aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Don't leak information via uninitialized space in db(3) records. [09:07]releng/7.0Colin Percival2009-04-228-6/+32
| | | | | | | | | | | | | | Sanity-check string lengths in order to stop OpenSSL crashing when printing corrupt BMPString or UniversalString objects. [09:08] Security: FreeBSD-SA-09:07.libc Security: FreeBSD-SA-09:08.openssl Security: CVE-2009-0590 Approved by: re (kensmith) Approved by: so (cperciva) Notes: svn path=/releng/7.0/; revision=191381
* Correctly sanity-check timer IDs. [SA-09:06]Colin Percival2009-03-234-5/+16
| | | | | | | | | | | | | Limit the size of malloced buffer when dumping environment variables. [EN-09:01] Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-09:06.ktimer Errata: FreeBSD-EN-09:01.kenv Notes: svn path=/releng/7.0/; revision=190301
* Correctly scrub telnetd's environment.Colin Percival2009-02-163-5/+23
| | | | | | | | Approved by: so (cperciva) Security: FreeBSD-SA-09:05.telnetd Notes: svn path=/releng/7.0/; revision=188699
* Correct ntpd(8) cryptographic signature bypass [SA-09:04].Simon L. B. Nielsen2009-01-135-4/+10
| | | | | | | | | | | | | Correct BIND DNSSEC incorrect checks for malformed signatures [SA-09:04]. Security: FreeBSD-SA-09:03.ntpd Security: FreeBSD-SA-09:04.bind Obtained from: ISC [SA-09:04] Approved by: so (simon) Notes: svn path=/releng/7.0/; revision=187194
* Prevent cross-site forgery attacks on lukemftpd(8) due to splittingSimon L. B. Nielsen2009-01-0714-25/+59
| | | | | | | | | | | | | | | | | long commands into multiple requests. [09:01] Fix incorrect OpenSSL checks for malformed signatures due to invalid check of return value from EVP_VerifyFinal(), DSA_verify, and DSA_do_verify. [09:02] Security: FreeBSD-SA-09:01.lukemftpd Security: FreeBSD-SA-09:02.openssl Obtained from: NetBSD [SA-09:01] Obtained from: OpenSSL Project [SA-09:02] Approved by: so (simon) Notes: svn path=/releng/7.0/; revision=186872
* Prevent cross-site forgery attacks on ftpd(8) due to splittingColin Percival2008-12-236-9/+42
| | | | | | | | | | | | | | | | long commands into multiple requests. [08:12] Avoid calling uninitialized function pointers in protocol switch code. [08:13] Merry Christmas everybody... Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw Notes: svn path=/releng/7.0/; revision=186405
* Make sure arc4random(9) is properly seeded when /etc/rc.d/initrandom returns.Colin Percival2008-11-244-4/+29
| | | | | | | | | Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-08:11.arc4random Notes: svn path=/releng/7.0/; revision=185254
* Default to ignoring potentially evil IPv6 Neighbor SolicitationColin Percival2008-10-026-2/+31
| | | | | | | | | | | | messages. Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-08:10.nd6 Thanks to: jinmei, bz Notes: svn path=/releng/7.0/; revision=183529
* - Fix amd64 local privilege escalation. [08:07]Simon L. B. Nielsen2008-09-035-8/+21
| | | | | | | | | | | | | | | | | | | - Fix nmount(2) local privilege escalation. [08:08] - Fix IPv6 remote kernel panics. [08:09] Fix for [08:07] is merge of r181823. Submitted by: kib [08:07], csjp [08:08], bz [08:09] Reviewed by: peter [08:07], jhb [08:07] Reviewed by: jinmei [08:09], rwatson [08:09] Approved by: re (SA blanket) Approved by: so (simon) Security: FreeBSD-SA-08:07.amd64 Security: FreeBSD-SA-08:08.nmount Security: FreeBSD-SA-08:09.icmp6 Notes: svn path=/releng/7.0/; revision=182740
* Improve randomization in BIND to prevent response spoofing.Colin Percival2008-07-138-504/+310
| | | | | | | | | | Security: FreeBSD-SA-08:06.bind Approved by: so (cperciva) Thanks to: remko, csjp No thanks to: bronchitis Notes: svn path=/releng/7.0/; revision=180499
