src, branch releng/8.0 FreeBSD source tree Fix a race condition exists in the OpenSSL TLS server extension code and 2010-11-29T20:43:06+00:00 Simon L. B. Nielsen simon@FreeBSD.org 2010-11-29T20:43:06+00:00 5381b89e043e6a4c0316344f7fe8272596d3011c a double free in the SSL client ECDH handling code. Approved by: so (simon) Security: CVE-2010-2939, CVE-2010-3864 Security: FreeBSD-SA-10:10.openssl 
a double free in the SSL client ECDH handling code.

Approved by:	so (simon)
Security:	CVE-2010-2939, CVE-2010-3864
Security:	FreeBSD-SA-10:10.openssl
Fix an integer overflow in RLE length parsing when decompressing 2010-09-20T14:58:08+00:00 Colin Percival cperciva@FreeBSD.org 2010-09-20T14:58:08+00:00 3a68eb81a01613c9a6552bea8ddf211b474be68f corrupt bzip2 data. Approved by: so (cperciva) Security: FreeBSD-SA-10:08.bzip2 
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
Correctly copy the M_RDONLY flag when duplicating a reference 2010-07-13T02:45:17+00:00 Colin Percival cperciva@FreeBSD.org 2010-07-13T02:45:17+00:00 e811d1f0f629245d33b338438789e857d01a47b1 to an mbuf external buffer. Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-10:07.mbuf 
to an mbuf external buffer.

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:07.mbuf
Change the current working directory to be inside the jail created by 2010-05-27T03:15:04+00:00 Colin Percival cperciva@FreeBSD.org 2010-05-27T03:15:04+00:00 a6b5951a1159278502d0b699efcdf9276a4334db the jail(8) command. [10:04] Fix a one-NUL-byte buffer overflow in libopie. [10:05] Correctly sanity-check a buffer length in nfs mount. [10:06] Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-10:04.jail Security: FreeBSD-SA-10:05.opie Security: FreeBSD-SA-10:06.nfsclient 
the jail(8) command. [10:04]

Fix a one-NUL-byte buffer overflow in libopie. [10:05]

Correctly sanity-check a buffer length in nfs mount. [10:06]

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-10:04.jail
Security:	FreeBSD-SA-10:05.opie
Security:	FreeBSD-SA-10:06.nfsclient
Fix BIND named(8) cache poisoning with DNSSEC validation. 2010-01-06T21:45:30+00:00 Simon L. B. Nielsen simon@FreeBSD.org 2010-01-06T21:45:30+00:00 2e7e77ff792417b708755984259bd4833608e85b [SA-10:01] Fix ntpd mode 7 denial of service. [SA-10:02] Fix ZFS ZIL playback with insecure permissions. [SA-10:03] Various FreeBSD 8.0-RELEASE improvements. [EN-10:01] Security: FreeBSD-SA-10:01.bind Security: FreeBSD-SA-10:02.ntpd Security: FreeBSD-SA-10:03.zfs Errata: FreeBSD-EN-10:01.freebsd Approved by: so (simon) 
[SA-10:01]

Fix ntpd mode 7 denial of service. [SA-10:02]

Fix ZFS ZIL playback with insecure permissions. [SA-10:03]

Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]

Security:	FreeBSD-SA-10:01.bind
Security:	FreeBSD-SA-10:02.ntpd
Security:	FreeBSD-SA-10:03.zfs
Errata:		FreeBSD-EN-10:01.freebsd
Approved by:	so (simon)
Bump the patch level in the kernel version number, which was 2009-12-03T12:59:39+00:00 Simon L. B. Nielsen simon@FreeBSD.org 2009-12-03T12:59:39+00:00 1cc4828b9a0d73fd006e657010e9d74108c7033b accidentally left out of main commit for SA-09:15, SA-09:15, and SA-09:17 in r200054. Approved by: so (simon) 
accidentally left out of main commit for SA-09:15, SA-09:15, and
SA-09:17 in r200054.

Approved by:	so (simon)
Disable SSL renegotiation in order to protect against a serious 2009-12-03T09:18:40+00:00 Colin Percival cperciva@FreeBSD.org 2009-12-03T09:18:40+00:00 c08f10bc4888982e18312f4b2bd817d0aca58314 protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate 
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
Predict when 8.0-RELEASE will be announced. 2009-11-20T16:00:40+00:00 Ken Smith kensmith@FreeBSD.org 2009-11-20T16:00:40+00:00 59dd044d1cb744d3dba6b41c41e196b54e8fd9f8 Approved by: re (implicit) 
Approved by:	re (implicit)
Prepare for 8.0-RELEASE builds. 2009-11-20T15:55:23+00:00 Ken Smith kensmith@FreeBSD.org 2009-11-20T15:55:23+00:00 fc8b5e644fef3179fe1aceadeae06994b356725e Approved by: re (implicit) 
Approved by:	re (implicit)
Make a few adjustments to say this is 8.0-RELEASE. Add a warning that 2009-11-20T15:53:59+00:00 Ken Smith kensmith@FreeBSD.org 2009-11-20T15:53:59+00:00 93f0adb4588196ca80e974394b5713a3b4be95e7 the actual release notes were not available at the time of the release builds, they are still being assembled. Remove the existing entries which are not accurate for 8.0-RELEASE. Approved by: re (implicit) 
the actual release notes were not available at the time of the release
builds, they are still being assembled.  Remove the existing entries
which are not accurate for 8.0-RELEASE.

Approved by:	re (implicit)