aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Correct a bug in the handling of backslash characters in smbfs which canreleng/4.10Colin Percival2006-05-313-2/+13
| | | | | | | | | | allow an attacker to escape from a chroot(2). Approved by: so (cperciva) Security: FreeBSD-SA-06:16.smbfs Notes: svn path=/releng/4.10/; revision=159120
* MFC: Correct a local information leakage bug affecting AMD FPUs.Colin Percival2006-04-193-3/+44
| | | | | | | | Security: FreeBSD-SA-06:14.fpu Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=157863
* Add missing code needed for the detection of IPSec packet replays. [1]Colin Percival2006-03-2220-679/+751
| | | | | | | | | | | | | | | | Correctly identify the user running opiepasswd(1) when the login name differs from the account name. [2] Modify timeout handling logic in sendmail(8) to correct a reported signal handling race condition. [3] Approved by: so (cperciva) Security: FreeBSD-SA-06:11.ipsec [1] Security: FreeBSD-SA-06:12.opie [2] Security: FreeBSD-SA-06:13.sendmail [3] Notes: svn path=/releng/4.10/; revision=157000
* Correct a remote kernel panic when processing zero-length RPC recordsSimon L. B. Nielsen2006-03-013-2/+6
| | | | | | | | | | via TCP. Security: FreeBSD-SA-06:10.nfs Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=156151
* Correct insecure temporary file usage in texindex. [06:01]Colin Percival2006-01-1111-67/+241
| | | | | | | | | | | | | | | Correct insecure temporary file usage in ee. [06:02] Correct a race condition when setting file permissions, sanitize file names by default, and fix a buffer overflow when handling files larger than 4GB in cpio. [06:03] Security: FreeBSD-SA-06:01.texindex Security: FreeBSD-SA-06:02.ee Security: FreeBSD-SA-06:03.cpio Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=154219
* Correct a man-in-the-middle SSL version rollback vulnerability.Colin Percival2005-10-114-8/+6
| | | | | | | | Security: FreeBSD-SA-05:21.openssl Approved by: so@ (cperciva) Notes: svn path=/releng/4.10/; revision=151234
* Fix two more temporary file usage bogons which were apparently fixedColin Percival2005-09-094-5/+8
| | | | | | | | | | but not MFCed to RELENG_4_10 earlier. Approved by: so (cperciva) Security: FreeBSD-SA-05:20.cvsbug Notes: svn path=/releng/4.10/; revision=149916
* MFC: Correct insecure temporary file usage.Colin Percival2005-09-073-3/+4
| | | | | | | | Security: FreeBSD-SA-05:20.cvsbug Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=149854
* Correct bzip2 denial of service and permission race vulnerabilities.Simon L. B. Nielsen2005-06-299-39/+138
| | | | | | | | | | | | | | | | | | | | | | | | | Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=147670
* Correct directory traversal and race condition vulnerabilities in gzip.Simon L. B. Nielsen2005-06-083-9/+14
| | | | | | | | | | | Security: FreeBSD-SA-05:11.gzip Security: CAN-2005-0988, CAN-2005-1228 Obtained from: Steve Grubb via RedHat, Debian Approved by: so (nectar) Notes: svn path=/releng/4.10/; revision=147148
* Add a knob for disabling/enabling HTT, "machdep.hyperthreading_allowed".Jacques Vidrine2005-05-134-1/+112
| | | | | | | | | | | Default off due to information disclosure on multi-user systems. Submitted by: cperciva Reviewed by: jhb Approved by: security-officer Notes: svn path=/releng/4.10/; revision=146169
* MFC: Fix two issues which were missed in FreeBSD-SA-05:08.kmem.Colin Percival2005-05-084-1/+7
| | | | | | | | Reported by: Uwe Doering Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=146006
* If we are going toColin Percival2005-05-067-1/+9
| | | | | | | | | | | | | | 1. Copy a NULL-terminated string into a fixed-length buffer, and 2. copyout that buffer to userland, we really ought to 0. Zero the entire buffer first. Security: FreeBSD-SA-05:08.kmem Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=145954
* Correctly validate inputs to the i386_get_ldt syscall.Colin Percival2005-05-063-6/+8
