1 |
|
Updating Information for MidnightBSD users. |
2 |
|
|
3 |
< |
20160728: |
3 |
> |
20150917: |
4 |
> |
Fix kqueue write events for files > 2GB |
5 |
> |
|
6 |
> |
20150825: |
7 |
> |
kernel: |
8 |
> |
fix a security issue on amd64 where the GS segment CPU register can be changed via |
9 |
> |
userland value in kernel mode by using an IRET with #SS or #NP exceptions. |
10 |
> |
|
11 |
> |
openssh: |
12 |
> |
A programming error in the privileged monitor process of the sshd(8) |
13 |
> |
service may allow the username of an already-authenticated user to be |
14 |
> |
overwritten by the unprivileged child process. |
15 |
> |
|
16 |
> |
A use-after-free error in the privileged monitor process of he sshd(8) |
17 |
> |
service may be deterministically triggered by the actions of a |
18 |
> |
compromised unprivileged child process. |
19 |
> |
|
20 |
> |
A use-after-free error in the session multiplexing code in the sshd(8) |
21 |
> |
service may result in unintended termination of the connection. |
22 |
> |
|
23 |
> |
20150818: |
24 |
> |
expat security fix |
25 |
> |
|
26 |
> |
20150815: |
27 |
> |
libc changes: |
28 |
> |
setmode(3) now returns errno consistently on error. |
29 |
> |
libc will compile without error using clang |
30 |
> |
|
31 |
> |
20150814: |
32 |
> |
wait6 system call added. |
33 |
> |
|
34 |
> |
date(1) now handles non numeric numbers passed to -r |
35 |
> |
like GNU coreutils for improved compatibility. |
36 |
> |
|
37 |
> |
20150811: |
38 |
> |
ata(4) AMD Hudson2 SATA controller support. |
39 |
> |
Intel lynxpoint SATA. |
40 |
> |
|
41 |
> |
Fix some const warnings when building several device drivers |
42 |
> |
with llvm/clang. |
43 |
> |
|
44 |
> |
Sync cas(4) with FreeBSD 9-stable. |
45 |
> |
|
46 |
> |
Fix some minor issues with ath(4). |
47 |
> |
|
48 |
> |
20150809: |
49 |
> |
xz 5.0.8 |
50 |
> |
|
51 |
> |
20150808: |
52 |
> |
libmport now logs installation and removal of packages to syslog. |
53 |
> |
|
54 |
> |
20150805: |
55 |
> |
routed - fix a potential security issue where traffic from outside |
56 |
> |
the network can disrupt routing. |
57 |
> |
|
58 |
> |
bsd patch - fix a bug with ed(1) scripts allowing unsanitized input |
59 |
> |
to run. |
60 |
> |
|
61 |
> |
20150802: |
62 |
> |
jansson 2.7 library added. (libjansson is a JSON library in C) |
63 |
> |
|
64 |
> |
20150728: |
65 |
|
Heimdal 1.5.2 (kerberos implementation) |
66 |
|
|
67 |
|
OpenSSL 1.0.1o |
68 |
|
|
69 |
|
cpucontrol(8) now supports VIA CPUs. Synced with FreeBSD 9.2. |
70 |
|
|
71 |
< |
20160726: |
71 |
> |
TCP Resassemly resource exhaustion bug: |
72 |
> |
There is a mistake with the introduction of VNET, which converted the |
73 |
> |
global limit on the number of segments that could belong to reassembly |
74 |
> |
queues into a per-VNET limit. Because mbufs are allocated from a |
75 |
> |
global pool, in the presence of a sufficient number of VNETs, the |
76 |
> |
total number of mbufs attached to reassembly queues can grow to the |
77 |
> |
total number of mbufs in the system, at which point all network |
78 |
> |
traffic would cease. |
79 |
> |
Obtained from: FreeBSD 8 |
80 |
> |
|
81 |
> |
OpenSSH |
82 |
> |
|
83 |
> |
Fix two security vulnerabilities: |
84 |
> |
OpenSSH clients does not correctly verify DNS SSHFP records when a server |
85 |
> |
offers a certificate. [CVE-2014-2653] |
86 |
> |
|
87 |
> |
OpenSSH servers which are configured to allow password authentication |
88 |
> |
using PAM (default) would allow many password attempts. A bug allows |
89 |
> |
MaxAuthTries to be bypassed. [CVE-2015-5600] |
90 |
> |
|
91 |
> |
|
92 |
> |
Switch to bsdpatch (from FreeBSD & OpenBSD) |
93 |
> |
|
94 |
> |
20150726: |
95 |
|
BSD Sort updated |
96 |
|
|
97 |
|
sqlite 3.8.10.2 |
98 |
|
|
99 |
< |
20160725: |
99 |
> |
20150725: |
100 |
|
Import reallocarray from OpenBSD's libc. |
101 |
|
|
102 |
|
The reallocarray() function is similar to realloc() except it operates on |