aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Correct a signedness bug which allowed members of the operatorreleng/4.11Colin Percival2006-12-066-3/+27
| | | | | | | | | | | | | | group to read kernel memory. [1] Disable handling of GNUTYPE_NAMES tar file entries by default, since they can be used to extract files outside of the cwd. [2] Security: FreeBSD-SA-06:25.kmem [1] Security: FreeBSD-SA-06:26.gtar [2] Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=164944
* Correct multiple vulnerabilities in OpenSSH.Simon L. B. Nielsen2006-09-3014-12/+63
| | | | | | | | Security: FreeBSD-SA-06:22.openssh Approved by: so (simon) Notes: svn path=/releng/4.11/; revision=162896
* Correct problem in the 2006-09-28 patch concerning the handling ofColin Percival2006-09-293-2/+6
| | | | | | | | | | | excessively large DH moduli. Reported by: Steve Kiernan (Juniper SIRT) Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=162788
* Correct multiple vulnerabilities in crypto(3).Colin Percival2006-09-2815-4/+102
| | | | | | | | | | | Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=162724
* Correct multiple vulnerabilities in gzip(1).Simon L. B. Nielsen2006-09-196-21/+31
| | | | | | | | Security: FreeBSD-SA-06:21.gzip Approved by: so (simon) Notes: svn path=/releng/4.11/; revision=162447
* Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).Simon L. B. Nielsen2006-09-063-1/+22
| | | | | | | | Security: FreeBSD-SA-06:19.openssl Approved by: so (simon) Notes: svn path=/releng/4.11/; revision=162078
* Correct buffer overflow in the handling of LCP options in ppp(4)Colin Percival2006-08-233-13/+28
| | | | | | | | Security: FreeBSD-SA-06:18.ppp Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=161557
* Correct a bug in the handling of multipart messages by sendmail(8)Colin Percival2006-06-145-11/+39
| | | | | | | | | | | which can allow a malformed message to crash a sendmail queue processing process. Security: FreeBSD-SA-06:17.sendmail Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=159608
* Correct a bug in the handling of backslash characters in smbfs which canColin Percival2006-05-313-2/+13
| | | | | | | | | | allow an attacker to escape from a chroot(2). Approved by: so (cperciva) Security: FreeBSD-SA-06:16.smbfs Notes: svn path=/releng/4.11/; revision=159120
* MFC: Correct a local information leakage bug affecting AMD FPUs.Colin Percival2006-04-193-3/+44
| | | | | | | | Security: FreeBSD-SA-06:14.fpu Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=157863
* Add missing code needed for the detection of IPSec packet replays. [1]Colin Percival2006-03-2220-687/+755
| | | | | | | | | | | | | | | | Correctly identify the user running opiepasswd(1) when the login name differs from the account name. [2] Modify timeout handling logic in sendmail(8) to correct a reported signal handling race condition. [3] Approved by: so (cperciva) Security: FreeBSD-SA-06:11.ipsec [1] Security: FreeBSD-SA-06:12.opie [2] Security: FreeBSD-SA-06:13.sendmail [3] Notes: svn path=/releng/4.11/; revision=157000
* Correct a remote kernel panic when processing zero-length RPC recordsSimon L. B. Nielsen2006-03-013-2/+6
| | | | | | | | | | via TCP. Security: FreeBSD-SA-06:10.nfs Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=156151
* Correct insecure temporary file usage in texindex. [06:01]Colin Percival2006-01-1111-67/+240
| | | | | | | | | | | | | | | Correct insecure temporary file usage in ee. [06:02] Correct a race condition when setting file permissions, sanitize file names by default, and fix a buffer overflow when handling files larger than 4GB in cpio. [06:03] Security: FreeBSD-SA-06:01.texindex Security: FreeBSD-SA-06:02.ee Security: FreeBSD-SA-06:03.cpio Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=154219
* Correct a man-in-the-middle SSL version rollback vulnerability.Colin Percival2005-10-114-8/+6
| | | | | | | | Security: FreeBSD-SA-05:21.openssl Approved by: so@ (cperciva) Notes: svn path=/releng/4.11/; revision=151234
* MFC: Correct insecure temporary file usage.Colin Percival2005-09-073-3/+4
| | | | | | | | Security: FreeBSD-SA-05:20.cvsbug Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=149854
* Correct bzip2 denial of service and permission race vulnerabilities.Simon L. B. Nielsen2005-06-299-39/+138
| | | | | | | | | | | | | | | | | | | | | | | | | Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=147670
* Correct directory traversal and race condition vulnerabilities in gzip.Simon L. B. Nielsen2005-06-083-9/+14
| | | | | | | | | | | Security: FreeBSD-SA-05:11.gzip Security: CAN-2005-0988, CAN-2005-1228 Obtained from: Steve Grubb via RedHat, Debian Approved by: so (nectar) Notes: svn path=/releng/4.11/; revision=147148
* Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".Jacques Vidrine2005-05-134-1/+115
