aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Correct a remote denial-of-service attack in named(8).releng/4.6Jacques Vidrine2003-11-274-5/+14
| | | | Notes: svn path=/releng/4.6/; revision=123008
* MFS 1.10.2.5: Unbreak read/write behavior (introduced in previous revision).Jacques Vidrine2003-10-041-3/+1
| | | | Notes: svn path=/releng/4.6/; revision=120752
* Correct vulnerabilities in OpenSSL ASN.1 parsing.Jacques Vidrine2003-10-035-6/+12
| | | | | | | Obtained from: openssl.org CVS Notes: svn path=/releng/4.6/; revision=120712
* Merge from RELENG_4: kern_subr.c 1.31.2.3, procfs_dbregs.c 1.4.2.4,Jacques Vidrine2003-10-0310-122/+47
| | | | | | | | | | procfs_fpregs.c 1.11.2.4, procfs_regs.c 1.10.2.4, procfs_rlimit.c 1.5.2.1, procfs_status.c 1.20.2.5, uio.h 1.11.2.2, linprocfs_misc.c 1.3.2.9. Correct several integer underflows/overflows in procfs and linprocfs. Notes: svn path=/releng/4.6/; revision=120689
* MFS 1.55.2.11: Correct a reference counting bug in readv(2).Jacques Vidrine2003-10-023-7/+10
| | | | Notes: svn path=/releng/4.6/; revision=120667
* Bump patch level for updated arplookup fix.Jacques Vidrine2003-09-252-1/+4
| | | | Notes: svn path=/releng/4.6/; revision=120433
* Fix a logic error in the check to see if arplookup() should free the route.Bruce M Simpson2003-09-241-1/+1
| | | | | | | | Noticed by: Mike Hogsett Reviewed by: ru Notes: svn path=/releng/4.6/; revision=120420
* Update patch levelDag-Erling Smørgrav2003-09-242-1/+4
| | | | Notes: svn path=/releng/4.6/; revision=120419
* Update version string.Dag-Erling Smørgrav2003-09-243-3/+3
| | | | Notes: svn path=/releng/4.6/; revision=120416
* MFS: plug a resource leak in ssh1 challenge/response code.Dag-Erling Smørgrav2003-09-243-1/+22
| | | | Notes: svn path=/releng/4.6/; revision=120415
* MFC: (1.13) remove bogus calls to xfree().Dag-Erling Smørgrav2003-09-241-2/+0
| | | | Notes: svn path=/releng/4.6/; revision=120412
* MFC: (1.12) resp is a pointer to an array of structs.Dag-Erling Smørgrav2003-09-241-4/+4
| | | | Notes: svn path=/releng/4.6/; revision=120409
* Fix whitespace in latest note.Jacques Vidrine2003-09-231-1/+1
| | | | Notes: svn path=/releng/4.6/; revision=120393
* Fix a bug in arplookup(), whereby a hostile party on a locallyBruce M Simpson2003-09-233-7/+20
| | | | | | | | | | | attached network could exhaust kernel memory, and cause a system panic, by sending a flood of spoofed ARP requests. Approved by: security-officer, jake (mentor) Reported by: Apple Product Security <product-security@apple.com> Notes: svn path=/releng/4.6/; revision=120385
* MFC: sendmail address parsing bug fixGregory Neil Shapiro2003-09-174-2/+9
| | | | | | | Approved by: so (nectar) Notes: svn path=/releng/4.6/; revision=120179
* MFC buffer.c 1.2, channels.c 1.16, deattack.c 1.1.1.6, misc.c 1.1.1.5,Jacques Vidrine2003-09-179-28/+43
| | | | | | | | session.c 1.41, ssh-agent.c 1.19: Correct more cases of allocation size bookkeeping errors. Notes: svn path=/releng/4.6/; revision=120167
* MFC buffer.c 1.1.1.7: Do not record expanded size before attempting toJacques Vidrine2003-09-164-6/+12
| | | | | | | reallocate associated memory. Notes: svn path=/releng/4.6/; revision=120133
* Merge sm_resolve.c 1.229.2.17: Fix for DNS map processing error.Jacques Vidrine2003-08-253-1/+5
| | | | Notes: svn path=/releng/4.6/; revision=119481
* Merge from RELENG_4_7 1.51.2.4.2.2:Jacques Vidrine2003-08-111-1/+1
| | | | | | | Fix typo: `uap->data' versus `data'. Notes: svn path=/releng/4.6/; revision=118779
