Add EN-22:16 to EN-22:19 and SA-22:09 to SA-22:12.

Approved by: so
2026-06-02 19:35:07 +00:00 · 2022-08-09 14:22:54 -07:00
parent 9dd6f41e48
commit fb32d2e2a0
28 changed files with 1473 additions and 0 deletions
@@ -1,6 +1,22 @@
 # Sort advisories by year, month and day
 # $FreeBSD$

+[[advisories]]
+name = "FreeBSD-SA-22:12.lib9p"
+date = "2022-08-09"
+
+[[advisories]]
+name = "FreeBSD-SA-22:11.vm"
+date = "2022-08-09"
+
+[[advisories]]
+name = "FreeBSD-SA-22:10.aio"
+date = "2022-08-09"
+
+[[advisories]]
+name = "FreeBSD-SA-22:09.elf"
+date = "2022-08-09"
+
 [[advisories]]
 name = "FreeBSD-SA-22:08.zlib"
 date = "2022-04-06"
@@ -1,6 +1,22 @@
 # Sort errata notices by year, month and day
 # $FreeBSD$

+[[notices]]
+name = "FreeBSD-EN-22:19.pam_exec"
+date = "2022-08-09"
+
+[[notices]]
+name = "FreeBSD-EN-22:18.wifi"
+date = "2022-08-09"
+
+[[notices]]
+name = "FreeBSD-EN-22:17.cam"
+date = "2022-08-09"
+
+[[notices]]
+name = "FreeBSD-EN-22:16.kqueue"
+date = "2022-08-09"
+
 [[notices]]
 name = "FreeBSD-EN-22:15.pf"
 date = "2022-04-06"
@@ -0,0 +1,127 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-22:16.kqueue                                         Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          kevent(2) timers fire too often
+
+Category:       core
+Module:         kqueue
+Announced:      2022-08-09
+Affects:        FreeBSD 13.1
+Corrected:      2022-06-08 00:42:21 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:01:21 UTC (releng/13.1, 13.1-RELEASE-p1)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+kevent(2) is a system call which provides a generic method of notifying
+the caller when a caller-specified event happens or a condition holds.
+One use for kevent(2) is to wait for a specified timeout to elapse.
+This is implemented by the EVFILT_TIMER filter type.
+
+II.  Problem Description
+
+In FreeBSD 13.1, periodic events of type EVFILT_TIMER will return at
+only half of the requested frequency, following the first event.
+
+III. Impact
+
+The bug may cause misbehaviour in software that makes use of periodic
+kevent(2)-based timers.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an errata update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-22:16/kqueue.patch
+# fetch https://security.FreeBSD.org/patches/EN-22:16/kqueue.patch.asc
+# gpg --verify kqueue.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              129112f80d2b    stable/13-n251040
+releng/13.1/                            c48048ebdbed  releng/13.1-n250150
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264131>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:16.kqueue.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyzyYACgkQ05eS9J6n
+5cIBnQ//edGaUR3lij2DjA6b4sxEVMk+Kss9AL8ZOP+QYnClCT0fyKRPPtW4xGn9
+gxlbGpfhCORVgf/V+Hi9FqB1hjdBdnByPOK+p2kKdNDMivQqD75Awlxw3w/YjTTI
+xBkErCIhcoo5vGh4xlTI76UYY2r02Lxl1uH5lj7AOwwTCEwkUdCSOoi4226O6mo8
+AKAErHNVtO0m3NmXW8qtfs9LwAaim6rVpyAYFK1HO0xBQIvMMkES91/iytKDkkLV
+XImuOwlDnk+ql6uRrqpCaIk3313+X0k3fvaEX3hpgbDPni8qiCeFsI3wOahZjPdq
+59bmrV9HKpNoalB74HsYD3SgG4v0lj8MXOPSNpAcZ9YgK77CZ6V+2WoVTNkvHVCY
+x5FuBGG2VQy2k7cNZYlyjNZKvPGi+lluJXPmGt0slI9QRXZhYZrjgyRlXfC5AQy8
+P+vNt+bzGrvdrjUZ4UoV/csvvntNHB3lLH8vT/mb+UuE9VqKUWHVXadeXugRUP18
+xE+48oivScLf4FAFwjIJg5nRlvFafuzwjdiO+KWcgbnsLDfITfx0Ok6q68VDuMii
+ZjzOzKKGPmBwuWJsu9WF4mL2kmyWzCJmSvpioEwHLw59Gbz7p4J7YXQDiZKgKX4e
+j9AAI1M7i82y5n9PEKPa/sA7lvyZVJgqAwsDtVWnPQAhrJ+kvWE=
+=dwL5
+-----END PGP SIGNATURE-----
@@ -0,0 +1,151 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-22:17.cam                                            Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          Kernel memory corruption during SCSI error recovery
+
+Category:       core
+Module:         cam
+Announced:      2022-08-09
+Affects:        All supported versions of FreeBSD.
+Corrected:      2022-05-03 20:32:45 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:01:20 UTC (releng/13.1, 13.1-RELEASE-p1)
+                2022-08-09 20:00:26 UTC (releng/13.0, 13.0-RELEASE-p12)
+                2022-05-04 01:04:43 UTC (stable/12, 12.3-STABLE)
+                2022-08-09 19:59:40 UTC (releng/12.3, 12.3-RELEASE-p6)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+CAM (Common Access Method) is a FreeBSD kernel subsystem which handles
+various aspects of storage device management.  Among other
+responsibilities, it handles device error recovery and can automatically
+retransmit commands to peripheral devices when a transient error is
+encountered.
+
+II.  Problem Description
+
+When a CAM-managed device responds to a command with an error condition,
+CAM may automatically retry the command following some error recovery
+protocol.  For instance, it may send a SCSI START UNIT command to the
+device before retrying the failed command.  In this case, an in-memory
+copy of the original command is preserved for a later retry.  However,
+a specific portion of the command state was not saved correctly, and
+upon a retry this could lead to memory corruption.
