service in IPv6 fragment reassembly
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:07.bhyve.asc[FreeBSD-SA-23:07.bhyve]
+| 1 August 2023
+| bhyve privileged guest escape via fwctl
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:08.ssh.asc[FreeBSD-SA-23:08.ssh]
+| 1 August 2023
+| Potential remote code execution via ssh-agent forwarding
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:09.pam_krb5.asc[FreeBSD-SA-23:09.pam_krb5]
+| 1 August 2023
+| Network authentication attack via pam_krb5
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:10.pf.asc[FreeBSD-SA-23:10.pf]
+| 6 September 2023
+| pf incorrectly handles multiple IPv6 fragment headers
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:11.wifi.asc[FreeBSD-SA-23:11.wifi]
+| 6 September 2023
+| Wi-Fi encryption bypass
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:12.msdosfs.asc[FreeBSD-SA-23:12.msdosfs]
+| 3 October 2023
+| msdosfs data disclosure
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:13.capsicum.asc[FreeBSD-SA-23:13.capsicum]
+| 3 October 2023
+| copy_file_range insufficient capability rights check
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:14.smccc.asc[FreeBSD-SA-23:14.smccc]
+| 3 October 2023
+| arm64 boot CPUs may lack speculative execution protections
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:15.stdio.asc[FreeBSD-SA-23:15.stdio]
+| 7 November 2023
+| libc stdio buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:16.cap_net.asc[FreeBSD-SA-23:16.cap_net]
+| 8 November 2023
+| Incorrect libcap_net limitation list manipulation
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf]
+| 5 December 2023
+| TCP spoofing vulnerability in man:pf[4]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient]
+| 12 December 2023
+| NFS client data corruption and kernel memory disclosure
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh]
+| 19 December 2023
+| Prefix Truncation Attack in the SSH protocol
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload]
+| 14 February 2024
+| man:bhyveload[8] host file access
+
|===
[[errata]]
@@ -98,8 +160,69 @@ This section lists the various Security Advisories and Errata Notices since {rel
[width="100%",cols="40%,30%,30%",options="header",]
|===
|Errata |Date |Topic
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:05.tzdata.asc[FreeBSD-EN-23:05.tzdata]
+| 21 June 2023
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:06.loader.asc[FreeBSD-EN-23:06.loader]
+| 21 June 2023
+| x86 kernel console configuration
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:07.mpr.asc[FreeBSD-EN-23:07.mpr]
+| 21 June 2023
+| man:mpr[4] may fail to initialize devices
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:09.freebsd-update.asc[FreeBSD-EN-23:09.freebsd-update]
+| 6 September 2023
+| freebsd-update incorrectly merges files on upgrade
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:10.pci.asc[FreeBSD-EN-23:10.pci]
+| 6 September 2023
+| PCI-e hot-plug is broken with certain devices
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:11.caroot.asc[FreeBSD-EN-23:11.caroot]
+| 6 September 2023
+| Root certificate bundle update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:12.freebsd-update.asc[FreeBSD-EN-23:12.freebsd-update]
+| 3 October 2023
+| freebsd-update to 14.0 fails
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:13.freebsd-update.asc[FreeBSD-EN-23:13.freebsd-update]
+| 8 November 2023
+| freebsd-update does not handle deep boot environments
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:14.regcomp.asc[FreeBSD-EN-23:14.regcomp]
+| 8 November 2023
+| Incorrect regular expression escape handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:15.sanitizer.asc[FreeBSD-EN-23:15.sanitizer]
+| 1 December 2023
+| Clang sanitizer failure with ASLR enabled
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:16.openzfs.asc[FreeBSD-EN-23:16.openzfs]
+| 1 December 2023
+| OpenZFS data corruption
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:21.tty.asc[FreeBSD-EN-23:21.tty]
+| 24 November 2023
+| man:tty[4] IUTF8 causes a kernel panic
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:22.vfs.asc[FreeBSD-EN-23:22.vfs]
+| 5 December 2023
+| ZFS snapshot directories not accessible over NFS
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:02.libutil.asc[FreeBSD-EN-24:02.libutil]
+| 14 February 2024
+| Login class resource limits and CPU mask bypass
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:03.kqueue.asc[FreeBSD-EN-24:03.kqueue]
+| 14 February 2024
+| man:kqueue_close[2] page fault on exit using man:rfork[2]
+
|===
-////
+
[[userland]]
== Userland
diff --git a/website/content/en/releases/14.0R/relnotes.adoc b/website/content/en/releases/14.0R/relnotes.adoc
index 14d6e83b7a..2d3ba5333f 100644
--- a/website/content/en/releases/14.0R/relnotes.adoc
+++ b/website/content/en/releases/14.0R/relnotes.adoc
@@ -123,9 +123,17 @@ This section lists the various Security Advisories and Errata Notices since {rel
| Date
| Topic
-|No advisories.
