aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulian Elischer <julian@FreeBSD.org>2003-03-05 03:33:30 +0000
committerJulian Elischer <julian@FreeBSD.org>2003-03-05 03:33:30 +0000
commit03c8b39dfeec10e15813083f08e21fb509dadcb8 (patch)
treef566448ea0ebe266e2817d2fec6fbbee90c76238
parent3e9161b6c073179c7bb84c3c892273cf60f7bb51 (diff)
downloadsrc-03c8b39dfeec10e15813083f08e21fb509dadcb8.tar.gz
src-03c8b39dfeec10e15813083f08e21fb509dadcb8.zip
Put in the cvserver patches.. (MF4.6)
SA: FreeBSD-SA-03:01.cvs Approved by: security officer (nectar@) Obtained from: FreeBSD-SA-03:01.cvs
Notes
Notes: svn path=/releng/4.4/; revision=111895
-rw-r--r--UPDATING3
-rw-r--r--contrib/cvs/src/server.c10
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 9 insertions, 6 deletions
diff --git a/UPDATING b/UPDATING
index e7d152d2aa34..86c20bd7546b 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
+20030304: p34 FreeBSD-SA-03:01.cvs
+ Patch for cvs server vulnerabilities.
+
20030303: p33 FreeBSD-SA-03:04.sendmail
sendmail header parsing buffer overflow, ident parsing bug.
diff --git a/contrib/cvs/src/server.c b/contrib/cvs/src/server.c
index a53dc797ee5a..10e1864e5c91 100644
--- a/contrib/cvs/src/server.c
+++ b/contrib/cvs/src/server.c
@@ -999,9 +999,6 @@ dirswitch (dir, repos)
return;
}
- if (dir_name != NULL)
- free (dir_name);
-
dir_len = strlen (dir);
/* Check for a trailing '/'. This is not ISDIRSEP because \ in the
@@ -1017,6 +1014,9 @@ dirswitch (dir, repos)
return;
}
+ if (dir_name != NULL)
+ free (dir_name);
+
dir_name = malloc (strlen (server_temp_dir) + dir_len + 40);
if (dir_name == NULL)
{
@@ -4656,8 +4656,8 @@ struct request requests[] =
REQ_LINE("Max-dotdot", serve_max_dotdot, 0),
REQ_LINE("Static-directory", serve_static_directory, 0),
REQ_LINE("Sticky", serve_sticky, 0),
- REQ_LINE("Checkin-prog", serve_checkin_prog, 0),
- REQ_LINE("Update-prog", serve_update_prog, 0),
+ REQ_LINE("Checkin-prog", serve_noop, 0),
+ REQ_LINE("Update-prog", serve_noop, 0),
REQ_LINE("Entry", serve_entry, RQ_ESSENTIAL),
REQ_LINE("Kopt", serve_kopt, 0),
REQ_LINE("Checkin-time", serve_checkin_time, 0),
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index e319a4f0acbf..e06ed862df63 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
TYPE="FreeBSD"
REVISION="4.4"
-BRANCH="RELEASE-p33"
+BRANCH="RELEASE-p34"
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"