ViewVC Help

View File | Revision Log | Show Annotations | Download File | View Changeset | Root Listing

root/src/trunk/UPDATING

Comparing trunk/UPDATING (file contents):
Revision 4196 by laffer1, Sat Oct 1 04:47:31 2011 UTC vs.
Revision 6660 by laffer1, Fri Jun 6 01:26:03 2014 UTC

#	Line 1 | Line 1
1	<	Updating Information for MidnightBSD users
1	>	Updating Information for MidnightBSD users.
2
3	+	20140605:
4	+	Fix four security issues with OpenSSL
5	+
6	+	20140604:
7	+	Sendmail failed to properly set close-on-exec for open file descriptors.
8	+
9	+	ktrace page fault kernel trace entries were set to an incorrect size which resulted
10	+	in a leak of information.
11	+
12	+	20140430:
13	+	Fix a TCP reassembly bug that could result in a DOS attack
14	+	of the system. It may be possible to obtain portions
15	+	of kernel memory as well.
16	+
17	+	20140411:
18	+	Update zlib to 1.2.7
19	+
20	+	20140122:
21	+	Support for username with length 32. Previous limit was 16
22	+
23	+	20140114:
24	+	Fix two security vulnerabilities.
25	+
26	+	bsnmpd contains a stack overflow when sent certain queries.
27	+
28	+	bind 9.8 when using NSEC3-signed zones zones, will crash with special
29	+	crafted packets.
30	+
31	+	20131228:
32	+	Imported FreeBSD 9.2 usb stack (plus z87 patches from stable)
33	+
34	+	Updated em(4), igb(4) and ixgbe(4)
35	+
36	+	MidnightBSD now works with Z87 Intel chipsets.
37	+
38	+	20131207:
39	+	Remove sparc64 architecture. It hasn't been working for awhile
40	+	and it's not useful for desktops anymore.
41	+
42	+	20131205:
43	+	OpenSSH 6.4p1
44	+
45	+	20131203:
46	+	Perl 5.18.1 imported.
47	+
48	+	Update less to v458
49	+
50	+	20131130:
51	+	Remove named from base. We still include the client utilities for
52	+	now until replacements can be found.
53	+
54	+	20131004:
55	+	rarpd supports vlan(4) and has a pid flag. (from FreeBSD)
56	+
57	+	20130917:
58	+	Support for 65,536 routing tables was added.  A new fib specific
59	+	field has been added to mbuf.  This is an increase from 16.
60	+
61	+	20130910:
62	+	Security updates: (kern.osreldate 5001)
63	+
64	+	nullfs(5)
65	+
66	+	The nullfs(5) implementation of the VOP_LINK(9) VFS operation does not
67	+	check whether the source and target of the link are both in the same
68	+	nullfs instance.  It is therefore possible to create a hardlink from a
69	+	location in one nullfs instance to a file in another, as long as the
70	+	underlying (source) filesystem is the same.
71	+
72	+	ifioctl
73	+
74	+	As is commonly the case, the IPv6 and ATM network layer ioctl request
75	+	handlers are written in such a way that an unrecognized request is
76	+	passed on unmodified to the link layer, which will either handle it or
77	+	return an error code.
78	+
79	+	Network interface drivers, however, assume that the SIOCSIFADDR,
80	+	SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK requests have been
81	+	handled at the network layer, and therefore do not perform input
82	+	validation or verify the caller's credentials.  Typical link-layer
83	+	actions for these requests may include marking the interface as "up"
84	+	and resetting the underlying hardware.
85	+
86	+	20130824:
87	+	Fix a bug in sendmail 8.14.7 that interferes with how it
88	+	handles AAAA records interoperating with Microsoft DNS servers.
89	+	FreeBSD has already reported this to Sendmail and a fix
90	+	will be included in the next release.
91	+
92	+	Subversion 1.8.1 is now in the base system as a static
93	+	binary.  It has limited functionality, but can be used to
94	+	checkout/commit code.  It is named svnlite.
95	+
96	+	20130822:
97	+	Fix two security vulnerabilities.
98	+
99	+	Fix an integer overflow in IP_MSFILTER (IP MULTICAST).
100	+	This could be exploited to read memory by a user process.
101	+
102	+	When initializing the SCTP state cookie being sent in INIT-ACK chunks,
103	+	a buffer allocated from the kernel stack is not completely initialized.
104	+
105	+	Import xz 5.0.4
106	+
107	+	Import sqlite 3.7.17
108	+
109	+	Import BIND 9.8.5-P2
110	+
111	+	20130814:
112	+	mksh R48 imported.
113	+
114	+	Sendmail 8.14.7 imported.
115	+
116	+	20130717:
117	+	libmport bug was fixed causing hash verification to fail.
118	+
119	+	virtio(4) imported from FreeBSD 9-stable. SCSI support not
120	+	included.
121	+
122	+	20130612:
123	+	RELENG_0_4 created for 0.4. Development continues on 0.5.
124	+
125	+	20130402:
126	+	Update BIND and OpenSSL to resolve security advisories.
127	+
128	+	20130305:
129	+	MKSH R44 imported.
130	+
131	+	20130213:
132	+	MKSH R42b imported
133	+
134	+	20130211:
135	+	MKSH R42 imported
136	+
137	+	20130125:
138	+	MKSH R41 imported
139	+
140	+	20130122:
141	+	OpenSSH 5.8p2 imported
142	+
143	+	SQLite 3.7.15.2 imported
144	+
145	+	Fixed a longstanding bug in libmport extrating new index files.