+
+III. Impact
+
+The bug can cause kernel panics or other system-level misbehaviour.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for an errata update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-22:17/cam.patch
+# fetch https://security.FreeBSD.org/patches/EN-22:17/cam.patch.asc
+# gpg --verify cam.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              84849cfd1dc0    stable/13-n250673
+releng/13.1/                            db8082886fd8  releng/13.1-n250149
+releng/13.0/                            5430423b6d63  releng/13.0-n244803
+stable/12/                                                        r372069
+releng/12.3/                                                      r372378
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262894>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:17.cam.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n
+5cIECxAAo+zofqG4H2ZTffIBo3YElCbB8pkXty/ZnW0+3cA+JWcYtpC+5UoKw68q
+wBN+fL8174tzkzsrN3ZZcmtd28NtlmNYpUbCQCji90K8CSSRibsa+IdGxRDkiTAL
+s/bHpn4Txyi+XiIDFVABWDuUf3rNxVqgmnWorMTnffukUkXxDYGbwTD4J9eaahhH
+eEG/iW/O8KL34Asb4Pg/KoY8TAp8U3ojd+/XrLkLHHm1VyAqiW7cYVLcKFFDArT0
+NUdqI/B329Jk4qy/FDqbturLGQyxpkeAnB1ARLaQ/DvNQNxoLLv2MbS2/92JiR/y
+pWrIz0brUp/zrtH5qEQxrvutHKch2CfQnansBs4d/atCyYQsrfTt+1QTpcbqdFJv
+L0ysPjuHYuFnizjospjaRJfNYQMUK64q5BBJeymNTMpXjYz2SG1K6BlsU001i51o
+tCXTfFJ35GjIJqiXL8K7aCiu0L8HFJ8zHIGBJv8gB8q/kNlDCCluks5nBGwktboM
+91WhbskyR/5en5drBB1RxXYsYDYcJiwDENLmTHyJK/9v55tRlsu6yMUb3sxwV5+G
+YC4z/GYEBfj5u/ttb0ILZX2eBHx/kIae0wW9x2ch6njOiSp1tcujEH74OIw1a4ja
+fOfWZsBjB23rIawn3eDLVnLtE9l1ljIsvy2rbVf4xNxxl3x68ZM=
+=Ujr3
+-----END PGP SIGNATURE-----
@@ -0,0 +1,130 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-22:18.wifi                                           Errata Notice
+                                                          The FreeBSD Project
+
+Topic:		WiFi patch update
+
+Category:       core
+Module:         net80211
+Announced:      2022-08-09
+Affects:        FreeBSD 13.0
+Corrected:      2022-08-09 20:11:00 UTC (releng/13.0, 13.0-RELEASE-p12)
+
+Note: The corrected date and patch revision above (p12) are specific to the
+      13.0-RELEASE version published via freebsd-update. The revision details
+      in the table below reference the git repository information, which was
+      correct at the time of the original WiFi patch.
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+FreeBSD's net80211 kernel subsystem provides infrastructure and drivers
+for IEEE 802.11 wireless (Wi-Fi) communications.
+
+II.  Problem Description
+
+FreeBSD-SA-22:02.wifi included a number of improvements to net80211 data
+validation.  Some of these changes were not included in the patch provided
+for FreeBSD 13.0 and via freebsd-update.  The changes were included in the
+git repository.
+
+III. Impact
+
+The interface affected by the missing change is only available to the
+superuser.  The superuser may be able to cause kernel crash.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date, and reboot.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +5min "Installing errata update"
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-22:18/wifi.patch
+# fetch https://security.FreeBSD.org/patches/EN-22:18/wifi.patch.asc
+# gpg --verify wifi.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+releng/13.0/                            0d1db5c3257e  releng/13.0-n244782
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254737>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:18.wifi.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n
+5cIYBA//VQCS16TK3QcOXDznzTi66YqL5GvCklVWzk52la+D0cIazzNKKWLwuJAF
+bAB9c+jjff0IU6J80/QNdTEvXBjw4HZ5CsniXEUbWMmQOdFh1c9mgW8q6W8PV+R9
+DYn7ROO/d8s71Kh8FQh9KzguCYsiSHm8gwfwSzi1bxfBp6J2Af2A/q/4KO7/mN/U
+Eltgr3AikjqvLm5vo985Fbv2ExH9Xm3rZcc3UggutyNFAtl4X4N/1Pux5msR38sp
+FIzveVKtu2kuQ9jqOceABZfaxCCXRwl5i/MibOdfZb3+JIdjDSnuH6fjVmVT3Qys
+4LFnokEFNtSn04z6VJHmtryqIuByVWWSyyFFpm65pKtpvxzEP+Wrql208U7k+r7A
+gi1vZVcJpZ5eLEdPgmE7T4IjfuonK0DvVkJlWIigmrFn2n4ss1cyQiNJYyujDDQB
+sCcC3HZoy8DE4RBzpfEWDjsoqQXzJ81o3TfnNr69alSVAmMRzcQjH8z6syApuq+0
+RmyHMCfgKnbPCtgQj0si8VRDtMfgqJsTqHsTks6NiL6csQUTtgYc37MgErLsUR05
+4XnfxvslAketx9BvWqgF6eIXnGoJsCopzVKOttxdqpyV1AzanZzl0q+wEBp8WND0
+Jpzhtmar9Pxq9wcRNNx8as5b5IyH1zp4/0FqztGsLgHluazYPbk=
+=W4Fk
+-----END PGP SIGNATURE-----
@@ -0,0 +1,132 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-EN-22:19.pam_exec                                       Errata Notice
+                                                          The FreeBSD Project
+
+Topic:          NULL pointer dereference in pam_exec(8)
+
+Category:       core
+Module:         pam
+Announced:      2022-08-09
+Affects:        FreeBSD 13.0 and later
+Corrected:      2022-06-24 09:09:59 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:01:22 UTC (releng/13.1, 13.1-RELEASE-p1)
+                2022-08-09 20:00:25 UTC (releng/13.0, 13.0-RELEASE-p12)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+pam_exec(8) is a pam(3) module for delegating PAM service functions to an
+external program.  When used for authentication, it can pass the user's
+authentication token to the external program.
+
+II.  Problem Description
+
+When pam_exec(8) is used for authentication with the `expose_authtok' option
+and an application calls pam_setcred(3), it attempts to expose an already
+stored authentication token.  It is incorrectly assumed that there always is
+such a token stored, which leads to dereferencing a NULL pointer if this
+isn't the case.
+
+III. Impact
+
+It is impossible to reliably use pam_exec(8) for authentication with the
+`expose_authtok' option, that is necessary to have the external program check
+credentials.  In most scenarios, authentication will fail because of a crash
+caused by the NULL pointer dereference.
+
+IV.  Workaround
+
+No workaround is available, however systems not using pam_exec(8) for
+authentication are not affected.