* Fix errors in the padding of TCP options.Colin Percival2008-06-194-4/+25
| | | | | | | | Errata: FreeBSD-EN-08:02.tcp Approved by: so (cperciva) Notes: svn path=/releng/7.0/; revision=179871
* Fix logic error in sshd(8) concerning the handling of failedColin Percival2008-04-173-4/+5
| | | | | | | | | | attempts to bind ports for X11 forwarding. Security: FreeBSD-SA-08:05.openssh Approved by: so (cperciva) Notes: svn path=/releng/7.0/; revision=178263
* Prepare for tagging RELENG_7_0_0_RELEASE and the 7.0-RELEASE builds.release/7.0.0Ken Smith2008-02-241-1/+1
| | | | | | | | Approved by: re (implicit) Notes: svn path=/releng/7.0/; revision=176505 svn path=/release/7.0.0/; revision=176506; tag=release/7.0.0
* Speculate on the release date for FreeBSD 7.0.Ken Smith2008-02-241-0/+3
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/7.0/; revision=176504
* MFC: rev. 1.4Christian Brueffer2008-02-211-1/+5
| | | | | | | | | Add some missing Xrefs to drivers. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176447
* Prepare for a "mini-RC3". Only amd64/i386 builds will be done. TargettedKen Smith2008-02-201-1/+1
| | | | | | | | | at getting people to test the backout of the hptrr(4) driver. Approved by: re (implicit) Notes: svn path=/releng/7.0/; revision=176416
* MFR7 the backout of hptrr v1.2 due to problems encountered during testingKen Smith2008-02-2012-22319/+21369
| | | | | | | | | | | | | | | | | | | | | | of 7.0-RC2. Versions being MFR7-ed: 1.1.2.3 amd64-elf.hptrr_lib.o.uu 1.1.2.3 array.h 1.1.2.3 him.h 1.1.2.3 hptintf.h 1.1.2.3 hptrr_config.c 1.1.2.3 hptrr_config.h 1.1.2.4 hptrr_os_bsd.c 1.1.2.3 hptrr_osm_bsd.c 1.1.2.3 i386-elf.hptrr_lib.o.uu 1.1.2.3 ldm.h 1.1.2.3 os_bsd.h 1.1.2.4 osm.h Approved by: re (rwatson) Notes: svn path=/releng/7.0/; revision=176415
* MFC: Properly advertise U320 transport capabilities to CAM.Justin T. Gibbs2008-02-191-9/+15
| | | | | | | | | MFC: Quiet sense data logging behind AHD_DEBUG/AHD_SHOW_SENSE. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176411
* Catch up with 1.1068.2.20.2.3.Xin LI2008-02-171-3/+17
| | | | | | | Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176350
* MFC: rev. 1.3Christian Brueffer2008-02-161-1/+1
| | | | | | | | | The hptrr driver first appeared in 6.3, not 5.3. Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176347
* New release notes: SA-08:03.sendfile, 700MB CDROM media for ISOs,Bruce A. Mah2008-02-161-3/+22
| | | | | | | | | | | | rr232x(4) gone. Modified release notes: Added missing word to SA-08:02.libc note, mention SATA RAID in hptiop(4) note, FILE 4.23. Approved by: re (implicitly) Notes: svn path=/releng/7.0/; revision=176337
* MFC rev.1.13: Use case-insensitive comparisons for HTTP header keywords.Colin Percival2008-02-151-6/+6
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176314
* MFC: rev. 1.325Christian Brueffer2008-02-151-1/+0
| | | | | | | | | Remove dublicate MLINK. Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176311
* MFC: share/man/man4/ciss.4:1.15, sys/dev/ciss/ciss.c:1.87Mitsuru IWASAKI2008-02-152-1/+10
| | | | | | | | | | | | | Add `hw.ciss.nop_message_heartbeat' tunable (default disabled) for NOP-message polling in ciss_periodic(). Note that setting the tunable to non-zero can be workaround only for `ADAPTER HEARTBEAT FAILED' problem, and may freeze the system w/o the problem. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176310
* MFC: machdep.c:1.230, pmap.c:1.197Marcel Moolenaar2008-02-142-0/+19
