svn commit: r51209 - head/share/security/advisories

Gordon Tetlow gordon at FreeBSD.org
Tue Nov 21 03:48:37 UTC 2017


Author: gordon (src,ports committer)
Date: Tue Nov 21 03:48:36 2017
New Revision: 51209
URL: https://svnweb.freebsd.org/changeset/doc/51209

Log:
  Update SA-17:08 and SA-17:10 to properly give credit to Ilja van Sprundel.

Modified:
  head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc
  head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc

Modified: head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc
==============================================================================
--- head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc	Tue Nov 21 02:25:11 2017	(r51208)
+++ head/share/security/advisories/FreeBSD-SA-17:08.ptrace.asc	Tue Nov 21 03:48:36 2017	(r51209)
@@ -10,7 +10,8 @@ Topic:          Kernel data leak via ptrace(PT_LWPINFO
 Category:       core
 Module:         ptrace
 Announced:      2017-11-15
-Credits:        John Baldwin
+Credits:        Ilja van Sprundel
+                John Baldwin
 Affects:        All supported versions of FreeBSD.
 Corrected:      2017-11-10 12:28:43 UTC (stable/11, 11.1-STABLE)
                 2017-11-15 22:39:41 UTC (releng/11.1, 11.1-RELEASE-p4)
@@ -24,6 +25,13 @@ For general information regarding FreeBSD Security Adv
 including descriptions of the fields above, security branches, and the
 following sections, please visit <URL:https://security.FreeBSD.org/>.
 
+0.   Revision history
+
+v1.0   2017-11-15  Initial release.
+v1.1   2017-11-20  Corrected credit. Ilja van Sprundel first reported this
+                   issue to the project, but wasn't cited. The FreeBSD
+                   Security Team apologizes to Ilja for this oversight.
+
 I.   Background
 
 The ptrace(2) syscall provides the facility for a debugger to control the
@@ -122,19 +130,19 @@ The latest revision of this advisory is available at
 <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:08.ptrace.asc>
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxftfFIAAAAAALgAo
+iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloToMpfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
 RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
-audQ+hAA2+cjqNVUJ/Polwo9cu61QxKLEXO1DItlMIFWBxpFpXXlRSLbqH+RGmaO
-6aR4Q1xcOnLm8e57KcLFppl77uOZyO0IJ0lyK6P30ouSxuYIW3aHbW+p3pVYBE+J
-aqF3mNxSh9xQRgXvxUB/CM3w/SMKkxXtkZMvhNSGFCShGQTNpjGfAgIwOZD8mNFi
-WvYbPgzwfeE4tsaStZ91SZ8wf2nxdRXhybDXEOCAJvicP6IqYA1Zfr7RG2N3swK7
-JKLXW7tiVu+zbRYYFiWYX4FIWatIlsTjpD0GyuZs0j2PCEu80z1muFnrp/dGg3Bn
-APGVzIrkFjKvmXfkuFZFPMWCL+u9cUgOMNGkMFDXrLppLL7aXCGrz3BWECg581Pr
-dnUrrz/iEcXGDcnTJ3Ff+OidqdhdpVQz59Ek90TMd5iO+nZ+xeVjVzxdLHb82/wt
-KlgXRpwTg3Q72xDSF84UmRSkk1M/V5AZMrZiy2RjIwtvLqIJ9ZpLAMnrwTTWRDjB
-YurHHNWKjMVkdKCdbpBVGRjNmS6XYS6QukmA4M85d2r0Dmb8J6Gd6juHc3Essrz+
-3qEMKAcYsSWbQ5ZSMywUOzM74Dk+wUTf7jCJ1IsSqn8hYHOqvUSF0ftwXkdS1+cv
-GT25iduAMCdTP15Qp57Wlhv9WCF8eOUoYKHiSpXcVa6XMqazLy4=
-=Uqz2
+auf4EhAAkPiaUsEFju752S8RMKCC5LZtNMr++65TeX2I+QbvqR7jpcg8UhrVhonJ
+0B/tEvaFcgYg8XjtHcRUMc5UzXRnZRu/a9+AzD2WbdZz/VqQSPVN1pAILXnYiZV4
+SbmbKoavKzzQyXD9HTiElWCaOSau1dZYJj9CkhMarN63H5A+PNSD+v2TOcsK7S9h
+Yvt4EYjq64CNO7BYY9vIUQEZkJfaoh2lLTOQYbaAgNbEa1+V4l7Kctzx0HpfrvmP
+GyUyuvyIsBrtQA9xOYdhiet4qiORTNgVEsZc5k5mnpvvOOAyC5Ela/pqIM6VBmgv
+9PS3RZkoEFblcJWbDb48sNfqVxXxG7NHMsun5YXA0eglmNQC/+pwibUZeJ4sTPLd
+3qkm1uPxmHJPvp6zu/uVJSc+f8uJtMl7i2XmNVg0bdzzvcNkiCYR6TdhqZbDlJ+s
+BjgSVjY5tH83t9F8yaenKBrtHLk3ybwKBMQ/T/nwfBnZtUtN6n3EHTWZxrroilCB
+ein8XGKu4G2NuPcnY8X4Yn13LWHe/b46tj1nkvp+qkb+tN9tg7rsueoyJqLdM3k2
+/KxAPKNgAgP05r7hIgJGEtblTaxvLIP+RvkuyRW9B0XSxfYUNPd9anIOQTMCTm3L
+WFSYxQaW823LiKA3DvC7rw+8k9Jmcc7dVXaN1pwQMAroAxGhBM0=
+=E16f
 -----END PGP SIGNATURE-----

