Fix integer overflow in IGMP protocol. [SA-15:04]

Fix vt(4) crash with improper ioctl parameters. [EN-15:01]

Updated base system OpenSSL to 1.0.1l. [EN-15:02]

Fix freebsd-update libraries update ordering issue. [EN-15:03]

Approved by: so

Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability
and SCTP stream reset vulnerability.

Security: FreeBSD-SA-15:02.kmem
Security: CVE-2014-8612
Security: FreeBSD-SA-15:03.sctp
Security: CVE-2014-8613
Approved by: so

Fix multiple vulnerabilities in OpenSSL. [SA-15:01]

Approved by: so

[SA-14:31] Fix multiple vulnerabilities in NTP suite.
[EN-14:13] Fix directory deletion issue in freebsd-update.

Approved by: so

Fix unbound remote denial of service vulnerability.

Security: FreeBSD-SA-14:30.unbound
Security: CVE-2014-8602
Approved by: so

Fix multiple vulnerabilities in file(1) and libmagic(3).

Security: FreeBSD-SA-14:28.file
Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117
Approved by: so

[SA-14:24] Fix denial of service attack against sshd(8).
[SA-14:25] Fix kernel stack disclosure in setlogin(2) / getlogin(2).
[SA-14:26] Fix remote command execution in ftp(1).
[EN-14:12] Fix NFSv4 and ZFS cache consistency issue.

Approved by: so (des)

Time zone data file update. [EN-14:10]

Approved by: so

Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20]

Fix routed(8) remote denial of service vulnerability. [SA-14:21]

Fix memory leak in sandboxed namei lookup. [SA-14:22]

Fix OpenSSL multiple vulnerabilities. [SA-14:23]

Approved by: so

Fix Denial of Service in TCP packet processing.

Security: FreeBSD-SA-14:19.tcp
Approved by: so

Fix multiple OpenSSL vulnerabilities:

The receipt of a specifically crafted DTLS handshake message may cause OpenSSL
to consume large amounts of memory. [CVE-2014-3506]

The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak
memory. [CVE-2014-3507]

A flaw in OBJ_obj2txt may cause pretty printing functions such as
X509_name_oneline, X509_name_print_ex et al. to leak some information from
the stack. [CVE-2014-3508]

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to
a denial of service attack. [CVE-2014-3510]

If a multithreaded client connects to a malicious server using a resumed
session and the server sends an ec point format extension it could write
up to 255 bytes to freed memory. [CVE-2014-3509]

A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
TLS 1.0 instead of higher protocol versions when the ClientHello message
is badly fragmented. [CVE-2014-3511]

A malicious client or server can send invalid SRP parameters and overrun
an internal buffer. [CVE-2014-3512]

A malicious server can crash the client with a NULL pointer dereference by
specifying a SRP ciphersuite even though it was not properly negotiated
with the client. [CVE-2014-5139]

Security: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,
CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
Security: FreeBSD-SA-14:18.openssl
Approved by: so

Fix kernel memory disclosure in control message and SCTP notifications.

Security: FreeBSD-SA-14:17.kmem
Security: CVE-2014-3952, CVE-2014-3953
Approved by: so

Fix iconv(3) NULL pointer dereference and out-of-bounds array
access. [SA-14:15]

Fix multiple vulnerabilities in file(1) and libmagic(3).
[SA-14:16]

Worked around bug with PCID implementation. [EN-14:07]

Security: CVE-2014-3951
Security: FreeBSD-SA-14:15.iconv
Security: CVE-2013-7345, CVE-2014-1943, CVE-2014-2270
Security: FreeBSD-SA-14:16.file
Approved by: so

Fix OpenSSL multiple vulnerabilities.

Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224,
CVE-2014-3470
Security: SA-14:14.openssl
Approved by: so

Fix sendmail improper close-on-exec flag handling. [SA-14:11]

Fix incorrect error handling in PAM policy parser. [SA-14:13]

Fix triple-fault when executing from a threaded process. [EN-14:06]

Approved by: so

Fix OpenSSL NULL pointer deference vulnerability. [SA-14:09]

Security: FreeBSD-SA-14:09.openssl
Security: CVE-2014-0198

Fix data corruption with ciss(4). [EN-14:05]

Errata: FreeBSD-EN-14:05.ciss

Approved by: so

Fix devfs rules not applied by default for jails.

Fix OpenSSL use-after-free vulnerability.

Fix TCP reassembly vulnerability.

Security: FreeBSD-SA-14:07.devfs
Security: CVE-2014-3001
Security: FreeBSD-SA-14:08.tcp
Security: CVE-2014-3000
Security: FreeBSD-SA-14:09.openssl
Security: CVE-2010-5298
Approved by: so

Fix NFS deadlock vulnerability. [SA-14:05]

Fix "Heartbleed" vulnerability and ECDSA Cache Side-channel
Attack in OpenSSL. [SA-14:06]

Approved by: so

MFS r249447:
Apply patch from upstream Heimdal for encoding fix

RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed. The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian. The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged. (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)

This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
from 13 October, 2013:
% Fix krb5's gss_pseudo_random() (n is big-endian)
%
% The first enctype RFC3961 prf output length's bytes are correct because
% the little- and big-endian representations of unsigned zero are the
% same. The second block of output was wrong because the counter was not
% being encoded as big-endian.
%
% This change could break applications. But those applications would not
% have been interoperating with other implementations anyways (in
% particular: MIT's).

Approved by: re (gjb)

Remove svn:mergeinfo from the releng/10.0 branch.

After branch creation from stable/10, the stable/10 branch mergeinfo
was moved to the root of the branch.

Since there have not been any merges from stable/10 to releng/10.0
yet, we do not need to track any of the existing mergeinfo here.

Merges to releng/10.0 should now be done to the root of the branch.

For future branches during the release cycle, unless otherwise noted,
this change will be done as part of the stable/ and releng/ branch
creation.

Discussed with: peter
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Fix integer overflow in IGMP protocol. [SA-15:04]

Fix vt(4) crash with improper ioctl parameters. [EN-15:01]

Updated base system OpenSSL to 1.0.1l. [EN-15:02]

Fix freebsd-update libraries update ordering issue. [EN-15:03]

Approved by: so

Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability
and SCTP stream reset vulnerability.

Security: FreeBSD-SA-15:02.kmem
Security: CVE-2014-8612
Security: FreeBSD-SA-15:03.sctp
Security: CVE-2014-8613
Approved by: so

Fix multiple vulnerabilities in OpenSSL. [SA-15:01]

Approved by: so

[SA-14:31] Fix multiple vulnerabilities in NTP suite.
[EN-14:13] Fix directory deletion issue in freebsd-update.

Approved by: so

Fix unbound remote denial of service vulnerability.

Security: FreeBSD-SA-14:30.unbound
Security: CVE-2014-8602
Approved by: so

Fix multiple vulnerabilities in file(1) and libmagic(3).

Security: FreeBSD-SA-14:28.file
Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117
Approved by: so

[SA-14:24] Fix denial of service attack against sshd(8).
[SA-14:25] Fix kernel stack disclosure in setlogin(2) / getlogin(2).
[SA-14:26] Fix remote command execution in ftp(1).
[EN-14:12] Fix NFSv4 and ZFS cache consistency issue.

Approved by: so (des)

Time zone data file update. [EN-14:10]

Approved by: so

Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20]

Fix routed(8) remote denial of service vulnerability. [SA-14:21]

Fix memory leak in sandboxed namei lookup. [SA-14:22]

Fix OpenSSL multiple vulnerabilities. [SA-14:23]

Approved by: so

Fix Denial of Service in TCP packet processing.

