Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: releng/6.1
Commits on Apr 17, 2008
  1. @cperciva

    Fix logic error in sshd(8) concerning the handling of failed

    cperciva authored
    attempts to bind ports for X11 forwarding.
    
    Security:	FreeBSD-SA-08:05.openssh
    Approved by:	so (cperciva)
Commits on Feb 14, 2008
  1. @simonlbn

    Fix sendfile(2) write-only file permission bypass.

    simonlbn authored
    Security:	FreeBSD-SA-08:03.sendfile
    Approved by:	so (simon)
Commits on Jan 15, 2008
  1. @cperciva

    Fix date of last advisory -- January 14th, not January 18th.

    cperciva authored
    Approved by:	so (cperciva)
Commits on Jan 14, 2008
  1. @cperciva

    Fix issues which allow snooping on ptys.

    cperciva authored
    Security: FreeBSD-SA-08:01.pty
    Approved by:	so (cperciva)
Commits on Nov 29, 2007
  1. @simonlbn

    Correct a random value disclosure in random(4).

    simonlbn authored
    Security:	FreeBSD-SA-07:09.random
    Approved by:	so (simon)
Commits on Oct 3, 2007
  1. @simonlbn

    Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().

    simonlbn authored
    Security:	FreeBSD-SA-07:08.openssl
    Approved by:	so (simon)
Commits on Aug 1, 2007
  1. @simonlbn

    Correct buffer overflow in tcpdump(1). [SA-07:06]

    simonlbn authored
    Correct predictable query ids in named(8). [SA-07:07]
    
    Security:	FreeBSD-SA-07:06.tcpdump
    Security:	FreeBSD-SA-07:07.bind
    Approved by:	so (simon)
Commits on Jul 12, 2007
  1. @cperciva

    Correct multiple security issues in how libarchive handles corrupt

    cperciva authored
    tar archives, including a potentially exploitable buffer overflow.
    
    Approved by:	so (cperciva)
    Reviewed by:	kientzle
    Security:	FreeBSD-SA-07:05.libarchive
Commits on May 23, 2007
  1. @cperciva

    Fix buffer overflow in libmagic(3).

    cperciva authored
    Security:	FreeBSD-SA-07:04.file
    Approved by:	so (cperciva)
Commits on Apr 26, 2007
  1. @cperciva

    Disable processing of IPv6 type 0 Routing Headers. This behaviour

    cperciva authored
    can be changed via the (newly added) net.inet6.ip6.rthdr0_allowed
    sysctl.
    
    Security:	FreeBSD-SA-07:03.ipv6
    Approved by:	so (cperciva)
Commits on Feb 28, 2007
  1. @simonlbn

    Update zoneinfo and required support files for change in Daylight

    simonlbn authored
    Savings Time that begins in 2007.
    
    Approved by:	so (simon)
    Submitted by:	re (kensmith)
    Errata:		FreeBSD-EN-07:04.zoneinfo
Commits on Feb 14, 2007
  1. @cperciva

    Correct problems with locking, namei leakage, and symlink

    cperciva authored
    creation in the NFS subsystem.
    
    Approved by:	so (cperciva)
    Submitted by:	re (hrs)
    Errata:		FreeBSD-EN-07:01.nfs
Commits on Feb 9, 2007
  1. @cperciva

    Correct two remote denials of service in BIND involving DNSSEC and

    cperciva authored
    recursive DNS queries respectively.
    
    Security:	FreeBSD-SA-07:02.bind
    Approved by:	so (cperciva)
Commits on Jan 11, 2007
  1. @simonlbn

    Fix jail rc.d script privilege escalation via symlink attack against

    simonlbn authored
    /var/log/console.log and mount points.
    
    Security:	FreeBSD-SA-07:01.jail
    Approved by:	so (simon)
Commits on Dec 6, 2006
  1. @cperciva

    Correct a signedness bug which allowed members of the operator

    cperciva authored
    group to read kernel memory.
    
    Security:	FreeBSD-SA-06:25.kmem
    Approved by:	so (cperciva)
Commits on Sep 30, 2006
  1. @simonlbn

    Correct multiple vulnerabilities in OpenSSH.

    simonlbn authored
    Security:	FreeBSD-SA-06:22.openssh
    Approved by:	so (simon)
Commits on Sep 29, 2006
  1. @cperciva

    Correct problem in the 2006-09-28 patch concerning the handling of

    cperciva authored
    excessively large DH moduli.
    
    Reported by:	Steve Kiernan (Juniper SIRT)
    Security:	FreeBSD-SA-06:23.openssl
    Approved by:	so (cperciva)
Commits on Sep 28, 2006
  1. @cperciva

    Correct multiple vulnerabilities in crypto(3).

    cperciva authored
    Limit the size of public keys used in order to protect applications
    from a denial of service via insane key sizes.
    
