CVS commit: [netbsd-5-1] src/sys/ufs/lfs
Module Name:src
Committed By: snj
Date: Mon Nov 9 22:49:50 UTC 2015
Modified Files:
src/sys/ufs/lfs [netbsd-5-1]: lfs_segment.c
Log Message:
Fix ticket #1974 fallout.
To generate a diff of this commit:
cvs rdiff -u -r1.213.18.1 -r1.213.18.2 src/sys/ufs/lfs/lfs_segment.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/ufs/lfs/lfs_segment.c
diff -u src/sys/ufs/lfs/lfs_segment.c:1.213.18.1 src/sys/ufs/lfs/lfs_segment.c:1.213.18.2
--- src/sys/ufs/lfs/lfs_segment.c:1.213.18.1 Sat Nov 7 20:30:56 2015
+++ src/sys/ufs/lfs/lfs_segment.c Mon Nov 9 22:49:50 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: lfs_segment.c,v 1.213.18.1 2015/11/07 20:30:56 snj Exp $ */
+/* $NetBSD: lfs_segment.c,v 1.213.18.2 2015/11/09 22:49:50 snj Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2002, 2003 The NetBSD Foundation, Inc.
@@ -60,7 +60,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: lfs_segment.c,v 1.213.18.1 2015/11/07 20:30:56 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: lfs_segment.c,v 1.213.18.2 2015/11/09 22:49:50 snj Exp $");
#ifdef DEBUG
# define vndebug(vp, str) do { \
@@ -1700,7 +1700,7 @@ lfs_rewind(struct lfs *fs, int newsn)
panic("lfs_rewind: no clean segments");
if (newsn >= 0 && sn >= newsn)
return ENOENT;
- fs->lfs_nextseg = lfs_sntod(fs, sn);
+ fs->lfs_nextseg = sntod(fs, sn);
lfs_newseg(fs);
fs->lfs_offset = fs->lfs_curseg;
CVS commit: [netbsd-5-1] src/sys/dev/mii
Module Name:src
Committed By: snj
Date: Sat Nov 7 20:36:42 UTC 2015
Modified Files:
src/sys/dev/mii [netbsd-5-1]: atphy.c
Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #1978):
sys/dev/mii/atphy.c: revision 1.17
Fix incorrect argument of mii_anar(). Fixes PR#50206.
To generate a diff of this commit:
cvs rdiff -u -r1.5.2.2 -r1.5.2.2.2.1 src/sys/dev/mii/atphy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/mii/atphy.c
diff -u src/sys/dev/mii/atphy.c:1.5.2.2 src/sys/dev/mii/atphy.c:1.5.2.2.2.1
--- src/sys/dev/mii/atphy.c:1.5.2.2 Sun May 3 23:45:47 2009
+++ src/sys/dev/mii/atphy.c Sat Nov 7 20:36:42 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: atphy.c,v 1.5.2.2 2009/05/03 23:45:47 snj Exp $ */
+/* $NetBSD: atphy.c,v 1.5.2.2.2.1 2015/11/07 20:36:42 snj Exp $ */
/* $OpenBSD: atphy.c,v 1.1 2008/09/25 20:47:16 brad Exp $ */
/*-
@@ -33,7 +33,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: atphy.c,v 1.5.2.2 2009/05/03 23:45:47 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: atphy.c,v 1.5.2.2.2.1 2015/11/07 20:36:42 snj Exp $");
#include
#include
@@ -202,7 +202,7 @@ atphy_service(struct mii_softc *sc, stru
return EINVAL;
}
- anar = mii_anar(ife->ifm_media);
+ anar = mii_anar(IFM_SUBTYPE(ife->ifm_media));
if (((ife->ifm_media & IFM_GMASK) & IFM_FDX) != 0) {
bmcr |= BMCR_FDX;
/* Enable pause. */
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Sat Nov 7 20:55:34 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: tickets 1974, 1978-1981 To generate a diff of this commit: cvs rdiff -u -r1.1.2.34 -r1.1.2.35 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.34 src/doc/CHANGES-5.1.6:1.1.2.35 --- src/doc/CHANGES-5.1.6:1.1.2.34 Fri Aug 14 06:00:50 2015 +++ src/doc/CHANGES-5.1.6 Sat Nov 7 20:55:34 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.34 2015/08/14 06:00:50 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.35 2015/11/07 20:55:34 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2696,3 +2696,76 @@ crypto/dist/openssl/util/mkerr.pl patch POODLE fix in October last year that caused the SSL server side to fail to handshake. [spz, ticket#1976] + +sys/ufs/lfs/lfs_segment.c 1.247 via patch + + Fix catastrophic bug in lfs_rewind() that changed segment + numbers (lfs_curseg/lfs_nextseg in the superblock) using the + wrong units. These fields are for whatever reason the start + addresses of segments (measured in frags) rather than the + segment numbers 0..n. Only affects dumping from a mounted + file system. + [dholland, ticket #1974] + +sys/dev/mii/atphy.c1.17 + + Fix incorrect argument of mii_anar(). Fixes PR#50206. + [msaitoh, ticket #1978] + +sys/kern/kern_exec.c1.419, 1.420 +sys/kern/kern_exit.c1.246, 1.247 +sys/kern/kern_synch.c1.309 + + In execve_runproc(), update the p_waited entry for the process + being moved to SSTOP state, not for its parent. If the value is + not already zero, it could prevent its parent from waiting for + the process. Fixes PR kern/50298 + -- + When clearing out the scheduler queues during system shutdown, + we move all processes to the SSTOP state. Make sure we update + each process's p_waited and the parents' p_nstopchild counters + to maintain consistent values. Fixes PR kern/50318 + -- + Currently, if a process is exiting and its parent has indicated + no intent of reaping the process (nor any other children), the + process will get reparented to init. Since the state of the + exiting process at this point is SDEAD, proc_reparent() will not + update either the old or new parent's p_nstopchild counters. + This change causes both old and new parents to be properly + updated. Fixes PR kern/50300 + -- + For processes marked with PS_STOPEXIT, update the process's + p_waited value, and update its parent's p_nstopchild value when + marking the process's p_stat to SSTOP. The process needed to be + SACTIVE to get here, so this transition represents an additional + process for which the parent needs to wait. Fixes PR kern/50308 + -- + In spawn_return() we temporarily move the process state to SSTOP, + but without updating its p_waited value or its parent's + p_nstopchild counter. Later, we restore the original state, + again without any adjustment of the related values. This leaves + a relatively short window when the values are inconsistent and + could interfere with the proper operation of sys_wait() for the + parent. If during this window, any of the checks being made + result in an error, we call exit1() which will eventually migrate + the process's state to SDEAD (with an intermediate transition to + SDYING). At this point the other variables get updated, and we + finally restore a consistent state. + This change updates the p_waited and parent's p_nstopchild at each + step to eliminate any windows during which the values could lead + to incorrect decisions. Fixes PR kern/50330 + [pgoyette, ticket #1979] + +sys/kern/kern_sig.c1.321 + + When delivering a signal, it's possible that the process's state + in p_stat is SACTIVE yet p_sflag is PS_STOPPING (while waiting + for other lwp's to stop). In that case, we don't want to adjust + the parent's p_nstopchild count. + [pgoyette, ticket #1980] + +sys/kern/kern_exit.c1.248 + + Update value of p_stat before we release the proc_lock. + [pgoyette, ticket #1981] +
CVS commit: [netbsd-5-1] src/sys/ufs/lfs
Module Name:src
Committed By: snj
Date: Sat Nov 7 20:30:56 UTC 2015
Modified Files:
src/sys/ufs/lfs [netbsd-5-1]: lfs_segment.c
Log Message:
Pull up following revision(s) (requested by dholland in ticket #1974):
sys/ufs/lfs/lfs_segment.c: revision 1.247 via patch
Fix catastrophic bug in lfs_rewind() that changed segment numbers
(lfs_curseg/lfs_nextseg in the superblock) using the wrong units.