-|
-|
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-21:07.openssl.asc[FreeBSD-SA-21:07.openssl]
+| 25 March 2021
+| Multiple vulnerabilities in OpenSSL
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:15.stdio.asc[FreeBSD-SA-23:15.stdio]
+| 7 November 2023
+| libc stdio buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:16.cap_net.asc[FreeBSD-SA-23:16.cap_net]
+| 8 November 2023
+| Incorrect libcap_net limitation list manipulation
|===
@@ -139,9 +147,13 @@ This section lists the various Security Advisories and Errata Notices since {rel
| Date
| Topic
-|No notices.
-|
-|
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:13.freebsd-update.asc[FreeBSD-EN-23:13.freebsd-update]
+| 8 November 2023
+| man:freebsd-update[8] does not handle deep boot environments
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:14.regcomp.asc[FreeBSD-EN-23:14.regcomp]
+| 8 November 2023
+| Incorrect regular expression escape handling
|===
diff --git a/website/content/en/releases/14.1R/relnotes.adoc b/website/content/en/releases/14.1R/relnotes.adoc
index 4c5315a9d6..d121f65fad 100644
--- a/website/content/en/releases/14.1R/relnotes.adoc
+++ b/website/content/en/releases/14.1R/relnotes.adoc
@@ -83,9 +83,37 @@ This section lists the various Security Advisories and Errata Notices since {rel
| Date
| Topic
-|No advisories.
-|
-|
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:15.stdio.asc[FreeBSD-SA-23:15.stdio]
+| 7 November 2023
+| libc stdio buffer overflow
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:16.cap_net.asc[FreeBSD-SA-23:16.cap_net]
+| 8 November 2023
+| Incorrect libcap_net limitation list manipulation
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf]
+| 5 December 2023
+| TCP spoofing vulnerability in man:pf[4]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient]
+| 12 December 2023
+| NFS client data corruption and kernel memory disclosure
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh]
+| 19 December 2023
+| Prefix Truncation Attack in the SSH protocol
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:01.bhyveload.asc[FreeBSD-SA-24:01.bhyveload]
+| 14 February 2024
+| man:bhyveload[8] host file access
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:02.tty.asc[FreeBSD-SA-24:02.tty]
+| 14 February 2024
+| man:jail[2] information leak
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-24:03.unbound.asc[FreeBSD-SA-24:03.unbound]
+| 28 March 2024
+| Multiple vulnerabilities in unbound
|===
@@ -99,10 +127,77 @@ This section lists the various Security Advisories and Errata Notices since {rel
| Date
| Topic
-|No notices.
-|
-|
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:13.freebsd-update.asc[FreeBSD-EN-23:13.freebsd-update]
+| 8 November 2023
+| freebsd-update does not handle deep boot environments
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:14.regcomp.asc[FreeBSD-EN-23:14.regcomp]
+| 8 November 2023
+| Incorrect regular expression escape handling
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:15.sanitizer.asc[FreeBSD-EN-23:15.sanitizer]
+| 1 December 2023
+| Clang sanitizer failure with ASLR enabled
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:16.openzfs.asc[FreeBSD-EN-23:16.openzfs]
+| 1 December 2023
+| OpenZFS data corruption
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:17.ossl.asc[FreeBSD-EN-23:17.ossl]
+| 5 December 2023
+| man:ossl[4]'s AES-GCM implementation may give incorrect results
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:18.openzfs.asc[FreeBSD-EN-23:18.openzfs]
+| 5 December 2023
+| High CPU usage by ZFS kernel threads
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:19.pkgbase.asc[FreeBSD-EN-23:19.pkgbase]
+| 5 December 2023
+| Incorrect pkgbase version number for FreeBSD 14.0
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:20.vm.asc[FreeBSD-EN-23:20.vm]
+| 5 December 2023
+| Incorrect results from the kernel physical memory allocator
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:21.tty.asc[FreeBSD-EN-23:21.tty]
+| 24 November 2023
+| man:tty[4] IUTF8 causes a kernel panic
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-23:22.vfs.asc[FreeBSD-EN-23:22.vfs]
+| 5 December 2023
+| ZFS snapshot directories not accessible over NFS
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:01.tzdata.asc[FreeBSD-EN-24:01.tzdata]
+| 14 February 2024
+| Timezone database information update
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:02.libutil.asc[FreeBSD-EN-24:02.libutil]
+| 14 February 2024
+| Login class resource limits and CPU mask bypass
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:03.kqueue.asc[FreeBSD-EN-24:03.kqueue]
+| 14 February 2024
+| man:kqueue_close[2] page fault on exit using man:rfork[2]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:04.ip.asc[FreeBSD-EN-24:04.ip]
+| 14 February 2024
+| Kernel panic triggered by man:bind[2]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:05.tty.asc[FreeBSD-EN-24:05.tty]
+| 28 March 2024
+| TTY Kernel Panic
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:06.wireguard.asc[FreeBSD-EN-24:06.wireguard]
+| 28 March 2024
+| Insufficient barriers in WireGuard man:if_wg[4]
+
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:07.clang.asc[FreeBSD-EN-24:07.clang]
+| 28 March 2024
+| Clang crash when certain optimization is enabled
+| link:https://www.FreeBSD.org/security/advisories/FreeBSD-EN-24:08.kerberos.asc[FreeBSD-EN-24:08.kerberos]
+| 28 March 2024
+| Kerberos segfaults when using weak crypto
|===