1 |
|
Updating Information for MidnightBSD users. |
2 |
|
|
3 |
< |
20160818: |
4 |
< |
expat security fix |
3 |
> |
20150825: |
4 |
> |
kernel: |
5 |
> |
fix a security issue on amd64 where the GS segment CPU register can be changed via |
6 |
> |
userland value in kernel mode by using an IRET with #SS or #NP exceptions. |
7 |
|
|
8 |
< |
Multiple integer overflows have been discovered in the XML_GetBuffer() |
9 |
< |
function in the expat library. |
8 |
> |
openssh: |
9 |
> |
A programming error in the privileged monitor process of the sshd(8) |
10 |
> |
service may allow the username of an already-authenticated user to be |
11 |
> |
overwritten by the unprivileged child process. |
12 |
|
|
13 |
< |
20160815: |
13 |
> |
A use-after-free error in the privileged monitor process of he sshd(8) |
14 |
> |
service may be deterministically triggered by the actions of a |
15 |
> |
compromised unprivileged child process. |
16 |
> |
|
17 |
> |
A use-after-free error in the session multiplexing code in the sshd(8) |
18 |
> |
service may result in unintended termination of the connection. |
19 |
> |
|
20 |
> |
20150818: |
21 |
> |
expat security fix |
22 |
> |
|
23 |
> |
20150815: |
24 |
|
libc changes: |
25 |
|
setmode(3) now returns errno consistently on error. |
26 |
|
libc will compile without error using clang |
27 |
|
|
28 |
< |
20160814: |
28 |
> |
20150814: |
29 |
|
wait6 system call added. |
30 |
|
|
31 |
|
date(1) now handles non numeric numbers passed to -r |
32 |
|
like GNU coreutils for improved compatibility. |
33 |
|
|
34 |
< |
20160811: |
34 |
> |
20150811: |
35 |
|
ata(4) AMD Hudson2 SATA controller support. |
36 |
|
Intel lynxpoint SATA. |
37 |
|
|
42 |
|
|
43 |
|
Fix some minor issues with ath(4). |
44 |
|
|
45 |
< |
20160809: |
45 |
> |
20150809: |
46 |
|
xz 5.0.8 |
47 |
|
|
48 |
< |
20160808: |
48 |
> |
20150808: |
49 |
|
libmport now logs installation and removal of packages to syslog. |
50 |
|
|
51 |
< |
20160805: |
51 |
> |
20150805: |
52 |
|
routed - fix a potential security issue where traffic from outside |
53 |
|
the network can disrupt routing. |
54 |
|
|
55 |
|
bsd patch - fix a bug with ed(1) scripts allowing unsanitized input |
56 |
|
to run. |
57 |
|
|
58 |
< |
20160802: |
58 |
> |
20150802: |
59 |
|
jansson 2.7 library added. (libjansson is a JSON library in C) |
60 |
|
|
61 |
< |
20160728: |
61 |
> |
20150728: |
62 |
|
Heimdal 1.5.2 (kerberos implementation) |
63 |
|
|
64 |
|
OpenSSL 1.0.1o |
88 |
|
|
89 |
|
Switch to bsdpatch (from FreeBSD & OpenBSD) |
90 |
|
|
91 |
< |
20160726: |
91 |
> |
20150726: |
92 |
|
BSD Sort updated |
93 |
|
|
94 |
|
sqlite 3.8.10.2 |
95 |
|
|
96 |
< |
20160725: |
96 |
> |
20150725: |
97 |
|
Import reallocarray from OpenBSD's libc. |
98 |
|
|
99 |
|
The reallocarray() function is similar to realloc() except it operates on |