These fields are for whatever reason the start addresses of segments
(measured in frags) rather than the segment numbers 0..n.
This only apparently affects dumping from a mounted fs; however, it
trashes the fs.
I would really, really like to have a static analysis tool that can
keep track of the units things are measured in, since fs code is full
of conversion macros and the macros are named inscrutable things like
"sntod" whose letters don't necessarily even correspond to the units
they convert. It is surprising that more of these are not wrong.
To generate a diff of this commit:
cvs rdiff -u -r1.213 -r1.213.18.1 src/sys/ufs/lfs/lfs_segment.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/ufs/lfs/lfs_segment.c
diff -u src/sys/ufs/lfs/lfs_segment.c:1.213 src/sys/ufs/lfs/lfs_segment.c:1.213.18.1
--- src/sys/ufs/lfs/lfs_segment.c:1.213 Mon Jun 2 16:25:34 2008
+++ src/sys/ufs/lfs/lfs_segment.c Sat Nov 7 20:30:56 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: lfs_segment.c,v 1.213 2008/06/02 16:25:34 ad Exp $ */
+/* $NetBSD: lfs_segment.c,v 1.213.18.1 2015/11/07 20:30:56 snj Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001, 2002, 2003 The NetBSD Foundation, Inc.
@@ -60,7 +60,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: lfs_segment.c,v 1.213 2008/06/02 16:25:34 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: lfs_segment.c,v 1.213.18.1 2015/11/07 20:30:56 snj Exp $");
#ifdef DEBUG
# define vndebug(vp, str) do { \
@@ -1669,7 +1669,7 @@ lfs_updatemeta(struct segment *sp)
}
/*
- * Move lfs_offset to a segment earlier than sn.
+ * Move lfs_offset to a segment earlier than newsn.
*/
int
lfs_rewind(struct lfs *fs, int newsn)
@@ -1700,7 +1700,7 @@ lfs_rewind(struct lfs *fs, int newsn)
panic("lfs_rewind: no clean segments");
if (newsn >= 0 && sn >= newsn)
return ENOENT;
- fs->lfs_nextseg = sn;
+ fs->lfs_nextseg = lfs_sntod(fs, sn);
lfs_newseg(fs);
fs->lfs_offset = fs->lfs_curseg;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src
Committed By: snj
Date: Sat Nov 7 20:42:59 UTC 2015
Modified Files:
src/sys/kern [netbsd-5-1]: kern_exec.c kern_exit.c kern_synch.c
Log Message:
Pull up following revision(s) (requested by pgoyette in ticket #1979):
sys/kern/kern_synch.c: revision 1.309
sys/kern/kern_exit.c: revisions 1.246, 1.247
sys/kern/kern_exec.c: revision 1.419
In execve_runproc(), update the p_waited entry for the process being
moved to SSTOP state, not for its parent. (It is correct to update
the parent's p_nstopchild count.) If the value is not already zero,
it could prevent its parent from waiting for the process.
Fixes PR kern/50298
--
When clearing out the scheduler queues during system shutdown, we move
all processes to the SSTOP state. Make sure we update each process's
p_waited and the parents' p_nstopchild counters to maintain consistent
values. Should not make any real difference this late in the shutdown
process, but we should still be consistent just in case.
Fixes PR kern/50318
--
Currently, if a process is exiting and its parent has indicated no intent
of reaping the process (nor any other children), the process wil get
reparented to init. Since the state of the exiting process at this point
is SDEAD, proc_reparent() will not update either the old or new parent's
p_nstopchild counters.
This change causes both old and new parents to be properly updated.
Fixes PR kern/50300
--
For processes marked with PS_STOPEXIT, update the process's p_waited
value, and update its parent's p_nstopchild value when marking the
process's p_stat to SSTOP. The process needed to be SACTIVE to get
here, so this transition represents an additional process for which
the parent needs to wait.
Fixes PR kern/50308
To generate a diff of this commit:
cvs rdiff -u -r1.280.4.3 -r1.280.4.3.6.1 src/sys/kern/kern_exec.c
cvs rdiff -u -r1.214.4.2 -r1.214.4.2.2.1 src/sys/kern/kern_exit.c
cvs rdiff -u -r1.254.2.6 -r1.254.2.6.6.1 src/sys/kern/kern_synch.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_exec.c
diff -u src/sys/kern/kern_exec.c:1.280.4.3 src/sys/kern/kern_exec.c:1.280.4.3.6.1
--- src/sys/kern/kern_exec.c:1.280.4.3 Wed Apr 1 21:03:04 2009
+++ src/sys/kern/kern_exec.c Sat Nov 7 20:42:59 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_exec.c,v 1.280.4.3 2009/04/01 21:03:04 snj Exp $ */
+/* $NetBSD: kern_exec.c,v 1.280.4.3.6.1 2015/11/07 20:42:59 snj Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -59,7 +59,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.280.4.3 2009/04/01 21:03:04 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.280.4.3.6.1 2015/11/07 20:42:59 snj Exp $");
#include "opt_ktrace.h"
#include "opt_syscall_debug.h"
@@ -1104,7 +1104,7 @@ execve1(struct lwp *l, const char *path,
if (p->p_sflag & PS_STOPEXEC) {
KERNEL_UNLOCK_ALL(l, >l_biglocks);
p->p_pptr->p_nstopchild++;
- p->p_pptr->p_waited = 0;
+ p->p_waited = 0;
mutex_enter(p->p_lock);
ksiginfo_queue_init();
sigclearall(p, , );
Index: src/sys/kern/kern_exit.c
diff -u src/sys/kern/kern_exit.c:1.214.4.2 src/sys/kern/kern_exit.c:1.214.4.2.2.1
--- src/sys/kern/kern_exit.c:1.214.4.2 Wed Jul 1 22:30:30 2009
+++ src/sys/kern/kern_exit.c Sat Nov 7 20:42:59 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_exit.c,v 1.214.4.2 2009/07/01 22:30:30 snj Exp $ */
+/* $NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $ */
/*-
* Copyright (c) 1998, 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -67,7 +67,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2 2009/07/01 22:30:30 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $");
#include "opt_ktrace.h"
#include "opt_perfctrs.h"
@@ -234,8 +234,15 @@ exit1(struct lwp *l, int rv)
if (__predict_false(p->p_sflag & PS_STOPEXIT)) {
KERNEL_UNLOCK_ALL(l, >l_biglocks);
sigclearall(p, , );
+
+ if (!mutex_tryenter(proc_lock)) {
+ mutex_exit(p->p_lock);
+ mutex_enter(proc_lock);
+ mutex_enter(p->p_lock);
+ }
p->p_waited = 0;
- membar_producer();
+ p->p_pptr->p_nstopchild++;
+ mutex_exit(proc_lock);
p->p_stat = SSTOP;
lwp_lock(l);
p->p_nrlwps--;
@@ -1011,7 +1018,7 @@ proc_reparent(struct proc *child, struct
if (child->p_pptr == parent)
return;
- if (child->p_stat == SZOMB ||
+ if (child->p_stat == SZOMB || child->p_stat == SDEAD ||
(child->p_stat == SSTOP && !child->p_waited)) {
child->p_pptr->p_nstopchild--;
parent->p_nstopchild++;
Index: src/sys/kern/kern_synch.c
diff -u src/sys/kern/kern_synch.c:1.254.2.6 src/sys/kern/kern_synch.c:1.254.2.6.6.1
--- src/sys/kern/kern_synch.c:1.254.2.6 Thu Apr 23 17:47:13 2009
+++ src/sys/kern/kern_synch.c Sat Nov 7 20:42:59 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_synch.c,v 1.254.2.6 2009/04/23 17:47:13 snj Exp $ */
+/* $NetBSD:
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src Committed By: snj Date: Sat Nov 7 20:49:19 UTC 2015 Modified Files: src/sys/kern [netbsd-5-1]: kern_exit.c Log Message: Pull up following revision(s) (requested by pgoyette in ticket #1981): sys/kern/kern_exit.c: revision 1.248 Update value of p_stat before we release the proc_lock. Thanks to Robert Elz. To generate a diff of this commit: cvs rdiff -u -r1.214.4.2.2.1 -r1.214.4.2.2.2 src/sys/kern/kern_exit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_exit.c diff -u src/sys/kern/kern_exit.c:1.214.4.2.2.1 src/sys/kern/kern_exit.c:1.214.4.2.2.2 --- src/sys/kern/kern_exit.c:1.214.4.2.2.1 Sat Nov 7 20:42:59 2015 +++ src/sys/kern/kern_exit.c Sat Nov 7 20:49:19 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $ */ +/* $NetBSD: kern_exit.c,v 1.214.4.2.2.2 2015/11/07 20:49:19 snj Exp $ */ /*- * Copyright (c) 1998, 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc. @@ -67,7 +67,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.1 2015/11/07 20:42:59 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_exit.c,v 1.214.4.2.2.2 2015/11/07 20:49:19 snj Exp $"); #include "opt_ktrace.h" #include "opt_perfctrs.h" @@ -242,8 +242,8 @@ exit1(struct lwp *l, int rv) } p->p_waited = 0; p->p_pptr->p_nstopchild++; - mutex_exit(proc_lock); p->p_stat = SSTOP; + mutex_exit(proc_lock); lwp_lock(l); p->p_nrlwps--; l->l_stat = LSSTOP;
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src
Committed By: snj
Date: Sat Nov 7 20:46:38 UTC 2015
Modified Files:
src/sys/kern [netbsd-5-1]: kern_sig.c
Log Message:
Pull up following revision(s) (requested by pgoyette in ticket #1980):
sys/kern/kern_sig.c: revision 1.321
When delivering a signal, it's possible that the process's state in
p_stat is SACTIVE yet p_sflag is PS_STOPPING (while waiting for other
lwp's to stop). In that case, we don't want to adjust the parent's
p_nstopchild count.
