Stable release: HardenedBSD-stable 11-STABLE v1100054

Submitted by op on

HardenedBSD-11-STABLE-v1100054 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Warning: this is a security update!
Warning2: reinstallation of pkgs/ports are required due LibreSSL upgrade!

Highlights:

  • Changed AT_PAXFLAG auxvector position (4c04e4a613679510cd16bb13d7974c18e3f54460)
  • Properly bzero kldstat structure to prevent kernel information leak. (3ff3ec467d4eb11cdbf706cf386935d5e58c2e91) [FreeBSD-SA-17:10.kldstat, CVE-2017-1088]
  • CloudABI 0.17 (cf6ac9b4efa43a9c64c5ab311666080a0e8632b1)
  • MFH (r325010): don't bother verifying a password that we know is too long. (b242fe393914310e50673eb62d480ce03706d745) [CVE-2016-6210]

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:

SHA512 (HardenedBSD-11-STABLE-v1100054-amd64-bootonly.iso) = 20f6333bcbeceb57788ca945ce9816359d9844c2476956a2d4ffd8cdb7b725b4ce12aca4a9adac67c43fdd0a5fd5b9c87888298a6044a31e3f0a4dcb564fefd3
SHA512 (HardenedBSD-11-STABLE-v1100054-amd64-disc1.iso) = 09af01b113072333cf72f2c933f2335d5e4c9e46d51c82d2a74ebd3f3217c9ba454dc77f30de75c2f805adb56608d147dd6dc520f8cfaa90fa049888f193497d
SHA512 (HardenedBSD-11-STABLE-v1100054-amd64-memstick.img) = 8951648e199157e840f1dc2637ba6516631bda75c28768086ccc5daba7822e874790cf5b1c2a86d428c70858cb1de5a0318c64ee27e8ce51596387d0b74c082b
SHA512 (HardenedBSD-11-STABLE-v1100054-amd64-mini-memstick.img) = 5d6cfc1f89374409efa226da5e6ef793e5e9472a217241e1a21e3c93ebadc9fd967a586dfbe66d454655618cef63721e42402c0a5e3282e1a5db465c208daa26

CHECKSUM.SHA512.asc:

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAloNK9kACgkQgZsRom/9
GI2qDQ//WQxgSb96jBJ7uXlO9uH9xboZVPzgSP2OfXPFqRvy82Sqr/OFtmVURh1v
8N4zYkVEE4nCKkwiuSFRmRkfygKg1qhQ8hNbpXA3icgITO9ZS6kBIh6ZBkSht8f5
aFgkAEU6CToSodz733oSnaAmGoap6drG2jJ8VlK+IjdXQkrK1mh4g2ETZg03I3ED
vzqAQ5+AT1V4+MzES+K3AV0jnR7nCntLAaEDRgEIcEKA9l4GPfhUNyPnusd3RJNb
vAOJWt7XBJAvWilABDXVPXxObKqhowTKb/+JcEwP0Is8uIzfzplr/E9zmUCCmy5O
u+FQ5H14M+sIfo7KwlXsWStWUhCmOoXR8mLtEAzAV2bZf+/dccrFOE0M3lYu8ZA+
kq09zEN22N3fPU55PIRFyzLlFsRHx2/vFZMf8RvsVbtroHWBqsMudPkd8y8F26aM
HQBHFhmaRmlWmNTJ+Fsh51mwv08CmcY7W0tQztXZWgkKA+uwQV//olOglp9ZVhEJ
LNwRVcAGEwhXJsKeNBzHgiteEYu5kTV7HxiQwMnoIDnN2WT8zkJhetYNQnwMPJIj
LP2/azjbX6nTCZJyLRsLBRu8KGf1g9jW03gWmu8/qUZldS4bgxx4HDnmXazhShgX
zXWQLS9e+K1z2Dg9+7wLHmxK5k9pf9T+SadDPZ14n+DrEjr9qbw=
=Rk9Y
-----END PGP SIGNATURE-----


Changelog:

Oliver Pinter (3):

  • Merge remote-tracking branch 'origin/freebsd/11-stable/master' into hardened/11-stable/master
  • HBSD: fix merge conlicts in auxvectors after fea694b75ea6704d14c7867ee98e4acb949ca6fc
  • HBSD: bump __HardenedBSD_version to 1100054 after f9ed451a34137522fdc937272d6c8dce024a826c


Oliver Pinter + (2):

  • Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
  • Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master


bapt (3):

  • MFC r325716:
  • MFC r325717:
  • MFC r325737:


des (1):

  • MFH (r325010): don't bother verifying a password that we know is too long.


ed (1):

  • MFC r324727 and r325555:


eugen (1):

  • MFC r325559: ifconfig__descr


gjb (1):

  • MFC r322401: Avoid creating kernel-dbg.txz distribution sets and kernel-debug packages when MK_DEBUG_FILES is 'no'.


gordon (1):

  • MFC r325865


jhb (4):

  • MFC 323580,323933,323934,324814,324817: Enable AT_HWCAP on arm.
  • MFC 323581,323582,323583: Add ptrace operations for VFP registers.
  • MFC 323584: Add a NT_ARM_VFP ELF core note to hold VFP registers for each thread.
  • MFC 323588: Recognize NT_PTLWPINFO and NT_ARM_VFP in FreeBSD ELF cores.


kib (2):

  • MFC r325671: Check that the pmc index is less than the number of hardware PMCs, instead of asserting the condition.
  • MFC r325553: Remove useless DEBUG printfs in i386 sendsig() implementations.


trasz (10):

  • MFC r324261:
  • MFC r320672:
  • MFC r320672:
  • MFC r324199:
  • MFC r324276:
  • MFC r324367:
  • MFC r324427:
  • MFC r324857:
  • MFC r213931:
  • MFC r325009:

Uploads: 

Plain text icon CHECKSUM.SHA512.txt
Plain text icon CHECKSUM.SHA512.asc_.txt
Plain text icon shortlog-HardenedBSD-11-STABLE-v1100054.txt