Author: simon
Date: Thu Nov 22 23:15:38 2012
New Revision: 243418
URL: http://svnweb.freebsd.org/changeset/base/243418
Log:
Fix multiple Denial of Service vulnerabilities with named(8).
Fix insufficient message length validation for EAP-TLS messages.
Fix Linux compatibility layer input
Author: simon
Date: Thu Nov 22 22:52:15 2012
New Revision: 243417
URL: http://svnweb.freebsd.org/changeset/base/243417
Log:
Fix multiple Denial of Service vulnerabilities with named(8).
Fix insufficient message length validation for EAP-TLS messages.
Fix Linux compatibility layer input
Author: simon
Date: Thu Nov 22 22:52:15 2012
New Revision: 243417
URL: http://svnweb.freebsd.org/changeset/base/243417
Log:
Fix multiple Denial of Service vulnerabilities with named(8).
Fix insufficient message length validation for EAP-TLS messages.
Fix Linux compatibility layer input
Author: simon
Date: Thu Nov 22 22:52:15 2012
New Revision: 243417
URL: http://svnweb.freebsd.org/changeset/base/243417
Log:
Fix multiple Denial of Service vulnerabilities with named(8).
Fix insufficient message length validation for EAP-TLS messages.
Fix Linux compatibility layer input
Author: simon
Date: Mon Aug 6 21:33:11 2012
New Revision: 239108
URL: http://svn.freebsd.org/changeset/base/239108
Log:
Fix named(8) DNSSEC validation Denial of Service.
Security: FreeBSD-SA-12:05.bind
Security: CVE-2012-3817
Obtained from:ISC
Approved by: so (simon)
Author: simon
Date: Mon Aug 6 21:33:11 2012
New Revision: 239108
URL: http://svn.freebsd.org/changeset/base/239108
Log:
Fix named(8) DNSSEC validation Denial of Service.
Security: FreeBSD-SA-12:05.bind
Security: CVE-2012-3817
Obtained from:ISC
Approved by: so (simon)
Author: simon
Date: Mon Jun 18 21:00:54 2012
New Revision: 237242
URL: http://svn.freebsd.org/changeset/base/237242
Log:
Add UPDATING and newvers.sh information for the FreeBSD-SA-12:04.sysret
correction.
Approved by: so (simon)
Modified:
releng/8.1/UPDATING
releng/8.1/sys/conf/newv
Author: simon
Date: Mon Jun 18 20:48:21 2012
New Revision: 237241
URL: http://svn.freebsd.org/changeset/base/237241
Log:
Correct the patch for FreeBSD-SA-12:04.sysret for releng/8.1 where it
was accidently applied to the wrong location.
Reported by: Steven Chamberlain
Reviewed by: jh
Author: simon
Date: Thu Sep 22 17:51:09 2011
New Revision: 225730
URL: http://svn.freebsd.org/changeset/base/225730
Log:
- Add 9.0 (stable and releng) branches to svn2cvs mapping. [1]
- Checkpoint current list of hacks mainly to handle support for
'Replaced' files.
Requested by: kensm
Author: simon
Date: Sun Jun 19 12:52:50 2011
New Revision: 223293
URL: http://svn.freebsd.org/changeset/base/223293
Log:
Do not use #warning to warn about missing implementation of dt_popc(),
but just have a comment that this is broken.
This is just a bandaid until somebody can fix this c
Author: simon
Date: Mon Jun 6 21:03:19 2011
New Revision: 222779
URL: http://svn.freebsd.org/changeset/base/222779
Log:
Update the comment in the start of the checkacl program to be related
to checkacl.c and not svnssh.
Modified:
svnadmin/tools/checkacl/checkacl.c
Modified: svnadmin/tools
Author: simon
Date: Sat May 28 08:44:39 2011
New Revision: 222416
URL: http://svn.freebsd.org/changeset/base/222416
Log:
Fix an off by one which can result in a assertion failure in BIND
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.