Security: FreeBSD-SA-14:19.tcp
Approved by: so

Fix multiple OpenSSL vulnerabilities:

The receipt of a specifically crafted DTLS handshake message may cause OpenSSL
to consume large amounts of memory. [CVE-2014-3506]

The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak
memory. [CVE-2014-3507]

A flaw in OBJ_obj2txt may cause pretty printing functions such as
X509_name_oneline, X509_name_print_ex et al. to leak some information from
the stack. [CVE-2014-3508]

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to
a denial of service attack. [CVE-2014-3510]

If a multithreaded client connects to a malicious server using a resumed
session and the server sends an ec point format extension it could write
up to 255 bytes to freed memory. [CVE-2014-3509]

A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
TLS 1.0 instead of higher protocol versions when the ClientHello message
is badly fragmented. [CVE-2014-3511]

A malicious client or server can send invalid SRP parameters and overrun
an internal buffer. [CVE-2014-3512]

A malicious server can crash the client with a NULL pointer dereference by
specifying a SRP ciphersuite even though it was not properly negotiated
with the client. [CVE-2014-5139]

Security: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,
CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
Security: FreeBSD-SA-14:18.openssl
Approved by: so

Fix kernel memory disclosure in control message and SCTP notifications.

Security: FreeBSD-SA-14:17.kmem
Security: CVE-2014-3952, CVE-2014-3953
Approved by: so

Fix iconv(3) NULL pointer dereference and out-of-bounds array
access. [SA-14:15]

Fix multiple vulnerabilities in file(1) and libmagic(3).
[SA-14:16]

Worked around bug with PCID implementation. [EN-14:07]

Security: CVE-2014-3951
Security: FreeBSD-SA-14:15.iconv
Security: CVE-2013-7345, CVE-2014-1943, CVE-2014-2270
Security: FreeBSD-SA-14:16.file
Approved by: so

Fix OpenSSL multiple vulnerabilities.

Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224,
CVE-2014-3470
Security: SA-14:14.openssl
Approved by: so

Fix sendmail improper close-on-exec flag handling. [SA-14:11]

Fix incorrect error handling in PAM policy parser. [SA-14:13]

Fix triple-fault when executing from a threaded process. [EN-14:06]

Approved by: so

Fix OpenSSL NULL pointer deference vulnerability. [SA-14:09]

Security: FreeBSD-SA-14:09.openssl
Security: CVE-2014-0198

Fix data corruption with ciss(4). [EN-14:05]

Errata: FreeBSD-EN-14:05.ciss

Approved by: so

Fix devfs rules not applied by default for jails.

Fix OpenSSL use-after-free vulnerability.

Fix TCP reassembly vulnerability.

Security: FreeBSD-SA-14:07.devfs
Security: CVE-2014-3001
Security: FreeBSD-SA-14:08.tcp
Security: CVE-2014-3000
Security: FreeBSD-SA-14:09.openssl
Security: CVE-2010-5298
Approved by: so

Fix NFS deadlock vulnerability. [SA-14:05]

Fix "Heartbleed" vulnerability and ECDSA Cache Side-channel
Attack in OpenSSL. [SA-14:06]

Approved by: so

MFS r249447:
Apply patch from upstream Heimdal for encoding fix

RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed. The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian. The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged. (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)

This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
from 13 October, 2013:
% Fix krb5's gss_pseudo_random() (n is big-endian)
%
% The first enctype RFC3961 prf output length's bytes are correct because
% the little- and big-endian representations of unsigned zero are the
% same. The second block of output was wrong because the counter was not
% being encoded as big-endian.
%
% This change could break applications. But those applications would not
% have been interoperating with other implementations anyways (in
% particular: MIT's).

Approved by: re (gjb)

Remove svn:mergeinfo from the releng/10.0 branch.

After branch creation from stable/10, the stable/10 branch mergeinfo
was moved to the root of the branch.

Since there have not been any merges from stable/10 to releng/10.0
yet, we do not need to track any of the existing mergeinfo here.

Merges to releng/10.0 should now be done to the root of the branch.

For future branches during the release cycle, unless otherwise noted,
this change will be done as part of the stable/ and releng/ branch
creation.

Discussed with: peter
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation