OPNSense/src 80758f4. UPDATING, sys/conf newvers.sh

Bump version information and add UPDATING entries.

Approved by:    so
DeltaFile
+18-0UPDATING
+1-1sys/conf/newvers.sh
+19-12 files

OPNSense/src c3f5135usr.sbin/bhyve pci_e82545.c

Fix insufficient validation of guest-supplied data (e1000 device).

Approved by:    so
Security:       FreeBSD-SA-19:21.bhyve
Security:       CVE-2019-5609

OPNSense/src ed2696bcontrib/bsnmp/lib asn1.c

Fix insufficient message length validation in bsnmp library.

Approved by:    so
Security:       FreeBSD-SA-19:20.bsnmp
Security:       CVE-2019-5610

OPNSense/src f2db14fsys/netinet6 mld6.c

Fix ICMPv6 / MLDv2 out-of-bounds memory access.

Approved by:    so
Security:       FreeBSD-SA-19:19.mldv2
Security:       CVE-2019-5608
DeltaFile
+23-25sys/netinet6/mld6.c
+23-251 files

OPNSense/src c555b0ccontrib/bzip2 README bzip2.c

Fix multiple vulnerabilities in bzip2.

Approved by:    so
Security:       FreeBSD-SA-19:18.bzip2
Security:       CVE-2016-3189
Security:       CVE-2019-12900

OPNSense/src 19000b4contrib/llvm/projects/libunwind/src EHHeaderParser.hpp

Fix incorrect exception handling.

Approved by:    so
Security:       FreeBSD-EN-19:15.libunwind

OPNSense/src 1f81122. UPDATING, sys/conf newvers.sh

Bump version information and add UPDATING entries.

Approved by:    so
DeltaFile
+18-0UPDATING
+1-1sys/conf/newvers.sh
+19-12 files

OPNSense/src ebaad62usr.sbin/bhyve pci_e82545.c

Fix insufficient validation of guest-supplied data (e1000 device).

Approved by:    so
Security:       FreeBSD-SA-19:21.bhyve
Security:       CVE-2019-5609

OPNSense/src 0cdda0ccontrib/bsnmp/lib asn1.c

Fix insufficient message length validation in bsnmp library.

Approved by:    so
Security:       FreeBSD-SA-19:20.bsnmp
Security:       CVE-2019-5610

OPNSense/src 7c57bbasys/netinet6 mld6.c

Fix ICMPv6 / MLDv2 out-of-bounds memory access.

Approved by:    so
Security:       FreeBSD-SA-19:19.mldv2
Security:       CVE-2019-5608
DeltaFile
+23-25sys/netinet6/mld6.c
+23-251 files

OPNSense/src 407bff1contrib/bzip2 README bzip2.c

Fix multiple vulnerabilities in bzip2.

Approved by:    so
Security:       FreeBSD-SA-19:18.bzip2
Security:       CVE-2016-3189
Security:       CVE-2019-12900

OPNSense/src ce5ef33contrib/llvm/projects/libunwind/src EHHeaderParser.hpp

Fix incorrect exception handling.

Approved by:    so
Security:       FreeBSD-EN-19:15.libunwind

OPNSense/src 0f8d026. UPDATING, sys/conf newvers.sh

Bump version information and update UPDATING.

Approved by:    so
DeltaFile
+22-0UPDATING
+1-1sys/conf/newvers.sh
+23-12 files

OPNSense/src 1d0b27asys/kern uipc_usrreq.c

Fix file descriptor reference count leak.

Approved by:    so
Security:       FreeBSD-SA-19:17.fd
Security:       CVE-2019-5607

OPNSense/src df7a607usr.sbin/bhyve pci_xhci.c

Fix byhve out-of-bounds read in XHCI device.

Approved by:    so
Security:       FreeBSD-SA-19:16.bhyve
Security:       CVE-2019-5604

OPNSense/src e2cf2a3sys/kern uipc_mqueue.c

Fix reference count overflow in mqueuefs.

Approved by:    so
Security:       FreeBSD-SA-19:15.mqueuefs
Security:       CVE-2019-5603

OPNSense/src 406169dsys/compat/freebsd32 freebsd32_ioctl.c

Fix kernel memory disclosure in freebsd32_ioctl.

Approved by:    so
Security:       FreeBSD-SA-19:14.freebsd32
Security:       CVE-2019-5605

OPNSense/src 6fd6522sys/kern tty.c

Fix pts write-after-free.

