| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
allow an attacker to escape from a chroot(2).
Approved by: so (cperciva)
Security: FreeBSD-SA-06:16.smbfs
Notes:
svn path=/releng/4.10/; revision=159120
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-06:14.fpu
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=157863
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Correctly identify the user running opiepasswd(1) when the login name
differs from the account name. [2]
Modify timeout handling logic in sendmail(8) to correct a reported
signal handling race condition. [3]
Approved by: so (cperciva)
Security: FreeBSD-SA-06:11.ipsec [1]
Security: FreeBSD-SA-06:12.opie [2]
Security: FreeBSD-SA-06:13.sendmail [3]
Notes:
svn path=/releng/4.10/; revision=157000
|
|
|
|
|
|
|
|
|
|
| |
via TCP.
Security: FreeBSD-SA-06:10.nfs
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=156151
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]
Security: FreeBSD-SA-06:01.texindex
Security: FreeBSD-SA-06:02.ee
Security: FreeBSD-SA-06:03.cpio
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=154219
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-05:21.openssl
Approved by: so@ (cperciva)
Notes:
svn path=/releng/4.10/; revision=151234
|
|
|
|
|
|
|
|
|
|
| |
but not MFCed to RELENG_4_10 earlier.
Approved by: so (cperciva)
Security: FreeBSD-SA-05:20.cvsbug
Notes:
svn path=/releng/4.10/; revision=149916
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-05:20.cvsbug
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=149854
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Obtained from: Redhat, Steve Grubb via RedHat
Security: CAN-2005-0953, CAN-2005-1260
Security: FreeBSD-SA-05:14.bzip2
Approved by: obrien
Correct TCP connection stall denial-of-service vulnerabilities.
MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.
A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.
Security: CAN-2005-0356, CAN-2005-2068
Security: FreeBSD-SA-05:15.tcp
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=147670
|
|
|
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-05:11.gzip
Security: CAN-2005-0988, CAN-2005-1228
Obtained from: Steve Grubb via RedHat, Debian
Approved by: so (nectar)
Notes:
svn path=/releng/4.10/; revision=147148
|
|
|
|
|
|
|
|
|
|
|
| |
Default off due to information disclosure on multi-user systems.
Submitted by: cperciva
Reviewed by: jhb
Approved by: security-officer
Notes:
svn path=/releng/4.10/; revision=146169
|
|
|
|
|
|
|
|
| |
Reported by: Uwe Doering
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=146006
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.
Security: FreeBSD-SA-05:08.kmem
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=145954
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-05:07.ldt
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=145951
|
|
|
|
|
|
|
|
|
|
| |
of 0644 allowed for people to do Evil Things via ioctl(2).
Security: FreeBSD-SA-05:06.iir
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=145948
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Correct multiple security related errors: a buffer overflow, NULL
pointer dereferences, possible use of uninitialized variables, and
memory leaks.
Security: CAN-2005-0753
Security: FreeBSD-SA-05:05.cvs
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=145411
|
|
|
|
|
|
|
|
|
|
| |
accidental disclosure of kernel memory to userland.
Security: FreeBSD-SA-05:04.ifconf
Approved by: so (cperciva)
Notes:
svn path=/releng/4.10/; revision=145096
|
|
|
|
|
|
|
|
| |
Security: FreeBSD-SA-05:02.sendfile
Approved by: so (nectar)
Notes:
svn path=/releng/4.10/; revision=144642
|
|
|
|
|
|
|
|
|
| |
telnet(1).
Security: CAN-2005-0468, CAN-2005-0469
Approved by: security-officer
Notes:
svn path=/releng/4.10/; revision=144235
|
|
|
|
|
|
|
|
|
|
| |
MFC (in the spirit of) revision 1.54 of
src/sys/fs/procfs/procfs_status.c
Approved by: so (nectar)
Notes:
svn path=/releng/4.10/; revision=138284
|
|
|
|
|
|
|
|
|
|
| |
MFC revision 1.75 of src/usr.bin/fetch/fetch.c
Bump newvers.sh and document in UPDATING.
Approved by: so
Notes:
svn path=/releng/4.10/; revision=137856
|
|
|
|
|
|
|
|
|
|
| |
CAN-2004-0416, CAN-2004-0417, CAN-2004-0418, CAN-2004-0778 and
others).