Security: Fre
Author: simon
Date: Sat Apr 23 14:19:26 2011
New Revision: 220971
URL: http://svn.freebsd.org/changeset/base/220971
Log:
Check return code of setuid() and setgid() in finger.
While they will not fail in normal circumstances, better safe than
sorry.
MFC after:1 week
Modified:
h
Author: simon
Date: Sat Apr 23 13:57:12 2011
New Revision: 220970
URL: http://svn.freebsd.org/changeset/base/220970
Log:
Check return code of setuid() in timedc.
While it will not fail in normal circumstances, better safe than
sorry.
MFC after:3 days
Modified:
head/usr.sbin/ti
Author: simon
Date: Sat Apr 23 13:42:03 2011
New Revision: 220969
URL: http://svn.freebsd.org/changeset/base/220969
Log:
Check return code of setuid(), setgid(), and setgroups() in rwhod.
While they will not fail in normal circumstances, better safe than
sorry.
MFC after:1 week
Author: simon
Date: Sat Apr 23 13:07:35 2011
New Revision: 220968
URL: http://svn.freebsd.org/changeset/base/220968
Log:
Check return code of setuid() in traceroute.
While it will not fail in normal circumstances, better safe than sorry.
Reported by: LLVM's clang static analyzer
MFC
Author: simon
Date: Thu Apr 21 16:40:34 2011
New Revision: 220927
URL: http://svn.freebsd.org/changeset/base/220927
Log:
Expand / correct newsyslog regression tests:
- Test newslog with clasic naming of rotates files to actually test
the correct number of log files as newsyslog now does th
Author: simon
Date: Thu Apr 21 16:31:05 2011
New Revision: 220926
URL: http://svn.freebsd.org/changeset/base/220926
Log:
Fix an old bug in newsyslog where we kept one log file more than was
requested in newsyslog.conf. This was only the case using the non-time
based filenames (.0, .1, .2 et
Author: simon
Date: Mon Feb 28 06:54:14 2011
New Revision: 219093
URL: http://svn.freebsd.org/changeset/base/219093
Log:
Drop my OpenSSL maintainer hat. I don't have the motivation to keep
chasing updates etc.
Leave a reminder not to commit non-upstream changes (ref: Debian
random...).
Author: simon
Date: Sun Feb 13 11:10:57 2011
New Revision: 218636
URL: http://svn.freebsd.org/changeset/base/218636
Log:
MFS 218634:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only
Author: simon
Date: Sun Feb 13 11:09:39 2011
New Revision: 218635
URL: http://svn.freebsd.org/changeset/base/218635
Log:
MFS 218633:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only
Author: simon
Date: Sun Feb 13 10:24:36 2011
New Revision: 218634
URL: http://svn.freebsd.org/changeset/base/218634
Log:
MFC 218625:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only
Author: simon
Date: Sun Feb 13 10:22:43 2011
New Revision: 218633
URL: http://svn.freebsd.org/changeset/base/218633
Log:
MFC 218625:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only
Author: simon
Date: Sat Feb 12 21:30:46 2011
New Revision: 218625
URL: http://svn.freebsd.org/changeset/base/218625
Log:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only affected if they
Author: simon
Date: Wed Jan 19 07:44:47 2011
New Revision: 217574
URL: http://svn.freebsd.org/changeset/base/217574
Log:
MFS7 r217562:
Decrease the libcrypto and libssl shared object version numbers from 6
to 5. They were accidentally bumped in r215997 (on 2010-11-28) with the
merge
Author: simon
Date: Tue Jan 18 22:19:55 2011
New Revision: 217562
URL: http://svn.freebsd.org/changeset/base/217562
Log:
Decrease the libcrypto and libssl shared object version numbers from 6
to 5. They were accidentally bumped in r215997 (on 2010-11-28) with the
merge of OpenSSL 0.9.8p, but
Author: simon
Date: Wed Dec 29 14:06:20 2010
New Revision: 216800
URL: http://svn.freebsd.org/changeset/base/216800
Log:
MFS r216725:
Fix deprecated warning about -L which said -i was deprecated.