Found by Robert Elz.
To generate a diff of this commit:
cvs rdiff -u -r1.289.4.6.2.1 -r1.289.4.6.2.2 src/sys/kern/kern_sig.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_sig.c
diff -u src/sys/kern/kern_sig.c:1.289.4.6.2.1 src/sys/kern/kern_sig.c:1.289.4.6.2.2
--- src/sys/kern/kern_sig.c:1.289.4.6.2.1 Sat Mar 17 19:15:12 2012
+++ src/sys/kern/kern_sig.c Sat Nov 7 20:46:37 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $ */
+/* $NetBSD: kern_sig.c,v 1.289.4.6.2.2 2015/11/07 20:46:37 snj Exp $ */
/*-
* Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.289.4.6.2.1 2012/03/17 19:15:12 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.289.4.6.2.2 2015/11/07 20:46:37 snj Exp $");
#include "opt_ptrace.h"
#include "opt_compat_sunos.h"
@@ -1391,14 +1391,13 @@ kpsignal2(struct proc *p, ksiginfo_t *ks
}
if ((prop & SA_CONT) != 0 || signo == SIGKILL) {
/*
- * Re-adjust p_nstopchild if the process wasn't
- * collected by its parent.
+ * Re-adjust p_nstopchild if the process was
+ * stopped but not yet collected by its parent.
*/
+ if (p->p_stat == SSTOP && !p->p_waited)
+p->p_pptr->p_nstopchild--;
p->p_stat = SACTIVE;
p->p_sflag &= ~PS_STOPPING;
- if (!p->p_waited) {
-p->p_pptr->p_nstopchild--;
- }
if (p->p_slflag & PSL_TRACED) {
KASSERT(signo == SIGKILL);
goto deliver;
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: riz Date: Tue Sep 15 00:03:24 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.3 Log Message: Fix file list for ticket 1865; add a missing "/" To generate a diff of this commit: cvs rdiff -u -r1.1.2.53 -r1.1.2.54 src/doc/CHANGES-5.1.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.3 diff -u src/doc/CHANGES-5.1.3:1.1.2.53 src/doc/CHANGES-5.1.3:1.1.2.54 --- src/doc/CHANGES-5.1.3:1.1.2.53 Sun Sep 22 22:12:05 2013 +++ src/doc/CHANGES-5.1.3 Tue Sep 15 00:03:24 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.3,v 1.1.2.53 2013/09/22 22:12:05 riz Exp $ +# $NetBSD: CHANGES-5.1.3,v 1.1.2.54 2015/09/15 00:03:24 riz Exp $ A complete list of changes from the NetBSD 5.1.2 release to the NetBSD 5.1.3 release: @@ -2393,54 +2393,54 @@ distrib/utils/sysinst/menus.mi 1.35, 1. public servers. [msaitoh, ticket #1846] -xsrc/external/mitMesaLib/dist/src/glx/x11/XF86dri.c patch -xsrc/external/mitlibFS/dist/src/FSOpenServ.c patch -xsrc/external/mitlibX11/dist/modules/im/ximcp/imLcPrs.c patch -xsrc/external/mitlibX11/dist/modules/im/ximcp/imTrX.c patch -xsrc/external/mitlibX11/dist/src/AllCells.c patch -xsrc/external/mitlibX11/dist/src/Font.c patch -xsrc/external/mitlibX11/dist/src/FontInfo.c patch -xsrc/external/mitlibX11/dist/src/FontNames.c patch -xsrc/external/mitlibX11/dist/src/GetFPath.c patch -xsrc/external/mitlibX11/dist/src/GetImage.c patch -xsrc/external/mitlibX11/dist/src/GetMoEv.c patch -xsrc/external/mitlibX11/dist/src/GetPntMap.c patch -xsrc/external/mitlibX11/dist/src/GetProp.c patch -xsrc/external/mitlibX11/dist/src/LiHosts.c patch -xsrc/external/mitlibX11/dist/src/ListExt.c patch -xsrc/external/mitlibX11/dist/src/ModMap.c patch -xsrc/external/mitlibX11/dist/src/Xrm.c patch -xsrc/external/mitlibX11/dist/src/xcms/cmsColNm.c patch -xsrc/external/mitlibX11/dist/src/xkb/XKBExtDev.c patch -xsrc/external/mitlibX11/dist/src/xkb/XKBGeom.c patch -xsrc/external/mitlibX11/dist/src/xkb/XKBGetMap.c patch -xsrc/external/mitlibX11/dist/src/xkb/XKBNames.c patch -xsrc/external/mitlibXcursor/dist/src/file.c patch -xsrc/external/mitlibXext/dist/src/XEVI.c patch -xsrc/external/mitlibXext/dist/src/XShape.c patch -xsrc/external/mitlibXext/dist/src/XSync.c patch -xsrc/external/mitlibXext/dist/src/Xcup.c patch -xsrc/external/mitlibXext/dist/src/Xdbe.c patch -xsrc/external/mitlibXfixes/dist/src/Cursor.c patch -xsrc/external/mitlibXi/dist/src/XGMotion.c patch -xsrc/external/mitlibXi/dist/src/XGetBMap.c patch -xsrc/external/mitlibXi/dist/src/XGetDCtl.c patch -xsrc/external/mitlibXi/dist/src/XGetDProp.c patch -xsrc/external/mitlibXi/dist/src/XGetFCtl.c patch -xsrc/external/mitlibXi/dist/src/XGetProp.c patch -xsrc/external/mitlibXi/dist/src/XListDev.c patch -xsrc/external/mitlibXi/dist/src/XQueryDv.c patch -xsrc/external/mitlibXinerama/dist/src/Xinerama.c patch -xsrc/external/mitlibXrandr/dist/src/XrrProperty.c patch -xsrc/external/mitlibXrender/dist/src/Filter.c patch -xsrc/external/mitlibXrender/dist/src/Xrender.c patch -xsrc/external/mitlibXres/dist/src/XRes.c patch -xsrc/external/mitlibXt/dist/src/ResConfig.c patch -xsrc/external/mitlibXt/dist/src/Selection.c patch -xsrc/external/mitlibXv/dist/src/Xv.c patch -xsrc/external/mitlibXvMC/dist/src/XvMC.c patch -xsrc/external/mitlibXxf86dga/dist/src/XF86DGA2.c patch -xsrc/external/mitlibXxf86vm/dist/src/XF86VMode.c patch +xsrc/external/mit/MesaLib/dist/src/glx/x11/XF86dri.c patch +xsrc/external/mit/libFS/dist/src/FSOpenServ.c patch +xsrc/external/mit/libX11/dist/modules/im/ximcp/imLcPrs.c patch +xsrc/external/mit/libX11/dist/modules/im/ximcp/imTrX.c patch +xsrc/external/mit/libX11/dist/src/AllCells.c patch +xsrc/external/mit/libX11/dist/src/Font.c patch +xsrc/external/mit/libX11/dist/src/FontInfo.c patch +xsrc/external/mit/libX11/dist/src/FontNames.c patch +xsrc/external/mit/libX11/dist/src/GetFPath.c patch +xsrc/external/mit/libX11/dist/src/GetImage.c patch +xsrc/external/mit/libX11/dist/src/GetMoEv.c patch +xsrc/external/mit/libX11/dist/src/GetPntMap.c patch +xsrc/external/mit/libX11/dist/src/GetProp.c patch +xsrc/external/mit/libX11/dist/src/LiHosts.c patch +xsrc/external/mit/libX11/dist/src/ListExt.c patch +xsrc/external/mit/libX11/dist/src/ModMap.c patch +xsrc/external/mit/libX11/dist/src/Xrm.c patch +xsrc/external/mit/libX11/dist/src/xcms/cmsColNm.c patch +xsrc/external/mit/libX11/dist/src/xkb/XKBExtDev.c patch +xsrc/external/mit/libX11/dist/src/xkb/XKBGeom.c patch +xsrc/external/mit/libX11/dist/src/xkb/XKBGetMap.c patch +xsrc/external/mit/libX11/dist/src/xkb/XKBNames.c patch +xsrc/external/mit/libXcursor/dist/src/file.c patch +xsrc/external/mit/libXext/dist/src/XEVI.c patch +xsrc/external/mit/libXext/dist/src/XShape.c patch +xsrc/external/mit/libXext/dist/src/XSync.c patch +xsrc/external/mit/libXext/dist/src/Xcup.c patch
