Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: releng/8.1
Commits on Aug 6, 2012
  1. @simonlbn

    Fix named(8) DNSSEC validation Denial of Service.

    simonlbn authored
    Security:	FreeBSD-SA-12:05.bind
    Security:	CVE-2012-3817
    Obtained from:	ISC
    Approved by:	so (simon)
Commits on Jun 18, 2012
  1. @simonlbn

    Add UPDATING and information for the FreeBSD-SA-12:04.sysret

    simonlbn authored
    Approved by:	so (simon)
  2. @simonlbn

    Correct the patch for FreeBSD-SA-12:04.sysret for releng/8.1 where it

    simonlbn authored
    was accidently applied to the wrong location.
    Reported by:	Steven Chamberlain <>
    Reviewed by:	jhb, kib
    Security:	FreeBSD-SA-12:04.sysret
    Approved by:	so (simon)
Commits on Jun 12, 2012
  1. Fix a problem where zero-length RDATA fields can cause named(8) to cr…

    bz authored
    Correct a privilege escalation when returning from kernel if
    running FreeBSD/amd64 on non-AMD processors. [12:04]
    Fix reference count errors in IPv6 code. [EN-12:02]
    Security:	CVE-2012-1667
    Security:	FreeBSD-SA-12:03.bind
    Security:	CVE-2012-0217
    Security:	FreeBSD-SA-12:04.sysret
    Security:	FreeBSD-EN-12:02.ipv6refcount
    Approved by:	so (simon, bz)
Commits on May 30, 2012
  1. Update the previous openssl fix. [12:01]

    bz authored
    Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
    Security:	FreeBSD-SA-12:01.openssl (revised)
    Security:	FreeBSD-SA-12:02.crypt
    Approved by:	so (bz, simon)
Commits on May 3, 2012
  1. Fix multiple OpenSSL vulnerabilities.

    bz authored
    Security:	CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
    Security:	CVE-2012-0884, CVE-2012-2110
    Security:	FreeBSD-SA-12:01.openssl
    Approved by:	so (bz,simon)
Commits on Jan 4, 2012
  1. @cperciva

    Extend the character set accepted by freebsd-update(8) in file

    cperciva authored
    names in order to allow upgrades to FreeBSD 9.0-RELEASE.
    Approved by:	so (cperciva)
    Errata Notice:	FreeBSD-EN-12:01.freebsd-update
Commits on Dec 23, 2011
  1. @cperciva

    Fix a problem whereby a corrupt DNS record can cause named to crash. …

    cperciva authored
    Add an API for alerting internal libc routines to the presence of
    "unsafe" paths post-chroot, and use it in ftpd. [11:07]
    Fix a buffer overflow in telnetd. [11:08]
    Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
    specified. [11:09]
    Add sanity checking of service names in pam_start. [11:10]
    Approved by:    so (cperciva)
    Approved by:    re (bz)
    Security:       FreeBSD-SA-11:06.bind
    Security:       FreeBSD-SA-11:07.chroot
    Security:       FreeBSD-SA-11:08.telnetd
    Security:       FreeBSD-SA-11:09.pam_ssh
    Security:       FreeBSD-SA-11:10.pam
Commits on Oct 4, 2011
  1. @cperciva

    Fix a bug in UNIX socket handling in the linux emulator which was

    cperciva authored
    exposed by the security fix in FreeBSD-SA-11:05.unix.
    Approved by:	so (cperciva)
    Approved by:	re (kib)
    Security:	Related to FreeBSD-SA-11:05.unix, but not actually
    		a security fix.
Commits on Sep 28, 2011
  1. Fix handling of corrupt compress(1)ed data. [11:04]

    bz authored
    Add missing length checks on unix socket addresses. [11:05]
    Approved by:	so (cperciva)
    Approved by:	re (kensmith)
    Security:	FreeBSD-SA-11:04.compress
    Security:	CVE-2011-2895 [11:04]
    Security:	FreeBSD-SA-11:05.unix
Commits on May 28, 2011
  1. @simonlbn

