| 1 |
|
Updating Information for MidnightBSD users. |
| 2 |
|
|
| 3 |
< |
20160728: |
| 3 |
> |
20150917: |
| 4 |
> |
Fix kqueue write events for files > 2GB |
| 5 |
> |
|
| 6 |
> |
20150825: |
| 7 |
> |
kernel: |
| 8 |
> |
fix a security issue on amd64 where the GS segment CPU register can be changed via |
| 9 |
> |
userland value in kernel mode by using an IRET with #SS or #NP exceptions. |
| 10 |
> |
|
| 11 |
> |
openssh: |
| 12 |
> |
A programming error in the privileged monitor process of the sshd(8) |
| 13 |
> |
service may allow the username of an already-authenticated user to be |
| 14 |
> |
overwritten by the unprivileged child process. |
| 15 |
> |
|
| 16 |
> |
A use-after-free error in the privileged monitor process of he sshd(8) |
| 17 |
> |
service may be deterministically triggered by the actions of a |
| 18 |
> |
compromised unprivileged child process. |
| 19 |
> |
|
| 20 |
> |
A use-after-free error in the session multiplexing code in the sshd(8) |
| 21 |
> |
service may result in unintended termination of the connection. |
| 22 |
> |
|
| 23 |
> |
20150818: |
| 24 |
> |
expat security fix |
| 25 |
> |
|
| 26 |
> |
20150815: |
| 27 |
> |
libc changes: |
| 28 |
> |
setmode(3) now returns errno consistently on error. |
| 29 |
> |
libc will compile without error using clang |
| 30 |
> |
|
| 31 |
> |
20150814: |
| 32 |
> |
wait6 system call added. |
| 33 |
> |
|
| 34 |
> |
date(1) now handles non numeric numbers passed to -r |
| 35 |
> |
like GNU coreutils for improved compatibility. |
| 36 |
> |
|
| 37 |
> |
20150811: |
| 38 |
> |
ata(4) AMD Hudson2 SATA controller support. |
| 39 |
> |
Intel lynxpoint SATA. |
| 40 |
> |
|
| 41 |
> |
Fix some const warnings when building several device drivers |
| 42 |
> |
with llvm/clang. |
| 43 |
> |
|
| 44 |
> |
Sync cas(4) with FreeBSD 9-stable. |
| 45 |
> |
|
| 46 |
> |
Fix some minor issues with ath(4). |
| 47 |
> |
|
| 48 |
> |
20150809: |
| 49 |
> |
xz 5.0.8 |
| 50 |
> |
|
| 51 |
> |
20150808: |
| 52 |
> |
libmport now logs installation and removal of packages to syslog. |
| 53 |
> |
|
| 54 |
> |
20150805: |
| 55 |
> |
routed - fix a potential security issue where traffic from outside |
| 56 |
> |
the network can disrupt routing. |
| 57 |
> |
|
| 58 |
> |
bsd patch - fix a bug with ed(1) scripts allowing unsanitized input |
| 59 |
> |
to run. |
| 60 |
> |
|
| 61 |
> |
20150802: |
| 62 |
> |
jansson 2.7 library added. (libjansson is a JSON library in C) |
| 63 |
> |
|
| 64 |
> |
20150728: |
| 65 |
|
Heimdal 1.5.2 (kerberos implementation) |
| 66 |
|
|
| 67 |
|
OpenSSL 1.0.1o |
| 68 |
|
|
| 69 |
|
cpucontrol(8) now supports VIA CPUs. Synced with FreeBSD 9.2. |
| 70 |
|
|
| 71 |
< |
20160726: |
| 71 |
> |
TCP Resassemly resource exhaustion bug: |
| 72 |
> |
There is a mistake with the introduction of VNET, which converted the |
| 73 |
> |
global limit on the number of segments that could belong to reassembly |
| 74 |
> |
queues into a per-VNET limit. Because mbufs are allocated from a |
| 75 |
> |
global pool, in the presence of a sufficient number of VNETs, the |
| 76 |
> |
total number of mbufs attached to reassembly queues can grow to the |
| 77 |
> |
total number of mbufs in the system, at which point all network |
| 78 |
> |
traffic would cease. |
| 79 |
> |
Obtained from: FreeBSD 8 |
| 80 |
> |
|
| 81 |
> |
OpenSSH |
| 82 |
> |
|
| 83 |
> |
Fix two security vulnerabilities: |
| 84 |
> |
OpenSSH clients does not correctly verify DNS SSHFP records when a server |
| 85 |
> |
offers a certificate. [CVE-2014-2653] |
| 86 |
> |
|
| 87 |
> |
OpenSSH servers which are configured to allow password authentication |
| 88 |
> |
using PAM (default) would allow many password attempts. A bug allows |
| 89 |
> |
MaxAuthTries to be bypassed. [CVE-2015-5600] |
| 90 |
> |
|
| 91 |
> |
|
| 92 |
> |
Switch to bsdpatch (from FreeBSD & OpenBSD) |
| 93 |
> |
|
| 94 |
> |
20150726: |
| 95 |
|
BSD Sort updated |
| 96 |
|
|
| 97 |
|
sqlite 3.8.10.2 |
| 98 |
|
|
| 99 |
< |
20160725: |
| 99 |
> |
20150725: |
| 100 |
|
Import reallocarray from OpenBSD's libc. |
| 101 |
|
|
| 102 |
|
The reallocarray() function is similar to realloc() except it operates on |
