Stable release: HardenedBSD-stable 11-STABLE v1100054.1

HardenedBSD-11-STABLE-v1100054.1 - https://github.com/HardenedBSD/hardenedBSD-stable/releases/tag/HardenedB...

Highlights:

fixed syslogd - restore host name handling in UDP case (1bbaa032d75dc1aab167b8a6cc5c9116c5e393bc)
fixed ARM64 control flow problem (1ea13dc104ea903a34741e363d910a1fb16f31f7) [FreeBSD-SA-Candidate]
fixed MAP_GUARRD issues (96cbc3d921794d684acf6e4fe465374bee33ed6c)
upgrade to Unicode 10.0.0 (909e9adcdcdc361054c0947ee969961afe431676)
ZFS fixes
(side note: the recent OpenSSL security issues (FreeBSD-SA-17:11.openssl) are already fixed in previous releases)

Installer images:
http://installer.hardenedbsd.org/pub/HardenedBSD/releases/amd64/amd64/IS...

CHECKSUM.SHA512:
SHA512 (HardenedBSD-11-STABLE-v1100054.1-amd64-bootonly.iso) = 83725667faf1aadb34f154934f8da4790b3fe8993e98dc852d149fee4529625bf5dec04ee04a59dd577cdaaa1b6b6a2378abad39933c9d9c87dd8354757210a2 SHA512 (HardenedBSD-11-STABLE-v1100054.1-amd64-disc1.iso) = 9b0e2243f7b46a395e6c62c7daf279683ad961985e9129ccc30654672d368ea54b8bc718f6a94d74b47dd6aca049146d5dda36a0a1530d7a62d11812cf75f8de SHA512 (HardenedBSD-11-STABLE-v1100054.1-amd64-memstick.img) = cfe23f59d9969f3bbe958916a02ae830b7b65b506c4000edcf17ab513df0214c71c95700f1e27afa1f5290323bd5b9844bab1b817107ab6828b36b7a4d49cd8d SHA512 (HardenedBSD-11-STABLE-v1100054.1-amd64-mini-memstick.img) = ddf2e9e6a9fe32d7b104184e14c0abb6261770e00ae1cad37f58a3c8a18dc5cd021fa9e160740387812171dd9ede6fdc6322035ddc70885e7eac15086bfade12

CHECKSUM.SHA512.asc:
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEu1M4jTvZiSgVy54wgZsRom/9GI0FAlofe1QACgkQgZsRom/9
GI0lZhAA5evBJtIaEdpeYbtmlEUHJiXz+D94slp1CLKg2nzcZFU73e8FrkB8zbgA
qzfqq7v2SGzYHRSdI/f7iVDsXnsid9/t2PP9mn8OU0Sc1ZcgWwKNnaCcSf5lzNUz
yGNpuxFMy4OqYfO+CnIzihDYptEt/aFvgkrGYxPURjcM/veVcema9UFuT0lNjlhw
y3lvNouFrhF8k9vWLrZyW3J5Pe4MBTKFGm9thqm/p5fnHI0iCOsQIpLcWlxhMJHh
6GBUW+vszxLQGOxExrYxrIoY5FJyJN7zFwyh7jIhN/+OI9JOgMLPHFniOTpsJ/gm
N0QOTSzNBQ7AGNJBku4M6cEArfDujqwH61wbDOkVUqkG1gRu5AygSDy1nBwmUqSz
m5Of1iSMOl8qcKqjMkPlI+6CTFlcimb14jX6HMl4/WMvoe7dMLXEnfe6hl9/Tcqn
0ctJrNBck2k7vnYTc+4vwpdfnlmrvZqfFah2sOPPmFst9iJ4ahcAoxoRrS/beVn1
0f11GBDEf4BkkqIercR/XKUQmH+50apdypzjTcvLUspNIqlKekivUgDAo6r5hGOp
g1FnhkILpW1Wm6y0kLwt16y4ICculisa95mmbuKZ+gINDZo3hdtTyW+Kz3s+O71j
XrLAoqShGH+Ml/hZDJD7CbmrYbCmJjkTK3J3qSuq4dZJaYvQRyw=
=g8Bo
-----END PGP SIGNATURE-----

Changelog: Oliver Pinter + (26):

Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master
Merge branch 'freebsd/11-stable/master' into hardened/11-stable/master

ae (1):

MFC r325960: Unconditionally enable support for O_IPSEC opcode.

andrew (1):

MFC r326137:

asomers (8):

MFC r322854, r323995, r324568, r324991
MFC r323275, r324112
MFC r324805:
MFC r324457:
MFC r324940:
MFC r325011, r325016
MFC r322258, r324941, r324956, r325018
MFC r325363:

avg (6):

MFC r325227,r325272: geom_slice: do not destroy softc until providers are gone
MFC r325606: MFV r325605: 8713 Buffer overflow in dsl_dataset_name()
MFC r325608: MFV r325607: 8607 zfs: variable set but not used
MFC r325228: vdev_geom_close: close errored consumer even if vdev_reopening is set
MFC r325035: MFV r325013,r325034: 640 number_to_scaled_string is duplicated in several commands
MFC r325610: MFV r325609: 7531 Assign correct flags to prefetched buffers

bapt (3):

