src-test, branch releng/7.0FreeBSD source treehttps://cgit-dev.freebsd.org/src-test/atom?h=releng%2F7.02009-04-22T14:07:14ZDon't leak information via uninitialized space in db(3) records. [09:07]2009-04-22T14:07:14ZColin Percivalcperciva@FreeBSD.org2009-04-22T14:07:14Zurn:sha1:57895cdc764809ad29336431ee6b43c68fe15f15
Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]
Security: FreeBSD-SA-09:07.libc
Security: FreeBSD-SA-09:08.openssl
Security: CVE-2009-0590
Approved by: re (kensmith)
Approved by: so (cperciva)
Correctly sanity-check timer IDs. [SA-09:06]2009-03-23T00:00:50ZColin Percivalcperciva@FreeBSD.org2009-03-23T00:00:50Zurn:sha1:cff0c03ef7b93d6ab09a8ce2ab009348e5c7aecd
Limit the size of malloced buffer when dumping environment
variables. [EN-09:01]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-09:06.ktimer
Errata: FreeBSD-EN-09:01.kenv
Correctly scrub telnetd's environment.2009-02-16T21:56:17ZColin Percivalcperciva@FreeBSD.org2009-02-16T21:56:17Zurn:sha1:bb602bfc7c7d3bf85832427c2e5f1d836d318194
Approved by: so (cperciva)
Security: FreeBSD-SA-09:05.telnetd
Correct ntpd(8) cryptographic signature bypass [SA-09:04].2009-01-13T21:19:27ZSimon L. B. Nielsensimon@FreeBSD.org2009-01-13T21:19:27Zurn:sha1:a5718404886956d936e753a6a5a314eefbf064eb
Correct BIND DNSSEC incorrect checks for malformed signatures
[SA-09:04].
Security: FreeBSD-SA-09:03.ntpd
Security: FreeBSD-SA-09:04.bind
Obtained from: ISC [SA-09:04]
Approved by: so (simon)
Prevent cross-site forgery attacks on lukemftpd(8) due to splitting2009-01-07T20:17:55ZSimon L. B. Nielsensimon@FreeBSD.org2009-01-07T20:17:55Zurn:sha1:636b4dcc16aaafd36ca1dec5ff590cd41b16adcf
long commands into multiple requests. [09:01]
Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]
Security: FreeBSD-SA-09:01.lukemftpd
Security: FreeBSD-SA-09:02.openssl
Obtained from: NetBSD [SA-09:01]
Obtained from: OpenSSL Project [SA-09:02]
Approved by: so (simon)
Prevent cross-site forgery attacks on ftpd(8) due to splitting2008-12-23T01:23:09ZColin Percivalcperciva@FreeBSD.org2008-12-23T01:23:09Zurn:sha1:343d9769a6eb6d6039f02009d366e378660324a7
long commands into multiple requests. [08:12]
Avoid calling uninitialized function pointers in protocol switch
code. [08:13]
Merry Christmas everybody...
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom returns.2008-11-24T17:39:39ZColin Percivalcperciva@FreeBSD.org2008-11-24T17:39:39Zurn:sha1:17ce22e780ff6b4a6c7fdd0fa9e2b815c32f4435
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-08:11.arc4random
Default to ignoring potentially evil IPv6 Neighbor Solicitation2008-10-02T00:32:59ZColin Percivalcperciva@FreeBSD.org2008-10-02T00:32:59Zurn:sha1:1258eef80a18251e2f72b12d27b21b656b800d71
messages.
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-08:10.nd6
Thanks to: jinmei, bz
- Fix amd64 local privilege escalation. [08:07]2008-09-03T19:09:47ZSimon L. B. Nielsensimon@FreeBSD.org2008-09-03T19:09:47Zurn:sha1:24b7af9d008ffd6d8ed237a9f60d1e50ef4086e8
- Fix nmount(2) local privilege escalation. [08:08]
- Fix IPv6 remote kernel panics. [08:09]
Fix for [08:07] is merge of r181823.
Submitted by: kib [08:07], csjp [08:08], bz [08:09]
Reviewed by: peter [08:07], jhb [08:07]
Reviewed by: jinmei [08:09], rwatson [08:09]
Approved by: re (SA blanket)
Approved by: so (simon)
Security: FreeBSD-SA-08:07.amd64
Security: FreeBSD-SA-08:08.nmount
Security: FreeBSD-SA-08:09.icmp6
Improve randomization in BIND to prevent response spoofing.2008-07-13T18:42:38ZColin Percivalcperciva@FreeBSD.org2008-07-13T18:42:38Zurn:sha1:b1f3875d97266ccf14704af848bf9baa09c499b9
Security: FreeBSD-SA-08:06.bind
Approved by: so (cperciva)
Thanks to: remko, csjp
No thanks to: bronchitis