[Midnightbsd-cvs] src [7625] trunk/UPDATING: document security patches
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue May 31 18:41:59 EDT 2016
Revision: 7625
http://svnweb.midnightbsd.org/src/?rev=7625
Author: laffer1
Date: 2016-05-31 18:41:58 -0400 (Tue, 31 May 2016)
Log Message:
-----------
document security patches
Modified Paths:
--------------
trunk/UPDATING
Modified: trunk/UPDATING
===================================================================
--- trunk/UPDATING 2016-05-31 22:40:38 UTC (rev 7624)
+++ trunk/UPDATING 2016-05-31 22:41:58 UTC (rev 7625)
@@ -1,5 +1,18 @@
Updating Information for MidnightBSD users.
+20160531:
+ Fix four security issues with MidnightBSD.
+
+ The implementation of TIOCGSERIAL ioctl(2) does not clear the output
+ struct before sending to userland in the linux emulation layer.
+
+ The compat 43 stat(2) system call exposes kernel stack to userland.
+
+ libarchive - CVE-2015-2304 and CVE-2013-0211 fix issues with
+ cpio directory traversal and an integer signedness error in the archive
+ write zip data routine.
+
+
20160528:
Fixed minor issues with mined(1) and msearch(1).
More information about the Midnightbsd-cvs
mailing list