Approved by: re (kib)
Modified:
releng/8.2/sbin/mount_nfs/mount_nfs.c
Directory Proper
Author: simon
Date: Wed Dec 29 12:25:45 2010
New Revision: 216797
URL: http://svn.freebsd.org/changeset/base/216797
Log:
MFC r216725:
Fix deprecated warning about -L which said -i was deprecated.
Modified:
stable/8/sbin/mount_nfs/mount_nfs.c
Directory Properties:
stable/8/sbin/mount_nf
Author: simon
Date: Sun Dec 26 22:29:44 2010
New Revision: 216725
URL: http://svn.freebsd.org/changeset/base/216725
Log:
Fix deprecated warning about -L which said -i was deprecated.
MFC after:3 days
Modified:
head/sbin/mount_nfs/mount_nfs.c
Modified: head/sbin/mount_nfs/mount_nfs.c
Author: simon
Date: Sun Dec 19 23:09:42 2010
New Revision: 216575
URL: http://svn.freebsd.org/changeset/base/216575
Log:
Add --numeric-owner to tar extract operations in portsnap.
This is done to speed up extraction significantly (both for portsnap
extract and update) in the case of slow
Author: simon
Date: Fri Dec 3 22:59:54 2010
New Revision: 216166
URL: http://svn.freebsd.org/changeset/base/216166
Log:
Merge OpenSSL 0.9.8q into head.
Security: CVE-2010-4180
Security: http://www.openssl.org/news/secadv_20101202.txt
MFC after:3 days
Added:
head/crypto/o
Author: simon
Date: Thu Dec 2 22:37:50 2010
New Revision: 216136
URL: http://svn.freebsd.org/changeset/base/216136
Log:
Tag OpenSSL 0.9.8q.
Added:
vendor-crypto/openssl/0.9.8q/
- copied from r216135, vendor-crypto/openssl/dist/
___
svn-src-all
Author: simon
Date: Thu Dec 2 22:36:51 2010
New Revision: 216135
URL: http://svn.freebsd.org/changeset/base/216135
Log:
Import OpenSSL 0.9.8q.
Added:
vendor-crypto/openssl/dist/ACKNOWLEDGMENTS
Modified:
vendor-crypto/openssl/dist/CHANGES
vendor-crypto/openssl/dist/FAQ
vendor-crypto/ope
Author: simon
Date: Mon Nov 29 20:43:06 2010
New Revision: 216063
URL: http://svn.freebsd.org/changeset/base/216063
Log:
Fix a race condition exists in the OpenSSL TLS server extension code and
a double free in the SSL client ECDH handling code.
Approved by: so (simon)
Security: CV
Author: simon
Date: Mon Nov 29 18:33:20 2010
New Revision: 216062
URL: http://svn.freebsd.org/changeset/base/216062
Log:
Add mappings for RELENG branches for 8.2 and 8.3.
Modified:
svnadmin/tools/export.py
Modified: svnadmin/tools/export.py
===
Author: simon
Date: Mon Nov 29 08:44:32 2010
New Revision: 216046
URL: http://svn.freebsd.org/changeset/base/216046
Log:
Revert some FreeBSD specific changes (mainly made to fix various
security issues), and bring us back to using vendor versions of the
files.
This was already done on h
Author: simon
Date: Sun Nov 28 11:02:18 2010
New Revision: 215994
URL: http://svn.freebsd.org/changeset/base/215994
Log:
Bootstrap mergeinfo so it indicates the current state of things.
Modified:
Directory Properties:
stable/7/crypto/openssl/ (props changed)
Author: simon
Date: Fri Nov 26 22:50:58 2010
New Revision: 215912
URL: http://svn.freebsd.org/changeset/base/215912
Log:
Merge OpenSSL 0.9.8p into stable/8.