* MFC 1.24: Validate the iBCS2 statfs(2) length parameter.Jacques Vidrine2003-08-103-1/+8
| | | | Notes: svn path=/releng/4.6/; revision=118755
* MFC sys_process.c 1.113, spigot.c 1.60:Jacques Vidrine2003-08-104-2/+8
| | | | | | | | Add or correct range checking of signal numbers in system calls and ioctls. Notes: svn path=/releng/4.6/; revision=118753
* realpath(3) bug fix: There was an off-by-one error in computing theJacques Vidrine2003-08-033-2/+6
| | | | | | | size of the resulting canonical path. Notes: svn path=/releng/4.6/; revision=118401
* Update FreeBSD Security Advisory NumberGregory Neil Shapiro2003-03-291-1/+1
| | | | | | | Approved by: so (nectar) Notes: svn path=/releng/4.6/; revision=112825
* sendmail parsing buffer overflow fixGregory Neil Shapiro2003-03-295-4/+20
| | | | | | | | | Advisory number to be filled in later Approved by: so (nectar) Notes: svn path=/releng/4.6/; revision=112818
* MFC: crypto/openssl/ssl/s3_srvr.c 1.1.1.11Chris D. Faulhaber2003-03-215-19/+47
| | | | | | | | | | | | | Import of PKCS #1 security fix. http://www.openssl.org/news/secadv_20030319.txt MFC: crypto/openssl/crypto/rsa/rsa_eay.c 1.11 crypto/openssl/crypto/rsa/rsa_lib.c 1.9 Enable RSA blinding by default. http://www.openssl.org/news/secadv_20030317.txt Notes: svn path=/releng/4.6/; revision=112466
* MFC:Chris D. Faulhaber2003-03-204-10/+19
| | | | | | | | | | src/lib/libc/xdr/xdr_mem.c 1.12 src/include/rpc/xdr.h 1.23 Clean up some signed/unsigned issues in the XDR code. Notes: svn path=/releng/4.6/; revision=112432
* FreeBSD-SA-03:04.sendmail: sendmail header parsing buffer overflowGregory Neil Shapiro2003-03-037-90/+138
| | | | | | | Approved by: security-officer (nectar) Notes: svn path=/releng/4.6/; revision=111828
* Wrap CTASSERT in an #ifdef like we did on all the other branches.Jacques Vidrine2003-02-241-0/+2
| | | | | | | | Noticed by: alc Wearing pointy hat to bed tonight: nectar Notes: svn path=/releng/4.6/; revision=111402
* MFC tcp_syncache.c 1.38: Improve security and performance of syncookies.Jacques Vidrine2003-02-233-27/+49
| | | | Notes: svn path=/releng/4.6/; revision=111352
* Merge from RELENG_4_7: Update to OpenSSL 0.9.6i.Jacques Vidrine2003-02-21277-1188/+1777
| | | | Notes: svn path=/releng/4.6/; revision=111218
* Correct a double-free bug and disable a dangerous feature inJacques Vidrine2003-02-043-6/+10
| | | | | | | | | | | cvs. See <URL:http://online.securityfocus.com/archive/1/72584>, <URL:http://security.e-matters.de/advisories/012003.html>, and the soon-to-be-released FreeBSD-SA-03:01.cvs for details. Notes: svn path=/releng/4.6/; revision=110341
* -- Emphasize on the first line that this is a security branch (and whichJacques Vidrine2003-01-311-2/+2
| | | | | | | | branch specifically). -- Update imp's copyright to 2003. Notes: svn path=/releng/4.6/; revision=110142
* This commit was manufactured by cvs2svn to create branch 'RELENG_4_6'.cvs2svn2003-01-281-0/+75
| | | | Notes: svn path=/releng/4.6/; revision=110002
* MFC 1.114: Fix a file descriptor leak in fpathconf(2).Jacques Vidrine2003-01-063-5/+10
| | | | Notes: svn path=/releng/4.6/; revision=108789
* Correct recent name server vulnerabilities as documented atJacques Vidrine2002-11-1411-22/+64
| | | | | | | | | | <URL:http://www.isc.org/products/BIND/bind-security.html> and <URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469>. Obtained from: ISC Notes: svn path=/releng/4.6/; revision=106887
* MFC: Fix smrsh bypass bug.Gregory Neil Shapiro2002-10-263-1/+39
