 ../
|
apache/
|
7721
(7 years ago)
by laffer1:
update cstd
|
|
bin/
|
8152
(7 years ago)
by laffer1:
mention acl copy with cp
|
|
cddl/
|
8118
(7 years ago)
by laffer1:
cleanup linking
|
|
contrib/
|
8053
(7 years ago)
by laffer1:
fix corrupted dwar expression from kgdb
|
|
crypto/
|
7583
(7 years ago)
by laffer1:
alrightythen just drop the 0 case
|
|
etc/
|
8158
(7 years ago)
by laffer1:
dont abstract rcvar_manpage
|
|
games/
|
8157
(7 years ago)
by laffer1:
add more quotes
|
|
gnu/
|
8155
(7 years ago)
by laffer1:
partial revert of last commit
|
|
include/
|
8130
(7 years ago)
by laffer1:
rpc.lockd is still freaking out. revert this
|
|
kerberos5/
|
8155
(7 years ago)
by laffer1:
partial revert of last commit
|
|
lib/
|
8161
(7 years ago)
by laffer1:
sigaction(2),sigwait(2),sigwaitinfo(2): Remove [EFAULT] error
condition.
Passing an invalid pointer results in undefined behaviour.
The wrappers in libthr access some of the data pointed to by the arguments
in userland, so that an invalid pointer will cause a signal and not an
[EFAULT] error return.
Furthermore, if the [EFAULT] error occurs when the kernel is writing, it is
not a proper error in the sense that the call still commits (changing the
signal disposition or accepting the signal).
Obtained from: FreeBSD
|
|
libexec/
|
8097
(7 years ago)
by laffer1:
do not reference z_nodeflib for not objgiven case, thus fixing LD_PRELOAD for a non absolute path
|
|
nrelease/
|
6469
(10 years ago)
by laffer1:
remove cvs2svn prop
|
|
release/
|
7801
(7 years ago)
by laffer1:
add additional exclusions to src tarball
|
|
rescue/
|
8155
(7 years ago)
by laffer1:
partial revert of last commit
|
|
sbin/
|
8160
(7 years ago)
by laffer1:
check the return value of sbuf_finish
|
|
secure/
|
7462
(8 years ago)
by laffer1:
Security patch OpenSSL for DROWN
A cross-protocol attack was discovered that could lead to decryption of TLS
sessions by using a server supporting SSLv2 and EXPORT cipher suites as a
Bleichenbacher RSA padding oracle. Note that traffic between clients and
non-vulnerable servers can be decrypted provided another server supporting
SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP
or POP3) shares the RSA keys of the non-vulnerable server. This vulnerability
is known as DROWN. [CVE-2016-0800]
A double free bug was discovered when OpenSSL parses malformed DSA private
keys and could lead to a DoS attack or memory corruption for applications that
receive DSA private keys from untrusted sources. This scenario is considered
rare. [CVE-2016-0705]
The SRP user database lookup method SRP_VBASE_get_by_user had confusing memory
management semantics; the returned pointer was sometimes newly allocated, and
sometimes owned by the callee. The calling code has no way of distinguishing
these two cases. [CVE-2016-0798]
In the BN_hex2bn function, the number of hex digits is calculated using an int
value |i|. Later |bn_expand| is called with a value of |i * 4|. For large
values of |i| this can result in |bn_expand| not allocating any memory because
|i * 4| is negative. This can leave the internal BIGNUM data field as NULL
leading to a subsequent NULL pointer dereference. For very large values of
|i|, the calculation |i * 4| could be a positive value smaller than |i|. In
this case memory is allocated to the internal BIGNUM data field, but it is
insufficiently sized leading to heap corruption. A similar issue exists in
BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn is
ever called by user applications with very large untrusted hex/dec data. This
is anticipated to be a rare occurrence. [CVE-2016-0797]
The internal |fmtstr| function used in processing a "%s" formatted string in
the BIO_*printf functions could overflow while calculating the length of
a string and cause an out-of-bounds read when printing very long strings.
[CVE-2016-0799]
A side-channel attack was found which makes use of cache-bank conflicts on the
Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA
keys. [CVE-2016-0702]
s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers.
If clear-key bytes are present for these ciphers, they displace encrypted-key
bytes. [CVE-2016-0703]
s2_srvr.c overwrites the wrong bytes in the master key when applying
Bleichenbacher protection for export cipher suites. [CVE-2016-0704]
Obtained from: OpenSSL & FreeBSD
|
|
share/
|
8147
(7 years ago)
by laffer1:
remove all cvsup examples. we no longer offer this service
|
|
sys/
|
8174
(7 years ago)
by laffer1:
zfs boot: add a size check for a value in fzap_lookup
|
|
tools/
|
8114
(7 years ago)
by laffer1:
remove cvs only tools
|
|
usr.bin/
|
8162
(7 years ago)
by laffer1:
do not pass fd to save current directory to child processes.
|
|
usr.sbin/
|
8145
(7 years ago)
by laffer1:
document security
|
COPYRIGHT
|
7391
(8 years ago)
by laffer1:
Happy New Year.
|
|
Makefile
|
7636
(7 years ago)
by laffer1:
make check time work with newer make
|
|
Makefile.inc1
|
8155
(7 years ago)
by laffer1:
partial revert of last commit
|
|
ObsoleteFiles.inc
|
7635
(7 years ago)
by laffer1:
add old files to remove to current
|
|
README
|
6517
(10 years ago)
by laffer1:
turn on svn keywords
|
|
UPDATING
|
8153
(7 years ago)
by laffer1:
note via change
|
