src, branch releng/10.2 FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F10.2 2016-12-22T16:19:05Z Fix multiple vulnerabilities of ntp. 2016-12-22T16:19:05Z Xin LI delphij@FreeBSD.org 2016-12-22T16:19:05Z urn:sha1:2a3488342441b3296995c8a9eca705a468d0eff0 Approved by: so Merge r309688: address regressions in SA-16:37.libc. 2016-12-07T23:32:42Z Gleb Smirnoff glebius@FreeBSD.org 2016-12-07T23:32:42Z urn:sha1:59570923bc07f0e74f90b47bd0e10dc5db508d4a PR: 215105 Submitted by: <jtd2004a sbcglobal.net> Approved by: so Fix possible login(1) argument injection in telnetd(8). [SA-16:36] 2016-12-06T18:49:54Z Gleb Smirnoff glebius@FreeBSD.org 2016-12-06T18:49:54Z urn:sha1:69f6fd216112cfb7c6a0c41120f584fa55f69043 Fix link_ntoa(3) buffer overflow in libc. [SA-16:37] Fix possible escape from bhyve(8) virtual machine. [SA-16:38] Fix warnings about valid time zone abbreviations. [EN-16:19] Update timezone database information. [EN-16:20] Security: FreeBSD-SA-16:36.telnetd Security: FreeBSD-SA-16:37.libc Security: FreeBSD-SA-16:38.bhyve Errata Notice: FreeBSD-EN-16:19.tzcode Errata Notice: FreeBSD-EN-16:20.tzdata Approved by: so Update tzdata to 2016i. 2016-12-05T23:26:06Z Gleb Smirnoff glebius@FreeBSD.org 2016-12-05T23:26:06Z urn:sha1:d3d35545b110b10f8b83a99cc8641b18f7ef4175 Note: because of what appears to be a missing MFC to stable branches, these patches were generated by doing: % rsync -av stable/10/contrib/tzdata releng/10.x/contrib/tzdata % svn add releng/10.x/contrib/tzdata Errata Notice: EN-16:19 Submitted by: gjb Approved by: so Merge r307359 from stable/10: 2016-12-05T23:12:22Z Gleb Smirnoff glebius@FreeBSD.org 2016-12-05T23:12:22Z urn:sha1:1b91a79349b623d3be1d8b87bfb70d8be910910c Incorporate a change from OpenBSD by millert@OpenBSD.org Don't warn about valid time zone abbreviations. POSIX through 2000 says that an abbreviation cannot start with ':', and cannot contain ',', '-', '+', NUL, or a digit. POSIX from 2001 on changes this rule to say that an abbreviation can contain only '-', '+', and alphanumeric characters from the portable character set in the current locale. To be portable to both sets of rules, an abbreviation must therefore use only ASCII letters." Adapted from tzcode2015f. Errata Notice: EN-16:19.tzcode Submitted by: bapt Approved by: so Fix OpenSSL remote DoS vulnerability. [SA-16:35] 2016-11-02T07:24:14Z Xin LI delphij@FreeBSD.org 2016-11-02T07:24:14Z urn:sha1:116b0b292106f3b9df76333f70bcaceeae975c2e Security: FreeBSD-SA-16:35.openssl Approved by: so Revised SA-16:15. The initial patch didn't cover all possible overflows 2016-10-25T17:11:11Z Gleb Smirnoff glebius@FreeBSD.org 2016-10-25T17:11:11Z urn:sha1:5b8145031bc378f69708568b1ca9b231f7fe6fba based on passing incorrect parameters to sysarch(2). Security: SA-16:15 Approved by: so Fix bspatch heap overflow vulnerability. [SA-16:29] 2016-10-10T07:18:54Z Xin LI delphij@FreeBSD.org 2016-10-10T07:18:54Z urn:sha1:a4dba4499eb53b4fc523136f83d9d89e0679bbad Fix multiple portsnap vulnerabilities. [SA-16:30] Fix multiple libarchive vulnerabilities. [SA-16:31] Approved by: so Apply upstream revision 3612ff6fcec0e3d1f2a598135fe12177c0419582: 2016-09-26T08:21:29Z Xin LI delphij@FreeBSD.org 2016-09-26T08:21:29Z urn:sha1:bd13449135004b56cee028bfcb855ed98002d618 Fix overflow check in BN_bn2dec() Fix an off by one error in the overflow check added by 07bed46 ("Check for errors in BN_bn2dec()"). This fixes a regression introduced in SA-16:26.openssl. Submitted by: jkim PR: 212921 Approved by: so Fix multiple OpenSSL vulnerabilitites. 2016-09-23T07:48:34Z Xin LI delphij@FreeBSD.org 2016-09-23T07:48:34Z urn:sha1:914da52d79324dbbcd443e0e7dc2ef3b68d1370a Approved by: so Security: FreeBSD-SA-16:26.openssl