+
+V.   Solution
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/EN-22:19/pam_exec.patch
+# fetch https://security.FreeBSD.org/patches/EN-22:19/pam_exec.patch.asc
+# gpg --verify pam_exec.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              ea80848e1c06    stable/13-n251487
+releng/13.1/                            26db194f3db1  releng/13.1-n250151
+releng/13.0/                            277c0c4d2512  releng/13.0-n244802
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263893>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:19.pam_exec.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0cACgkQ05eS9J6n
+5cJs9Q//WY8wGjWIUpmQ2Z/R9aHp7+MsFXiJ+bmwiYeX7bAWDC5uienqML62ir7y
+Lqnx6B0Njkn8VmV+6/R6ACCXyNbg+zSXbecOFAkclB3x65CZbOAmgvtUYKCuSdGl
+EzGTBOoVPIr3aowpMsnc7MULF5WXxsDfb+mqT1MIo5gmsxIIulHwui0AnPzOhmH2
+gUeuA5CIsZk+QgJetAg28K0fB4pbKquX82sSiDbfMK+MrXOVugSTHDq1w+01LbW/
+YKNSo+kkMw+NmDBD46ibrMDJCVucdwpGISDzhJNALnUudLb8f7cbF/NN1Cd14zxA
+P8qY7CHmkSUVtREDGcvJ4TYIXtvCuT5iUaWymDkN1URu6MM0Ixa6JkG8yYBMi802
+Vg7/I2Z0I6F0oeDISmFGvF1Kic50sWL7pnPTpoNudI8RhRJzvNQpE67oF1IIdsEy
+Ij8aCRbkhirtlETUFmJw7YOWRVnMs9peahimmHVZ0bVwBG5eWuLb/7mSXtSvnUeD
+Af7U0Z82GHtb0vyFvc1zJcQa+nvkQGzEPsBTC8PxYdba1ZK5zJ9JW3cuSmJYW6jW
+Jao/8DvRQa0PrQe4ahy2xqa/ImYTr9RMaIT+x8ArRm4glfMZNDtbLjfgh0ebRGn+
+Fhh1DS7URCijOwsK9pM1mX7zaROINyyXpGNhnzd2SJsH9p31VaE=
+=JZ5O
+-----END PGP SIGNATURE-----
@@ -0,0 +1,156 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-22:09.elf                                        Security Advisory
+                                                          The FreeBSD Project
+
+Topic:		Out of bound read in elf_note_prpsinfo()
+
+Category:       core
+Module:         kernel
+Announced:      2022-08-09
+Credits:	Josef 'Jeff' Sipek
+Affects:        All supported versions of FreeBSD.
+Corrected:      2022-08-09 19:47:32 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:00:43 UTC (releng/13.1, 13.1-RELEASE-p1)
+                2022-08-09 19:59:14 UTC (releng/13.0, 13.0-RELEASE-p12)
+                2022-08-09 19:57:35 UTC (stable/12, 12.3-STABLE)
+                2022-08-09 19:59:47 UTC (releng/12.3, 12.3-RELEASE-p6)
+CVE Name:       CVE-2022-23089
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+Process information known as "prpsinfo" is written when dumping core of a
+process as an ELF note.
+
+The sbuf family of functions allows one to safely allocate, compose and
+release strings in kernel or user space.
+
+II.  Problem Description
+
+When dumping core and saving process information, proc_getargv() might
+return an sbuf which have a sbuf_len() of 0 or -1, which is not properly
+handled.
+
+III. Impact
+
+An out-of-bound read can happen when user constructs a specially crafted
+ps_string, which in turn can cause the kernel to crash.
+
+IV.  Workaround
+
+The system administrator can workaround this issue by disabling coredump.
+This can be done by adding:
+
+kern.coredump=0
+
+to /etc/sysctl.conf and run `service sysctl start`.
+
+V.   Solution
+
+Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date.
+
+A reboot is required after applying the fix.
+
+Perform one of the following:
+
+1) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for a security update"
+
+2) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-22:09/elf.patch
+# fetch https://security.FreeBSD.org/patches/SA-22:09/elf.patch.asc
+# gpg --verify elf.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              8a44a2c644fc    stable/13-n252079
+releng/13.1/                            69a456c0b60b  releng/13.1-n250152
+releng/13.0/                            056ffc74a769  releng/13.0-n244804
+stable/12/                                                        r372376
+releng/12.3/                                                      r372380
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23089>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:09.elf.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cJ6tw//VycxB1Il6TKajIo9VQE5lN1M/h1j0fbyUokXWpcGH/+iGl4sLkxtrFuv
+Ekjshp9AezGgSIWCEdcwx8ck3LUeU0kVhAjcJjI/p+YfSWcWlLTQk13/Z3FsF6pv
+EK1VjKDiMpZHbddbkvY2q4JKIdO2UXgBYwtshvwHL+Y8Ev2cxvJdQfwtclf+N0Q6
+Shgf25XPqkrG9vCJ30ldlJs902PoHKyGUOqU0+4741rcaZBjeF26RQPOXT+z4yQz
+RpVQvyQ01OnXgXO8X+7hoW83m3C7hNz5KnmX5YLMQCBUgYjBk4edeOlnq1wnRTtW
+k0qPdkIa5Rj8Yq8k+VP3PMiKezXOmxrmXUV16j64KZM9+r0eNPYx0C8sgkLZSrRe
+osk57jIYtI0M7fTVNlhMY7uCLFaK3xHb+/Md+ExpCs79ZbH+CxgnU+HPyIIVV4zX
+RhDRAh/w/MVKcHJM7y2TM6VDDhiLNqWeV9ruMj92ZnkB+QnRqrah53JUlo8PQcFn
+oDfe/pSGhchpjwyhwHoXTBQNQjUlbm/7iC95D0UdtfuH2eFcSdDq6aWMO5amxui0
+Kkm+nswlYIpJsq3Addu2pEEhh2DHIwF9wiz8DKFJ1et+BF+GW+V4XKvXSd8sO7j3
+19GK3xtf9cGnYYoPBpNSxuFLP+zcb+1gXTX+N9gG1EqQfXdjMtI=
+=lK0G
+-----END PGP SIGNATURE-----
@@ -0,0 +1,151 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-22:10.aio                                        Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          AIO credential reference count leak
+
+Category:       core
+Module:         kernel
+Announced:      2022-08-09
+Credits:	Chris J-D <chris@accessvector.net>
+Affects:        FreeBSD 12.3, FreeBSD 13.0
+Corrected:      2021-10-01 00:32:22 UTC (stable/13, 13.0-STABLE)
+                2022-08-09 20:00:24 UTC (releng/13.0, 13.0-RELEASE-p12)
+                2022-06-27 17:27:50 UTC (stable/12, 12.3-STABLE)
+                2022-08-09 19:59:44 UTC (releng/12.3, 12.3-RELEASE-p6)
+CVE Name:       CVE-2022-23090
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+FreeBSD's aio(4) subsystem implements asynchronous I/O.
+
+II.  Problem Description
+
+The aio_aqueue function, used by the lio_listio system call, fails to release
+a reference to a credential in an error case.
+
+III. Impact
+
+An attacker may cause the reference count to overflow, leading to a
+use after free (UAF).
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and reboot.
+
+Perform one of the following:
+
+1) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for a security update"
+
+2) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 12.3]
+# fetch https://security.FreeBSD.org/patches/SA-22:10/aio.12.patch
+# fetch https://security.FreeBSD.org/patches/SA-22:10/aio.12.patch.asc
+# gpg --verify aio.12.patch.asc
+
+[FreeBSD 13.0]
+# fetch https://security.FreeBSD.org/patches/SA-22:10/aio.13.patch
+# fetch https://security.FreeBSD.org/patches/SA-22:10/aio.13.patch.asc
+# gpg --verify aio.13.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              9499d3c1e40d    stable/13-n247480
+releng/13.0/                            c864c8cf08a9  releng/13.0-n244801
+stable/12/                                                        r372172
+releng/12.3/                                                      r372379
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23090>
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258698>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:10.aio.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cI0ZBAAi90yUPtPxBcshN+DldO6WSuQEWBE5XU+7Ivesns80PMF+QuQ9S/YfurC
+I0LNfjGe48Q4/CIfixLf3Xsari9IBmHpUPvJS3+TaoxrOLRTLv2uTCZl6mGj1iqL
+H4ufrtMCbaA830EAKlEfCfI6eY8eDJpKh+he86adW3qNPWewTKGeEK8Mi4st009F
+DcCcHquy+IC2DnZaeoO+dttKyMoyEJgvo8F0oej8Jg7OBPdW6yTuabutQkuxSur/
+JChz+Gn0tKj9qtN6023T/JvDXBKsQVlURbGofHhcm5JkpFFVd0A4+2MLbAO24gJa
+fnYRJDaWbRHvF0joy3qbZWZ/a3iHHC+yq7jupHoOkP7yULUQRftoj2kdPPZic6eQ
+XcyZE3rKgk7CHJq1ofg/Ye6WTgEghWjUlp5yrTniL+uWp6YuSVZNKPvXweDpi45M
+segQvlLoDWG3GEhaRyvaeBkA4v1lLucdkLQCM9bAFPhq5S27lcHPf9r4jiWBR5HB
+yQKddJZGa5lzsiYhKfX+pJ4rQa3QPN7N1NRygXDp4WRcPCqV3r4owZNJs6rsPkVM
+c0+wyGZhv4jH8lRrludMeXkiusoYOHEE+hslA+xU3M+19ak7W3DkJZKvEZQgBMNs
+bobKi/rl0GmAJthxd+vLXmdRK8g50RhPP+Fq80eLct151DDBdd0=
+=7sbf
+-----END PGP SIGNATURE-----
@@ -0,0 +1,149 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-22:11.vm                                         Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Memory disclosure by stale virtual memory mapping
+
+Category:       core
+Module:         vm
+Announced:      2022-08-09
+Credits:        Mark Johnston
+Affects:        All supported versions of FreeBSD.
+Corrected:      2022-08-09 19:47:40 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:01:00 UTC (releng/13.1, 13.1-RELEASE-p1)
+                2022-08-09 19:59:49 UTC (releng/13.0, 13.0-RELEASE-p12)
+                2022-08-09 19:57:38 UTC (stable/12, 12.3-STABLE)
+                2022-08-09 19:59:48 UTC (releng/12.3, 12.3-RELEASE-p6)
+CVE Name:       CVE-2022-23091
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+Memory mappings shared between processes are a feature of the FreeBSD
+virtual memory system.  They may be established by unprivileged
+processes with the mmap(2), fork(2), and other system calls.
+
+II.  Problem Description
+
+A particular case of memory sharing is mishandled in the virtual memory
+system.  This is very similar to SA-21:08.vm, but with a different root
+cause.
+
+III. Impact
+
+An unprivileged local user process can maintain a mapping of a page
+after it is freed, allowing that process to read private data belonging
+to other processes or the kernel.
+
+IV.  Workaround
+
+No workaround is available.
+
+V.   Solution
+
+Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and reboot.
+
+Perform one of the following:
+
+1) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+# shutdown -r +10min "Rebooting for a security update"
+
+2) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-22:11/vm.patch
+# fetch https://security.FreeBSD.org/patches/SA-22:11/vm.patch.asc
+# gpg --verify vm.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              3ea8c7ad90f7    stable/13-n252080
+releng/13.1/                            0c88ecaa1255  releng/13.1-n250153
+releng/13.0/                            dd349089ff92  releng/13.0-n244805
+stable/12/                                                        r372377
+releng/12.3/                                                      r372381
+- -------------------------------------------------------------------------
+
+For FreeBSD 13 and later:
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+For FreeBSD 12 and earlier:
+
+Run the following command to see which files were modified by a particular
+revision, replacing NNNNNN with the revision number:
+
+# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
+
+Or visit the following URL, replacing NNNNNN with the revision number:
+
+<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23091>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:11.vm.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cK+mQ//V5ZGy6Hx4dfngafOWuSnC/5usXbu69iKnHQONPVZoVO72ZZKbm1fyMn7
+HlDyAfhEtYuh67JNROH7KJUf3lPeHQUd/rfSbTv8usXhxeAu09/kWi74/kviDLd5
+5Ocaja6DSN457c4gd6Lght1IrzDjnrL/oR8sHf7QWP0UAPjzi9CAcN5R90e7UP0u
+J5/w76zl4ApGu4na3CNi3OTCf4xOf4ncosOXFyZHOAsnbyXjjl0qp17MtxDpsvNn
+xAXOF3PvtFsO8r2MyLqRkcvPZE3n1LNvAPaI5jlVaXS6Nw7enZMqokj8XLmiUxcg
+FXipr9nhdL+Rihj3JjIY3uSXv7x+ZacET9cM03a9LlI7kSzfuWA+hkiDExfITJZ5
+jJFqZ+PV+TvNqXfeatnOC9o2iyW0tAj7j1JPO3NEowdJSh/cpgzDfniDhm5dMA7G
+TTFyxCrX5ZwhbPgHwKdb6J6oVYc0v8Rlnbb4bIpIeFO/OP0QwAU0f/GnxCeTEoXn
+0s26Azsi2l31HKhSha7KVz66IWCdyBjwGApC2lNM9G2zKlD4NXEr976mG9WA09wS
+jUM290y1uj2igdfq6gcgno37c6xQiAypDpOnOCGAL0+sbPT5ak7y/NFDFppR0uB4
+x7USiGEonMNswkKHtaOf7df6RAwNQZG7F+ADwtaMlC/C+c6hlUk=
+=WXZW
+-----END PGP SIGNATURE-----
@@ -0,0 +1,136 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA512
+
+=============================================================================
+FreeBSD-SA-22:12.lib9p                                      Security Advisory
+                                                          The FreeBSD Project
+
+Topic:          Missing bounds check in 9p message handling
+
+Category:       contrib
+Module:         lib9p
+Announced:      2022-08-09
+Credits:        Robert Morris
+Affects:        FreeBSD 13.0 and 13.1
+Corrected:      2022-08-09 13:33:14 UTC (stable/13, 13.1-STABLE)
+                2022-08-09 20:01:13 UTC (releng/13.1, 13.1-RELEASE-p1)
+                2022-08-09 20:00:03 UTC (releng/13.0, 13.0-RELEASE-p12)
+CVE Name:       CVE-2022-23092
+
+For general information regarding FreeBSD Security Advisories,
+including descriptions of the fields above, security branches, and the
+following sections, please visit <URL:https://security.FreeBSD.org/>.