Approved by:    so
Security:       FreeBSD-SA-19:13.pts
Security:       CVE-2019-5606
DeltaFile
+3-3sys/kern/tty.c
+3-31 files

OPNSense/src 65c6845contrib/telnet/telnet commands.c telnet.c

Fix multiple telnet client vulnerabilities.

Approved by:    so
Security:       FreeBSD-SA-19:12.telnet
Security:       CVE-2019-0053

OPNSense/src 2ce3639sys/x86/x86 cpu_machdep.c

Fix panic from Intel CPU vulnerability mitigation.

Approved by:    so
Security:       FreeBSD-EN-19:13.mds

OPNSense/src 6980dcb. UPDATING, sys/conf newvers.sh

Bump version information and update UPDATING.

Approved by:    so
DeltaFile
+22-0UPDATING
+1-1sys/conf/newvers.sh
+23-12 files

OPNSense/src 070b2dasys/kern uipc_usrreq.c

Fix file descriptor reference count leak.

Approved by:    so
Security:       FreeBSD-SA-19:17.fd
Security:       CVE-2019-5607

OPNSense/src c2c7ae1usr.sbin/bhyve pci_xhci.c

Fix byhve out-of-bounds read in XHCI device.

Approved by:    so
Security:       FreeBSD-SA-19:16.bhyve
Security:       CVE-2019-5604

OPNSense/src e28acaesys/kern uipc_mqueue.c

Fix reference count overflow in mqueuefs.

Approved by:    so
Security:       FreeBSD-SA-19:15.mqueuefs
Security:       CVE-2019-5603

OPNSense/src 39bcb48sys/compat/freebsd32 freebsd32_ioctl.c

Fix kernel memory disclosure in freebsd32_ioctl.

Approved by:    so
Security:       FreeBSD-SA-19:14.freebsd32
Security:       CVE-2019-5605

OPNSense/src 1aabea3sys/kern tty.c

Fix pts write-after-free.

Approved by:    so
Security:       FreeBSD-SA-19:13.pts
Security:       CVE-2019-5606
DeltaFile
+3-3sys/kern/tty.c
+3-31 files

OPNSense/src 7fbff6acontrib/telnet/telnet commands.c telnet.c

Fix multiple telnet client vulnerabilities.

Approved by:    so
Security:       FreeBSD-SA-19:12.telnet
Security:       CVE-2019-0053

OPNSense/src dbd8a69sys/x86/x86 cpu_machdep.c

Fix panic from Intel CPU vulnerability mitigation.

Approved by:    so
Security:       FreeBSD-EN-19:13.mds

OPNSense/src ab3b8b4sys/dev/netmap netmap_mem2.c

netmap: bump ring size, still too small in FreeBSD

PR: https://forum.opnsense.org/index.php?topic=13436.0

OPNSense/src 815f865sys/dev/netmap netmap_mem2.c

netmap: bump ring size, still too small in FreeBSD

PR: https://forum.opnsense.org/index.php?topic=13436.0

OPNSense/src 680a395sys/dev/ath/ath_hal ah_internal.h, sys/dev/ath/ath_hal/ah_regdomain ah_rd_freqbands.h ah_rd_domains.h

MFC r306323:
[ath_hal] Add FCC6_FCCA regulatory domain (0x0014).

PR:            194336
Requested by:   Chris Hutchinson <portmaster at bsdforge.com>

OPNSense/src c96afa4. UPDATING, sys/conf newvers.sh

Update UPDATING and bump newvers.sh

Approved by:    so
Approved by:    re (implicit)
DeltaFile
+13-0UPDATING
+1-1sys/conf/newvers.sh
+14-12 files

OPNSense/src f72b876sys/cam/scsi scsi_cd.c, sys/compat/linux linux_ioctl.c

Fix privilege escalation in cd(4) driver.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-SA-19:11.cd_ioctl
Security:       CVE-2019-5602

OPNSense/src b3a1d37sbin/fsck_ffs dir.c fsck_ffs.8, sys/ufs/ufs ufs_lookup.c dir.h

Fix kernel stack disclosure in UFS/FFS.

Approved by:    so
Security:       FreeBSD-SA-19:10.ufs
Security:       CVE-2019-5601

OPNSense/src cd4e30flib/libc/iconv citrus_none.c

Fix iconv buffer overflow.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-SA-19:09.iconv

OPNSense/src 69ed8decontrib/tzdata asia africa

Import tzdata 2019b.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-EN-19:12.tzdata

OPNSense/src 56eb289sys/netinet6 in6_src.c

MFC r348236:
  Restore IPV6_NEXTHOP option support that seem was partially broken
  since r286195.