    Fix an off by one which can result in a assertion failure in BIND

    simonlbn authored
    related to large RRSIG RRsets and Negative Caching. This can cause
    named to crash.
    Security:	FreeBSD-SA-11:02.bind
    Security:	CVE-2011-1910
    Obtained from:	ISC
    Approved by:	so (simon)
Commits on Apr 20, 2011
  1. @cperciva

    Fix CIDR parsing bug in mountd ACLs.

    cperciva authored
    Approved by:	so (cperciva)
    Security:	FreeBSD-SA-11:01.mountd
Commits on Nov 29, 2010
  1. @simonlbn

    Fix a race condition exists in the OpenSSL TLS server extension code and

    simonlbn authored
    a double free in the SSL client ECDH handling code.
    Approved by:	so (simon)
    Security:	CVE-2010-2939, CVE-2010-3864
    Security:	FreeBSD-SA-10:10.openssl
Commits on Sep 20, 2010
  1. @cperciva

    Fix an integer overflow in RLE length parsing when decompressing

    cperciva authored
    corrupt bzip2 data.
    Approved by:	so (cperciva)
    Security:	FreeBSD-SA-10:08.bzip2
Commits on Jul 17, 2010
  1. Ready for 8.1-RELEASE builds.

    kensmith authored
    Approved by:	re (implicit)
  2. Predict the date we'll be ready to announce 8.1-RELEASE. While here

    kensmith authored
    add the entry for 8.0-RELEASE which was added to releng/8.0/UPDATING
    during the 8.0-RELEASE cycle but not to stable/8/UPDATING at that time.
    Approved by:	re (implicit)
  3. Clean-up old contents and bump version numbers for 8.1R.

    hrs authored
    Approved by:	re (implicitly)
Commits on Jul 13, 2010
  1. @cperciva

    Correctly copy the M_RDONLY flag when duplicating a reference

    cperciva authored
    to an mbuf external buffer.
    Approved by:	so (cperciva)
    Approved by:	re (kensmith)
    Security:	FreeBSD-SA-10:07.mbuf
Commits on Jul 7, 2010
  1. MFC: r209695

    marius authored
    - Pin the IPI cache and TLB demap functions in order to prevent migration
      between determining the other CPUs and calling cpu_ipi_selected(), which
      apart from generally doing the wrong thing can lead to a panic when a
      CPU is told to IPI itself (which sun4u doesn't support).
      Reported and tested by: Nathaniel W Filardo
    - Add __unused where appropriate.
    Approved by:	re (kib)
  2. MFC r207303 (originally by kmacy):

    bz authored
      need to initialize the lock before it is used
      Reported on:  stable@ (MFC missing)
    Approved by:	re (kensmith)
  3. Merge r209770 from stable/8:

    kensmith authored
    > Package set for 8.1-RELEASE.  We still have a 2Gb maximum file size
    > limit caused by cvsup still being used for some of our mirror system.
    > That is being worked on.
    Reviewed by:	re@, portmgr@
    Approved by:	re (implicit)
Commits on Jul 5, 2010
  1. MFC r209624

    tuexen authored
     * Do not dereference a NULL pointer when calling an SCTP send syscall
       not providing a destination address and using ktrace.
     * Do not copy out kernel memory when providing sinfo for sctp_recvmsg().
     Both bugs where reported by Valentin Nechayev.
     The first bug results in a kernel panic.
    Approved by: re@
Commits on Jun 28, 2010
  1. @rpaulo

    MFC r209541, r209548:

    rpaulo authored
      Fix the AR_SREV_MERLIN_20_OR_LATER() check.
    Approved by:	re (kensmith)
Commits on Jun 26, 2010
  1. Ready to proceed with 8.1-RC2.

