f0fc0bb | Jacques Vidrine | 27 November 2003, 16:40:03 UTC | Correct a remote denial-of-service attack in named(8). | 27 November 2003, 16:40:03 UTC |
0604262 | Jacques Vidrine | 04 October 2003, 16:14:25 UTC | MFS 1.10.2.5: Unbreak read/write behavior (introduced in previous revision). | 04 October 2003, 16:14:25 UTC |
c104ac7 | Jacques Vidrine | 03 October 2003, 13:07:38 UTC | Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4, procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4, procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2, linprocfs_misc.c 1.3.2.9. Correct several integer underflows/overflows in procfs and linprocfs. | 03 October 2003, 13:07:38 UTC |
218b21f | Jacques Vidrine | 02 October 2003, 15:58:53 UTC | MFS 1.55.2.11: Correct a reference counting bug in readv(2). | 02 October 2003, 15:58:53 UTC |
a20d22a | Jacques Vidrine | 25 September 2003, 13:35:48 UTC | Bump patch level for updated arplookup fix. | 25 September 2003, 13:35:48 UTC |
eacbe3f | Bruce M Simpson | 24 September 2003, 21:51:13 UTC | Fix a logic error in the check to see if arplookup() should free the route. Noticed by: Mike Hogsett Reviewed by: ru | 24 September 2003, 21:51:13 UTC |
6b5d95b | Bruce M Simpson | 23 September 2003, 16:54:39 UTC | Fix a bug in arplookup(), whereby a hostile party on a locally attached network could exhaust kernel memory, and cause a system panic, by sending a flood of spoofed ARP requests. Approved by: security-officer, jake (mentor) Reported by: Apple Product Security <product-security@apple.com> | 23 September 2003, 16:54:39 UTC |
25c38a9 | Gregory Shapiro | 17 September 2003, 20:22:03 UTC | MFC: sendmail address parsing bug fix Approved by: so (nectar) | 17 September 2003, 20:22:03 UTC |
5542771 | Jacques Vidrine | 17 September 2003, 17:15:51 UTC | MFC misc.c 1.1.1.5 (->scp.c): Correct more cases of allocation size bookkeeping errors. (This file was previously missed during the mergeathon.) | 17 September 2003, 17:15:51 UTC |
3dd9cd2 | Jacques Vidrine | 17 September 2003, 14:52:43 UTC | MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5, session.c 1.41, ssh-agent.c 1.19: Correct more cases of allocation size bookkeeping errors. | 17 September 2003, 14:52:43 UTC |
990ca05 | Jacques Vidrine | 16 September 2003, 17:51:06 UTC | MFC buffer.c 1.1.1.7: Do not record expanded size before attempting to reallocate associated memory. | 16 September 2003, 17:51:06 UTC |
487ddaa | Jacques Vidrine | 12 August 2003, 20:24:13 UTC | Merge from RELENG_4_7 1.51.2.4.2.2: Fix typo: `uap->data' versus `data'. | 12 August 2003, 20:24:13 UTC |
7ec467a | Jacques Vidrine | 10 August 2003, 23:35:21 UTC | MFC 1.24: Validate the iBCS2 statfs(2) length parameter. | 10 August 2003, 23:35:21 UTC |
f9715da | Jacques Vidrine | 10 August 2003, 23:23:57 UTC | MFC sys_process.c 1.113, spigot.c 1.60: Add or correct range checking of signal numbers in system calls and ioctls. | 10 August 2003, 23:23:57 UTC |
840c485 | Jacques Vidrine | 03 August 2003, 23:47:39 UTC | realpath(3) bug fix: There was an off-by-one error in computing the size of the resulting canonical path. | 03 August 2003, 23:47:39 UTC |
