src/usr.sbin, branch releng/9.3 FreeBSD source tree Fix multiple vulnerabilities of ntp. 2016-12-22T16:19:05+00:00 Xin LI delphij@FreeBSD.org 2016-12-22T16:19:05+00:00 b06b7e647fe7b4eefbd29369cf0c24e1902bf72a Approved by: so 
Approved by:	so
Fix BIND remote Denial of Service vulnerability. [SA-16:28] 2016-10-10T07:19:16+00:00 Xin LI delphij@FreeBSD.org 2016-10-10T07:19:16+00:00 2d004eec093547d1217d9ee2684e9ac247a032ae Fix bspatch heap overflow vulnerability. [SA-16:29] Fix multiple portsnap vulnerabilities. [SA-16:30] Approved by: so 
Fix bspatch heap overflow vulnerability. [SA-16:29]

Fix multiple portsnap vulnerabilities. [SA-16:30]

Approved by:	so
Fix bspatch heap overflow vulnerability. [SA-16:25] 2016-07-25T15:04:17+00:00 Xin LI delphij@FreeBSD.org 2016-07-25T15:04:17+00:00 ad95f32fa879e589fe628cee459b99f278a7066d Fix freebsd-update(8) support of FreeBSD 11.0 release distribution. [EN-16:09] Approved by: so 
Fix freebsd-update(8) support of FreeBSD 11.0 release
distribution. [EN-16:09]

Approved by:	so
Fix multiple ntp vulnerabilities. 2016-06-04T05:46:52+00:00 Xin LI delphij@FreeBSD.org 2016-06-04T05:46:52+00:00 67df32044e9b060cda1d225576840df1b8bc4e6c Security: FreeBSD-SA-16:24.ntp Approved by: so 
Security:	FreeBSD-SA-16:24.ntp
Approved by:	so
Fix ntp multiple vulnerabilities. 2016-04-29T08:02:31+00:00 Xin LI delphij@FreeBSD.org 2016-04-29T08:02:31+00:00 5399f0d7531add543f1c06239ea3c1e4b3c41578 Approved by: so 
Approved by:	so
Fix BIND remote denial of service vulnerability. [SA-16:08] 2016-01-27T07:42:11+00:00 Xin LI delphij@FreeBSD.org 2016-01-27T07:42:11+00:00 b904cda23e910b04c9a2e3851bf9af02e28e01e2 Fix multiple vulnerabilities of ntp. [SA-16:09] Fix Linux compatibility layer issetugid(2) system call vulnerability. [SA-16:10] Security: FreeBSD-SA-16:08.bind Security: FreeBSD-SA-16:09.ntp Security: FreeBSD-SA-16:10.linux Approved by: so 
Fix multiple vulnerabilities of ntp. [SA-16:09]

Fix Linux compatibility layer issetugid(2) system call
vulnerability. [SA-16:10]

Security:	FreeBSD-SA-16:08.bind
Security:	FreeBSD-SA-16:09.ntp
Security:	FreeBSD-SA-16:10.linux
Approved by:	so
o Fix invalid TCP checksums with pf(4). [EN-16:02.pf] 2016-01-14T09:11:26+00:00 Gleb Smirnoff glebius@FreeBSD.org 2016-01-14T09:11:26+00:00 b6dd8ce45df1801c33c3b5e0603af10d1074e5f6 o Fix YP/NIS client library critical bug. [EN-16:03.yplib] o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp] o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp] o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux] o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux] o Fix TCP MD5 signature denial of service. [SA-16:05.tcp] o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd] Errata: FreeBSD-EN-16:02.pf Errata: FreeBSD-EN-16:03.yplib Security: FreeBSD-SA-16:01.sctp, CVE-2016-1879 Security: FreeBSD-SA-16:02.ntp, CVE-2015-5300 Security: FreeBSD-SA-16:03.linux, CVE-2016-1880 Security: FreeBSD-SA-16:04.linux, CVE-2016-1881 Security: FreeBSD-SA-16:05.tcp, CVE-2016-1882 Security: FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677 Approved by: so 
o Fix YP/NIS client library critical bug. [EN-16:03.yplib]
o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]
o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp]
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux]
o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux]
o Fix TCP MD5 signature denial of service. [SA-16:05.tcp]
o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]

Errata:		FreeBSD-EN-16:02.pf
Errata:		FreeBSD-EN-16:03.yplib
Security:	FreeBSD-SA-16:01.sctp, CVE-2016-1879
Security:	FreeBSD-SA-16:02.ntp, CVE-2015-5300
Security:	FreeBSD-SA-16:03.linux, CVE-2016-1880
Security:	FreeBSD-SA-16:04.linux, CVE-2016-1881
Security:	FreeBSD-SA-16:05.tcp, CVE-2016-1882
Security:	FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
Approved by:	so
o Fix regressions related to SA-15:25 upgrade of NTP. [1] 2015-11-04T11:27:30+00:00 Gleb Smirnoff glebius@FreeBSD.org 2015-11-04T11:27:30+00:00 d2f49e812c9fe88f6fbfa5bf4f79abb4822e4539 o Fix kqueue write events never fired for files greater 2GB. [2] o Fix kpplications exiting due to segmentation violation on a correct memory address. [3] PR: 204046 [1] PR: 204203 [1] Errata Notice: FreeBSD-EN-15:19.kqueue [2] Errata Notice: FreeBSD-EN-15:20.vm [3] Approved by: so 
o Fix kqueue write events never fired for files greater 2GB. [2]
o Fix kpplications exiting due to segmentation violation on a correct
  memory address. [3]

PR:		204046 [1]
PR:		204203 [1]
Errata Notice:	FreeBSD-EN-15:19.kqueue [2]
Errata Notice:	FreeBSD-EN-15:20.vm [3]
Approved by:	so
Upgrade NTP to 4.2.8p4. 2015-10-26T11:42:25+00:00 Gleb Smirnoff glebius@FreeBSD.org 2015-10-26T11:42:25+00:00 009e7aaa36cdc634402b808846ff82869c79b076 Security: FreeBSD-SA-15:25.ntp Security: CVE-2015-7871 Security: CVE-2015-7855 Security: CVE-2015-7854 Security: CVE-2015-7853 Security: CVE-2015-7852 Security: CVE-2015-7851 Security: CVE-2015-7850 Security: CVE-2015-7849 Security: CVE-2015-7848 Security: CVE-2015-7701 Security: CVE-2015-7703 Security: CVE-2015-7704, CVE-2015-7705 Security: CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Approved by: so 
Security:	FreeBSD-SA-15:25.ntp
Security:	CVE-2015-7871
Security:	CVE-2015-7855
Security:	CVE-2015-7854
Security:	CVE-2015-7853
Security:	CVE-2015-7852
Security:	CVE-2015-7851
Security:	CVE-2015-7850
Security:	CVE-2015-7849
Security:	CVE-2015-7848
Security:	CVE-2015-7701
Security:	CVE-2015-7703
Security:	CVE-2015-7704, CVE-2015-7705
Security:	CVE-2015-7691, CVE-2015-7692, CVE-2015-7702
Approved by:	so
Fix a regression with SA-15:24 patch that prevented NIS from 2015-10-02T16:37:06+00:00 Xin LI delphij@FreeBSD.org 2015-10-02T16:37:06+00:00 9f2ff1c7f301609664a1ef5f55688b9254c1b424 working. Approved by: so 
working.

Approved by:	so