Properly bzero kldstat structure to prevent information leak. [SA-17:10]

Approved by: so Security: FreeBSD-SA-17:10.kldstat Security: CVE-2017-1088
author: gordon <gordon@FreeBSD.org> 2017-11-15 22:49:47 +0000
committer: gordon <gordon@FreeBSD.org> 2017-11-15 22:49:47 +0000
commit: 03a0fa11ebe6236939f2a28185b0d78d62b666b8 (patch)
tree: aae272cb282f62551336f07e43215330b57e2e52 /UPDATING
parent: 7bfcc0bdc10f78c17fe931789b415e0d95b7bdf7 (diff)
download: FreeBSD-src-03a0fa11ebe6236939f2a28185b0d78d62b666b8.zip
FreeBSD-src-03a0fa11ebe6236939f2a28185b0d78d62b666b8.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index ab284df..6f1bd5e 100644
--- a/UPDATING
+++ b/UPDATING
@@ -16,6 +16,13 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20171115	p3	FreeBSD-SA-17:08.ptrace
+			FreeBSD-SA-17:10.kldstat
+
+	Fix ptrace(2) vulnerability. [SA-17:08.ptrace]
+
+	Fix kldstat(2) vulnerability. [SA-17:10.kldstat]
+
 20171102	p3	FreeBSD-EN-17:09.tzdata
 
 	Update timezone database information. [EN-17:09]
author	gordon <gordon@FreeBSD.org>	2017-11-15 22:49:47 +0000
committer	gordon <gordon@FreeBSD.org>	2017-11-15 22:49:47 +0000
commit	03a0fa11ebe6236939f2a28185b0d78d62b666b8 (patch)
tree	aae272cb282f62551336f07e43215330b57e2e52 /UPDATING
parent	7bfcc0bdc10f78c17fe931789b415e0d95b7bdf7 (diff)
download	FreeBSD-src-03a0fa11ebe6236939f2a28185b0d78d62b666b8.zip FreeBSD-src-03a0fa11ebe6236939f2a28185b0d78d62b666b8.tar.gz