+
+I.   Background
+
+lib9p provides an implementation of the 9p file system protocol.  It is
+used by bhyve(8) to provide guest access to a host file system tree via
+the virtio-9p device model.  The FreeBSD base system does not contain
+any other users of lib9p.
+
+II.  Problem Description
+
+The implementation of lib9p's handling of RWALK messages was missing a
+bounds check needed when unpacking the message contents.  The missing
+check means that the receipt of a specially crafted message will cause
+lib9p to overwrite unrelated memory.
+
+III. Impact
+
+The bug can be triggered by a malicious bhyve guest kernel to overwrite
+memory in the bhyve(8) process.  This could potentially lead to
+user-mode code execution on the host, subject to bhyve's Capsicum
+sandbox.
+
+IV.  Workaround
+
+No workaround is available.  Systems not using bhyve's virtio-9p device
+model are not affected.
+
+V.   Solution
+
+Upgrade your vulnerable system to a supported FreeBSD stable or
+release / security branch (releng) dated after the correction date,
+and restart any VMs utilizing virtio-9p devices.
+
+Perform one of the following:
+
+1) To update your vulnerable system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64, i386, or
+(on FreeBSD 13 and later) arm64 platforms can be updated via the
+freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+
+2) To update your vulnerable system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+# fetch https://security.FreeBSD.org/patches/SA-22:12/lib9p.patch
+# fetch https://security.FreeBSD.org/patches/SA-22:12/lib9p.patch.asc
+# gpg --verify lib9p.patch.asc
+
+b) Apply the patch.  Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile the operating system using buildworld and installworld as
+described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
+
+Restart restart any VMs utilizing virtio-9p devices, or reboot the system.
+
+VI.  Correction details
+
+This issue is corrected by the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path                             Hash                     Revision
+- -------------------------------------------------------------------------
+stable/13/                              c536045c51da    stable/13-n252071
+releng/13.1/                            7dfe949791e7  releng/13.1-n250154
+releng/13.0/                            70a2cf7bb2e0  releng/13.0-n244806
+- -------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23092>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:12.lib9p.asc>
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1IACgkQ05eS9J6n
+5cI0vxAAoIkoKbB7T2cGS3k4sNM0SCB8/akhccPCVLgDc5aNnCJSD21gSWVY//Qc
+IoxNgYBiP5Y0t2f8y6pzE4f9IuNRwhiLMAVgNHJgf7oRvsQyUAAqv+kXiXuutYQm
+qYZOYM6vYk7bw6yLPwyS1S0QPWFZraBA3wRxAXLn3NcU3blKc6psPPqLuqfdR+0a
+13s305/lw1uoaMYHtlS5S4rcnZm9uLPVMQZL6NMVtkLjRbuN2vUrZy81zSHVGQUN
+RAN8qAPXjeD22a5gy7ZIqgt07OjYn331rAPPIpNtADU0vaYzVUkwrilY8ogIIJH2
+Be2NPmqbZEWTHFYcOQHWW/16rDXYXx7ZfvHHYzsrId+9G97I/nTMmN8dPeUJTtgh
+syG6DSsbrYmssfGDXFX/nTdKDcT5UkNE3W3er7+RwQ54d9SlUwuY5SyycPJNBDim
+018+Gb3GobScJGwSID+DyYEHxaj9e0WmLC6tpm8ZBlZnUTrdBqxEX+xhfxsm0Yds
+dPVXHICXebgXzHs9RO5s4eNa+miu3W8QRkbyLmL8ReUHwsWSLS5p91hgOheHji4e
+0vO5T99f11+lp1FFw9iLlpo09klsN26nGTJ4/XXtlCjD85GIJINR7JI/Fg1NRF4N
+S5CmUPVutyvzGPkrNVUI9QwL/O0CEg55KTiqtQKjgjCCHhChZ+0=
+=ILeT
+-----END PGP SIGNATURE-----
@@ -0,0 +1,11 @@
+--- sys/kern/kern_event.c.orig
+++ sys/kern/kern_event.c
+@@ -739,7 +739,7 @@
+ 		if (delta == 0)
+ 			delta = 1;
+ 		kn->kn_data += delta;
+-		kc->next += (delta + 1) * kc->to;
+		kc->next += delta * kc->to;
+ 		if (now >= kc->next)	/* overflow */
+ 			kc->next = now + kc->to;
+ 		KNOTE_ACTIVATE(kn, 0);	/* XXX - handle locking */
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyzzAACgkQ05eS9J6n
+5cJ17g//Qk08VOI+CbTtmbdvyAiYG2vA51gPrhl9OdWBIeamwoSX//khM32j6Jdi
+MF6lb4UGKQ+oYkkTVUlEkyrYI5zQU+T7ycciE3GuU/JN1UK7XfqeQHEDCs/0bxgA
+gBGrTLG8C5Ra4tHQvw3vTXWkaeovqLbIrMoXZnmFOyMD+QL2sIUv/XoKijN5F/Sh
+M6nU/j3P6APdWXVLqZ19Zb0HxRKGUA9tddzwnHQPyeRy5zQEZUeSMO0SJoAj7mQr
+CqjWT0iGEuSuhX+P/Btlh3CLIWaD8ecQsJsRJMcrUdUGRe0klHc3CWh1mmXagc27
+/CurQy233Qy/44yCzqIIO7WFdxHFtLR3gvCXBA3FQYD0GX5pJEwtugLcxnYZCzJr
+9sD+WTnyhY/psxNzTYZKpzhdTazz82CXraboMATTNaFToCBUCZC+syikApVPIfi3
+EQCD+LvAr8eLwQfEGJ62sUKMSD5r1fS/kH25sWqI3EtEOxsP0FOcnOFG+knzofz+
+ArqaFi+4yQS9GyEfUKuJePr/Nnps/kCeTDN3zydUhPMZr4Rx8ks0jymoChb5SfX6
+JutthxAHS1yjidpk+7oSzBpKAKIFwe4q+mJsSNsIh4IQOS72eU1QRReWTy7WDmIT
+WSkxbtFexWDTisMcBrSmYn773pqkWcYZFWguyQWlG4yh3yOjLCc=
+=aHVt
+-----END PGP SIGNATURE-----
@@ -0,0 +1,10 @@
+--- sys/cam/cam_periph.c.orig
+++ sys/cam/cam_periph.c
+@@ -1421,6 +1421,7 @@
+ 	 * and the result will be the final one returned to the CCB owher.