| | | | | | | | | | | Default off due to information disclosure on multi-user systems. Submitted by: cperciva Reviewed by: jhb Approved by: security-officer Notes: svn path=/releng/4.11/; revision=146167
* MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmemColin Percival2005-05-084-1/+7
| | | | | | | | Reported by: Uwe Doering Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=146005
* If we are going toColin Percival2005-05-067-1/+9
| | | | | | | | | | | | | | 1. Copy a NULL-terminated string into a fixed-length buffer, and 2. copyout that buffer to userland, we really ought to 0. Zero the entire buffer first. Security: FreeBSD-SA-05:08.kmem Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=145954
* Correctly validate inputs to the i386_get_ldt syscall.Colin Percival2005-05-063-6/+8
| | | | | | | | Security: FreeBSD-SA-05:07.ldt Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=145951
* Correct improper permissions on /dev/iir. The earlier permissionsColin Percival2005-05-063-3/+6
| | | | | | | | | | of 0644 allowed for people to do Evil Things via ioctl(2). Security: FreeBSD-SA-05:06.iir Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=145948
* MFC:Simon L. B. Nielsen2005-04-225-9/+14
| | | | | | | | | | | | | Correct multiple security related errors: a buffer overflow, NULL pointer dereferences, possible use of uninitialized variables, and memory leaks. Security: CAN-2005-0753 Security: FreeBSD-SA-05:05.cvs Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=145411
* Zero the ifr.ifr_name buffer in ifconf() in order to avoidColin Percival2005-04-153-1/+11
| | | | | | | | | | accidental disclosure of kernel memory to userland. Security: FreeBSD-SA-05:04.ifconf Approved by: so (cperciva) Notes: svn path=/releng/4.11/; revision=145096
* MFC revision 1.103.Colin Percival2005-04-043-1/+5
| | | | | | | | Security: FreeBSD-SA-05:02.sendfile Approved by: so (nectar) Notes: svn path=/releng/4.11/; revision=144642
* MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows inJacques Vidrine2005-03-286-25/+109
| | | | | | | | | telnet(1). Security: CAN-2005-0468, CAN-2005-0469 Approved by: security-officer Notes: svn path=/releng/4.11/; revision=144235
* Ready to do the tagging for 4.11-RELEASE.release/4.11.0Ken Smith2005-01-212-1/+4
| | | | | | | | Approved by: re (implicit) Notes: svn path=/releng/4.11/; revision=140575 svn path=/release/4.11.0/; revision=140576; tag=release/4.11.0
* Remove unnecessary parts for the release.Hiroki Sato2005-01-211-10/+0
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140571
* New release notes:Hiroki Sato2005-01-211-11/+25
| | | | | | | | | | | | | | | | XFree86 4.4.0. Update release notes: - Move pbio(4) to the platform specific section. - more port randomization related sysctl: net.inet.ip.portrange.randomcps net.inet.ip.portrange.randomtime - net.inet.tcp.insecure_rst=1 is required for RFC 793. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140570
* - Use &os;.Hiroki Sato2005-01-211-40/+3
| | | | | | | | | - Remove empty sections. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140559
* New release notes:Hiroki Sato2005-01-211-0/+3
| | | | | | | | | CVS 1.11.17. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140557
* New release notes:Hiroki Sato2005-01-211-4/+62
| | | | | | | | | | | | | | | | | | | | pbio(4) added, axe(4) added, bge(4) BCM5750/BCM5751 support, kernel panic when net.inet.ip.rtexpire=0 fixed, ipnat(8) non-TCP/UDP packets redirect rules support, trm(4) update, fwcontrol(8) -m option, $inetd_flags now includes "-C 60", libc eui64(3) functions support, ngctl(8) dot command, pax(1) bugfixes, and whois(1) improvements. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140556
* New release notes:Hiroki Sato2005-01-211-4/+52
| | | | | | | | | | | | | | | | fixes of vm_object_*() and contigmalloc(), em(4) 82541ER and 82546GB support, ixgb(4) added, sk(4) jumbo frame handling fix, net.inet.tcp.insecure_rst sysctl, ips(4) added, mpt(4) FC929X support, and linux_base-8 used by default. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140551
* MFC rev 1.57: Remove 6422, V100 and add the P600.Paul Saab2005-01-211-2/+1
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/4.11/; revision=140550
* New release notes:Hiroki Sato2005-01-211-3/+8
| | | | | | | | | Gnome 2.8.2 and KDE 3.3.2. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140549
* New release notes:Hiroki Sato2005-01-211-6/+31
| | | | | | | | | SA-04:13, SA-04:14, SA-04:16, and SA-04:17. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140548
* Bump &release.manpath.netbsd; to 2.0.Hiroki Sato2005-01-211-1/+1
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140547