| | | | | | | Approved by: security-officer Notes: svn path=/releng/4.6/; revision=106004
* MFS: Allocate 64K recieve buffer for DNS responses.Hajimu UMEMOTO2002-10-235-70/+152
| | | | | | | | | | | | | lib/libc/net/getaddrinfo.c: 1.9.2.10, 1.9.2.11 lib/libc/net/gethostbydns.c: 1.27.2.4 lib/libc/net/getnetbydns.c: 1.13.2.4 lib/libc/net/name6.c: 1.6.2.7 lib/libc/net/res_mkquery.c: 1.15.2.2 Approved by: security-officer Notes: svn path=/releng/4.6/; revision=105800
* Update UPDATING and bump patch level for kadmind fix.Chris D. Faulhaber2002-10-232-1/+4
| | | | Notes: svn path=/releng/4.6/; revision=105796
* MFC kadm_ser_wrap.c:1.1.1.4: fix buffer overflowAssar Westerlund2002-10-233-10/+19
| | | | | | | | | | MFC updating kerberosIV and kerberos5 versions consistenly Approved by: security-officer Obtained from: kth-krb CVS Notes: svn path=/releng/4.6/; revision=105794
* import 1.27 to fix buffer overflow:Assar Westerlund2002-10-221-1/+8
| | | | | | | | | | check size of rlen Approved by: security-officer Obtained from: Heimdal CVS Notes: svn path=/releng/4.6/; revision=105676
* Update DE translation of the relase notes for the RELENG_4_6 branch upUdo Erdelhoff2002-10-173-47/+220
| | | | | | | | | | | | | | | Phase 3 of 3: Sync from RELENG_4_6_BP to RELENG_4_6 In particular: readme/article.sgml: 1.1.2.14 -> 1.1.2.14.2.3 relnotes/common/new.sgml: 1.22.2.249 -> 1.22.2.249.2.13 relnotes/common/relnotes.ent: 1.1.2.3 -> 1.1.2.3.4.3 Reviewed by: re, security-officer Approved by: bmah Notes: svn path=/releng/4.6/; revision=105335
* DE release notes catchup for RELENG_4_6, Phase 2 of 3, framework fixes:Udo Erdelhoff2002-10-1711-61/+12
| | | | | | | | | | | | - remove the localized release.ent from cvs and catalog - change all articles to use the global release.ent, not the local one - bring the release.dsl into sync with the english version Reviewed by: re, security-officer Approved by: bmah Notes: svn path=/releng/4.6/; revision=105315
* Bring DE translation of the release notes for RELENG_4_6 up to speedUdo Erdelhoff2002-10-162-6/+8
| | | | | | | | | | Phase 1 of 3: Catch up to RELENG_4_6_BP Reviewed by: re, security-officer Approved by: bmah Notes: svn path=/releng/4.6/; revision=105288
* MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec.Jacques Vidrine2002-09-133-1/+18
| | | | Notes: svn path=/releng/4.6/; revision=103292
* MFS: Fix minor off-by-one error.Bruce A. Mah2002-09-091-1/+1
| | | | | | | | Approved by: re (jhb) Originally approved by: security-officer (nectar) Notes: svn path=/releng/4.6/; revision=103158
* Document pkg_add bugfix.Bruce A. Mah2002-09-091-0/+4
| | | | | | | Approved by: security-officer (nectar) Notes: svn path=/releng/4.6/; revision=103154
* Patchlevel bump for pkg_install bugfix.Bruce A. Mah2002-09-091-1/+1
| | | | | | | Approved by: security-officer (nectar) Notes: svn path=/releng/4.6/; revision=103153
* MFS: Make pkg_install go to the right place for 4.6-RELEASE andBruce A. Mah2002-09-091-0/+2
| | | | | | | | | 4.6.2-RELEASE packages. Approved by: security-officer (nectar) Notes: svn path=/releng/4.6/; revision=103152
* Add cross-reference for SA-02:38.Bruce A. Mah2002-09-051-1/+1
| | | | | | | Approved by: security-officer (implicitly) Notes: svn path=/releng/4.6/; revision=102970
* Merge the following from the English version:Hiroki Sato2002-08-192-5/+15
| | | | | | | | | | 1.22.2.249.2.12 -> 1.22.2.249.2.13 relnotes/common/new.sgml 1.1.2.3.4.2 -> 1.1.2.3.4.3 relnotes/common/relnotes.ent Approved by: re (bmah) Notes: svn path=/releng/4.6/; revision=102143