This merges up to and including head/crypto/openssl/ r215697; and
head/secure/lib/libcrypto/, head/secure/lib/libssl/,
head/secure
Author: simon
Date: Mon Nov 22 18:29:00 2010
New Revision: 215698
URL: http://svn.freebsd.org/changeset/base/215698
Log:
Regenerate manual pages for OpenSSL 0.9.8p.
Modified:
head/secure/lib/libcrypto/Makefile.inc
head/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
head/secure/lib/libcrypto/m
Author: simon
Date: Mon Nov 22 18:23:44 2010
New Revision: 215697
URL: http://svn.freebsd.org/changeset/base/215697
Log:
Merge OpenSSL 0.9.8p into head.
Security: CVE-2010-3864
Security: http://www.openssl.org/news/secadv_20101116.txt
Modified:
head/crypto/openssl/CHANGES
hea
Author: simon
Date: Sun Nov 21 22:46:51 2010
New Revision: 215644
URL: http://svn.freebsd.org/changeset/base/215644
Log:
Tag OpenSSL 0.9.8p.
Added:
vendor-crypto/openssl/0.9.8p/
- copied from r215643, vendor-crypto/openssl/dist/
___
svn-src-all
Author: simon
Date: Sun Nov 21 22:45:18 2010
New Revision: 215643
URL: http://svn.freebsd.org/changeset/base/215643
Log:
Import OpenSSL 0.9.8p.
Modified:
vendor-crypto/openssl/dist/CHANGES
vendor-crypto/openssl/dist/Configure
vendor-crypto/openssl/dist/FAQ
vendor-crypto/openssl/dist/Mak
Author: simon
Date: Sun Nov 21 11:50:16 2010
New Revision: 215625
URL: http://svn.freebsd.org/changeset/base/215625
Log:
Fix a typo in a comment.
MFC after:3 days
Modified:
head/usr.sbin/newsyslog/newsyslog.c
Modified: head/usr.sbin/newsyslog/newsyslog.c
Author: simon
Date: Sun Nov 21 11:10:09 2010
New Revision: 215624
URL: http://svn.freebsd.org/changeset/base/215624
Log:
MFC r210372:
Add support for creating the archived log filenames using a time-stamp
instead of the traditional simple counter.
Using the time-stamp based file-name
Author: simon
Date: Sun Nov 21 11:04:19 2010
New Revision: 215622
URL: http://svn.freebsd.org/changeset/base/215622
Log:
MFC r208649 by gordon (needed for MFC of r210372):
Add file include processing for newsyslog.
Format for the include line in /etc/newsyslog.conf is:
/etc/defaults
Author: simon
Date: Sun Nov 21 11:01:56 2010
New Revision: 215620
URL: http://svn.freebsd.org/changeset/base/215620
Log:
MFC r208648 by gordon (needed for MFC of r210372):
Convert newsyslog to using queue(3) macros instead of a home rolled version.
Modified:
stable/8/usr.sbin/newsyslog/n
Author: simon
Date: Sun Nov 21 10:45:10 2010
New Revision: 215611
URL: http://svn.freebsd.org/changeset/base/215611
Log:
MFC r208028 by uqs:
mdoc: move remaining sections into consistent order
Modified:
stable/8/usr.sbin/newsyslog/newsyslog.8
Directory Properties:
stable/8/usr.sbin/new
Author: simon
Date: Sun Nov 14 09:33:47 2010
New Revision: 215288
URL: http://svn.freebsd.org/changeset/base/215288
Log:
Fix double-free in OpenSSL's SSL ECDH code.
It has yet to be determined if this warrants a FreeBSD Security
Advisory, but we might as well get it fixed in the normal br
Author: simon
Date: Sat Oct 9 15:54:12 2010
New Revision: 213660
URL: http://svn.freebsd.org/changeset/base/213660
Log:
Re-enable access to 'access' now that it seems access,v is fixed.
