d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd with flexible iflib nic queues
279,424 Commits 6 Branches 133 Tags 2.6 GiB
C 60.1%
C++ 26.1%
Roff 4.9%
Shell 3%
Assembly 1.7%
Other 3.7%
ed549cb0c5
Go to file
Cy Schubert ed549cb0c5 heimdal: Fix multiple security vulnerabilities 
The following issues are patched:

 - CVE-2022-42898 PAC parse integer overflows
 - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
 - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
 - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec

    Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0
    on the Common Vulnerability Scoring System (CVSS) v3, as we believe
    it should be possible to get an RCE on a KDC, which means that
    credentials can be compromised that can be used to impersonate
    anyone in a realm or forest of realms.

    Heimdal's ASN.1 compiler generates code that allows specially
    crafted DER encodings of CHOICEs to invoke the wrong free function
    on the decoded structure upon decode error.  This is known to impact
    the Heimdal KDC, leading to an invalid free() of an address partly
    or wholly under the control of the attacker, in turn leading to a
    potential remote code execution (RCE) vulnerability.

    This error affects the DER codec for all extensible CHOICE types
    used in Heimdal, though not all cases will be exploitable.  We have
    not completed a thorough analysis of all the Heimdal components
    affected, thus the Kerberos client, the X.509 library, and other
    parts, may be affected as well.

    This bug has been in Heimdal's ASN.1 compiler since 2005, but it may
    only affect Heimdal 1.6 and up.  It was first reported by Douglas
    Bagnall, though it had been found independently by the Heimdal
    maintainers via fuzzing a few weeks earlier.

    While no zero-day exploit is known, such an exploit will likely be
    available soon after public disclosure.

 - CVE-2019-14870: Validate client attributes in protocol-transition
 - CVE-2019-14870: Apply forwardable policy in protocol-transition
 - CVE-2019-14870: Always lookup impersonate client in DB

Sponsored by:	so (philip)
Obtained from:	so (philip)
Tested by:	philip, cy
MFC after:	immediately
2022-11-15 13:12:37 -08:00
.cirrus-ci Cirrus-CI: add some timing info on pkg install failure 2021-08-04 15:02:00 -04:00
.github .github: Attempt to fix and increase robustness of macOS action 2022-06-30 21:03:26 +01:00
bin ls(1): add a -v flag to sort naturally 2022-10-31 00:00:42 +01:00
cddl pkgbase: Put zfs utilities and lib in their own package 2022-10-26 19:46:30 +02:00
contrib gnu diff3: apply patch to committed src, rather than at build time 2022-11-13 21:33:40 -05:00
crypto heimdal: Fix multiple security vulnerabilities 2022-11-15 13:12:37 -08:00
etc sendmail: remove leftovers from mta_start_script and rc.sendmail 2022-11-15 09:10:53 +01:00
gnu gnu diff3: apply patch to committed src, rather than at build time 2022-11-13 21:33:40 -05:00
include Import device-tree files from Linux 6.0 2022-11-15 19:51:46 +01:00
kerberos5 kerberos5: retire now-unused MIPS support 2022-11-02 13:16:18 -04:00
lib rpcb_clnt.c: Do not force use of UDP 2022-11-13 12:16:06 -08:00
libexec othermta: remove leftover from 20 years ago 2022-11-14 09:08:37 +01:00
release release(7): Enable zpoolupgrade rc script in ZFS based VM images 2022-11-07 11:47:33 +08:00
rescue rescue: Link libzutil after libzfs. 2022-10-03 16:10:42 -07:00
sbin nvmecontrol: Fix condition when print number of Firmware Slots and Firmware Slot1 Readonly. 2022-11-15 07:48:20 +01:00
secure caroot: Update VCS instructions 2022-11-07 19:24:09 +08:00
share sendmail: remove leftovers from mta_start_script and rc.sendmail 2022-11-15 09:10:53 +01:00
stand Sort list of supported features for more easy handling 2022-11-10 09:47:23 +01:00
sys ipfilter: Document count_mask_bits() arguments 2022-11-15 13:11:16 -08:00
targets Put OPIE to rest. 2022-10-02 03:37:29 +02:00
tests ktls: Add tests for receiving corrupted or invalid records. 2022-11-15 12:03:19 -08:00
tools stress2: Added a new SU+J + snapshot test scenario 2022-11-14 12:03:57 +01:00
usr.bin tcp: account sent/received IP ECN markings independently 2022-11-10 11:35:35 +01:00
usr.sbin bhyve: add basl support for pointers 2022-11-15 08:27:11 +01:00
.arcconfig arcanist: use FreeBSD/git project repository instead of FreeBSD/svn 2022-08-23 14:16:41 +00:00
.arclint
.cirrus.yml Cirrus-CI: move QEMU pkg installation to test script 2022-09-07 13:32:12 -04:00
.clang-format clang-format: Add bitset loop macros 2021-09-21 12:08:01 -04:00
.gitattributes
.gitignore gitignore: Ignore compile_commands.events.json 2022-05-30 10:43:25 -04:00
COPYRIGHT Welcome 2022, update copyrights. 2022-01-01 09:49:49 -07:00
LOCKS
MAINTAINERS Remove myself from bhyve maintenance; ENOTIME. 2021-11-19 07:09:30 +10:00
Makefile Makefile: replace mergemaster references with etcupdate 2022-10-06 20:19:16 +02:00
Makefile.inc1 build: Use rm -fv for BATCH_DELETE_OLD_FILES 2022-10-25 11:18:55 -04:00
Makefile.libcompat Install working pkgconfig .pc files for compat libraries 2022-08-11 23:18:34 +01:00
Makefile.sys.inc
ObsoleteFiles.inc othermta: remove leftover from 20 years ago 2022-11-14 09:08:37 +01:00
README.md README.md: link to the list of supported platforms 2022-11-01 12:20:55 -03:00
RELNOTES RELNOTE: Document the removal of mta_start_script and othermta 2022-11-14 09:12:33 +01:00
UPDATING UPDATING: correct spearate typo 2022-10-26 14:25:12 -04:00

README.md

FreeBSD Source:

This is the top level of the FreeBSD source directory.

FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.

For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.

The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.

For information on the CPU architectures and platforms supported by FreeBSD, see the FreeBSD website's Platforms page.

Source Roadmap:

Directory Description
bin System/user commands.
cddl Various commands and libraries under the Common Development and Distribution License.
contrib Packages contributed by 3rd parties.
crypto Cryptography stuff (see crypto/README).
etc Template files for /etc.
gnu Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information.
include System include files.
kerberos5 Kerberos5 (Heimdal) package.
lib System libraries.
libexec System daemons.
release Release building Makefile & associated tools.
rescue Build system for statically linked /rescue utilities.
sbin System commands.
secure Cryptographic libraries and commands.
share Shared resources.
stand Boot loader sources.
sys Kernel sources (see sys/README.md).
targets Support for experimental DIRDEPS_BUILD
tests Regression tests which can be run by Kyua. See tests/README for additional information.
tools Utilities for regression testing and miscellaneous tasks.
usr.bin User commands.
usr.sbin System administration commands.

For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.