Modified: head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc
==============================================================================
--- head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc	Tue Nov 21 02:25:11 2017	(r51208)
+++ head/share/security/advisories/FreeBSD-SA-17:10.kldstat.asc	Tue Nov 21 03:48:36 2017	(r51209)
@@ -10,7 +10,8 @@ Topic:          Information leak in kldstat(2)
 Category:       core
 Module:         kernel
 Announced:      2017-11-15
-Credits:        TJ Corley
+Credits:        Ilja van Sprundel
+                TJ Corley
 Affects:        All supported versions of FreeBSD.
 Corrected:      2017-11-15 22:34:15 UTC (stable/11, 11.1-STABLE)
                 2017-11-15 22:49:47 UTC (releng/11.1, 11.1-RELEASE-p4)
@@ -24,6 +25,13 @@ For general information regarding FreeBSD Security Adv
 including descriptions of the fields above, security branches, and the
 following sections, please visit <URL:https://security.FreeBSD.org/>.
 
+0.   Revision history
+
+v1.0   2017-11-15  Initial release.
+v1.1   2017-11-20  Corrected credit. Ilja van Sprundel first reported the
+                   issue to the project, but wasn't cited. The FreeBSD
+                   Security Team apologizes to Ilja for this oversight.
+
 I.   Background
 
 The kldstat(2) syscall provides information about loaded kld files.  The
@@ -118,19 +126,19 @@ The latest revision of this advisory is available at
 <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:10.kldstat.asc>
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloMxhRfFIAAAAAALgAo
+iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloToOxfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
 RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
-audjZhAA29uguakBjkQtnAlWceN0BOQlkp03iYQh61dFpdH98f7RQcr5cq77XKrM
-pkONtdEVbZNF9g6sly6n9dq5ivAuC9K1KGPtylMcPzHLTzDtV1B13vk2iwwgqkZ7
-GgB+m305kcL85knaASn3PBYwKTKzGOrhZFUZuTTI4VAnbbEmIwTHnJlVHvNwFDIj
-je1XxdDBr4jq7SdCZH8YW9LZAMDi9b+0hg72u20ZQ66uNeadxN4i9DuWtMeHJHb7
-2aZRtHhdw4imryUpHM4FnCp5zp9V87Gyv4wy7IrkOKYtbl4nWqxqVakL7T9yVmY5
-Q4cGqreYq8bF2aM3LyT26VmDfMOovovHJpCRHf9fvlIMj6ajS39FKWMkEeU23ykg
-EiTNk090h/G3REWiPnWjbxt8VGnFGyLe3K1VQqUvS+LlQ4lc45WCJnEHcpbvXT/E
-TNTQ/85nE4BklV1d9wiLy26C21W92IguZam0HdRYJHgEc9Mug+62MfqDzHf0w5HP
-3pu8IV5KMwEjGxzaiDMETIZU+K5fkdzPDNBhscxZ6OOab4zQ0+pZgdT1CSbXV6Ru
-xuOjSyBdz5vVdbq/298VJJ7hNyoP1MgnyaxPrG2ImNDKjUGqbtOgv0m3ISqtsyfs
-pEvyO2MxWWZqdNhtGJuQpOYyzAMxfJdmdOz1PMFFayQiBR7F0ao=
-=N2rs
+audl/RAAkPqcGvCMAHucBtZH2sySvM/1L1NTl0I61eJaDqgnjooo3hRq5J/dlNlt
+zo48o2W0EOnr8QWJhVg1oADY5qxBVm8RldpAH1Y7lU1Pk1gw6buTvmlat9Y0TaRm
+i3WCYe/yzC9X50x12dSu2QCeir+HDHrHB72KQDxPJak21e8BKq8vSq4cV3+K32IF
+MmC0yTkwXM7JJti1wkztiNSwvcCT5cI0EOZrHxDOJk57zhmuUw3t+42mr4uZhLpd
+Um/Hmqt3TS1LlL/swCcayeJGI5lrnfnIMZEUJj9aJZcRry6xrtaeppvgm3rP8Bym
+IYBipTU16MGVU6PEdpxXZCkmhzrb5XkAHNnRbod/Ye4g5a+3tWeaivjxbrNRsJyc
+7HkuvW41LX1+hJ2DJ/IJGKhz0yP+7//pXNJIkcF1iKOVnVIxz+49KPjj3ZHYhGu2
+oI/w4EMTd4ODXmE+bZkwGGm3nbxlH3AIZmBL2x1MdmfO/NjUlB3tYupZ7K/wR/PD
+V0OdrZTua7EpYSUDg04xuNkkxRwFMIVQ3XtE1HNCuV0BtQqZOcecKh9Alci5ZT6n
+r+F3HhFthNsafwdXLka5zDev/qtSSxggZ75fj+BxPfCoQZSlYkegFg/9K1hXlE+c
+H22TsCXMpLokZUKj2XKJQ8RsEZQ5Yr6wEFjsWHoeK5CPh/DyAYE=
+=dgLX
 -----END PGP SIGNATURE-----


More information about the svn-doc-all mailing list