CVS commit: [netbsd-5-1] src/crypto/dist/openssl
Module Name:src Committed By: msaitoh Date: Fri Aug 14 05:59:39 UTC 2015 Modified Files: src/crypto/dist/openssl [netbsd-5-1]: e_os2.h src/crypto/dist/openssl/crypto/asn1 [netbsd-5-1]: a_int.c tasn_new.c src/crypto/dist/openssl/crypto/bn [netbsd-5-1]: bn.h bn_err.c bn_print.c bn_rand.c bn_shift.c src/crypto/dist/openssl/crypto/cms [netbsd-5-1]: cms_smime.c src/crypto/dist/openssl/crypto/ec [netbsd-5-1]: ec2_smpl.c ec_check.c ec_key.c ec_lib.c ecp_smpl.c ectest.c src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-1]: ecdsatest.c ecs_ossl.c src/crypto/dist/openssl/crypto/objects [netbsd-5-1]: obj_dat.c src/crypto/dist/openssl/crypto/ocsp [netbsd-5-1]: ocsp_vfy.c src/crypto/dist/openssl/crypto/pem [netbsd-5-1]: pem_pk8.c src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-1]: pk7_doit.c src/crypto/dist/openssl/crypto/x509 [netbsd-5-1]: x509_lu.c x509_vfy.c src/crypto/dist/openssl/doc/crypto [netbsd-5-1]: BN_rand.pod BN_set_bit.pod pem.pod src/crypto/dist/openssl/ssl [netbsd-5-1]: d1_lib.c s3_clnt.c s3_srvr.c ssl.h ssl_err.c ssl_lib.c ssl_locl.h ssl_sess.c src/crypto/dist/openssl/util [netbsd-5-1]: mkerr.pl Log Message: Pull up following revision(s) (requested by spz in ticket #1976): crypto/dist/openssl/e_os2.h patch crypto/dist/openssl/crypto/asn1/a_int.c patch crypto/dist/openssl/crypto/asn1/tasn_new.c patch crypto/dist/openssl/crypto/bn/bn.h patch crypto/dist/openssl/crypto/bn/bn_err.c patch crypto/dist/openssl/crypto/bn/bn_print.cpatch crypto/dist/openssl/crypto/bn/bn_rand.c patch crypto/dist/openssl/crypto/bn/bn_shift.cpatch crypto/dist/openssl/crypto/cms/cms_smime.c patch crypto/dist/openssl/crypto/ec/ec2_smpl.cpatch crypto/dist/openssl/crypto/ec/ec_check.cpatch crypto/dist/openssl/crypto/ec/ec_key.c patch crypto/dist/openssl/crypto/ec/ec_lib.c patch crypto/dist/openssl/crypto/ec/ecp_smpl.cpatch crypto/dist/openssl/crypto/ec/ectest.c patch crypto/dist/openssl/crypto/ecdsa/ecdsatest.cpatch crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c patch crypto/dist/openssl/crypto/objects/obj_dat.cpatch crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c patch crypto/dist/openssl/crypto/pem/pem_pk8.cpatch crypto/dist/openssl/crypto/pkcs7/pk7_doit.c patch crypto/dist/openssl/crypto/x509/x509_lu.c patch crypto/dist/openssl/crypto/x509/x509_vfy.c patch crypto/dist/openssl/doc/crypto/BN_rand.pod patch crypto/dist/openssl/doc/crypto/BN_set_bit.pod patch crypto/dist/openssl/doc/crypto/pem.pod patch crypto/dist/openssl/ssl/d1_lib.cpatch crypto/dist/openssl/ssl/s3_clnt.c patch crypto/dist/openssl/ssl/s3_srvr.c patch crypto/dist/openssl/ssl/ssl.h patch crypto/dist/openssl/ssl/ssl_err.c patch crypto/dist/openssl/ssl/ssl_lib.c patch crypto/dist/openssl/ssl/ssl_locl.h patch crypto/dist/openssl/ssl/ssl_sess.c patch crypto/dist/openssl/util/mkerr.pl patch This change covers the vulnerabilities relevant to netbsd-5 from the June OpenSSL advisory, and also fixes a regression introduced with the POODLE fix in October last year that caused the SSL server side to fail to handshake. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.12.1 src/crypto/dist/openssl/e_os2.h cvs rdiff -u -r1.1.1.8 -r1.1.1.8.12.1 \ src/crypto/dist/openssl/crypto/asn1/a_int.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.12.1 \ src/crypto/dist/openssl/crypto/asn1/tasn_new.c cvs rdiff -u -r1.12.12.1 -r1.12.12.2 src/crypto/dist/openssl/crypto/bn/bn.h cvs rdiff -u -r1.1.1.7 -r1.1.1.7.12.1 \ src/crypto/dist/openssl/crypto/bn/bn_err.c cvs rdiff -u -r1.9 -r1.9.12.1 src/crypto/dist/openssl/crypto/bn/bn_print.c cvs rdiff -u -r1.1.1.6 -r1.1.1.6.34.1 \ src/crypto/dist/openssl/crypto/bn/bn_rand.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.34.1 \ src/crypto/dist/openssl/crypto/bn/bn_shift.c cvs rdiff -u -r1.1.1.1.8.1 -r1.1.1.1.8.1.6.1 \ src/crypto/dist/openssl/crypto/cms/cms_smime.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.12.1 \ src/crypto/dist/openssl/crypto/ec/ec2_smpl.c \ src/crypto/dist/openssl/crypto/ec/ectest.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.34.1 \ src/crypto/dist/openssl/crypto/ec/ec_check.c cvs rdiff -u -r1.1.1.1.34.1 -r1.1.1.1.34.2 \ src/crypto/dist/openssl/crypto/ec/ec_key.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.12.1 \ src/crypto/dist/openssl/crypto/ec/ec_lib.c cvs rdiff -u -r1.1.1.4.34.1 -r1.1.1.4.34.2 \ src/crypto/dist/openssl/crypto/ec/ecp_smpl.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.12.1 \ src/crypto/dist/openssl/crypto/ecdsa/ecdsatest.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.12.1 \
