aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix logic error in sshd(8) concerning the handling of failedreleng/5.5Colin Percival2008-04-173-4/+5
| | | | | | | | | | attempts to bind ports for X11 forwarding. Security: FreeBSD-SA-08:05.openssh Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=178263
* Fix sendfile(2) write-only file permission bypass. [08:03.sendfile]Simon L. B. Nielsen2008-02-144-3/+8
| | | | | | | | | | | Fix IPsec null pointer dereference panic. [SA-08:04.ipsec] Security: FreeBSD-SA-08:03.sendfile Security: FreeBSD-SA-08:04.ipsec Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=176274
* Fix date of last advisory -- January 14th, not January 18th.Colin Percival2008-01-151-1/+1
| | | | | | | Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=175372
* Fix issues which allow snooping on ptys.Colin Percival2008-01-143-3/+5
| | | | | | | | Security: FreeBSD-SA-08:01.pty Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=175334
* Correct a random value disclosure in random(4). [07:09]Simon L. B. Nielsen2007-11-294-3/+8
| | | | | | | | | | | Correct a gtar directory traversal vulnerability. [07:10] Security: FreeBSD-SA-07:09.random Security: FreeBSD-SA-07:10.gtar Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=174077
* Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().Simon L. B. Nielsen2007-10-033-12/+15
| | | | | | | | Security: FreeBSD-SA-07:08.openssl Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=172432
* Correct a bug in the patch for FreeBSD-SA-07:01.jail which preventedSimon L. B. Nielsen2007-08-017-59/+511
| | | | | | | | | | | | | | | | | jails with custom fstab's from starting due to use of incorrect variable. [1] Correct buffer overflow in tcpdump(1). [SA-07:06] Correct predictable query ids in named(8). [SA-07:07] Reported by: Joel Hatton <joel@auscert.org.au> [1] Security: FreeBSD-SA-07:06.tcpdump Security: FreeBSD-SA-07:07.bind Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=171687
* Correct multiple security issues in how libarchive handles corruptColin Percival2007-07-123-37/+104
| | | | | | | | | | | tar archives, including a potentially exploitable buffer overflow. Approved by: so (cperciva) Reviewed by: kientzle Security: FreeBSD-SA-07:05.libarchive Notes: svn path=/releng/5.5/; revision=171404
* Fix buffer overflow in libmagic(3).Colin Percival2007-05-235-19/+32
| | | | | | | | Security: FreeBSD-SA-07:04.file Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=169904
* Disable processing of IPv6 type 0 Routing Headers. This behaviourColin Percival2007-04-265-3/+18
| | | | | | | | | | | can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed sysctl. Security: FreeBSD-SA-07:03.ipv6 Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=169063
* Correct two remote denials of service in BIND involving DNSSEC andColin Percival2007-02-095-8/+81
| | | | | | | | | | recursive DNS queries respectively. Security: FreeBSD-SA-07:02.bind Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=166606
* Fix jail rc.d script privilege escalation via symlink attack againstSimon L. B. Nielsen2007-01-113-13/+119
| | | | | | | | | | /var/log/console.log and mount points. Security: FreeBSD-SA-07:01.jail Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=165943
* Correct a signedness bug which allowed members of the operatorColin Percival2006-12-066-3/+27
| | | | | | | | | | | | | | group to read kernel memory. [1] Disable handling of GNUTYPE_NAMES tar file entries by default, since they can be used to extract files outside of the cwd. [2] Security: FreeBSD-SA-06:25.kmem [1] Security: FreeBSD-SA-06:26.gtar [2] Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=164944
* Correct multiple vulnerabilities in OpenSSH.Simon L. B. Nielsen2006-09-3016-13/+67
| | | | | | | | Security: FreeBSD-SA-06:22.openssh Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=162896
* Correct problem in the 2006-09-28 patch concerning the handling ofColin Percival2006-09-293-2/+6
