OpenBSD src changes summary for 2017-09-22 ==========================================
etc/examples/bgpd.conf gnu/usr.bin/perl sbin/dhclient sys/arch/armv7/imx sys/arch/octeon/dev sys/dev/ic sys/dev/pci usr.bin/tmux == etc =============================================================== 01/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc examples/bgpd.conf ~ examples/bgpd.conf > fix the example neighbor configurations > noticed by Alex Holst > OK henning@ (phessler@) == gnu =============================================================== 02/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/perl ~ regcomp.c > A buffer over-read and heap overflow in perl's regexp may result in > a crash or memory leak. > Fixes > * CVE-2017-12883 (Buffer over-read) > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp) > Patches by Karl Williamson (afresh1@) ~ regcomp.c TAGGED OPENBSD_6_1 > A buffer over-read and heap overflow in perl's regexp may result in > a crash or memory leak. > Fixes > * CVE-2017-12883 (Buffer over-read) > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp) > Patches by Karl Williamson (afresh1@) ~ regcomp.c TAGGED OPENBSD_6_0 > A buffer over-read and heap overflow in perl's regexp may result in > a crash or memory leak. > Fixes > * CVE-2017-12883 (Buffer over-read) > * CVE-2017-12837 (Heap overflow when compiling case-insensitive regexp) > Patches by Karl Williamson <khw cpan.org> > Backport, including additional required patches by Niko Tyni <ntyni > debian.org> (afresh1@) == sbin ============================================================== 03/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.8 ~ dhclient.c > Remove the '-u' command line option to > ignore offers containing unknown DHCP > options. Broken in 2013 and nobody > noticed. > ok mpi@ (krw@) == sys =============================================================== 04/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/armv7/imx ~ imxocotp.c ~ imxocotpvar.h > Remove unused code. (kettenis@) arch/octeon/dev ~ octmmc.c > Allocate a bounce buffer once during init and reuse it for DMA commands. > This makes the system a bit harder to corner when paging to SD/MMC. > In addition, limit the maximum DMA segment size to MAXPHYS. (visa@) ~ octmmc.c > Do not bounce if possible. (visa@) dev/ic ~ r92creg.h ~ rtwn.c > - Fix short preamble for rtl8188eu > - Use R92C_MSR rather than R92C_CR to set media status > - Replace magic numbers with something more readable > ok stsp@ (kevlo@) ~ acx100.c ~ atw.c ~ rtw.c > Use ieee80211_has_addr4() inline function where possible. > ok stsp@ (kevlo@) dev/pci ~ azalia.c > Move the powering down of all codecs into azalia_halt_corb() after the > check that the CORB is running. Fixes a regression introduced in -r1.236 > that resulted in printing 'azalia0: CORB is not running' on each suspend > resume cycle. Issue reported on icb by mlarkin; tested by Manuel Giraud, > ratchov and myself. > ok ratchov (tb@) == usr.bin =========================================================== 05/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin tmux ~ alerts.c > Initialize alerts timer event where it is used, avoids crash with new > windows. (nicm@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