    Security:	FreeBSD-SA-06:23.openssl
    Approved by:	so (cperciva)
Commits on Sep 19, 2006
  1. @simonlbn

    Correct multiple vulnerabilities in gzip(1).

    simonlbn authored
    Security:	FreeBSD-SA-06:21.gzip
    Approved by:	so (simon)
Commits on Sep 6, 2006
  1. @simonlbn

    Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1]

    simonlbn authored
    Correct multiple denial-of-service vulnerabilities in BIND related to
    SIG Query Processing and Excessive Recursive Queries. [2]
    
    Security:	FreeBSD-SA-06:19.openssl [1]
    Security:	FreeBSD-SA-06:20.bind [2]
    Approved by:	so (simon)
Commits on Aug 28, 2006
  1. @cperciva

    Correct several problems in the network stack, including a

    cperciva authored
    locally-triggered kernel panic, inaccuracy in reported memory
    allocation statistics, and problems on IPv6 point-to-point links.
    
    Approved by:	so (cperciva)
    Errata:		FreeBSD-EN-06:02.net
Commits on Aug 23, 2006
  1. @cperciva

    Correct buffer overflow in the handling of LCP options in ppp(4)

    cperciva authored
    Security:	FreeBSD-SA-06:18.ppp
    Approved by:	so (cperciva)
Commits on Jul 7, 2006
  1. @cperciva

    Fix problems in the startup scripts for jails.

    cperciva authored
    Errata:		FreeBSD-EN-06:01.jail
    Approved by:	so (cperciva)
Commits on Jun 14, 2006
  1. @cperciva

    Correct a bug in the handling of multipart messages by sendmail(8)

    cperciva authored
    which can allow a malformed message to crash a sendmail queue
    processing process.
    
    Security:	FreeBSD-SA-06:17.sendmail
    Approved by:	so (cperciva)
Commits on May 31, 2006
  1. @cperciva

    Enable inadvertantly disabled "securenet" access controls in ypserv. [1]

    cperciva authored
    Correct a bug in the handling of backslash characters in smbfs which can
    allow an attacker to escape from a chroot(2). [2]
    
    Approved by:	so (cperciva)
    Security:	FreeBSD-SA-06:15.ypserv [1]
    Security:	FreeBSD-SA-06:16.smbfs [2]
Commits on May 6, 2006
  1. Fix a forgetting RELENG_6_1 pointer.

    scottl authored
    Approved by: re
  2. @delphij

    MFen 1.883.2.15.2.5 -> 1.883.2.15.2.7

    delphij authored
    Approved by:	re (hrs, scottl)
  3. Set all the pointers to 6.1-RELEASE.

    scottl authored
    Approved by: re
  4. MFC: Cosmetic kernel print fixes.

    scottl authored
    Approved by: re
  5. MFC: unbreak 'make universe'

    scottl authored
    Approved by: re
Commits on May 5, 2006
  1. MFC r1.87:

    ceri authored
    Fix binary upgrades by accounting for the schg flag on /var/empty.
    
    PR:		96711, 96780
    Submitted by:	Nobuyuki Koganemaru, Martin Jackson
    Approved by:	re (scottl)
  2. New release notes:

    hrs authored
    	jail_interface rc.conf variable added.
    
    Approved by:	re (implicitly)
  3. New release notes:

    hrs authored
    	rr232x(4) added,
    	sound(4) improvements[*]
    
    Suggested by:	netchild
    Approved by:	re (implicitly)
  4. MFC:

    flz authored
      - If no pidfile has been created at startup, only stop processes
      with current jid.
    
          src/etc/rc.subr: rev 1.53 -> 1.55
    
    PR:		conf/93287
    Submitted by:	anders
    Approved by:	re (scottl)
  5. MFC:

    flz authored
      - Add following global jail options, used if no jail-specific options are
      set:
       * jail_mount_enable
       * jail_devfs_ruleset
       * jail_devfs_enable
       * jail_fdescfs_enable
       * jail_procfs_enable
       * jail_fstab
       * jail_flags
      - Add a jail_interface / jail_<jid>_interface option. An ip alias will be
      created (jail_<jid>_ip) on jail_interface or jail_<jid>_interface if set.
      This is not a mandatory option.
      - Document all missing jail_* options in rc.conf(5).
    
          src/share/man/man5/rc.conf.5: rev 1.289 -> 1.290
          src/etc/rc.d/jail: rev 1.26 -> 1.27
    
    Approved by:	re (scottl)
Something went wrong with that request. Please try again.