| | | | | | | | | | | excessively large DH moduli. Reported by: Steve Kiernan (Juniper SIRT) Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=162788
* Correct multiple vulnerabilities in crypto(3).Colin Percival2006-09-2815-4/+102
| | | | | | | | | | | Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=162724
* Correct multiple vulnerabilities in gzip(1).Simon L. B. Nielsen2006-09-196-21/+29
| | | | | | | | Security: FreeBSD-SA-06:21.gzip Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=162447
* Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]Simon L. B. Nielsen2006-09-065-24/+55
| | | | | | | | | | | | Correct multiple denial-of-service vulnerabilities in BIND related to SIG Query Processing and Excessive Recursive Queries. [2] Security: FreeBSD-SA-06:19.openssl [1] Security: FreeBSD-SA-06:20.bind [2] Approved by: so (simon) Notes: svn path=/releng/5.5/; revision=162076
* Correct buffer overflow in the handling of LCP options in ppp(4)Colin Percival2006-08-233-13/+28
| | | | | | | | Security: FreeBSD-SA-06:18.ppp Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=161557
* Correct a bug in the handling of multipart messages by sendmail(8)Colin Percival2006-06-145-11/+39
| | | | | | | | | | | which can allow a malformed message to crash a sendmail queue processing process. Security: FreeBSD-SA-06:17.sendmail Approved by: so (cperciva) Notes: svn path=/releng/5.5/; revision=159608
* Enable inadvertantly disabled "securenet" access controls in ypserv. [1]Colin Percival2006-05-314-17/+41
| | | | | | | | | | | | Correct a bug in the handling of backslash characters in smbfs which can allow an attacker to escape from a chroot(2). [2] Approved by: so (cperciva) Security: FreeBSD-SA-06:15.ypserv [1] Security: FreeBSD-SA-06:16.smbfs [2] Notes: svn path=/releng/5.5/; revision=159118
* Looks like we're ready for the release...release/5.5.0Ken Smith2006-05-231-1/+1
| | | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158847 svn path=/release/5.5.0/; revision=158848; tag=release/5.5.0
* Add a paragraph documenting 5.5-RELEASE as the last (planned) 5-STABLEBruce A. Mah2006-05-221-0/+12
| | | | | | | | | | | release. Some form of this text will also go into the release announcement. Approved by: re (kensmith) Reviewed by: kensmith, cperciva Notes: svn path=/releng/5.5/; revision=158833
* MFC if_em.c, 1.92 to RELENG_5_5:Pyun YongHyeon2006-05-211-0/+60
| | | | | | | | | | Add jumbo frame support for architectures with strict alignment. Requested by: wilko Approved by: re (kensmith) Notes: svn path=/releng/5.5/; revision=158805
* MFC: Remove reference to -stable@Xin LI2006-05-211-12/+1
| | | | | | | Approved by: re (hrs) Notes: svn path=/releng/5.5/; revision=158793
* Fix &release.url; for 5.5-RELEASE.Hiroki Sato2006-05-201-1/+1
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/5.5/; revision=158770
* Remove description about subscribing to stable@.Hiroki Sato2006-05-201-11/+0
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/5.5/; revision=158769
* Ready for RC1 builds...Ken Smith2006-05-141-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158552
* MFen:Xin LI2006-05-136-276/+141
| | | | | | | | | | | | | | | errata/article.sgml: 1.69.2.33 -> 1.69.2.35.2.1 hardware/common/artheader.sgml: 1.5.2.1 -> 1.5.2.2 installation/common/artheader.sgml: 1.5 -> 1.5.2.1 installation/sparc64/article.sgml (fix) relnotes/common/new.sgml: 1.761.2.56 -> 1.761.2.59.2.1 relnotes/sparc64/article.sgml (fix) Obtained from: The FreeBSD Simplified Chinese Project Approved by: re (murray) Notes: svn path=/releng/5.5/; revision=158511
* MFC: tzdata2006.Bruce A. Mah2006-05-121-2/+2
| | | | | | | | | Also insert missing punctuation. Approved by: re (kensmith) Notes: svn path=/releng/5.5/; revision=158495
* Trim errata document for 5.5-RELEASE.Bruce A. Mah2006-05-121-283/+4
| | | | | | | | | | | | | Also update version number entities in this file (wait, why aren't we using what was in share/sgml/release.ent?). Because this is the last planned release from the RELENG_5 codeline, remove text that implies that further 5.X releases will be forthcoming. Approved by: re (kensmith) Notes: svn path=/releng/5.5/; revision=158494