Approved by: core (implicit)
Modified:
svnadmin/conf/approvers
Modified: svnadmin/conf/appr
Author: simon
Date: Sat Oct 9 15:17:40 2010
New Revision: 213659
URL: http://svn.freebsd.org/changeset/base/213659
Log:
Test commit to test that access,v works now.
Approved by: clusteradm
Modified:
svnadmin/conf/access
Modified: svnadmin/conf/access
==
Author: simon
Date: Sat Oct 9 14:00:50 2010
New Revision: 213658
URL: http://svn.freebsd.org/changeset/base/213658
Log:
Lock out access to 'access' for now while trying to fix the CVS ,v.
Approved by: core (implicit)
Modified:
svnadmin/conf/approvers
Modified: svnadmin/conf/approvers
), lagg(4) etc. and make use of function pointers and
> pf_proto_register() to hook carp into the network stack.
Yay! Thanks!
I'm really looking forward to not having to handle compile kernels
when upgrading to 8.2 on all my CARP based systems :-).
--
Simon L. Nielsen
___
Author: simon
Date: Tue Jul 27 08:45:29 2010
New Revision: 210525
URL: http://svn.freebsd.org/changeset/base/210525
Log:
Missing IFCAP_* macro descriptions in ifnet(9).
PR: docs/148952
Submitted by: Lars Hartmann
MFC after:2 weeks
Modified:
head/share/man/man9/ifnet.9
Author: simon
Date: Sat Jul 24 10:04:35 2010
New Revision: 210442
URL: http://svn.freebsd.org/changeset/base/210442
Log:
Make failed open of /dev/mdctl in the bsnmpd hostres module non-fatal.
This makes it possible to use the hostres module when bsnmpd is not
running as root.
MFC after:
Author: simon
Date: Thu Jul 22 11:38:48 2010
New Revision: 210374
URL: http://svn.freebsd.org/changeset/base/210374
Log:
Hook newsyslog regression tests to the Makefile 'build'.
MFC after:3 weeks
Modified:
head/tools/regression/usr.sbin/Makefile
Modified: head/tools/regression/usr.s
Author: simon
Date: Thu Jul 22 11:37:54 2010
New Revision: 210373
URL: http://svn.freebsd.org/changeset/base/210373
Log:
Add regression tests for newsyslog. These are far from a complete
test of newsyslog, as they were mainly made to test 'newsyslog -t',
but they do test the basic functiona
Author: simon
Date: Thu Jul 22 11:23:18 2010
New Revision: 210372
URL: http://svn.freebsd.org/changeset/base/210372
Log:
Add support for creating the archived log filenames using a time-stamp
instead of the traditional simple counter.
Using the time-stamp based file-names, once a log file
Author: simon
Date: Sun Jul 18 08:34:44 2010
New Revision: 210215
URL: http://svn.freebsd.org/changeset/base/210215
Log:
Cross reference tree(3) and queue(3).
MFC after:1 week
Modified:
head/share/man/man3/queue.3
head/share/man/man3/tree.3
Modified: head/share/man/man3/queue.3
==
Author: simon
Date: Tue Jul 13 16:47:29 2010
New Revision: 210004
URL: http://svn.freebsd.org/changeset/base/210004
Log:
Bump document for content change in r210002.
Modified:
head/share/man/man5/rc.conf.5
Modified: head/share/man/man5/rc.conf.5
==
Author: simon
Date: Tue Jul 13 16:24:04 2010
New Revision: 210002
URL: http://svn.freebsd.org/changeset/base/210002
Log:
In the example for how to create a VLAN, also include an example of
setting the IP address. While it is documented earlier in rc.conf(5)
that the '.' in the VLAN name bec
On 2010.05.24 14:23:45 +0200, Marius Strobl wrote:
> On Mon, May 24, 2010 at 01:39:42PM +0200, Simon L. Nielsen wrote:
> > On 2010.05.23 19:46:19 +, Marius Strobl wrote:
> >
> > > New Revision: 208459
> > >
> > > Log:
> > > Update the sp
, if you are refering to Fujitsu the company it should not
include a trademark symbol.