0731d6d | Gregory Shapiro | 29 March 2003, 21:58:11 UTC | Update FreeBSD Security Advisory Number Approved by: so (nectar) | 29 March 2003, 21:58:11 UTC |
86782c6 | Gregory Shapiro | 29 March 2003, 20:13:35 UTC | sendmail parsing buffer overflow fix Advisory number to be filled in later Approved by: so (nectar) | 29 March 2003, 20:13:35 UTC |
0c6ce9d | Gregory Shapiro | 03 March 2003, 17:23:11 UTC | FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflow Approved by: security-officer (nectar) | 03 March 2003, 17:23:11 UTC |
fed371d | Jacques Vidrine | 07 January 2003, 15:17:41 UTC | MFC 1.114: Fix a file descriptor leak in fpathconf(2). | 07 January 2003, 15:17:41 UTC |
413ef6d | Jacques Vidrine | 14 November 2002, 04:05:12 UTC | Correct recent name server vulnerabilities as documented at <URL:http://www.isc.org/products/BIND/bind-security.html> and <URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>. Obtained from: ISC | 14 November 2002, 04:05:12 UTC |
71c0a91 | Gregory Shapiro | 26 October 2002, 21:11:30 UTC | MFC: Fix smrsh bypass bug. Approved by: security-officer | 26 October 2002, 21:11:30 UTC |
c1d2c21 | Hajimu UMEMOTO | 23 October 2002, 14:50:52 UTC | MFS: Allocate 64K recieve buffer for DNS responses. lib/libc/net/getaddrinfo.c: 1.9.2.10, 1.9.2.11 lib/libc/net/gethostbydns.c: 1.27.2.4 lib/libc/net/getnetbydns.c: 1.13.2.4 lib/libc/net/name6.c: 1.6.2.7 lib/libc/net/res_mkquery.c: 1.15.2.2 Approved by: security-officer | 23 October 2002, 14:50:52 UTC |
b46b174 | Chris D. Faulhaber | 23 October 2002, 14:11:45 UTC | Update UPDATING and bump patch level for kadmind fix. | 23 October 2002, 14:11:45 UTC |
84d405f | Assar Westerlund | 23 October 2002, 13:21:32 UTC | MFC kadm_ser_wrap.c:1.1.1.4: fix buffer overflow MFC updating kerberosIV and kerberos5 versions consistenly Approved by: security-officer Obtained from: kth-krb CVS | 23 October 2002, 13:21:32 UTC |
a819fea | Assar Westerlund | 22 October 2002, 03:43:30 UTC | import 1.27 to fix buffer overflow: check size of rlen Approved by: security-officer Obtained from: Heimdal CVS | 22 October 2002, 03:43:30 UTC |
4066d7c | Jacques Vidrine | 13 September 2002, 15:09:07 UTC | MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec. | 13 September 2002, 15:09:07 UTC |
8a59098 | Bruce A. Mah | 05 September 2002, 15:40:31 UTC | Add cross-reference for SA-02:38. Approved by: security-officer (implicitly) | 05 September 2002, 15:40:31 UTC |
122074b | Jacques Vidrine | 13 August 2002, 12:13:50 UTC | MFC of upc_syscalls:1.123,1.124 and vesa.c:1.37. Submitted by: Silvio Cesare <silvio@qualys.com> (1.123, 1.37) | 13 August 2002, 12:13:50 UTC |
cbd3e73 | Jacques Vidrine | 06 August 2002, 17:50:45 UTC | Add references to FreeBSD-SA-02:33.openssl and FreeBSD-SA-02:35.ffs to the applicable entries. Requested by: matusita | 06 August 2002, 17:50:45 UTC |
a5addac | Jacques Vidrine | 05 August 2002, 16:28:58 UTC | MFC src/crypto/openssl/crypto/asn1/asn1_lib.c rev 1.1.1.6: Correct a bug in the ASN.1 decoder. | 05 August 2002, 16:28:58 UTC |