* Update entities to reflect that this set of release documents isBruce A. Mah2006-05-121-3/+3
| | | | | | | | | a full release, not a snapshot. Approved by: re (kensmith) Notes: svn path=/releng/5.5/; revision=158493
* Update for 5.5-RELEASE.Ken Smith2006-05-122-5/+5
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158484
* Add packages-5.5-release.Ken Smith2006-05-121-0/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158483
* Update FreeBSD_version for 5.5-RELEASE.Ken Smith2006-05-121-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158481
* RELENG_5 -> RELENG_5_5Ken Smith2006-05-121-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158480
* 5.4 -> 5.5Ken Smith2006-05-121-2/+2
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158479
* Adjust branch tag for updates to RELENG_5_5.Ken Smith2006-05-121-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158478
* Update default OS.Ken Smith2006-05-121-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/5.5/; revision=158476
* This commit was manufactured by cvs2svn to create branch 'RELENG_5_5'.cvs2svn2006-05-1211-1329/+0
| | | | Notes: svn path=/releng/5.5/; revision=158462
* Merge tzdata2006g from vendor branch. At this point, HEAD, RELENG_6,Garrett Wollman2006-05-1214-478/+773
| | | | | | | | | and RELENG_5 should have the same data. Approved by: re (kensmith) Notes: svn path=/stable/5/; revision=158461
* MFC: Bump copyright year on the hardware notes and installation guide.Bruce A. Mah2006-05-112-0/+3
| | | | | | | | | | | | | | hardware/common/artheader.sgml 1.7 -> 1.8 installation/common/artheader.sgml 1.7 -> 1.8 (Not an exact MFC because the installation document was also missing 2005 in its copyright year list, which I added.) PR: 97134 Approved by: re (blanket approval from hrs for RELENG_5 src/doc) Notes: svn path=/stable/5/; revision=158439
* New release note: ndis(4) partial sync with HEAD.Bruce A. Mah2006-05-111-4/+113
| | | | | | | | | | | | | | | | | MFC: if_bridge(4), twa(4) update 9.3.0.1, bsdiff(1)/bspatch(1), cmp(1) -h, kdump(1) -s, netstat(1) -h, sweeping ping(8), power(8), rfcomm_sppd(1) service names, rm(1) -I, sh(1) times, snapinfo(8), rc.d/bluetooth, pkg_add(1) -P, pkg_add(1)/pkg_create(1) -K, pkg_create(1) -x/-E/-G, pkg_version(1) -o, portsnap(8), ports startup script suffixes removed, ldconfig_local{,32}_dirs, pkg-plist @cwd. Also remove a sentence about &merged; features (this sentence only applies to HEAD). Approved by: re (hrs) Notes: svn path=/stable/5/; revision=158436
* MFC: Second core on dual-core processors enabled. Fix typo in KDEBruce A. Mah2006-05-101-1/+5
| | | | | | | | | release note. Approved by: re (kensmith) Notes: svn path=/stable/5/; revision=158412
* MFC: 1.37David Malone2006-05-021-8/+20
| | | | | | | | | | Stop dump reading off the end of its inode bitmaps when it finds an invalid inode number in a directory entry. Approved by: re Notes: svn path=/stable/5/; revision=158253
* MFC: v1.45, v1.44David Malone2006-05-021-8/+11
| | | | | | | | | | Make port 37 time work on machines with 64 bit longs. Also merge a couple of updates to comments. Approved by: re Notes: svn path=/stable/5/; revision=158250
* MFC queue.3 1.39 to RELENG_5:Ed Maste2006-05-021-1/+1
| | | | | | | | | | | | The removal of CIRCLEQ left four queue macro families, but one sentence in the man page wasn't updated. PR: docs/94938 Submitted by: Ed Schouten <ed@fxq.nl> Approved by: re Notes: svn path=/stable/5/; revision=158242
* MFC rev. 1.7: fix prototype for SYSCALL_MODULE(9).Maxim Konovalov2006-05-011-3/+3
| | | | | | | Approved by: re (kensmith) Notes: svn path=/stable/5/; revision=158232
* MFC rev. 1.33: document SO_NOSIGPIPE.Maxim Konovalov2006-05-011-1/+9
| | | | | | | Approved by: re (kensmith) Notes: svn path=/stable/5/; revision=158230
* MFC rev. 1.4 netflow.h: replace disappeared URLs to Cisco docs byMaxim Konovalov2006-05-011-8/+14
| | | | | | | | | new ones, style. Approved by: re (kensmith) Notes: svn path=/stable/5/; revision=158229