src-test2, branch releng/7.1FreeBSD source treehttps://cgit-dev.freebsd.org/src-test2/atom?h=releng%2F7.12010-11-29T20:43:06ZFix a race condition exists in the OpenSSL TLS server extension code and2010-11-29T20:43:06ZSimon L. B. Nielsensimon@FreeBSD.org2010-11-29T20:43:06Zurn:sha1:7a43cb98ef0937941e3f81869a1de1a39c60b901
a double free in the SSL client ECDH handling code.
Approved by: so (simon)
Security: CVE-2010-2939, CVE-2010-3864
Security: FreeBSD-SA-10:10.openssl
Don't unlock a mutex which wasn't locked.2010-11-10T23:36:13ZColin Percivalcperciva@FreeBSD.org2010-11-10T23:36:13Zurn:sha1:9738e0c840babe80b46f34c17bcd8adbff6aea70
PR: kern/137310
Approved by: so (cperciva)
Security: FreeBSD-SA-10:09.pseudofs
Fix an integer overflow in RLE length parsing when decompressing2010-09-20T14:58:08ZColin Percivalcperciva@FreeBSD.org2010-09-20T14:58:08Zurn:sha1:7814303c3f99a4475fb87a9194e205537c8eca6f
corrupt bzip2 data.
Approved by: so (cperciva)
Security: FreeBSD-SA-10:08.bzip2
Correctly copy the M_RDONLY flag when duplicating a reference2010-07-13T02:45:17ZColin Percivalcperciva@FreeBSD.org2010-07-13T02:45:17Zurn:sha1:8244752809859bd1bccd5319039743614fda46e6
to an mbuf external buffer.
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:07.mbuf
Change the current working directory to be inside the jail created by2010-05-27T03:15:04ZColin Percivalcperciva@FreeBSD.org2010-05-27T03:15:04Zurn:sha1:24a6124130a2ab052de38fbcac566249baee6042
the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
MFC r197223: Fix a deadlock in the ULE scheduler.2010-02-27T10:55:43ZColin Percivalcperciva@FreeBSD.org2010-02-27T10:55:43Zurn:sha1:e1ba7e0b95e9f4a5ca555bd17ae7fad23601278b
Approved by: so (cperciva)
Errata: FreeBSD-EN-10:02.sched_ule
Fix BIND named(8) cache poisoning with DNSSEC validation.2010-01-06T21:45:30ZSimon L. B. Nielsensimon@FreeBSD.org2010-01-06T21:45:30Zurn:sha1:0e393837bf33245846f40940bb45e7ea3e0aa0e1
[SA-10:01]
Fix ntpd mode 7 denial of service. [SA-10:02]
Fix ZFS ZIL playback with insecure permissions. [SA-10:03]
Various FreeBSD 8.0-RELEASE improvements. [EN-10:01]
Security: FreeBSD-SA-10:01.bind
Security: FreeBSD-SA-10:02.ntpd
Security: FreeBSD-SA-10:03.zfs
Errata: FreeBSD-EN-10:01.freebsd
Approved by: so (simon)
Bump the patch level in the kernel version number, which was2009-12-03T12:59:39ZSimon L. B. Nielsensimon@FreeBSD.org2009-12-03T12:59:39Zurn:sha1:07b034faa68a4f73d059577a877f42d9362697c6
accidentally left out of main commit for SA-09:15, SA-09:15, and
SA-09:17 in r200054.
Approved by: so (simon)
Disable SSL renegotiation in order to protect against a serious2009-12-03T09:18:40ZColin Percivalcperciva@FreeBSD.org2009-12-03T09:18:40Zurn:sha1:47b396aad3359e5c125d4ee09feb7412cde3f957
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
MFC r197711 (partial) to 6.x and 7.x:2009-10-02T18:09:56ZSimon L. B. Nielsensimon@FreeBSD.org2009-10-02T18:09:56Zurn:sha1:6dd22f288da876801b4a9fce35cea729d61aeae0
- Add no zero mapping feature, disabled by default. [EN-09:05]
MFC 178913,178914,179242,179243,180336,180340 to 6.x:
- Fix kqueue pipe race conditions. [SA-09:13]
MFC r192301 to 7.x; 6.x has slightly different fix:
- Fix devfs / VFS NULL pointer race condition. [SA-09:14]
Security: FreeBSD-SA-09:13.pipe
Security: FreeBSD-SA-09:14.devfs
Errata: FreeBSD-EN-09:05.null
Submitted by: kib [SA-09:13] [SA-09:14]
Submitted by: bz [EN-09:05]
In collaboration with: jhb, kib, alc [EN-09:05]
Approved by: so (simon)