| | | | | | | | | | | | On Montecito processors, the instruction cache is in fact not coherent with the data caches. Implement a quick fix to allow us to boot on Montecito, while I'm working on a better fix in the mean time. Approved by: re (kensmith - big thanks!) Notes: svn path=/releng/7.0/; revision=176302
* MFC rev 1.22 hosts.equiv.5Remko Lodder2008-02-141-2/+3
| | | | | | | | | | | | | | | v1.22 Improve readability for the hosts.equiv file regarding the notation of hostnames. PR: docs/35953 Submitted by: "Gary W. Swearingen" <swear at blarg dot net> With minor modifications by me. Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176300
* MFC revs 1.17 to 1.18 timed.8Remko Lodder2008-02-141-7/+32
| | | | | | | | | | | | | | | | | | | v1.18 Typo fix. Spotted by: brueffer v1.17 Enhance descriptions in the timed manual. PR: docs/115445 Submitted by: "Julian Stacey" <jhs at berklix dot org> MFC After: 3 days Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176299
* MFC rev 1.9 to 1.11 nve.4Remko Lodder2008-02-141-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | v1.11 Language nit. v1.10 There is no list to stop, so dont use .El. Noticed by: brueffer v1.9 Add 1000baseTX support for the nve driver, which is known here and there. Also mention that the driver sometimes returns '10baseTX' as output instead of 100baseTX (which is the case at that moment). PR: docs/115284 Submitted by: Julian Stacey Jhs <jhs at berklix dot org> MFC After: 3 days Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176298
* MFC rev 1.69 to 1.70 bsdlabel.8Remko Lodder2008-02-141-2/+3
| | | | | | | | | | | | | | | | | | | | | v1.70 Remove redundant whitespace. Noticed by: brueffer v1.69 Attempt to describe the ''auto'' type a bit better in the default section (if nothing had been specified, or if the auto type had been specified, a default layout is used). PR: docs/116047 Submitted by: Ian Smith <smithi at nimnet dot asn dot au> Minor modifications by me. Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176297
* MFC rev 1.20 to 1.23 access.2Remko Lodder2008-02-141-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | v1.23 After issueing a ntpdate [1] I noticed it's already 2008, reflect that in the last modified date. Noticed by: brueffer [1] v1.22 Fix typo (s/existance/existence/) Noticed by: ceri v1.21 Fix some style nits. Prodded by: brueffer MFC After: 3 days v1.20 Make the warning a bit less 'broad' then it used to be. The access is seems to be a problem for SUID applications, which we like to prevent as much as possible. PR: docs/39530 Submitted by: Soren Spies <sspies at apple dot com> MFC After: 3 days Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176296
* MFC: rev. 1.26Christian Brueffer2008-02-141-1/+1
| | | | | | | | | Add missing \n. Approved by: re (bmah), rwatson (mentor), aradford@amcc.com Notes: svn path=/releng/7.0/; revision=176293
* MFC rev 1.153 nfs_srvsubs.cRemko Lodder2008-02-141-1/+0
| | | | | | | | | | | | | | Use nfsrv_destroycache() only once, else it crashes the server. PR: kern/118152 Submitted by: Bjoern Groenvall <bg at sics dot se> Approved by: imp (mentor, a while ago already), jhb MFC After: 3 days Approved by: re (kensmith), imp (mentor, implicit) Notes: svn path=/releng/7.0/; revision=176278
* Fix sendfile(2) write-only file permission bypass.Simon L. B. Nielsen2008-02-143-15/+21
| | | | | | | | Security: FreeBSD-SA-08:03.sendfile Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176270
* MFC version 1.14, from the 4 February 2008 update:Doug Barton2008-02-071-3/+8
| | | | | | | | | IPv6 addresses for 6 of the root name servers! Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176097
* Get ready for the 7.0-RC2 builds.Ken Smith2008-02-071-1/+1