And yes, it's not entirely simple...
--
Simon L. Nielsen
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Author: simon
Date: Sun May 16 10:51:45 2010
New Revision: 208137
URL: http://svn.freebsd.org/changeset/base/208137
Log:
Checkpoint svn2cvs script:
- Add latest hacks needed for things CVS doesn't understand but
SVN does. They are disabled but kepts here in case we want to
know lat
B0;253;0cOn 2010.04.01 11:20:15 -0700, Doug Barton wrote:
> On 04/01/10 08:19, Simon L. Nielsen wrote:
> > Author: simon
> > Date: Thu Apr 1 15:19:51 2010
> > New Revision: 206046
> > URL: http://svn.freebsd.org/changeset/base/206046
> >
> > Log:
> >
Author: simon
Date: Thu Apr 1 15:35:29 2010
New Revision: 206047
URL: http://svn.freebsd.org/changeset/base/206047
Log:
- Make it slightly simpler to update OpenSSL version information
for regenerating OpenSSL manual pages.
- Explicitly set the OpenSSL release date so manual pages contain
Author: simon
Date: Thu Apr 1 15:19:51 2010
New Revision: 206046
URL: http://svn.freebsd.org/changeset/base/206046
Log:
Merge OpenSSL 0.9.8n into head.
This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m)
but not -STABLE branches.
I have not yet been able to find o
Author: simon
Date: Thu Apr 1 12:26:32 2010
New Revision: 206037
URL: http://svn.freebsd.org/changeset/base/206037
Log:
Tag OpenSSL 0.9.8n.
Added:
vendor-crypto/openssl/0.9.8n/
- copied from r206035, vendor-crypto/openssl/dist/
___
svn-src-all
Author: simon
Date: Thu Apr 1 12:25:40 2010
New Revision: 206035
URL: http://svn.freebsd.org/changeset/base/206035
Log:
Import OpenSSL 0.9.8n.
Modified:
vendor-crypto/openssl/dist/CHANGES
vendor-crypto/openssl/dist/FAQ
vendor-crypto/openssl/dist/Makefile
vendor-crypto/openssl/dist/NEWS
B0;251;0cOn 2010.03.13 14:27:22 -0800, Doug Barton wrote:
> On 03/13/10 11:22, Simon L. Nielsen wrote:
> > Author: simon
> > Date: Sat Mar 13 19:22:41 2010
> > New Revision: 205128
> > URL: http://svn.freebsd.org/changeset/base/205128
> >
> > Lo
Author: simon
Date: Sat Mar 13 22:37:07 2010
New Revision: 205137
URL: http://svn.freebsd.org/changeset/base/205137
Log:
Readd $FreeBSD$ to the OpenSSL config file as that's useful for
mergemaster.
Suggested by: dougb
Modified:
head/crypto/openssl/apps/openssl.cnf
Modified: head/crypt
as there is already a directory with the same
name CVS is rather unhappy about this.
I need to hack the exporter to ignore the addition of
stable/8/release/picobsd/floppy.tree/sbin as there is simply no way
represent that in CVS (that I know of at least).
--
Simon L. Nielsen
___
[ACPI Debug] String [0xA] "COMB _STA "
[ACPI Debug] String [0x6] "LDN: "
[ACPI Debug] Integer 0x 5
[ACPI Debug] Integer 0x F
I'm not sure if it's related to this import as the system in question
was just upgraded from 8.
You can see more details
Author: simon
Date: Sun Feb 28 18:50:49 2010
New Revision: 204478
URL: http://svn.freebsd.org/changeset/base/204478
Log:
Tag OpenSSL 0.9.8m.
Added:
vendor-crypto/openssl/0.9.8m/
- copied from r204477, vendor-crypto/openssl/dist/
___
svn-src-all
Author: simon
Date: Wed Jan 6 21:45:30 2010
New Revision: 201679
URL: http://svn.freebsd.org/changeset/base/201679
Log:
Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]
Fix ntpd mode 7 denial of service. [SA-10:02]
Fix ZFS ZIL playback with insecure permissions.
