This is a pretty important update because it fixes CVE-2016-6254. I have also removed the reading of the stolen counter completely, since it is gone in 10.3 and later, but the builders run 10.1. Most people should be moving off of 10.1 & 10.2 since they EoL later this year.
Created attachment 173344 [details] patch
Hey Brad, thanks for CC-ing me. Any reason why you don't drop the complete patch-src_zfs__arc.c patch?
Hi Ruben, Because the pkg builders run 10.1, so the collectd package they build will still emit the error on >stable/10 after 10.2. So this patch fixes the error message by unconditionally removing the counter.
(In reply to Brad Davis from comment #3) Makes sense, of course. I must have been low on coffee when I wrote that, please ignore me ;) The patch can be dropped only when we release 5.6 next month.
I approve this patch and MFH to 2016Q3 if applicable.
A commit references this bug: Author: brd Date: Mon Aug 8 15:47:23 UTC 2016 New revision: 419861 URL: https://svnweb.freebsd.org/changeset/ports/419861 Log: Document collectd security advisory. PR: 211613 Security: CVE-2016-6254 Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: brd Date: Mon Aug 8 15:50:18 UTC 2016 New revision: 419862 URL: https://svnweb.freebsd.org/changeset/ports/419862 Log: Update net-mgmt/collectd5 to 5.5.2 PR: 211613 Submitted by: brd Approved by: ports-secteam (feld) Security: 6da45e38-5b55-11e6-8859-000c292ee6b8 Changes: head/net-mgmt/collectd5/Makefile head/net-mgmt/collectd5/distinfo head/net-mgmt/collectd5/files/patch-src_zfs__arc.c head/net-mgmt/collectd5/files/patch-version-gen.sh
A commit references this bug: Author: brd Date: Mon Aug 8 19:38:45 UTC 2016 New revision: 419893 URL: https://svnweb.freebsd.org/changeset/ports/419893 Log: MFH: r419862 net-mgmt/collectd5: Update net-mgmt/collectd5 to 5.5.2 PR: 211613 Submitted by: brd Approved by: ports-secteam (feld) Security: 6da45e38-5b55-11e6-8859-000c292ee6b8 Changes: _U branches/2016Q3/ branches/2016Q3/net-mgmt/collectd5/Makefile branches/2016Q3/net-mgmt/collectd5/distinfo branches/2016Q3/net-mgmt/collectd5/files/patch-src_zfs__arc.c branches/2016Q3/net-mgmt/collectd5/files/patch-version-gen.sh
Thank you for your work. I was on vacation and was not able to answer or discuss.
It seems, that latest version of collectd spoiled network plugin. I've made an upgrade of collectd5 and network plugin causes that collecd core dumps. Aug 9 08:59:25 fw collectd[18731]: network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: General error Aug 9 08:59:25 fw collectdmon[18718]: Warning: collectd was terminated by signal 6 (core dumped) Aug 9 08:59:25 fw kernel: pid 18731 (collectd), uid 0: exited on signal 6 (core dumped) I've found similiar issue on debian bugs: http://osdir.com/ml/general/2016-07/msg40034.html So I think we should warn users about this issue. I'll check collectd bugs list if they are aware of this.
This problem with netwok plugin was just reported to collectd community: https://github.com/collectd/collectd/issues/1870
OK, lets work with them to resolve it. FWIW, I am not seeing the same core dump and I use the network plugin as well.
Correctly track merge (MFH)
A commit references this bug: Author: junovitch Date: Sun Aug 14 17:12:27 UTC 2016 New revision: 420194 URL: https://svnweb.freebsd.org/changeset/ports/420194 Log: Fix PKGNAME for collectd5 PR: 211613 Changes: head/security/vuxml/vuln.xml