  Do not forget results of route lookup and initialize rt and ifp
  pointers.

  PR:          238098
  Submitted by: Masse Nicolas <nicolas.masse at stormshield eu>
Approved by:    re (gjb)

OPNSense/src 1268658sys/dev/ath/ath_hal ah_internal.h, sys/dev/ath/ath_hal/ah_regdomain ah_rd_freqbands.h ah_rd_domains.h

MFC r306323:
[ath_hal] Add FCC6_FCCA regulatory domain (0x0014).

PR:            194336
Requested by:   Chris Hutchinson <portmaster at bsdforge.com>

OPNSense/src 8d6dcce. UPDATING, sys/conf newvers.sh

Update UPDATING and bump newvers.sh

Approved by:    so
Approved by:    re (implicit)
DeltaFile
+13-0UPDATING
+1-1sys/conf/newvers.sh
+14-12 files

OPNSense/src e97b23bsys/cam/scsi scsi_cd.c, sys/compat/linux linux_ioctl.c

Fix privilege escalation in cd(4) driver.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-SA-19:11.cd_ioctl
Security:       CVE-2019-5602

OPNSense/src 07dfc31sbin/fsck_ffs dir.c fsck_ffs.8, sys/ufs/ufs ufs_lookup.c dir.h

Fix kernel stack disclosure in UFS/FFS.

Approved by:    so
Security:       FreeBSD-SA-19:10.ufs
Security:       CVE-2019-5601

OPNSense/src 05677f9lib/libc/iconv citrus_none.c

Fix iconv buffer overflow.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-SA-19:09.iconv

OPNSense/src 6eb6791contrib/tzdata asia africa

Import tzdata 2019b.

Approved by:    so
Approved by:    re (implicit)
Security:       FreeBSD-EN-19:12.tzdata

OPNSense/src 83b05c3sys/netinet6 in6_src.c

MFC r348236:
  Restore IPV6_NEXTHOP option support that seem was partially broken
  since r286195.

  Do not forget results of route lookup and initialize rt and ifp
  pointers.

  PR:          238098
  Submitted by: Masse Nicolas <nicolas.masse at stormshield eu>
Approved by:    re (gjb)

OPNSense/src 35a179bsys/dev/netmap netmap_bdg.h

MFC r339683:
Remove redundant redeclaration of netmap_vp_reg().
This should unbreak sparc64 and powerpc LINT builds.

-- While this does fix that error, powerpc.LINT, powerpc.LINT64, and
-- sparc64.LINT are broken in stable/11 for other reasons. --rpokala

Sponsored by:   Panasas

OPNSense/src 015fbd0sys/dev/netmap netmap_bdg.h

MFC r339683:
Remove redundant redeclaration of netmap_vp_reg().
This should unbreak sparc64 and powerpc LINT builds.

-- While this does fix that error, powerpc.LINT, powerpc.LINT64, and
-- sparc64.LINT are broken in stable/11 for other reasons. --rpokala

Sponsored by:   Panasas

OPNSense/src 6fb088dsys/dev/mmc mmc.c

MMC, HS200/HS400 support seems to break mmc legacy support, clock probing seems to have 
issues.

Original source 
https://github.com/freebsd/freebsd/commit/398d5fc6afb7ce20f0cf9ecc4fe286e72afdbf29

This commit resets mmc_calculate_clock() to it's original behaviour.
DeltaFile
+29-118sys/dev/mmc/mmc.c
+29-1181 files

OPNSense/src 289d111sys/dev/mmc mmcbrvar.h

Revert "MFC: r338304"

This reverts commit c02d19727f0e58807fbda77045fc60037517731d.

OPNSense/src f02cd30sys/dev/mmc mmcsd.c mmc.c

Revert "MFC: r333647, r338275, r338280, r338513"

This reverts commit f07063a474906b16e8f5ce72ec9f7b96751fb84a.

OPNSense/src dfe3385sys/dev/mmc mmc.c

Revert "MFC: r340495"

This reverts commit c722f5f39243ee71c8b60cd203ebb5965f41813f.
DeltaFile
+8-14sys/dev/mmc/mmc.c
+8-141 files