MFC r325361:
MFC: 325359
MFC r325888:

bcr (1):

MFC r325441:

brooks (1):

MFC r326307:

delphij (3):

MFC r325383:
MFC r325532: Update arcmsr(4) to 1.40.00.01:
MFC r325755: Be more careful when doing calculation with request from userland.

emaste (6):

MFC r325683: vnic: apply BPF tap before passing packet to hardware
MFC r325444: ANSIfy sys/kern/md4c.c
MFC r325811: vnic: report that the driver supports multicast
MFC r325813 (bz): Unbreak IPv6.
MFC r325042: libdtrace: replace "DOODAD" with more descriptive string
MFC r326046: dt_modtext: return error on archs lacking an implementation

eugen (1):

MFC r325436: RTF_PINNED for an interface

gjb (6):

MFC r320252, r320686, r325769: r320252: In release/release.sh: - Rename chroot_arm_armv6_build_release() to chroot_arm_build_release() and make it hardware agnostic (such as armv6 -vs- armv7 -vs- arm64). - Evaluate EMBEDDED_TARGET differently so release/tools/arm.subr can be used for arm/armv6 and arm64/aarch64. - Update comments and copyright.
MFC r325863: Only copy /etc/resolv.conf to ${CHROOTDIR} if /etc/resolv.conf does not already exist within ${CHROOTDIR}. This allows re-using a build chroot with CHROOTBUILD_SKIP set to a non-empty value and CHROOTDIR set to '/' in release.conf.
MFC r325950, r325953: r325950: Sort variables for consistency.
MFC r325373, r325861: r325373 (manu): release/arm: Do not install ubldr
MFC r326068: Remove /etc/resolv.conf from virtual machine images, which is copied from the build host. It is renamed to /etc/resolv.conf.bak on boot, so never used anyway.
Document SA-17:06 through SA-17:11 and EN-17:07 through EN:17-10.

glebius (2):

MFC r325558:
Revert r326103, as it appeared to be incorrect.

hselasky (4):

MFC r325533: Make the dma_alloc_coherent() function in the LinuxKPI NULL safe with regard to the "dev" argument.
MFC r325614: Multiple fixes for using IPv6 link-local addresses with RDMA in ibcore.
MFC r325615: Make sure the IPv6 scope ID gets zeroed when exchanging CMA messages in ibcore. Else the IPv6 address matching might fail. This change adds support for both embedded and non-embedded IPv6 scope IDs when passing a IPv6 link-local socket address to RDMA. Prior to this change only global IPv6 addresses would work with RDMA.
MFC r325616: Make sure sin_zero is zero in ibcore. Else socket address maching using bcmp() might fail.

jhb (4):

MFC 324993: Add a test for sending a signal while stepping a thread via PT_STEP.
MFC 325039: Rework pass through changes in r305485 to be safer.
MFC 319517: Add a cross-reference to sysdecode_socket_protocol(3).
MFC 319493,319509,319520,319595,319677,319679-319681,319688,319689, 319761-319768,320010,322899,322959,323020,323021,323151:

kib (3):

MFC r325758: Style bug.
MFC r325759: Do not leak PMC_PO_OWNS_LOGFILE on error.
MFC r326098: Return different error code for the guard page layout violation.

manu (1):

MFC r325517, r325554

markj (10):

MFC r324864, r324865: Cleanups for ctf.5.
MFC r325887: Avoid holding the process in uread() and uwrite().
MFC r325561: Allow various page daemon parameters to be set from loader.conf.
MFC r325528: Correct the type of foff.
MFC r319824 (by sevan), r320624, r326173: Fixups for the lockstat provider man page.
MFC r326055: Allow for fictitious physical pages in vm_page_scan_contig().
MFC r326060: Clean up the SYSINIT_FLAGS definitions for rwlock(9) and rmlock(9).
MFC r326061, r326063: DTrace test fixups.
MFC r326093: Use the right variable for the IP header parameter to tcp:::send.
MFC r326096: Annotate pragma/err.invalidlibdep.ksh as EXFAIL.

mav (2):

MFC r325552: s/NgSendMsgReply/NgSendReplyMsg/ in man to match the code.
MFC r325571: Add some PCI IDs found on AMD Epyc system.

pfg (1):

MFC r326028: iconv: Fix a pointer mismatch.

vangyzen (2):

MFC r325764
MFC r325766

Uploads:

shortlog-HardenedBSD-11-STABLE-v1100054.1.txt

CHECKSUM.SHA512.txt

CHECKSUM.SHA512.asc_.txt

HardenedBSD

Stable release: HardenedBSD-stable 11-STABLE v1100054.1

Uploads:

Donate to HardenedBSD

2021 Donation Status

Links

Uploads:

Donate to HardenedBSD

2021 Donation Status

Search form

Links