* - Bump the copyright year.Hiroki Sato2005-01-2110-83/+21
| | | | | | | | | | - Simplify %foo; entities in the preamble. - Trim old information. Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140545
* Bump &release.*; for 4.11R.Hiroki Sato2005-01-211-8/+8
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/4.11/; revision=140544
* MFS revision 1.749.2.175Ken Smith2005-01-191-0/+1
| | | | | | | | | | | | | date: 2005/01/17 09:37:27; author: scottl; state: Exp; lines: +1 -0 Add tap(4) to LINT PR: kern/44260 Submitted by: Matthias Andree Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140486
* MFS of v1.55.2.10:Ken Smith2005-01-191-0/+1
| | | | | | | | | | | | | | | | | | MFC revision 1.105: date: 2002/09/07 04:59:49; author: peter; state: Exp; lines: +1 -0 Supposedly linux has added a 6th syscall arg register (%ebp). I am not 100% sure if this is enough, but it will not harm anything. This appears to fix some breakage with the emulation of linux's mmap2(). When that function became available recently the linux executables started using it which broke installing the emulators/linux_base-8 port. Pointer from: akiyama Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140484
* MFC: rev. 1.10Christian Brueffer2005-01-181-1/+3
| | | | | | | | | | - list the Hama USB RS-232 Serial Adapter as supported - bump .Dd Approved by: re (kensmith) Notes: svn path=/releng/4.11/; revision=140434
* Almost ready for RC3 builds.Ken Smith2005-01-141-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/4.11/; revision=140264
* Merge the ips driver bits. Tags were slid on the files that were added toScott Long2005-01-1411-5/+29
| | | | | | | | | | the RELENG_4 branch. This commit covers the files that existed and were merely changed. Approved by: re Notes: svn path=/releng/4.11/; revision=140212
* Regen from syscalls.master revision 1.30.2.8.8.1Ken Smith2005-01-143-4/+116
| | | | | | | Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140210
* MFS of some Linux emulation fixes. From the log message of the MFC:Ken Smith2005-01-147-27/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | kensmith 2005-01-12 16:34:55 UTC FreeBSD src repository Modified files: (Branch: RELENG_4) lib/libc/gen errlst.c lib/libc/sys intro.2 sys/nfs nfs_subs.c sys/sys errno.h sys/i386/linux linux_dummy.c linux_machdep.c syscalls.master Log: This is a partial MFC of the current RELENG_5 Linux emulation, which became necessary due to the plans for using linux_base-8 for the 4.11 release. Among other things running "/compat/linux/bin/ls -l" dumped core because it tried to use completely non-existent system calls. We don't actually implement the system calls it's trying to use but we at least need to have something in place that returns an error code. Things being added: - wrapper for mmap2(2) from sys/compat/linux/linux_machdep.c v1.31 sys/compat/linux/linux_dummy.c v1.35 - add dummy entries for fadvise64(2) and *xattr(2) family of syscalls from sys/compat/linux/linux_dummy.c v1.37 - add ENOATTR error code because that is what the *xattr(2) family of syscalls returns, which in turn required tweaking the error code translation table in the NFS server code[1]. - add $FreeBSD$ token to lib/libc/gen/errlst.c so it passes pre-commit check script... [1] Noticed by rwatson. Requested by: nectar Reviewed by: nectar, sobomax, re@ Tested by: nectar, ceri Versions being MFS-ed: src/lib/libc/gen/errlst.c 1.2.2.1 src/lib/libc/sys/intro.2 1.21.2.8 and 1.21.2.9 src/sys/i386/linux/linux_dummy.c 1.21.2.9 src/sys/i386/linux/linux_machdep.c 1.6.2.6 src/sys/i386/linux/syscalls.master 1.30.2.9 src/sys/nfs/nfs_subs.c 1.90.2.4 src/sys/sys/errno.h 1.14.2.3 Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140209
* MFS revision 1.50.2.48Ken Smith2005-01-131-1/+1
| | | | | | | | | | | | | | | | | date: 2005/01/11 18:25:01; author: kensmith; state: Exp; lines: +1 -1 MFC of an off-by-one fix sos made to HEAD in v1.96 of ata-chipset.c and v1.50 of ata-lowlevel.c. From his log message: Log: Compensate for off by one bugs in disk firmware for 48BIT addressing cutover. Requested by: marck Glanced at by: sos Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140208
* MFC v1.1.2.39: The package set configuration for 4.11-RELEASE.Ken Smith2005-01-131-5/+23
| | | | | | | Approved by: re (scottl) Notes: svn path=/releng/4.11/; revision=140207
* MFC: Rev. 1.71SUZUKI Shinsuke2005-01-131-0/+1
| | | | | | | | | | fixed an unexpected addr/port matching failure in IPv6 SA management PR: kern/72393 Approved by: re (kensmith) Notes: svn path=/releng/4.11/; revision=140206
* MFS:Eric Anholt2005-01-131-2/+2
| | | | | | | | | | Remove and recreate with correct permissions/owner three additional X socket directories. Approved by: re (kensmith) Notes: svn path=/releng/4.11/; revision=140203