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Aug 14 06:00:50 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1976. To generate a diff of this commit: cvs rdiff -u -r1.1.2.33 -r1.1.2.34 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.33 src/doc/CHANGES-5.1.6:1.1.2.34 --- src/doc/CHANGES-5.1.6:1.1.2.33 Fri Jul 24 07:47:34 2015 +++ src/doc/CHANGES-5.1.6 Fri Aug 14 06:00:50 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.33 2015/07/24 07:47:34 martin Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.34 2015/08/14 06:00:50 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2655,3 +2655,44 @@ sys/netinet/tcp_output.c 1.184 Make sure that snd_win doesn't go negative. [matt, ticket #1973] +crypto/dist/openssl/e_os2.h patch +crypto/dist/openssl/crypto/asn1/a_int.c patch +crypto/dist/openssl/crypto/asn1/tasn_new.c patch +crypto/dist/openssl/crypto/bn/bn.h patch +crypto/dist/openssl/crypto/bn/bn_err.c patch +crypto/dist/openssl/crypto/bn/bn_print.c patch +crypto/dist/openssl/crypto/bn/bn_rand.c patch +crypto/dist/openssl/crypto/bn/bn_shift.c patch +crypto/dist/openssl/crypto/cms/cms_smime.c patch +crypto/dist/openssl/crypto/ec/ec2_smpl.c patch +crypto/dist/openssl/crypto/ec/ec_check.c patch +crypto/dist/openssl/crypto/ec/ec_key.c patch +crypto/dist/openssl/crypto/ec/ec_lib.c patch +crypto/dist/openssl/crypto/ec/ecp_smpl.c patch +crypto/dist/openssl/crypto/ec/ectest.c patch +crypto/dist/openssl/crypto/ecdsa/ecdsatest.c patch +crypto/dist/openssl/crypto/ecdsa/ecs_ossl.c patch +crypto/dist/openssl/crypto/objects/obj_dat.c patch +crypto/dist/openssl/crypto/ocsp/ocsp_vfy.c patch +crypto/dist/openssl/crypto/pem/pem_pk8.c patch +crypto/dist/openssl/crypto/pkcs7/pk7_doit.c patch +crypto/dist/openssl/crypto/x509/x509_lu.c patch +crypto/dist/openssl/crypto/x509/x509_vfy.c patch +crypto/dist/openssl/doc/crypto/BN_rand.pod patch +crypto/dist/openssl/doc/crypto/BN_set_bit.pod patch +crypto/dist/openssl/doc/crypto/pem.pod patch +crypto/dist/openssl/ssl/d1_lib.c patch +crypto/dist/openssl/ssl/s3_clnt.c patch +crypto/dist/openssl/ssl/s3_srvr.c patch +crypto/dist/openssl/ssl/ssl.h patch +crypto/dist/openssl/ssl/ssl_err.c patch +crypto/dist/openssl/ssl/ssl_lib.c patch +crypto/dist/openssl/ssl/ssl_locl.h patch +crypto/dist/openssl/ssl/ssl_sess.c patch +crypto/dist/openssl/util/mkerr.pl patch + + This change covers the vulnerabilities relevant to netbsd-5 from the + June OpenSSL advisory, and also fixes a regression introduced with the + POODLE fix in October last year that caused the SSL server side to + fail to handshake. + [spz, ticket#1976]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: martin Date: Fri Jul 24 07:47:34 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1973 To generate a diff of this commit: cvs rdiff -u -r1.1.2.32 -r1.1.2.33 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.32 src/doc/CHANGES-5.1.6:1.1.2.33 --- src/doc/CHANGES-5.1.6:1.1.2.32 Wed Jul 1 07:19:29 2015 +++ src/doc/CHANGES-5.1.6 Fri Jul 24 07:47:34 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.32 2015/07/01 07:19:29 bouyer Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.33 2015/07/24 07:47:34 martin Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2647,3 +2647,11 @@ usr.bin/calendar/calendar.c 1.51 are serious if they happen. [dholland, ticket #1971] +sys/netinet/tcp_input.c1.343 +sys/netinet/tcp_output.c 1.184 + + If we are sending a window probe and there's unacked data in the + socket, make sure at least the persist timer is running. + Make sure that snd_win doesn't go negative. + [matt, ticket #1973] +
CVS commit: [netbsd-5-1] src/sys/netinet
Module Name:src
Committed By: martin
Date: Fri Jul 24 07:47:03 UTC 2015
Modified Files:
src/sys/netinet [netbsd-5-1]: tcp_input.c tcp_output.c
Log Message:
Pull up following revision(s) (requested by matt in ticket #1973):
sys/netinet/tcp_output.c: revision 1.184
sys/netinet/tcp_input.c: revision 1.343
If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.
To generate a diff of this commit:
cvs rdiff -u -r1.291.4.5 -r1.291.4.5.2.1 src/sys/netinet/tcp_input.c
cvs rdiff -u -r1.167.20.1 -r1.167.20.2 src/sys/netinet/tcp_output.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/tcp_input.c
diff -u src/sys/netinet/tcp_input.c:1.291.4.5 src/sys/netinet/tcp_input.c:1.291.4.5.2.1
--- src/sys/netinet/tcp_input.c:1.291.4.5 Fri Jun 11 23:36:07 2010
+++ src/sys/netinet/tcp_input.c Fri Jul 24 07:47:02 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_input.c,v 1.291.4.5 2010/06/11 23:36:07 riz Exp $ */
+/* $NetBSD: tcp_input.c,v 1.291.4.5.2.1 2015/07/24 07:47:02 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -145,7 +145,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: tcp_input.c,v 1.291.4.5 2010/06/11 23:36:07 riz Exp $);
+__KERNEL_RCSID(0, $NetBSD: tcp_input.c,v 1.291.4.5.2.1 2015/07/24 07:47:02 martin Exp $);
#include opt_inet.h
#include opt_ipsec.h
@@ -2438,7 +2438,10 @@ after_listen:
tp-t_lastm = NULL;
sbdrop(so-so_snd, acked);
tp-t_lastoff -= acked;
- tp-snd_wnd -= acked;
+ if (tp-snd_wnd acked)
+tp-snd_wnd -= acked;
+ else
+tp-snd_wnd = 0;
ourfinisacked = 0;
}
sowwakeup(so);
Index: src/sys/netinet/tcp_output.c
diff -u src/sys/netinet/tcp_output.c:1.167.20.1 src/sys/netinet/tcp_output.c:1.167.20.2
--- src/sys/netinet/tcp_output.c:1.167.20.1 Tue Mar 29 20:13:03 2011
+++ src/sys/netinet/tcp_output.c Fri Jul 24 07:47:02 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_output.c,v 1.167.20.1 2011/03/29 20:13:03 riz Exp $ */
+/* $NetBSD: tcp_output.c,v 1.167.20.2 2015/07/24 07:47:02 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -135,7 +135,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: tcp_output.c,v 1.167.20.1 2011/03/29 20:13:03 riz Exp $);
+__KERNEL_RCSID(0, $NetBSD: tcp_output.c,v 1.167.20.2 2015/07/24 07:47:02 martin Exp $);
#include opt_inet.h
#include opt_ipsec.h
@@ -1524,14 +1524,24 @@ send:
* of retransmit time.