+ 	 */
+ 	saved_ccb = (union ccb *)done_ccb->ccb_h.saved_ccb_ptr;
+	saved_ccb->ccb_h.periph_links = done_ccb->ccb_h.periph_links;
+ 	bcopy(saved_ccb, done_ccb, sizeof(*done_ccb));
+ 	xpt_free_ccb(saved_ccb);
+ 	if (done_ccb->ccb_h.cbfcnp != camperiphdone)
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n
+5cKHcg//cVViBE8l3gHNJ+7W8pL5v+fngquXPKfLXESFR0Mru7NGqneYuPb5zfal
+zfvW4kOkJx8ItdXBWQwgzROaiYLc6o2yLLHQuVnwYjj8+0zxms50mNkiZ1zTdOlQ
+b3DQFZYHFNx2XtnnNhM1VhIf4QySmmZG4T+SvqpxT7GW2M6lpO19DnTXHH8t+KxH
+HdyTvGjL4oxkUASIgl+gC7z8LTarZ5GZM7FQ6PtwHQbbxCx6/fiMZQbum7hVp4NG
+Xg/+2r8bycKUgGr0Ou854toIUp6Q7d/q87RY2CXGvk5V+0Y+y0+UNhBqIDzjhrYW
+YyarypPILHeOJdzqA0TqCPegxhHvGJtebDigBrUyA4bZ+g8EHqE/FZvDLZY2jItf
+TgnW0s1cX1EeMst3bGjP26OQ/g8cDhNBlMmDb13FpN92NazEumZ2EY7YYXpcF2dN
+wEhwK31NW3IsZ6oMe4s6zjdv0vGORjTOJrYcI+kxCJjBG+YNPrPDubCA63yRNNZ6
+96+sqsOk+yhIZKuMJYkBT3Ezln5VQWDTvpdg4CdbVtf1pVb7fJR3pXjWvtgZ/zhx
+Hab+momJL1jVKMD87eDmG0R+xT0zgJT1ON0jOhUyqj71cMgGopSriC5Qh7W/NDlT
+qjsdZRe7+2YT/ugmPU4H5bJiXlLK69cBRDhISpB9bEqepdl7Jho=
+=0vxY
+-----END PGP SIGNATURE-----
@@ -0,0 +1,22 @@
+--- sys/net80211/ieee80211_ioctl.c.orig
+++ sys/net80211/ieee80211_ioctl.c
+@@ -1591,7 +1591,7 @@
+ 	    ("expected opmode IBSS or AHDEMO not %s",
+ 	    ieee80211_opmode_name[vap->iv_opmode]));
+ 
+-	if (ssid_len == 0)
+	if (ssid_len == 0 || ssid_len > IEEE80211_NWID_LEN)
+ 		return EINVAL;
+ 
+ 	sr = IEEE80211_MALLOC(sizeof(*sr), M_TEMP,
+--- sys/net80211/ieee80211_node.c.orig
+++ sys/net80211/ieee80211_node.c
+@@ -1132,7 +1132,7 @@
+ 
+ 	ie = ies->data;
+ 	ielen = ies->len;
+-	while (ielen > 0) {
+	while (ielen > 1) {
+ 		switch (ie[0]) {
+ 		case IEEE80211_ELEMID_VENDOR:
+ 			if (iswpaoui(ie))
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0YACgkQ05eS9J6n
+5cJ5ag/+OpHebnVEBgFbv8YU2Thm9fA6tqnUiXq3rkcQzZ86b8nIqzQ1aN0Cs5ZX
+/W5ER7eATlgZ4SrvCqHzNTC7X+XoRR1wWte6xYWEs3JlyX3emWKp30OxzoQm926M
+eOQGwb/ZU2P+vD/iG9JxzQtzZUb+KB6sbpYLDSuaQfWKcHxN1+2+lhS4IJBLZ+Aq
+PMg6noKY//N7X0EcCzdV4O4EwcXB5eBcK5TbqZeUbGYQDnGCtu8hhhAjCAJJ0cL3
+orQJZzKSQ9tlFW0FzuMLBOS5+XOW8b5EnS110u1PoqGQhpDJ7uoYsE5SaprkB3f0
+C7cLqXixJS6Wot4VMDAYbkq4rWnmwPg1eX9QXTp5f6TB7cMq8LBf3AfrkFATgB1m
+Vek59PVngmyg72umK/KQK34Z68sFDaiKuN1rWTovGnboR3lc0Yhh+OrGH9FDcqfY
+kZ8cxIQXBDNJfsWJCkloqHL6kedLY4x+twOsvwW3KYaC90CZ0RR+YSThZKB2hmms
+cEiaOUlOL5m/+D2OjuL1sxFmycWTDP/qCaBNa+janYzm/mkXz0CEmkQ5njvGPa4X
+XZudEHmXQub7BPGB818fziyOe0/2P4k5lHLuvODZVZAEa6DZmk2kyh2xFDL2xGJQ
+pSSWv0rAb8fDvcjkkeBM5hxlqD2z4pY/dvSWfSPNmPpTZ+xZNUo=
+=2nLy
+-----END PGP SIGNATURE-----
@@ -0,0 +1,16 @@
+--- lib/libpam/modules/pam_exec/pam_exec.c.orig
+++ lib/libpam/modules/pam_exec/pam_exec.c
+@@ -261,6 +261,13 @@
+ 			/* don't prompt, only expose existing token */
+ 			rc = pam_get_item(pamh, PAM_AUTHTOK, &item);
+ 			authtok = item;
+			if (authtok == NULL && rc == PAM_SUCCESS) {
+				openpam_log(PAM_LOG_ERROR, 
+				    "%s: pam_get_authtok(): %s",
+				    func, "authentication token not available");
+				OUT(PAM_SYSTEM_ERR);
+			}
+
+ 		} else {
+ 			rc = pam_get_authtok(pamh, PAM_AUTHTOK, &authtok, NULL);
+ 		}
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz0cACgkQ05eS9J6n
+5cJFzxAAjWFVAjlOn/WgyVGJTSVk8pRuaMLEo7A0zCYEuQYwzt4x/os8F7RUgENX
+MKnWEbdukPVfAsFED4flDYjbb0BcS8NTyU6LrUITj8fuh4GrHIxc5JhqlNuyx0vU
+HhfRoIUfrr80ADvz9fakZ40XKSNo9dWUnVfPUFw8IGr6YtH9MooJTT3Fj5AOegv7
+MZYuYpt7QUIEQgCzRJ0MGCeYxR0I9/D/KZeYXuvPq2Ujz1uXoBfqW6zRphzibicn