0d19f67 | Dag-Erling Smorgrav | 05 August 2002, 15:13:49 UTC | MFS: check far end of pipe. | 05 August 2002, 15:13:49 UTC |
003c2c4 | Bruce A. Mah | 04 August 2002, 23:50:01 UTC | Add cross-reference for SA-02:33. Approved by: security-officer (implicitly) | 04 August 2002, 23:50:01 UTC |
6a2a491 | Dag-Erling Smorgrav | 01 August 2002, 22:06:07 UTC | Update UPDATING and bump patch level for NFS fix. | 01 August 2002, 22:06:07 UTC |
e0022e9 | Dag-Erling Smorgrav | 01 August 2002, 19:31:55 UTC | MFC (1.78): avoid infinite loop upon receipt of zero-length RPC | 01 August 2002, 19:31:55 UTC |
92e03c2 | Jacques Vidrine | 01 August 2002, 12:23:58 UTC | The fix applied to the XDR decoder in lib/libc/xdr/xdr_array.c revision 1.8.8.1 was incorrect. | 01 August 2002, 12:23:58 UTC |
5e14b70 | Chris D. Faulhaber | 31 July 2002, 17:55:22 UTC | Correct bounds checking error in FFS filesize limits. | 31 July 2002, 17:55:22 UTC |
16ae438 | Jacques Vidrine | 31 July 2002, 14:50:18 UTC | Add missing header <limits.h> for UINT_MAX introduced in previous commit. | 31 July 2002, 14:50:18 UTC |
76f2261 | Jacques Vidrine | 31 July 2002, 14:05:34 UTC | MFC: OpenSSL 0.9.6e | 31 July 2002, 14:05:34 UTC |
615a028 | Jacques Vidrine | 31 July 2002, 13:21:13 UTC | Remove `By this count' line ... it provides no additional information and I always forget to update it. | 31 July 2002, 13:21:13 UTC |
27548eb | Jacques Vidrine | 31 July 2002, 13:19:08 UTC | MFC lib/libc/xdr/xdr_array.c 1.11: Patch to fix bounds checking/overflow. | 31 July 2002, 13:19:08 UTC |
374c2a1 | Jacques Vidrine | 31 July 2002, 13:05:53 UTC | Correct awkward wording in recent pppd entry. | 31 July 2002, 13:05:53 UTC |
8e36882 | Jacques Vidrine | 30 July 2002, 19:17:27 UTC | MFC 1.20: Use fchmod() to restore the tty modes. | 30 July 2002, 19:17:27 UTC |
4b77cfb | Jacques Vidrine | 30 July 2002, 15:43:17 UTC | MFC sys/kern/kern_exec.c 1.178: Fix ordering of set-(user|group)-ID checks. | 30 July 2002, 15:43:17 UTC |
2a506aa | cvs2svn | 30 July 2002, 13:38:10 UTC | This commit was manufactured by cvs2svn to create branch 'RELENG_4_5'. | 30 July 2002, 13:38:10 UTC |
f97b87b | Bruce A. Mah | 18 July 2002, 22:30:09 UTC | Correct date of BIND 8.3.3 merge, reformat. Approved by: security-officer (implicitly) | 18 July 2002, 22:30:09 UTC |
1a1992e | Doug Barton | 18 July 2002, 09:16:21 UTC | Notate the upgrade to BIND 8.3.3 Approved by: security-officer | 18 July 2002, 09:16:21 UTC |
d32c055 | Doug Barton | 18 July 2002, 09:06:16 UTC | Bump patchlevel to reflect upgrade to BIND 8.3.3 Approved by: security-officer | 18 July 2002, 09:06:16 UTC |
433893d | Doug Barton | 15 July 2002, 10:08:44 UTC | Add the hex.c source to the build of this library. Approved by: security-officer | 15 July 2002, 10:08:44 UTC |
59a88f7 | Doug Barton | 15 July 2002, 07:58:21 UTC | Add files new to version 8.3.3 to this branch. Approved by: security-officer | 15 July 2002, 07:58:21 UTC |
f2d4d64 | Doug Barton | 15 July 2002, 07:56:05 UTC | Upgrade to version 8.3.3. Approved by: security-officer | 15 July 2002, 07:56:05 UTC |