*/
timer:
- if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0
- ((sack_rxmit tp-snd_nxt != tp-snd_max) ||
- tp-snd_nxt != tp-snd_una)) {
- if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) {
-TCP_TIMER_DISARM(tp, TCPT_PERSIST);
+ if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0) {
+ if ((sack_rxmit tp-snd_nxt != tp-snd_max)
+ || tp-snd_nxt != tp-snd_una) {
+if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) {
+ TCP_TIMER_DISARM(tp, TCPT_PERSIST);
+ tp-t_rxtshift = 0;
+}
+TCP_TIMER_ARM(tp, TCPT_REXMT, tp-t_rxtcur);
+ } else if (len == 0 so-so_snd.sb_cc 0
+ TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) {
+/*
+ * If we are sending a window probe and there's
+ * unacked data in the socket, make sure at
+ * least the persist timer is running.
+ */
tp-t_rxtshift = 0;
+tcp_setpersist(tp);
}
- TCP_TIMER_ARM(tp, TCPT_REXMT, tp-t_rxtcur);
}
} else
if (SEQ_GT(tp-snd_nxt + len, tp-snd_max))
CVS commit: [netbsd-5-1] src/usr.bin/calendar
Module Name:src
Committed By: bouyer
Date: Wed Jul 1 07:18:37 UTC 2015
Modified Files:
src/usr.bin/calendar [netbsd-5-1]: calendar.c
Log Message:
Pull up following revision(s) (requested by dholland in ticket #1971):
usr.bin/calendar/calendar.c: revision 1.51
Correct privilege handling problems in calendar -a (which runs as root
from /etc/daily); do not exec other programs while the real uid is
still 0.
Also, clear the supplementary groups list up front and call initgroups
when becoming another user, to avoid leaking any extra group
privileges that we might have.
And finally, don't silently ignore errors changing uid and gid; those
are serious if they happen.
To generate a diff of this commit:
cvs rdiff -u -r1.47 -r1.47.12.1 src/usr.bin/calendar/calendar.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/calendar/calendar.c
diff -u src/usr.bin/calendar/calendar.c:1.47 src/usr.bin/calendar/calendar.c:1.47.12.1
--- src/usr.bin/calendar/calendar.c:1.47 Tue Sep 30 05:51:41 2008
+++ src/usr.bin/calendar/calendar.c Wed Jul 1 07:18:37 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: calendar.c,v 1.47 2008/09/30 05:51:41 dholland Exp $ */
+/* $NetBSD: calendar.c,v 1.47.12.1 2015/07/01 07:18:37 bouyer Exp $ */
/*
* Copyright (c) 1989, 1993, 1994
@@ -39,7 +39,7 @@ __COPYRIGHT(@(#) Copyright (c) 1989, 19
#if 0
static char sccsid[] = @(#)calendar.c 8.4 (Berkeley) 1/7/95;
#endif
-__RCSID($NetBSD: calendar.c,v 1.47 2008/09/30 05:51:41 dholland Exp $);
+__RCSID($NetBSD: calendar.c,v 1.47.12.1 2015/07/01 07:18:37 bouyer Exp $);
#endif /* not lint */
#include sys/param.h
@@ -48,6 +48,7 @@ __RCSID($NetBSD: calendar.c,v 1.47 2008
#include sys/uio.h
#include sys/wait.h
+#include assert.h
#include ctype.h
#include err.h
#include errno.h
@@ -105,6 +106,7 @@ static const char *months[] = {
static void atodays(int, char *, unsigned short *);
static void cal(void);
static void closecal(FILE *);
+static void changeuser(void);
static int getday(char *);
static int getfield(char *, char **, int *);
static void getmmdd(struct tm *, char *);
@@ -164,12 +166,24 @@ main(int argc, char **argv)
* XXX - This ignores the user's CALENDAR_DIR variable.
* Run under user's login shell?
*/
+ if (setgroups(0, NULL) == -1) {
+ err(EXIT_FAILURE, setgroups);
+ }
while ((pw = getpwent()) != NULL) {
- (void)setegid(pw-pw_gid);
- (void)seteuid(pw-pw_uid);
- if (chdir(pw-pw_dir) != -1)
+ if (setegid(pw-pw_gid) == -1) {
+warn(%s: setegid, pw-pw_name);
+continue;
+ }
+ if (seteuid(pw-pw_uid) == -1) {
+warn(%s: seteuid, pw-pw_name);
+continue;
+ }
+ if (chdir(pw-pw_dir) != -1) {
cal();
- (void)seteuid(0);
+ }
+ if (seteuid(0) == -1) {
+warn(%s: seteuid back to 0, pw-pw_name);
+ }
}
} else if ((caldir = getenv(CALENDAR_DIR)) != NULL) {
if (chdir(caldir) != -1)
@@ -405,6 +419,10 @@ opencal(void)
(void)close(pdes[1]);
}
(void)close(pdes[0]);
+ if (doall) {
+ /* become the user properly */
+ changeuser();
+ }
/* tell CPP to only open regular files */
if(!cpp_restricted setenv(CPP_RESTRICTED, , 1) == -1)
err(EXIT_FAILURE, Cannot restrict cpp);
@@ -469,6 +487,10 @@ closecal(FILE *fp)
(void)close(pdes[0]);
}
(void)close(pdes[1]);
+ if (doall) {
+ /* become the user properly */
+ changeuser();
+ }
(void)execl(_PATH_SENDMAIL, sendmail, -i, -t, -F,
\Reminder Service\, -f, root, NULL);
err(EXIT_FAILURE, Cannot exec `%s', _PATH_SENDMAIL);
@@ -492,6 +514,34 @@ done: (void)fclose(fp);
continue;
}
+static void
+changeuser(void)
+{
+ uid_t uid;
+ gid_t gid;
+
+ uid = geteuid();
+ gid = getegid();
+ assert(uid == pw-pw_uid);
+ assert(gid == pw-pw_gid);
+
+ if (seteuid(0) == -1) {
+ err(EXIT_FAILURE, %s: changing user: cannot reassert uid 0,
+ pw-pw_name);
+ }
+ if (setgid(gid) == -1) {
+ err(EXIT_FAILURE, %s: cannot assume gid %d,
+ pw-pw_name, (int)gid);
+ }
+ if (initgroups(pw-pw_name, gid) == -1) {
+ err(EXIT_FAILURE, %s: cannot initgroups, pw-pw_name);
+ }
+ if (setuid(uid) == -1) {
+ err(EXIT_FAILURE, %s: cannot assume uid %d,
+ pw-pw_name, (int)uid);
+ }
+}
+
static int
getmonth(char *s)
{
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: bouyer Date: Wed Jul 1 07:19:29 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: ticket 1971 To generate a diff of this commit: cvs rdiff -u -r1.1.2.31 -r1.1.2.32 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.31 src/doc/CHANGES-5.1.6:1.1.2.32 --- src/doc/CHANGES-5.1.6:1.1.2.31 Thu Jun 4 09:07:28 2015 +++ src/doc/CHANGES-5.1.6 Wed Jul 1 07:19:29 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.31 2015/06/04 09:07:28 martin Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.32 2015/07/01 07:19:29 bouyer Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2633,3 +2633,17 @@ sys/arch/x86/x86/intel_busclock.c 1.10, [sborrill, ticket #1963] +usr.bin/calendar/calendar.c 1.51 + + Correct privilege handling problems in calendar -a (which runs as root + from /etc/daily); do not exec other programs while the real uid is + still 0. + + Also, clear the supplementary groups list up front and call initgroups + when becoming another user, to avoid leaking any extra group + privileges that we might have. + + And finally, don't silently ignore errors changing uid and gid; those + are serious if they happen. + [dholland, ticket #1971] +
CVS commit: [netbsd-5-1] src/sys/arch/x86/x86
Module Name:src
Committed By: martin
Date: Thu Jun 4 08:58:54 UTC 2015
Modified Files:
src/sys/arch/x86/x86 [netbsd-5-1]: intel_busclock.c
Log Message:
Pull up the following revisions, requested by sborrill in #1963:
sys/arch/x86/x86/intel_busclock.c 1.10, 1.13-23
Update p[34]_get_bus_clock() to avoid panic in est(4).