Approved by: so
Notes:
svn path=/releng/4.10/; revision=135483
|
|
|
|
|
|
|
|
|
|
| |
MFC revision 1.116 of sys/compat/linux/linux_ioctl.c
Bump newvers.sh and document in UPDATING.
Approved by: so (des)
Notes:
svn path=/releng/4.10/; revision=131352
|
|
|
|
|
|
|
|
| |
Caught by: kuriyama
Approved by: so (implicit)
Notes:
svn path=/releng/4.10/; revision=131126
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
where driver repeatedly submits the same request if the cmd queue gets
full. This will be handled as an Errata Notice.
Commits being MFS-ed:
sys/dev/twe/twe.c 1.1.2.10
sys/dev/twe/twe_freebsd.c 1.2.2.9
sys/dev/te/twevar.h 1.1.2.8
Submitted by: ps, vkashyap
Reviewed by: re
Approved by: so
Notes:
svn path=/releng/4.10/; revision=131124
|
|
|
|
| |
Notes:
svn path=/releng/4.10/; revision=130587
|
|
|
|
|
|
|
| |
Approved by: re (implicit)
Notes:
svn path=/releng/4.10/; revision=129773
|
|
|
|
|
|
|
|
| |
Approved by: re (scottl)
Notes:
svn path=/releng/4.10/; revision=129722
svn path=/release/4.10.0/; revision=129723; tag=release/4.10.0
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129721
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129716
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129700
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129699
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129698
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129697
|
|
|
|
|
|
|
|
|
| |
choose the old msync(... MS_INVALIDATE) heuristics if needed.
Approved by: re (scottl)
Notes:
svn path=/releng/4.10/; revision=129598
|
|
|
|
|
|
|
| |
Approved by: re (implicitly)
Notes:
svn path=/releng/4.10/; revision=129566
|
|
|
|
|
|
|
| |
Approved by: re (implicitly)
Notes:
svn path=/releng/4.10/; revision=129565
|
|
|
|
|
|
|
|
|
|
|
| |
* Remove a long obsolete paragraph from the BUGS section.
* Bump the date.
Requested by: alc
Approved by: re@ (scottl)
Notes:
svn path=/releng/4.10/; revision=129529
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129488
|
|
|
|
|
|
|
| |
Approved by: re (scottl)
Notes:
svn path=/releng/4.10/; revision=129455
|
|
|
|
|
|
|
|
| |
Submitted by: gibbs
Approved by: re (kensmith)
Notes:
svn path=/releng/4.10/; revision=129453
|
|
|
|
|
|
|
| |
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129418
|
|
|
|
|
|
|
| |
Approved by: re (implicit)
Notes:
svn path=/releng/4.10/; revision=129271
|
|
|
|
|
|
|
|
|
| |
delete dirty pages.
Approved by: re (bmah)
Notes:
svn path=/releng/4.10/; revision=129248
|
|
|
|
|
|
|
|
|
| |
marking the buffer as "no cache".
Approved by: re (bmah)
Notes:
svn path=/releng/4.10/; revision=129247
|
|
|
|
|
|
|
|
|
|
| |
the extended part of the fragment to zero the valid parts of a VM_IO
buffer.
Approved by: re (bmah)
Notes:
svn path=/releng/4.10/; revision=129246
|
|
|
|
|
|
|
| |
Approved by: re@
Notes:
svn path=/releng/4.10/; revision=129176
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
it since we do not have fr support in FreeBSD's sppp, but we have it in
Cronyx's sppp.
Requested by: Dmitry Morozovsky <marck at rinet dot ru>
Tested by: rik, Dmitry Morozovsky <marck at rinet dot ru>
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129157
|
|
|
|
|
|
|
|
|
|
|
|
| |
Correct information about kernel configuration for these devices.
Pointy hat: rik
Pointed by: Dmitry Morozovsky <marck at rinet dot ru>
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129156
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
twe_startio.
2. Fixed possible race condition in twe_start.
3. Changed version.
Submitted by: scottl
Reviewed by: vkashyap
Approved by: re
Notes:
svn path=/releng/4.10/; revision=129142
|