099bafd | Jacques Vidrine | 12 July 2002, 13:31:44 UTC | MFC 1.6: Correct a buffer overflow when handling malformed NFS packets. | 12 July 2002, 13:31:44 UTC |
04db82a | Dag-Erling Smorgrav | 11 July 2002, 16:57:35 UTC | Bump patch level for the ktrace issue. I intentionally did not do this for RELENG_4_6, then unintentionally forgot for RELENG_4_5. | 11 July 2002, 16:57:35 UTC |
537ea73 | Dag-Erling Smorgrav | 11 July 2002, 16:47:55 UTC | MFS: prevent tracing of previously privileged processes. | 11 July 2002, 16:47:55 UTC |
ced1926 | cvs2svn | 01 July 2002, 01:08:02 UTC | This commit was manufactured by cvs2svn to create branch 'RELENG_4_5'. | 01 July 2002, 01:08:02 UTC |
d243c22 | cvs2svn | 01 July 2002, 01:08:01 UTC | This commit was manufactured by cvs2svn to create branch 'RELENG_4_5'. | 01 July 2002, 01:08:01 UTC |
f8530b4 | Jacques Vidrine | 26 June 2002, 18:53:20 UTC | MFC: fix libc resolver buffer overflow. | 26 June 2002, 18:53:20 UTC |
bfdc708 | Jacques Vidrine | 29 May 2002, 18:59:28 UTC | Note FreeBSD-SA-02:26, 02:27, and patch level bump. | 29 May 2002, 18:59:28 UTC |
c006980 | Jacques Vidrine | 28 May 2002, 18:28:31 UTC | MFC src/sys/kern/uipc_socket.c rev 1.116 src/sys/kern/uipc_socket2.c rev 1.87, 1.94 Make sure that sockets undergoing accept filtering are aborted in a LRU fashion when the listen queue fills up. | 28 May 2002, 18:28:31 UTC |
3488de7 | Jacques Vidrine | 28 May 2002, 18:28:22 UTC | Bump patch level. | 28 May 2002, 18:28:22 UTC |
a9598a0 | Jacques Vidrine | 15 May 2002, 16:08:03 UTC | Note 4.5-RELEASE-p5. | 15 May 2002, 16:08:03 UTC |
10b6549 | Jacques Vidrine | 15 May 2002, 16:07:06 UTC | Bump patch level for k5su issue. | 15 May 2002, 16:07:06 UTC |
19579de | Jacques Vidrine | 15 May 2002, 12:56:23 UTC | MFC 1.206 src/UPDATING 1.6 src/kerberos5/usr.bin/k5su/Makefile 1.187 src/share/examples/etc/make.conf (etc/defaults/make.conf) 1.44 src/share/man/man5/make.conf.5 Turn on the set-user-ID bit for k5su if ENABLE_SUID_K5SU is defined. | 15 May 2002, 12:56:23 UTC |
226e585 | Jacques Vidrine | 09 May 2002, 17:41:05 UTC | MFC 1.312: Remove dangerous use of globbing. | 09 May 2002, 17:41:05 UTC |
846d9ae | Bruce A. Mah | 02 May 2002, 20:34:44 UTC | Add cross-references to applicable security advisories. Approved by: nectar | 02 May 2002, 20:34:44 UTC |
c5d5f9a | Bruce A. Mah | 02 May 2002, 16:40:23 UTC | Note 4.5-RELEASE date. Approved by: nectar | 02 May 2002, 16:40:23 UTC |
d7d730f | Jeroen Ruigrok/Asmodai | 30 April 2002, 08:55:29 UTC | Update patchlevel per current count. | 30 April 2002, 08:55:29 UTC |
0627da6 | Jacques Vidrine | 25 April 2002, 14:42:26 UTC | Note change for FreeBSD-SA-02:23.stdio. | 25 April 2002, 14:42:26 UTC |
c98a6cc | Jacques Vidrine | 22 April 2002, 21:38:45 UTC | Fix bogon introduced when MFCing: In FreeBSD 4.x, the second argument to vn_open is type `int', not `int *'. | 22 April 2002, 21:38:45 UTC |