Return correct bus clock on some CPUs. Use rdmsr_safe()
to access MSRs safely.
To generate a diff of this commit:
cvs rdiff -u -r1.5.10.4 -r1.5.10.4.2.1 src/sys/arch/x86/x86/intel_busclock.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/x86/x86/intel_busclock.c
diff -u src/sys/arch/x86/x86/intel_busclock.c:1.5.10.4 src/sys/arch/x86/x86/intel_busclock.c:1.5.10.4.2.1
--- src/sys/arch/x86/x86/intel_busclock.c:1.5.10.4 Tue Aug 31 10:50:22 2010
+++ src/sys/arch/x86/x86/intel_busclock.c Thu Jun 4 08:58:54 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: intel_busclock.c,v 1.5.10.4 2010/08/31 10:50:22 bouyer Exp $ */
+/* $NetBSD: intel_busclock.c,v 1.5.10.4.2.1 2015/06/04 08:58:54 martin Exp $ */
/*-
* Copyright (c) 1999, 2000, 2001 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: intel_busclock.c,v 1.5.10.4 2010/08/31 10:50:22 bouyer Exp $);
+__KERNEL_RCSID(0, $NetBSD: intel_busclock.c,v 1.5.10.4.2.1 2015/06/04 08:58:54 martin Exp $);
#include sys/param.h
#include sys/systm.h
@@ -91,25 +91,24 @@ p3_get_bus_clock(struct cpu_info *ci)
{
uint64_t msr;
int bus, bus_clock = 0;
+ uint32_t model;
- switch (CPUID2MODEL(ci-ci_signature)) {
+ model = CPUID_TO_MODEL(ci-ci_signature);
+
+ switch (model) {
case 0x9: /* Pentium M (130 nm, Banias) */
bus_clock = 1;
break;
case 0xc: /* Core i7, Atom, model 1 */
/*
- * XXX (See also case 0xe)
- * Some core i7 CPUs can report model 0xc.
* Newer CPUs will GP when attemping to access MSR_FSB_FREQ.
* In the long-term, use ACPI instead of all this.
*/
- switch (CPUID2EXTMODEL(ci-ci_signature)) {
- case 0x2:
- aprint_debug(%s: unable to determine bus speed,
- device_xname(ci-ci_dev));
+ if (rdmsr_safe(MSR_FSB_FREQ, msr) == EFAULT) {
+ aprint_debug_dev(ci-ci_dev,
+ unable to determine bus speed);
goto print_msr;
}
- msr = rdmsr(MSR_FSB_FREQ);
bus = (msr 0) 0x7;
switch (bus) {
case 1:
@@ -122,7 +121,11 @@ p3_get_bus_clock(struct cpu_info *ci)
}
break;
case 0xd: /* Pentium M (90 nm, Dothan) */
- msr = rdmsr(MSR_FSB_FREQ);
+ if (rdmsr_safe(MSR_FSB_FREQ, msr) == EFAULT) {
+ aprint_debug_dev(ci-ci_dev,
+ unable to determine bus speed);
+ goto print_msr;
+ }
bus = (msr 0) 0x7;
switch (bus) {
case 0:
@@ -138,20 +141,13 @@ p3_get_bus_clock(struct cpu_info *ci)
}
break;
case 0xe: /* Core Duo/Solo */
- /*
- * XXX (See also case 0xc)
- * Newer CPUs will GP when attemping to access MSR_FSB_FREQ.
- * In the long-term, use ACPI instead of all this.
- */
- switch (CPUID2EXTMODEL(ci-ci_signature)) {
- case 0x1:
- aprint_debug(%s: unable to determine bus speed,
- device_xname(ci-ci_dev));
+ case 0xf: /* Core Xeon */
+ case 0x17: /* Xeon [35]000, Core 2 Quad [89]00 */
+ if (rdmsr_safe(MSR_FSB_FREQ, msr) == EFAULT) {
+ aprint_debug_dev(ci-ci_dev,
+ unable to determine bus speed);
goto print_msr;
}
- /* FALLTHROUGH */
- case 0xf: /* Core Xeon */
- msr = rdmsr(MSR_FSB_FREQ);
bus = (msr 0) 0x7;
switch (bus) {
case 5:
@@ -172,6 +168,9 @@ p3_get_bus_clock(struct cpu_info *ci)
case 4:
bus_clock = 3;
break;
+ case 6:
+ bus_clock = 4;
+ break;
default:
aprint_debug(%s: unknown Core FSB_FREQ value %d,
device_xname(ci-ci_dev), bus);
@@ -198,16 +197,135 @@ p3_get_bus_clock(struct cpu_info *ci)
case 2:
bus_clock = 1;
break;
+ case 3:
+ bus_clock = 10666;
+ break;
default:
aprint_debug(%s: unknown i686 EBL_CR_POWERON
value %d , device_xname(ci-ci_dev), bus);
goto print_msr;
}
break;
+ case 0x1c: /* Atom */
+ case 0x26:
+ case 0x27:
+ case 0x35:
+ case 0x36:
+ if (rdmsr_safe(MSR_FSB_FREQ, msr) == EFAULT) {
+ aprint_debug_dev(ci-ci_dev,
+ unable to determine bus speed);
+ goto print_msr;
+ }
+ bus = (msr 0) 0x7;
+ switch (bus) {
+ case 7:
+ bus_clock = 8333;
+ break;
+ case 5:
+ bus_clock = 1;
+ break;
+ case 1:
+ bus_clock = 1;
+ break;
+ case 3:
+ bus_clock = 16667;
+ break;
+ default:
+ aprint_debug(%s: unknown Atom FSB_FREQ value %d,
+ device_xname(ci-ci_dev), bus);
+ goto print_msr;
+ }
+ break;
+ case 0x37: /* Silvermont */
+ case 0x4a:
+ case 0x4d:
+ case 0x5a:
+ case 0x5d:
+ if (rdmsr_safe(MSR_FSB_FREQ, msr) == EFAULT) {
+ aprint_debug_dev(ci-ci_dev,
+ unable to determine bus speed);
+ goto print_msr;
+ }
+ bus = (msr 0) 0x7;
+ switch (bus) {
+ case 4:
+ bus_clock = 8000;
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: martin Date: Thu Jun 4 09:07:28 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1963 To generate a diff of this commit: cvs rdiff -u -r1.1.2.30 -r1.1.2.31 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.30 src/doc/CHANGES-5.1.6:1.1.2.31 --- src/doc/CHANGES-5.1.6:1.1.2.30 Mon Jun 1 15:54:15 2015 +++ src/doc/CHANGES-5.1.6 Thu Jun 4 09:07:28 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.30 2015/06/01 15:54:15 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.31 2015/06/04 09:07:28 martin Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2625,3 +2625,11 @@ sys/arch/x86/include/specialreg.h 1.72 compatibility. [msaitoh, ticket #1968] +sys/arch/x86/x86/intel_busclock.c 1.10, 1.13-23 via patch + + Update p[34]_get_bus_clock() to avoid panic in est(4). + Return correct bus clock on some CPUs. Use rdmsr_safe() + to access MSRs safely. + [sborrill, ticket #1963] + +
CVS commit: [netbsd-5-1] src/sys/arch/x86/include