| | | | | | | | Security: FreeBSD-SA-05:07.ldt Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=145951
* Correct improper permissions on /dev/iir. The earlier permissionsColin Percival2005-05-063-3/+6
| | | | | | | | | | of 0644 allowed for people to do Evil Things via ioctl(2). Security: FreeBSD-SA-05:06.iir Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=145948
* MFC:Simon L. B. Nielsen2005-04-225-9/+14
| | | | | | | | | | | | | Correct multiple security related errors: a buffer overflow, NULL pointer dereferences, possible use of uninitialized variables, and memory leaks. Security: CAN-2005-0753 Security: FreeBSD-SA-05:05.cvs Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=145411
* Zero the ifr.ifr_name buffer in ifconf() in order to avoidColin Percival2005-04-153-1/+11
| | | | | | | | | | accidental disclosure of kernel memory to userland. Security: FreeBSD-SA-05:04.ifconf Approved by: so (cperciva) Notes: svn path=/releng/4.10/; revision=145096
* MFC revision 1.103.Colin Percival2005-04-043-1/+5
| | | | | | | | Security: FreeBSD-SA-05:02.sendfile Approved by: so (nectar) Notes: svn path=/releng/4.10/; revision=144642
* MFC src/contrib/telnet/telnet.c 1.16: Correct buffer overflows inJacques Vidrine2005-03-286-25/+100
| | | | | | | | | telnet(1). Security: CAN-2005-0468, CAN-2005-0469 Approved by: security-officer Notes: svn path=/releng/4.10/; revision=144235
* FreeBSD-SA-04:17.procfs:Colin Percival2004-12-013-2/+22
| | | | | | | | | | MFC (in the spirit of) revision 1.54 of src/sys/fs/procfs/procfs_status.c Approved by: so (nectar) Notes: svn path=/releng/4.10/; revision=138284
* FreeBSD-SA-04:16.fetch:Colin Percival2004-11-183-2/+7
| | | | | | | | | | MFC revision 1.75 of src/usr.bin/fetch/fetch.c Bump newvers.sh and document in UPDATING. Approved by: so Notes: svn path=/releng/4.10/; revision=137856
* Correct several vulnerabilities in CVS 1.11.5 (CAN-2004-0414,Jacques Vidrine2004-09-1911-27/+170
| | | | | | | | | | CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and others). Approved by: so Notes: svn path=/releng/4.10/; revision=135483
* FreeBSD-SA-04:13.linux:Colin Percival2004-06-303-11/+23
| | | | | | | | | | MFC revision 1.116 of sys/compat/linux/linux_ioctl.c Bump newvers.sh and document in UPDATING. Approved by: so (des) Notes: svn path=/releng/4.10/; revision=131352
* Add note about p1 and what it fixes.Ken Smith2004-06-261-0/+3
| | | | | | | | Caught by: kuriyama Approved by: so (implicit) Notes: svn path=/releng/4.10/; revision=131126
* MFS of fix to twe(4) driver. Fixes problem seen on 6xxx series controllersKen Smith2004-06-264-9/+19
| | | | | | | | | | | | | | | | | where driver repeatedly submits the same request if the cmd queue gets full. This will be handled as an Errata Notice. Commits being MFS-ed: sys/dev/twe/twe.c 1.1.2.10 sys/dev/twe/twe_freebsd.c 1.2.2.9 sys/dev/te/twevar.h 1.1.2.8 Submitted by: ps, vkashyap Reviewed by: re Approved by: so Notes: svn path=/releng/4.10/; revision=131124
* This commit was manufactured by cvs2svn to create branch 'RELENG_4_10'.cvs2svn2004-06-161-0/+108
| | | | Notes: svn path=/releng/4.10/; revision=130587
* MFS of rev 1.73.2.91, note 4.10-RELEASE date.Ken Smith2004-05-271-0/+3
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/4.10/; revision=129773
* Fix version number when referring to the current FreeBSD release.release/4.10.0Bruce A. Mah2004-05-251-1/+1
| | | | | | | | Approved by: re (scottl) Notes: svn path=/releng/4.10/; revision=129722 svn path=/release/4.10.0/; revision=129723; tag=release/4.10.0
* Trim the package list down some due to overflow problems.Scott Long2004-05-251-2/+4
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129721
* Add errata for the 4.10 releaseScott Long2004-05-251-1/+28
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129716
* Update __FreeBSD_version for 4.10. Note that it is 491000.Scott Long2004-05-251-1/+1