+JDXCQEuZ38gX2T9mPwu/lMRzLl/uyAdok/sTM6a9GYM7M3ivN8hzQkawuR44SDQ+
+9BTa5UlYKm95cnGZ1uL+bVbTq9aWOgEpkFFZ9SpFTxYsRbxB+ombWVUrhZ+ESMPT
+lGzGO7m0jeAQx/z8hprEUPGxJUCWJtYO6sM3T+Qc2UVjxQP4VF7moCSN883Ywup
+2PKVE9eqmSQdP93qU1vlvnqxzkGnzRsfLTrB8oe177ehssf7m99yNjw1qvce5Ow2
+F0Qk6c/HXDFhR50+R7kBIc89o6V8V4nzFjO53U+Dy1PZh0qIego98S0eUmosVZVM
+yM51sBWgv1CvUgL6JuFj1py2IVDdtN735QY9LhpuwXm4ZjAWV7/50mg7wS5TEqO0
+vnK/qfmTZTDIV1S69LKzD+8ykGYCEP5VUESSh0eQ5IJPLHBRL6U=
+=z7bY
+-----END PGP SIGNATURE-----
@@ -0,0 +1,23 @@
+--- sys/kern/imgact_elf.c.orig
+++ sys/kern/imgact_elf.c
+@@ -2193,13 +2193,16 @@
+ 			    sizeof(psinfo->pr_psargs), SBUF_FIXEDLEN);
+ 			error = proc_getargv(curthread, p, &sbarg);
+ 			PRELE(p);
+-			if (sbuf_finish(&sbarg) == 0)
+-				len = sbuf_len(&sbarg) - 1;
+-			else
+			if (sbuf_finish(&sbarg) == 0) {
+				len = sbuf_len(&sbarg);
+				if (len > 0)
+					len--;
+			} else {
+ 				len = sizeof(psinfo->pr_psargs) - 1;
+			}
+ 			sbuf_delete(&sbarg);
+ 		}
+-		if (error || len == 0)
+		if (error != 0 || len == 0 || (ssize_t)len == -1)
+ 			strlcpy(psinfo->pr_psargs, p->p_comm,
+ 			    sizeof(psinfo->pr_psargs));
+ 		else {
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cKK1A/9E6VQrq8G4xoebXNSc/Q462ZdXNhmf7sznOyabTlhZ9UUoRoGrhRxua2q
+fyjcYFmPiTrbshantnovOfIIl7a5WjPVTIMXeieQ5r0ySKsqHG61h7YjQw0DiwIq
+Hbhu/zYHdHulUKtaRm7NjQduPu8KRFM6dtMKbB9gl5Tbi7rkzP0juCgkiosz+HVo
+QQV3imZ8VWqeGBquPEeROaIyYklIFiS/bDz+4OYNH1LqbLIxgoRRokJBpIOK0C6M
+Jr4vC4yE1CW48R5fR5K4eMAuHQTK7tv2uRTlVuS9SS1i69h1x05fcJKOkDAJpsX5
+uD47iDaX8baZBI/hKAJJnQohRbEWLWODtoRlabWeojbX6b8haeyf8oSFjtQV+zIK
+YTzGa//+AdwcCPbUasujYa7mn6rPH74Cm0XrDm2thcLMV6jxP4Cre1eWEiTqnjjB
+bW4nKV2nl4f8quz4g5HCaTE63H441XFBOr2CcOvgHUFs7YgxSWTMMntSBIVTqIp7
+VZ04MjccYLt0p6D//oT13r9ZJeoxq3eaou+u7Wcqk++QDPcMwjI91aVack1ruCkX
+qL5HnjdsDgMhe5nFiOJ3x66wT4oSMAkvnVn0u7mbTymcW2pvFwqC3nxYPxXfNGpi
+xp2zOumV6D6xoSkrYYAEwLexgj7gtehrh0zRM4zyTxS0+6TAEhQ=
+=DjfO
+-----END PGP SIGNATURE-----
@@ -0,0 +1,20 @@
+--- sys/kern/vfs_aio.c.orig
+++ sys/kern/vfs_aio.c
+@@ -1616,7 +1616,7 @@
+ 	else
+ 		error = fo_aio_queue(fp, job);
+ 	if (error)
+-		goto aqueue_fail;
+		goto err4;
+ 
+ 	AIO_LOCK(ki);
+ 	job->jobflags &= ~KAIOCB_QUEUEING;
+@@ -1637,6 +1637,8 @@
+ 	AIO_UNLOCK(ki);
+ 	return (0);
+ 
+err4:
+	crfree(job->cred);
+ aqueue_fail:
+ 	knlist_delete(&job->klist, curthread, 0);
+ 	if (fp)
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cJ2Kg/9GN8j0L8Cf8ilh0qZtSaYm7M+VTc6mlOl/nb7BG/trf6AzeiyBwdof3Ka
+iv7Lib/9gkrmvGWmvStSeoH6Z1cEBiyeZ/p8NgM2UC6FPAfDQGOy3N8ffVL/6Hf5
+hpjmE55mkPtyW6LYCunLIoDj8Xn6vYlkfU8R7BQ1PjWwIbRwdgvX464bdt7ToYh/
+qoX5GAQ7VHvn4aHESX5V0+/+B2o3bHenNtFP6IiJKzw81xVwjzdMuC+gp9dykLUY
+hgtl3proOppCRFjMtp3T+EyVT0uWeTMyjCj4MVigbnKPlsXxtEOK+kx1yOd5ZTuD
+83zYNIhkwTrqoVjBpvlYyS/R1Y0ycdxZ0zgiwUqjBbpqB6hlD8177qqsBiZmCc2+
+PyuzfnIWR4Z9AIhNnW58fxyAt7FGAQadarmh4cf9GiC7zM+Gc0W0+BEyTPPIs+4h
+tDNawH8jUoEoCw19+95qdbPX9z0owPiYQqUo/jrM+82ohJ/UcO0f6itT4IOYjXd2
+rCUiuW46durISrbJM3tIZfp4CEYQx5MJiO+9T8FU8Ch/YWkJwa966H2DEdQAZLAn
+4bWOEtVgYaNA9UtuNLWh5/FkV/Qa626Y2gVLYeHh3WoIQr5sEuvk7258SKXJZh2h
+PwtMyu2eR7RaQWBhEwSi+ZSDfe/gsAiUB0vTHjsBxdKnu6pPGzE=
+=EVEI
+-----END PGP SIGNATURE-----
@@ -0,0 +1,20 @@
+--- sys/kern/vfs_aio.c.orig
+++ sys/kern/vfs_aio.c
+@@ -1709,7 +1709,7 @@
+ 	else
+ 		error = fo_aio_queue(fp, job);
+ 	if (error)
+-		goto err3;
+		goto err4;
+ 
+ 	AIO_LOCK(ki);
+ 	job->jobflags &= ~KAIOCB_QUEUEING;
+@@ -1730,6 +1730,8 @@
+ 	AIO_UNLOCK(ki);
+ 	return (0);