adfdead | Jacques Vidrine | 21 April 2002, 13:10:50 UTC | MFC 1.137 src/sys/kern/kern_descrip.c 1.162 src/sys/kern/kern_exec.c 1.41 src/sys/sys/filedesc.h When exec'ing a set[ug]id program, make sure that the stdio file descriptors (0, 1, 2) are allocated by opening /dev/null for any which are not already open. | 21 April 2002, 13:10:50 UTC |
36a2833 | Jacques Vidrine | 16 April 2002, 21:00:16 UTC | Note fixes for: = IP routing table leak in icmp_relect(). = mmap/msync bug which can panic the kernel. = TCP broadcast connection bug. | 16 April 2002, 21:00:16 UTC |
cd8c24c | Jacques Vidrine | 15 April 2002, 17:22:10 UTC | MFC 1.148, 1.149: The TCP code did not do sufficient checks on whether incoming packets were destined for a broadcast IP address. | 15 April 2002, 17:22:10 UTC |
4fb8d5d | Jacques Vidrine | 15 April 2002, 17:18:12 UTC | MFC 1.213: Fix mmap/msync bug which can panic the kernel. | 15 April 2002, 17:18:12 UTC |
c9152c0 | Jacques Vidrine | 15 April 2002, 17:12:05 UTC | MFC ip_icmp.c 1.69, ip_mroute.c 1.72, ip_output.c 1.153: Fixed IP routing table leak in icmp_reflect(). | 15 April 2002, 17:12:05 UTC |
0ddfb04 | Coleman Kane | 12 April 2002, 18:23:19 UTC | Back out until it passes by re. | 12 April 2002, 18:23:19 UTC |
eb1edfb | Coleman Kane | 12 April 2002, 17:05:48 UTC | This should fix the lock-ups associated with AGP and AMD761 chips. The previous revision was rather hastily MFC'd before the 761 got any real testing. Obtained from: Eirc Anholt <eanholt@gladstone.uoregon.edu> | 12 April 2002, 17:05:48 UTC |
8fb3bfa | Chris D. Faulhaber | 24 March 2002, 23:24:46 UTC | MFC 1.12: correct bug introduced in 1.11 where ZFREE was moved to a point after the structural members were clobbered by stores into a union'd structure. MFC 1.13: correct deflate window size check. | 24 March 2002, 23:24:46 UTC |
cee2f95 | Chris D. Faulhaber | 24 March 2002, 23:24:42 UTC | MFC sys/net/zlib.c 1.13: correct deflate window size check | 24 March 2002, 23:24:42 UTC |
790e57b | Jacques Vidrine | 07 March 2002, 14:40:56 UTC | Add 4.5-RELEASEp2. | 07 March 2002, 14:40:56 UTC |
5762aad | Jacques Vidrine | 07 March 2002, 14:37:38 UTC | Bump patch level for FreeBSD-SA-02:13 (OpenSSH off-by-one bug). | 07 March 2002, 14:37:38 UTC |
d583924 | Jacques Vidrine | 07 March 2002, 14:36:28 UTC | Update version string. | 07 March 2002, 14:36:28 UTC |
c272f97 | Jacques Vidrine | 07 March 2002, 14:34:17 UTC | MFC 1.8: Fix off-by-one error. | 07 March 2002, 14:34:17 UTC |
afed315 | Chris D. Faulhaber | 23 February 2002, 18:30:37 UTC | Note zlib and syncache fixes and bzip2 update, bump patch level (-p1) | 23 February 2002, 18:30:37 UTC |
610b9d8 | Chris D. Faulhaber | 23 February 2002, 18:29:23 UTC | Bump patch level (-p1) for zlib and syncache fixes and bzip2 update. | 23 February 2002, 18:29:23 UTC |
d5422f5 | Chris D. Faulhaber | 23 February 2002, 18:28:12 UTC | MFC: update bzip2 to version 1.0.2 to fix insecure permissions during symlink dereferencing and a race condition while creating new files. | 23 February 2002, 18:28:12 UTC |
0c38a08 | Chris D. Faulhaber | 23 February 2002, 00:16:14 UTC | MFC 1.11: Error handling fixes for inflate. | 23 February 2002, 00:16:14 UTC |