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129700
* Update for 4.10-RELEASEScott Long2004-05-251-1/+1
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129699
* Update for 4.10Scott Long2004-05-251-1/+1
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129698
* Update for 4.10Scott Long2004-05-252-2/+2
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129697
* MFS of Rev. 1.187.2.29, adding sysctl "vm.old_msync" to allow users toKen Smith2004-05-221-1/+7
| | | | | | | | | choose the old msync(... MS_INVALIDATE) heuristics if needed. Approved by: re (scottl) Notes: svn path=/releng/4.10/; revision=129598
* Bump &release.current;.Hiroki Sato2004-05-221-1/+1
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/4.10/; revision=129566
* Add a link to the errata document for convenience.Hiroki Sato2004-05-221-0/+5
| | | | | | | Approved by: re (implicitly) Notes: svn path=/releng/4.10/; revision=129565
* Merge from RELENG_4:Hiten Pandya2004-05-211-10/+1
| | | | | | | | | | | * Remove a long obsolete paragraph from the BUGS section. * Bump the date. Requested by: alc Approved by: re@ (scottl) Notes: svn path=/releng/4.10/; revision=129529
* Merge updated patch from vendor branch (1.1.1.17)Dag-Erling Smørgrav2004-05-201-2/+40
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129488
* MFC: rev 1.124. Fix "thundering herd" problem in accept.Paul Saab2004-05-191-1/+1
| | | | | | | Approved by: re (scottl) Notes: svn path=/releng/4.10/; revision=129455
* MFC: Add support for new chip Id's.Scott Long2004-05-191-1/+8
| | | | | | | | Submitted by: gibbs Approved by: re (kensmith) Notes: svn path=/releng/4.10/; revision=129453
* Merge parser fix from vendor branch (rev 1.1.1.16)Dag-Erling Smørgrav2004-05-191-2/+2
| | | | | | | Approved by: re Notes: svn path=/releng/4.10/; revision=129418
* MFS: Wait 1 second after loading modules to let slow devices probe.Scott Long2004-05-161-0/+3
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/4.10/; revision=129271
* MFS of rev 1.187.2.27: Change vm_map_clean(... MS_INVALIDATE) to notKen Smith2004-05-141-1/+1
| | | | | | | | | delete dirty pages. Approved by: re (bmah) Notes: svn path=/releng/4.10/; revision=129248
* MFS of rev 1.65.2.15: Implement IO_INVAL in the vnode op for writing byKen Smith2004-05-141-0/+2
| | | | | | | | | marking the buffer as "no cache". Approved by: re (bmah) Notes: svn path=/releng/4.10/; revision=129247
* MFS of rev 1.64.2.4: Change ffs_realloccg() to set the valid bits forKen Smith2004-05-141-2/+10
| | | | | | | | | | the extended part of the fragment to zero the valid parts of a VM_IO buffer. Approved by: re (bmah) Notes: svn path=/releng/4.10/; revision=129246
* MFC: Belatedly catch up to XFree86 4.3 layoutKris Kennaway2004-05-131-0/+28
| | | | | | | Approved by: re@ Notes: svn path=/releng/4.10/; revision=129176
* MFC: Use better way of hiding FR for sppp without fr support. We should hideRoman Kurakin2004-05-122-19/+25
| | | | | | | | | | | | | it since we do not have fr support in FreeBSD's sppp, but we have it in Cronyx's sppp. Requested by: Dmitry Morozovsky <marck at rinet dot ru> Tested by: rik, Dmitry Morozovsky <marck at rinet dot ru> Approved by: re Notes: svn path=/releng/4.10/; revision=129157
* Remove reference to hints file since we don't have it in RELENG_4Roman Kurakin2004-05-123-32/+15
| | | | | | | | | | | | Correct information about kernel configuration for these devices. Pointy hat: rik Pointed by: Dmitry Morozovsky <marck at rinet dot ru> Approved by: re Notes: svn path=/releng/4.10/; revision=129156
* 1. Fixed potential problem that would cause out-of-order requests in ↵Vinod Kashyap2004-05-123-14/+10
| | | | | | | | | | | | | | twe_startio. 2. Fixed possible race condition in twe_start. 3. Changed version. Submitted by: scottl Reviewed by: vkashyap Approved by: re Notes: svn path=/releng/4.10/; revision=129142
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 05:09:46 +0000