+ 
+err4:
+	crfree(job->cred);
+ err3:
+ 	if (fp)
+ 		fdrop(fp, td);
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cLO5w//czTDjXjmTFnz6EenWZjZNtYggHb5JhLoIWMOFdIFBp5FEo+Op0lb7qx9
+PKt1HfzOC/fg9Ius83G/UT8b2Ll1S9hV/RuE9nIMG295SF4dvrND3a1DRy/1feIe
+OU10wQhzR7IWhvLZYuNM4dqtj5mVIXAnoqZb4WxPeUKraLjiYpGV/9gdE8IVcUM
+9DMsy9V0YOH59v2xUqp0QJQvLgvDBSARIzvYYCK4O9bjzDAvDzzATwtWT2j7bivK
+nnH2QfYluIqbIfRlGTBNIzRx35+FOGGb+2argSpivJWhQrGswLbJLoAYozBAQe7Z
+r4jFeUQ3aimXcgxdC81FHdj90/P/VO9/xhg12aCsWP2a6RT6Kc2nfDoNx9gkSw+G
+fmLWgfNBq1v9w29CpxKDVTE1O2bn93Ymh3wrxMCpjgVLFtWZ+l4DjzPDjnviQMte
+ZkSOMvyekRWICWSle6YpYk7rkkt4DoLkr0rRIRwUvPS3931JNy6fPMXg4KX86fZK
+Fl5x2JljVqgyg92Kg1u2KPO1WPQe48B/5Of3hrG+bqMxyLdbulEltjcXhq0mAgdr
+6Vhm+NaKdL61EqMkGB6wT83YXm44gyXn52iiFsBEIfsfeg0OekRwSeIw3ji3HTg4
+B9E/8Yr8si9XxZyK77hB5ROGOguThAoRMXewNi1mmssHyYZjnSc=
+=oGyz
+-----END PGP SIGNATURE-----
@@ -0,0 +1,16 @@
+--- sys/vm/vm_fault.c.orig
+++ sys/vm/vm_fault.c
+@@ -2107,6 +2107,13 @@
+ 				VM_OBJECT_WLOCK(dst_object);
+ 				goto again;
+ 			}
+
+			/*
+			 * See the comment in vm_fault_cow().
+			 */
+			if (src_object == dst_object &&
+			    (object->flags & OBJ_ONEMAPPING) == 0)
+				pmap_remove_all(src_m);
+ 			pmap_copy_page(src_m, dst_m);
+ 
+ 			/*
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1EACgkQ05eS9J6n
+5cJtgBAApg5M3miD03vWrNoHsoybAw/LkGQZUcL4hDltHwSJlpfqFQaIrKNh0kVx
+A5gk9kPsi6IhrA7kRBcaYG1Retqns971Ktvf/aaQPRu3tdJWE519Hcw0UGfmz1uX
+QtL3caumcZofdi/nKKIDXHfglo23YBeG5G9WX+3PnNN2hQpFofscQUmCqP1s4PVx
+mWvHrkvTA3DTDr7G/054qvjRBSA4UFZLpk/o4vSutJM/DGnWfhUvDhdLZKLsL1dX
+lS2Vm+DJmsdSTbGFYgGCXc4GvokldyE5n2hiaeHx8C+I21drSbYAH3PiExT4z+fL
+14F8QbtFFPie5/LHhTKZXb7NfWMKpNaMsxbJ+W9AaqjOrePNZWyT5hatfYF4G4hg
+pgM2qBllaKxMH8BX1/nqGDyjJiOCdefN3aYoVulu+LT7FMBDX++lN6fAOYwO9Ue1
+C7742/eXRXXlNrGqUn6CxEVN4PkNgqNF2ivzJ+lnH9v8Y9pTbDqKWYb2avZw4ba+
+2fL5mnfbBt5yrHjwLlXYAvF+vXbPwlxzRn/+c4Gc+rRgwsBC6hZ8VigCPIqENB8h
+JeYgdt2IbH5CyWnpcMVoQhYCJtu0iSy5GLwh4uG4tReU7ZhjzxKto3t0GrHVgqFw
+V5LXqfbzFHLflCE5ndYWhteFaXB4BQB/0OogGd7aqT3CpDxgoc8=
+=bx+8
+-----END PGP SIGNATURE-----
@@ -0,0 +1,27 @@
+--- contrib/lib9p/pack.c.orig
+++ contrib/lib9p/pack.c
+@@ -343,13 +343,17 @@
+ 	ssize_t ret, r;
+ 
+ 	r = l9p_pu16(msg, num);
+-	if (r > 0) {
+-		for (i = 0, lim = *num; i < lim; i++) {
+-			ret = l9p_puqid(msg, &qids[i]);
+-			if (ret < 0)
+-				return (-1);
+-			r += ret;
+-		}
+	if (r <= 0)
+		return (r);
+
+	if (*num > L9P_MAX_WELEM)
+		return (-1);
+
+	for (i = 0, lim = *num; i < lim; i++) {
+		ret = l9p_puqid(msg, &qids[i]);
+		if (ret < 0)
+			return (-1);
+		r += ret;
+ 	}
+ 	return (r);
+ }
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmLyz1IACgkQ05eS9J6n
+5cKB0RAAm6/AoJIPiqKgXwbUn+Q1YNGKapJ0X1QVhE62cYscvMIVsZx/PIw/jEis
+zciN06+VUhNGNQpzfgSmJQmrE0E4BFO+OCC5fG+BcEM8yPn9sudSoRA/9ExvhfLp
+ZyFjvmiUI7GaF3wOBKXTl6glth4aSjFD+mT7ZnYZG5t825AVRG5Iz36TLlhtthTX
+6Gw+mbECSTfiKt8EwuLLv5Y7jL3UQuYQnXJCf+GzpADuIXqfpoJnvdxgJ3l4TzW6
+B+H/ecobehWKdkJP+DeP+baB+mLYgvDAN/PI5t2TdVpyC82oIB2mKHXQ4VmRumnF
+XnHdjjt1de+m1yqVzsU20vH/Qk0lmMeSubN6Nwwl3BXA5vLurvVPeDyT3gcTwCID
+cgE5c9QLCBJ3KDJEiwYbz5w28ye2IrBBv6ICiGk2Vfte08AVbogxpTsP+MMbWGcC
+ykVhpQKsgXmAUELKo4YHk0FaXdYWFgIRAN6yOsxqWQIuAMuibXxdk80XKDm0y52z
+BD7K9Cd9KTCttXiEaL/9GcdkRJZu22yrEeKONE27jKUb361huf2U7RYUcpkGDkSg
+rSiGrmvMep0ftj//0XsJw9EkGK1zGdwje1XrZnNREWIWx0AGcuBKbntYfnOTrdwZ
+ig/CU25Myloo9R4FF0sZQiY1vE6JlQM+yaRg+YJYbyeyTY6V7ro=
+=IPRM
+-----END PGP SIGNATURE-----