146	+
147	+	20120710:
148	+	BSD licensed sort imported from FreeBSD-CURRENT
149	+
150	+	For now, GNU sort is installed as gnusort, but it will
151	+	go away in time.
152	+
153	+	20120708:
154	+	tcsh 6.18.01 imported.
155	+
156	+	NetBSD's iconv imported.
157	+
158	+	libc gains strnlen(3), memrchr(3), stpncpy(3).
159	+
160	+	20120612:
161	+	BIND security update related to CVE-2012-1667.
162	+
163	+	Zero length resource records can cause BIND to crash resulting
164	+	in a DOS attack or information disclosure.
165	+
166	+	20120407:
167	+	mksh R40f (fixes regression)
168	+
169	+	20120328:
170	+	mksh R40e
171	+
172	+	Perl 5.14.2
173	+
174	+	20120229:
175	+	cpucontrol(8) and cpuctl(4) added from FreeBSD 7-stable.
176	+
177	+	20120209:
178	+	mDNSResponder 333.10 imported
179	+
180	+	20111227:
181	+	import raid5 module for GEOM, graid5(8)
182	+
183	+	This is experimental and known to use a lot of kernel
184	+	memory.
185	+
186	+	20111223:
187	+	telnetd: fix a root exploit from a fixed buffer that was not checked
188	+
189	+	pam: don't allow escape from policy path.  Exploitable in KDE, etc.
190	+
191	+	Fix pam_ssh module:
192	+
193	+	If the pam_ssh module is enabled, attackers may be able to gain access
194	+	to user accounts which have unencrypted SSH private keys.
195	+
196	+	This has to due with the way that openssl works.  It ignores unencrpted data.
197	+
198	+	Fix security issue with chroot and ftpd.
199	+
200	+	nsdispatch(3) doesn't know it's working in a chroot and some
201	+	operations can cause files to get reloaded causing a security
202	+	hole in things like ftpd.
203	+
204	+	20111217:
205	+	libdialog/dialog upgraded to an lgpl version. As it's not
206	+	backwardly compatable, include the old libdialog as libodialog
207	+
208	+	20111212:
209	+	mksh r40d imported
210	+
211	+	20111210:
212	+	re(4) and rl(4) updated to support new chips.
213	+
214	+	GEOM synced with FreeBSD 7-stable.
215	+
216	+	MidnightBSD GPT partition types created in sys/gpt.h and
217	+	setup in boot loader and GEOM.
218	+
219	+	amdsbwd(4) (amd watchdog for south bridge) updated to support
220	+	8xx series chipset.
221	+
222	+	20111207:
223	+	import bsd grep from FreeBSD/OpenBSD.
224	+
225	+	MK_BSD_GREP controls which grep is installed
226	+	as grep with the other as bsdgrep or gnugrep.
227	+
228	+	20111122:
229	+	mksh vR40c imported.
230	+
231	+	20111117:
232	+	BIND 9.6 ESV R5 P1
233	+
234	+	20111107:
235	+	tzdata 2011n
236	+
237	+	20111026:
238	+	mDNSResponder v320
239	+
240	+	BIND 9.6 ESV R5
241	+
242	+	20111022:
243	+	cflow 0.0.6 imported
244	+
245	+	20111020:
246	+	less v436 imported
247	+
248	+	amdsbwd(4) AMD southbridge watchdog
249	+
250	+	20111019:
251	+	awk 20110810 imported
252	+
253	+	et(4) Agere Gigabit Ethernet/Fast Ethernet driver added, but
254	+	not included in GENERIC kernel.  The kernel module needs
255	+	testing before we can include it in GENERIC.
256	+
257	+	intr_bind code ported to allow an IRQ to be bound to one
258	+	specific CPU core.
259	+
260	+	20111017:
261	+	Time Zone Data v. 2011l (Released 10 October 2011)
262	+
263	+	Updated list of countries (iso3166) to work with new timezone data.
264	+
265	+	20111015:
266	+	Introduce CPU Affinity in MidnightBSD. cpuset(1) can be used
267	+	to control which core or group of cores can be used for a given
268	+	process. Several new system calls were added to support this
269	+	functionality in the running kernel and for 32bit binary
270	+	compatibility on amd64.
271	+
272	+	The scheduler default has been changed to ULE in i386 and
273	+	amd64.  Changes were made to both schedulers (4BSD AND ULE)
274	+	for this feature.
275	+
276	+	This work is based on Jeff Roberson's FreeBSD 7.1 patches.
277	+
278	+	20111004:
279	+	Fix a problem with unix socket handling caused by the recent
280	+	patch to unix socket path handling. This allows network
281	+	apps to work under the linuxolator again.
282	+
283		20111001:
284		Import libfetch & fetch(1) from FreeBSD 9. Passive FTP is
285		now default and an environment variable must be set to use
#	Line 1080 | Line 1360 | Contact Warner Losh if you have any questions about yo
1360		this document.
1361
1362		$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $
1363	<	$MidnightBSD: src/UPDATING,v 1.135 2011/10/01 03:26:55 laffer1 Exp $
1363	>	$MidnightBSD$

Comparing trunk/UPDATING (property cvs2svn:cvs-rev):
Revision 4196 by laffer1, Sat Oct 1 04:47:31 2011 UTC vs.
Revision 6660 by laffer1, Fri Jun 6 01:26:03 2014 UTC

#	Line 1 | Line 0
1	–	1.136

Comparing trunk/UPDATING (property svn:keywords):
Revision 4196 by laffer1, Sat Oct 1 04:47:31 2011 UTC vs.
Revision 6660 by laffer1, Fri Jun 6 01:26:03 2014 UTC

#	Line 0 | Line 1
1	+	MidnightBSD=%H

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines
>	Changed lines