| | | | | | | Approved by: re (implicit) Notes: svn path=/releng/7.0/; revision=176092
* MFC rev 1.4: fix a bug in hexadecimal formatting of the CHAP digest:Pierre Beyssac2008-02-071-4/+5
| | | | | | | | | | | | | bytes >= 0x80 were formatted as 0xff, causing the authentication to fail. Note: fast MFC to RELENG_7 and RELENG_7_0 to get the changes in time for 7.0-RC2. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176073
* Remove rr232x(4) from release documentations. It is actuallyXin LI2008-02-063-6/+3
| | | | | | | | | a hard link from hptrr(4). Approved by: re (bmah) Notes: svn path=/releng/7.0/; revision=176052
* MFC: file version 4.23.David E. O'Brien2008-02-0659-5833/+7547
| | | | | | | Approved by: re(kensmith) Notes: svn path=/releng/7.0/; revision=176044
* Fix a symbol conflict between hptrr and hptmvScott Long2008-02-062-3/+3
| | | | | | | Approved by: re Notes: svn path=/releng/7.0/; revision=176040
* Update the hptrr driver to version 1.2. This adds port multiplier supportScott Long2008-02-0611-21366/+22316
| | | | | | | | | | for several cards. See the Highpoint website for more information. Again, many thanks to Highpoint for their continued support of FreeBSD. Approved by: re Notes: svn path=/releng/7.0/; revision=176030
* Update the hptiop driver to version 1.3. This adds support for the 4xxxScott Long2008-02-063-535/+1546
| | | | | | | | | | | series of adapters. Thanks again to Highpoint for their continued support of FreeBSD. Submitted by: Highpoint Technologies Approved by: re Notes: svn path=/releng/7.0/; revision=176029
* MFC revision: 1.83, 1.85, 1.86Mitsuru IWASAKI2008-02-061-1/+97
| | | | | | | | | | | Add NOP-message polling to ciss_periodic(). Disable adapter by detecting adapter is dead. Reviewed by: scottl Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176028
* Remove the rr232x.4 manual page and add links and references to the hptrrScott Long2008-02-063-97/+3
| | | | | | | | | page. Approved by: re Notes: svn path=/releng/7.0/; revision=176027
* MFC revision: subr_bus.c:1.204, bus.h:1.79, acpi.c:1.244Mitsuru IWASAKI2008-02-063-0/+20
| | | | | | | | | | | | o Add devctl_process_running() so that power management system driver can check whether devd(8) is running. o Enter the sleep state immediately without waiting for timeout if devd(8) is not running such as the system in single user mode. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176025
* Remove the rr232x driver. It has been superseced by the hptrr driver.Scott Long2008-02-0624-13129/+0
| | | | | | | Approved by: re Notes: svn path=/releng/7.0/; revision=176023
* MFC 1.2:Simon L. B. Nielsen2008-02-051-1/+2
| | | | | | | | | | | | | | Unbreak detection of cryptodev support for FreeBSD which was broken with OpenSSL 0.9.8 import. Note that this does not enable cryptodev by default, as it was the case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it possible to enable cryptodev at all. Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176007
* MFC 1.115: fix use w/ altqSam Leffler2008-02-051-2/+6
| | | | | | | | Submitted by: sephe Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=176000
* MFC 1.8: correct typo that broke check when handling addba responseSam Leffler2008-02-051-1/+2
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=175998
* MFC 1.50: correct tx rate displayed by list staSam Leffler2008-02-051-4/+7
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=175997
* MFC 1.49: fix list macSam Leffler2008-02-051-3/+7
| | | | | | | Approved by: re (kensmith) Notes: svn path=/releng/7.0/; revision=175996
generated by cgit v1.3 (git 2.53.0) at 2026-04-18 16:40:21 +0000