083db31 | Chris D. Faulhaber | 23 February 2002, 00:15:50 UTC | MFC 1.3: Error handling fixes for inflate. | 23 February 2002, 00:15:50 UTC |
dcf209c | Jacques Vidrine | 21 February 2002, 16:38:39 UTC | MFC: r1.11, r1.12; fixes for stale tcb pointers. | 21 February 2002, 16:38:39 UTC |
ef6969b | Akinori Musha | 06 February 2002, 17:38:37 UTC | MFC: rev.1.40: Work around a buffer overflow problem on argv. | 06 February 2002, 17:38:37 UTC |
fd1bf38 | cvs2svn | 04 February 2002, 19:23:44 UTC | This commit was manufactured by cvs2svn to create branch 'RELENG_4_5'. | 04 February 2002, 19:23:44 UTC |
3795e07 | Murray Stokely | 30 January 2002, 00:05:22 UTC | MFC: r1.116 - DTRT with existing FreeBSD partitions. Don't reference NULL pointers. | 30 January 2002, 00:05:22 UTC |
13f3d9a | Murray Stokely | 29 January 2002, 23:54:40 UTC | MFC: r1.95 Without this change, users will be unable to install GNOME / Sawfish and probably several other large GNOME packages. Steve thinks the problem is with the metadata associated with the libglade port, but this is a safe work-around. Reviewed by: steve Tested extensively on: 4.5 w/ full package set. | 29 January 2002, 23:54:40 UTC |
02518b3 | Murray Stokely | 28 January 2002, 10:30:58 UTC | The *.EUC -> *.euc?? change was backed out because it was too disruptive, so we shouldn't document it here. Submitted by: matusita Apologies to: imp I think my re@ hat justifies this breach of protocol. | 28 January 2002, 10:30:58 UTC |
6b72513 | Murray Stokely | 28 January 2002, 07:39:29 UTC | MFS: Fix sftp crash due to glob(3). | 28 January 2002, 07:39:29 UTC |
33f0c5a | Murray Stokely | 28 January 2002, 06:53:28 UTC | MFS: Update default .Os value to FreeBSD 4.5. Approved by: re (implicit) | 28 January 2002, 06:53:28 UTC |
98a83f8 | Murray Stokely | 28 January 2002, 06:42:16 UTC | We are out of the RC phase. Final 4.5 builds will start this evening. | 28 January 2002, 06:42:16 UTC |
618eb32 | Greg Lehey | 28 January 2002, 02:38:33 UTC | MFC: vinumioctl: Fix a double fault caused by calling setjmp() without holding the config lock. The call was in fact superfluous. throw_rude_remark: Make sure we're holding the config lock before proceeding. There's no reason to assume that this has ever happened, but the alternative might be a double fault. Dump analysis by: Thomas Moestl <tmoestl@gmx.net> Tested by: Martin Blapp <mb@imp.ch> Approved by: re | 28 January 2002, 02:38:33 UTC |
521a5c6 | Jacques Vidrine | 28 January 2002, 01:26:35 UTC | MFC 1.2: Fix temporary file handling. Approved by: re | 28 January 2002, 01:26:35 UTC |
8166213 | Jacques Vidrine | 28 January 2002, 01:26:09 UTC | MFC 1.6: Use mktemp(1) when creating temporary files. Approved by: re | 28 January 2002, 01:26:09 UTC |
2357e59 | Crist J. Clark | 28 January 2002, 00:04:20 UTC | The 'standard-supfile' should track its own branch. Approved by: re@ | 28 January 2002, 00:04:20 UTC |
22255ee | Hiroki Sato | 27 January 2002, 16:16:42 UTC | Fix a typo. Pointed out by: mistral@imasy.or.jp (Yoshihiko SARUMARU) Approved by: re References: [doc-jp 8654] | 27 January 2002, 16:16:42 UTC |