Author: simon
Date: Wed Jan 6 21:45:30 2010
New Revision: 201679
URL: http://svn.freebsd.org/changeset/base/201679
Log:
Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]
Fix ntpd mode 7 denial of service. [SA-10:02]
Fix ZFS ZIL playback with insecure permissions.
Author: simon
Date: Wed Jan 6 21:45:30 2010
New Revision: 201679
URL: http://svn.freebsd.org/changeset/base/201679
Log:
Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]
Fix ntpd mode 7 denial of service. [SA-10:02]
Fix ZFS ZIL playback with insecure permissions.
Author: simon
Date: Wed Jan 6 21:45:30 2010
New Revision: 201679
URL: http://svn.freebsd.org/changeset/base/201679
Log:
Fix BIND named(8) cache poisoning with DNSSEC validation.
[SA-10:01]
Fix ntpd mode 7 denial of service. [SA-10:02]
Fix ZFS ZIL playback with insecure permissions.
ybody is trying to weigh the opinion for
/ against this 'feature'.]
--
Simon L. Nielsen
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
eat, thanks!
I recently set up IPv6 on a workstation and was bitten by rc.firewall
and rc.firewall6 getting in each-others way.
--
Simon L. Nielsen
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsub
Author: simon
Date: Thu Dec 3 12:59:39 2009
New Revision: 200057
URL: http://svn.freebsd.org/changeset/base/200057
Log:
Bump the patch level in the kernel version number, which was
accidentally left out of main commit for SA-09:15, SA-09:15, and
SA-09:17 in r200054.
Approved by: so (s
Author: simon
Date: Mon Nov 2 21:44:57 2009
New Revision: 198826
URL: http://svn.freebsd.org/changeset/base/198826
Log:
Only print the 'Directory Properties' section if we actually have
changed directory properties.
Modified:
svnadmin/hooks/scripts/mailer.py
Modified: svnadmin/hooks/scrip
Author: simon
Date: Mon Nov 2 20:37:49 2009
New Revision: 198821
URL: http://svn.freebsd.org/changeset/base/198821
Log:
Change the handling of directory property changes in the svn mailer
script:
- Removes all directories that have only prop-changes from the subject
line (unless ther
ossible.
We have some sparc64 systems at ISC which are currently use for
package building, though they seem to be all Ultra Sparc IIi (at least
from the docs I could find now).
--
Simon L. Nielsen
___
svn-src-all@freebsd.org mailing list
http://lists.freebs
Author: simon
Date: Sun Oct 11 16:52:24 2009
New Revision: 197964
URL: http://svn.freebsd.org/changeset/base/197964
Log:
MFC r197835:
- Document that 'Dell PowerEdge R710' has bce(4) supported NIC.
- Bump document date.
Approved by: re (kib)
Modified:
stable/8/share/man/man4/ (pro
Author: simon
Date: Sun Oct 11 16:39:16 2009
New Revision: 197960
URL: http://svn.freebsd.org/changeset/base/197960
Log:
MFC r197835:
- Document that 'Dell PowerEdge R710' has bce(4) supported NIC.
- Bump document date.
Modified:
stable/7/share/man/man4/ (props changed)
stable/7/sh
Author: simon
Date: Wed Oct 7 13:45:12 2009
New Revision: 197835
URL: http://svn.freebsd.org/changeset/base/197835
Log:
- Document that 'Dell PowerEdge R710' has bce(4) supported NIC.
- Bump document date.
MFC after:3 days
Modified:
head/share/man/man4/bce.4
Modified: head/share/
Author: simon
Date: Sun Oct 4 16:30:33 2009
New Revision: 197747
URL: http://svn.freebsd.org/changeset/base/197747
Log:
In lists, if there is a Li command remove it. This fixes markup for
uath(4).