    kensmith authored
    Approved by:	re (implicit)
Commits on Jun 25, 2010
  1. MFC r208553

    qingli authored
    This patch fixes the problem where proxy ARP entries cannot be added
    over the if_ng interface.
    Approved by:	re (bz)
Commits on Jun 23, 2010
  1. MFC r209263:

    pjd authored
    Eliminate dead code.
    Found by:	Coverity Prevent
    CID:		5158
    Remove macros that are not really needed. The idea was to have them in case
    we grow more descriptors, but I'll reconsider readding them once we get there.
    Passing (a = b) expression to FD_ISSET() is bad idea, as FD_ISSET() evaluates
    its argument twice.
    Found by:	Coverity Prevent
    CID:		5243
    Plug memory leaks.
    Found by:	Coverity Prevent
    CID:		7052, 7053, 7054, 7055
    Plug memory leak.
    Found by:	Coverity Prevent
    CID:		7051
    Plug memory leak.
    Found by:	Coverity Prevent
    CID:		7056
    Plug memory leak.
    Found by:	Coverity Prevent
    CID:		7057
    Initialize gctl_seq for synchronization requests.
    Reported by:
    Analysed by:	Mikolaj Golub <>
    Tested by:, Mikolaj Golub <>
    Fix typos.
    Correct various log messages.
    Submitted by: Mikolaj Golub <>
    Note that without some of these changes hastd won't work on 8.x properly.
    Approved by:	re (kensmith)
  2. MFC r209262:

    pjd authored
    BIO_DELETE contains range we want to delete and doesn't provide any
    useful data, so there is no need to copy it to userland.
    'unit' can be negative, so use signed type for it.
    Found by:	Coverity Prevent
    CID:		3731
    Approved by:	re (kensmith)
  3. @bsdjhb

    MFC 209213:

    bsdjhb authored
    When updating individual CPU's lowest Cx state to use, never set it to a
    state lower than the lowest one supported by the current CPU.  This closes
    some races with changes to the hw.acpi.cpu_cx_lowest sysctl while Cx
    states for individual CPUs were changing (e.g. unplugging the AC adapter
    of a laptop) that could result in panics.
    Approved by:	re (kib)
  4. MFC r209369:

    nwhitehorn authored
    Temporarily disable instruction relocation while setting up the kernel's
    IBAT entry in early boot in order to prevent possible faults from races
    between the instruction cache and the MMU.
    PR:		powerpc/148003
    Approved by:	re (kib)
  5. @amotin

    MFC r209341:

    amotin authored
    Report transport type in XPT_PATH_INQ.
    Approved by:	re (kib)
  6. @amotin

    MFC r209340:

    amotin authored
    Report transport type in XPT_PATH_INQ.
    PR:		i386/147929
    Approved by:	re (kib)
  7. MFC 209286:

    dougb authored
    Add the AAAA address for
    Approved by:	re (kensmith)
Commits on Jun 22, 2010
  1. @dag-erling

    merge r196650 from head (via stable/8): tty might be NULL

    dag-erling authored
    Approved by:	re (kib@)
  2. MFC 209264

    tuexen authored
     * Fix a bug where the length of the ASCONF-ACK was calculated wrong due
       to using an uninitialized variable.
     * Fix a bug where a NULL pointer was dereferenced when interfaces
       come and go at a high rate.
     * Fix a bug where inps where not deregistered from iterators.
     * Fix a race condition in freeing an association.
     * Fix a refcount problem related to the iterator.
     Each of the above bug results in a panic. It shows up when
     interfaces come and go at a high rate.
    Approved by: re
Commits on Jun 19, 2010
  1. MFC revs 209026 and 209085:

    marcel authored
    o   Bump MAX_BPAGES from 256 to 1024.
    o   Synchronize the kernel entry on all CPUs with the use of the ptc.g
        instruction on a single CPU by implementing a bare-bones readers-
        writer lock.
    Approved by:	re (kensmith)
Something went wrong with that request. Please try again.