src-test/lib, branch releng/9.2FreeBSD source treehttps://cgit-dev.freebsd.org/src-test/atom?h=releng%2F9.22014-12-10T08:36:40ZFix multiple vulnerabilities in file(1) and libmagic(3).2014-12-10T08:36:40ZXin LIdelphij@FreeBSD.org2014-12-10T08:36:40Zurn:sha1:88fb734f8bb9945dbfb5d547c60ba45597bc9aa2
Security: FreeBSD-SA-14:28.file
Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117
Fix BIND remote denial of service vulnerability.
Security: FreeBSD-SA-14:29.bind
Security: CVE-2014-8500
Approved by: so
MFC 253262, 253318, 243184, 253444, 253505, 253520:2013-07-26T18:27:13ZHiroki Satohrs@FreeBSD.org2013-07-26T18:27:13Zurn:sha1:a64e3560f5a1beaf36f1a5637a8c3e8ed5ff5b50
- Add a leaf node CTL_NET.PF_ROUTE.0.AF.NET_RT_DUMP.0.FIB. This returns
routing table with the specified FIB number, not td->td_proc->p_fibnum.
- Add check_namevarlist() to check if ${name}_var is reserved in
rc.subr or not.
- Fix a bug in ipv6_prefix_IF. It did not work with the 64-bit prefix
notation like 2001:db8:1:1.
- Use eui64 flag in ifconfig(8) instead of network6_getladdr()[*] for
interface indentifier part.
- Fix address range specification with ifconfig(8) options such as:
* inet 192.0.2.1-10 netmask 255.255.255.0 (inet range spec + ifconfig options)
* inet6 2001:db8:1::1-f prefixlen 60 (inet6 range spec + ifconfig options)
If prefixlen or netmask option is specified with CIDR notation at
the same time, the option is used.
- Do not set ND6_IFF_ACCEPT_RTADV on if_bridge(4) interfaces when
ipv6_enable=yes.
Approved by: re (marius)
MFC r253380,253413: name passed into __setenv is not necessarily NUL-terminated2013-07-24T13:07:29ZAndriy Gaponavg@FreeBSD.org2013-07-24T13:07:29Zurn:sha1:94efdb8f7daae8454c233bfe8791346d8b9f7a3c
Approved by: re (kib)
1) POSIX requires rand(3) return values to be in the [0, RAND_MAX]2013-07-24T10:12:50ZAndrey A. Chernovache@FreeBSD.org2013-07-24T10:12:50Zurn:sha1:e6ebddbe4bcd23f111674aee5339e4d43f1e04d8
range, but ACM formula we use have internal state (and return value) in
the [1, 0x7ffffffe] range, so our RAND_MAX (0x7fffffff) is never reached
because it is off by one, zero is not reached too.
Correct both RAND_MAX and rand(3) return value, shifting last one
to the 0 by 1 subtracted, resulting POSIXed [0, 0x7ffffffd(=new
RAND_MAX)] range.
2) Add a checks for not overflowing on too big seeds. It may happens on
the machines, where sizeof(unsigned int) > 32 bits.
This change is binary compatible because range is reduced, not expanded,
so no bump is needed.
Reviewed by: bde
Approved by: re (glebius)
Update clang's target triple for FreeBSD 9.2-PRERELEASE.2013-07-12T20:06:52ZDimitry Andricdim@FreeBSD.org2013-07-12T20:06:52Zurn:sha1:ebc5415284bdba439e6f4c0c06786cee48303690
Approved by: re (delphij)
MFC r253104:2013-07-12T14:58:09ZMichael Tuexentuexen@FreeBSD.org2013-07-12T14:58:09Zurn:sha1:60dee4ab090381ed0f848e88feb92d87ecfd1547
Fix a bug where SCTP_ENABLE_STREAM_RESET is not handled by
sctp_opt_info().
MFC r253105:
Fix the handling of SCTP_CURRENT_ASSOC and SCTP_ALL_ASSOC in
sctp_opt_info().
Approved by: re@
MFC 253066:2013-07-12T01:56:05ZHiroki Satohrs@FreeBSD.org2013-07-12T01:56:05Zurn:sha1:8cd3fee9bbbcac69ba0d33ce7faf76376d76cdb6
Update references.
Direct commit to stable branch to fix ABI breakage:2013-07-10T19:42:07ZMikolaj Golubtrociny@FreeBSD.org2013-07-10T19:42:07Zurn:sha1:cbe481a78e8a2723e4c33ccff06b105932c7767f
In r227839, when removing libkvm dependency on procfs(5),
kvm_uread() function, used for reading from /proc/pid/mem, was
removed too. This change broke ABI.
Bring kvm_uread() back so that the ABI is kept. In head soname is
going to be bumped instead.
Reported by: rmh
Discussed on: arch
Suggested by: jilles
MFH (r249479): OPENPAM_DEBUG enables debugging but does not turn it on2013-07-10T14:11:51ZDag-Erling Smørgravdes@FreeBSD.org2013-07-10T14:11:51Zurn:sha1:da3890f7f434383bd2293b214c1247d18316d002MFH (r252375): remove useless side effect which triggers a clang bug.2013-07-10T14:06:35ZDag-Erling Smørgravdes@FreeBSD.org2013-07-10T14:06:35Zurn:sha1:14bb8835dfeb2e27485f4ba2d7725b86c82716a0