MFC after:3 days
Reported by: Warren Block
Modified:
head/release/doc/share/mis
On 2009.10.02 18:09:56 +, Simon L. Nielsen wrote:
> Author: simon
> Date: Fri Oct 2 18:09:56 2009
> New Revision: 197715
> URL: http://svn.freebsd.org/changeset/base/197715
>
> Log:
> MFC r197711 (partial) to 6.x and 7.x:
>
> - Add no zero mapping feature,
On 2009.10.02 18:09:56 +, Simon L. Nielsen wrote:
> Author: simon
> Date: Fri Oct 2 18:09:56 2009
> New Revision: 197715
> URL: http://svn.freebsd.org/changeset/base/197715
>
> Log:
> MFC r197711 (partial) to 6.x and 7.x:
>
> - Add no zero mapping feature,
Author: simon
Date: Fri Oct 2 18:09:56 2009
New Revision: 197715
URL: http://svn.freebsd.org/changeset/base/197715
Log:
MFC r197711 (partial) to 6.x and 7.x:
- Add no zero mapping feature, disabled by default. [EN-09:05]
MFC 178913,178914,179242,179243,180336,180340 to 6.x:
- Fix
Author: simon
Date: Fri Oct 2 18:09:56 2009
New Revision: 197715
URL: http://svn.freebsd.org/changeset/base/197715
Log:
MFC r197711 (partial) to 6.x and 7.x:
- Add no zero mapping feature, disabled by default. [EN-09:05]
MFC 178913,178914,179242,179243,180336,180340 to 6.x:
- Fix
Author: simon
Date: Fri Oct 2 18:09:56 2009
New Revision: 197715
URL: http://svn.freebsd.org/changeset/base/197715
Log:
MFC r197711 (partial) to 6.x and 7.x:
- Add no zero mapping feature, disabled by default. [EN-09:05]
MFC 178913,178914,179242,179243,180336,180340 to 6.x:
- Fix
Author: simon
Date: Fri Oct 2 17:58:47 2009
New Revision: 197714
URL: http://svn.freebsd.org/changeset/base/197714
Log:
MFC r197711:
Add no zero mapping feature.
NOTE: Unlike in the other branches where this change will be "merged"
to, the 'no zero mapping' is enabled by default in
(which responds with destination host unreachable) rather than down tun0.
This sounds very similar to the problem I was seeing (also with
OpenVPN), which was fixed by qingli's patch.
The packet is most likely actually not lost, but routed to your
default gateway instead (or whatever it would
Author: simon
Date: Sun Sep 27 21:01:07 2009
New Revision: 197542
URL: http://svn.freebsd.org/changeset/base/197542
Log:
- When we run our trap cleanup handler, echo that we are running this
handler to make it more clear why we are 'suddenly' running df,
umount, and mdconfig.
- Remove
wing people to edit commit
messages, as long as it's "visible" and we knows what the side-effects
are.
--
Simon L. Nielsen
___
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Author: simon
Date: Sun Sep 27 14:49:51 2009
New Revision: 197537
URL: http://svn.freebsd.org/changeset/base/197537
Log:
Do not allow mmap with the MAP_FIXED argument to map at address zero.
This is done to make it harder to exploit kernel NULL pointer security
vulnerabilities. While this o
ons for direct POSIX quotes?
Yes. I thought I had made a web page about it, but I can't find it
now, but see this:
http://lists.freebsd.org/pipermail/freebsd-doc/2005-January/006862.html
We haven't used it much AFAIK, but there are a few manual pages which
does make use of POSIX text.
h in viewsvn if we wanted to).
- If one accidently refer to the wrong revision number it is possible
track down which change was MFC'ed by looking at the text.
Also I don't see what space is being wasted...
I agree at times it might make sense to
explanation. Always good to
learn something new :-).
I haven't had time to review des's patch (I can tonight if "needed"),
but I certainly welcome documenting this case more clearly :-).
--
Simon L. Nielsen
___
svn-src-all@freebsd.o
1 - 100 of 155 matches
Mail list logo