Module Name:src Committed By: sborrill Date: Mon Jun 1 15:49:47 UTC 2015 Modified Files: src/sys/arch/x86/include [netbsd-5-1]: specialreg.h Log Message: Pull up the following revisions(s) (requested by msaitoh in ticket #1968): sys/arch/x86/include/specialreg.h: revision 1.72 via patch Backup CPUID_TO_*() macros. Old macros are kept for compatibility. To generate a diff of this commit: cvs rdiff -u -r1.31.4.1 -r1.31.4.1.2.1 src/sys/arch/x86/include/specialreg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/include/specialreg.h diff -u src/sys/arch/x86/include/specialreg.h:1.31.4.1 src/sys/arch/x86/include/specialreg.h:1.31.4.1.2.1 --- src/sys/arch/x86/include/specialreg.h:1.31.4.1 Tue Jun 16 02:23:31 2009 +++ src/sys/arch/x86/include/specialreg.h Mon Jun 1 15:49:47 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: specialreg.h,v 1.31.4.1 2009/06/16 02:23:31 snj Exp $ */ +/* $NetBSD: specialreg.h,v 1.31.4.1.2.1 2015/06/01 15:49:47 sborrill Exp $ */ /*- * Copyright (c) 1991 The Regents of the University of California. @@ -240,13 +240,39 @@ \11TM2\12SSSE3\13CID\16CX16\17xTPR\20PDCM\23DCA \ \24SSE41\25SSE42\26X2APIC\30POPCNT -#define CPUID2FAMILY(cpuid) (((cpuid) 8) 0xf) -#define CPUID2MODEL(cpuid) (((cpuid) 4) 0xf) -#define CPUID2STEPPING(cpuid) ((cpuid) 0xf) - -/* Extended family and model are defined on amd64 processors */ -#define CPUID2EXTFAMILY(cpuid) (((cpuid) 20) 0xff) -#define CPUID2EXTMODEL(cpuid) (((cpuid) 16) 0xf) +/* CPUID Fn0001 %eax */ + +#define CPUID_TO_BASEFAMILY(cpuid) (((cpuid) 8) 0xf) +#define CPUID_TO_BASEMODEL(cpuid) (((cpuid) 4) 0xf) +#define CPUID_TO_STEPPING(cpuid) ((cpuid) 0xf) + +/* Old macros for compatibility */ +#define CPUID2FAMILY(cpuid) CPUID_TO_BASEFAMILY(cpuid) +#define CPUID2MODEL(cpuid) CPUID_TO_BASEMODEL(cpuid) +#define CPUID2STEPPING(cpuid) CPUID_TO_STEPPING(cpuid) + +/* + * The Extended family bits should only be inspected when CPUID_TO_BASEFAMILY() + * returns 15. They are use to encode family value 16 to 270 (add 15). + * The Extended model bits are the high 4 bits of the model. + * They are only valid for family = 15 or family 6 (intel, but all amd + * family 6 are documented to return zero bits for them). + */ +#define CPUID_TO_EXTFAMILY(cpuid) (((cpuid) 20) 0xff) +#define CPUID_TO_EXTMODEL(cpuid) (((cpuid) 16) 0xf) + +/* Old macros for compatibility */ +#define CPUID2EXTFAMILY(cpuid) CPUID_TO_EXTFAMILY(cpuid) +#define CPUID2EXTMODEL(cpuid) CPUID_TO_EXTMODEL(cpuid) + +/* The macros for the Display Family and the Display Model */ +#define CPUID_TO_FAMILY(cpuid) (CPUID_TO_BASEFAMILY(cpuid) \ + + ((CPUID_TO_BASEFAMILY(cpuid) != 0x0f) \ + ? 0 : CPUID_TO_EXTFAMILY(cpuid))) +#define CPUID_TO_MODEL(cpuid) (CPUID_TO_BASEMODEL(cpuid) \ + | ((CPUID_TO_BASEFAMILY(cpuid) != 0x0f) \ + (CPUID_TO_BASEFAMILY(cpuid) != 0x06) \ + ? 0 : (CPUID_TO_EXTMODEL(cpuid) 4))) /* * Model-specific registers for the i386 family
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Mon Jun 1 15:52:03 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1968 To generate a diff of this commit: cvs rdiff -u -r1.1.2.28 -r1.1.2.29 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.28 src/doc/CHANGES-5.1.6:1.1.2.29 --- src/doc/CHANGES-5.1.6:1.1.2.28 Mon Jun 1 14:45:27 2015 +++ src/doc/CHANGES-5.1.6 Mon Jun 1 15:52:03 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.28 2015/06/01 14:45:27 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.29 2015/06/01 15:52:03 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2619,3 +2619,9 @@ sys/arch/i386/i386/cpufunc.S 1.16-1.17 Backport rdmsr_safe() to access MSR safely. [msaitoh, ticket #1969] +sys/arch/x86/include/specialreg.h 1.72 via patch + + Add CPUID_TO_*() macros to avoid bug. Old macros are kept for + compatibility. + [msaitoh, ticket #1968] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Mon Jun 1 15:54:15 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Reword ticket #1968 To generate a diff of this commit: cvs rdiff -u -r1.1.2.29 -r1.1.2.30 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.29 src/doc/CHANGES-5.1.6:1.1.2.30 --- src/doc/CHANGES-5.1.6:1.1.2.29 Mon Jun 1 15:52:03 2015 +++ src/doc/CHANGES-5.1.6 Mon Jun 1 15:54:15 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.29 2015/06/01 15:52:03 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.30 2015/06/01 15:54:15 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2621,7 +2621,7 @@ sys/arch/i386/i386/cpufunc.S 1.16-1.17 sys/arch/x86/include/specialreg.h 1.72 via patch - Add CPUID_TO_*() macros to avoid bug. Old macros are kept for + Backport CPUID_TO_*() macros. Old macros are kept for compatibility. [msaitoh, ticket #1968]
CVS commit: [netbsd-5-1] src/sys/arch
Module Name:src Committed By: sborrill Date: Mon Jun 1 14:43:48 UTC 2015 Modified Files: src/sys/arch/amd64/amd64 [netbsd-5-1]: cpufunc.S src/sys/arch/i386/i386 [netbsd-5-1]: cpufunc.S src/sys/arch/x86/include [netbsd-5-1]: cpufunc.h Log Message: Pull up the following revisions(s) (requested by msaitoh in ticket #1969): sys/arch/x86/include/cpufunc.h: revision 1.13 sys/arch/amd64/amd64/cpufunc.S: revision 1.20-1.21 via patch sys/arch/i386/i386/cpufunc.S: revision 1.16-1.17, 1.21 via patch Backport rdmsr_safe() to access MSR safely. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.15.16.1 src/sys/arch/amd64/amd64/cpufunc.S cvs rdiff -u -r1.13 -r1.13.10.1 src/sys/arch/i386/i386/cpufunc.S cvs rdiff -u -r1.8.10.3 -r1.8.10.3.6.1 src/sys/arch/x86/include/cpufunc.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/cpufunc.S diff -u src/sys/arch/amd64/amd64/cpufunc.S:1.15 src/sys/arch/amd64/amd64/cpufunc.S:1.15.16.1 --- src/sys/arch/amd64/amd64/cpufunc.S:1.15 Tue Jun 24 16:32:53 2008 +++ src/sys/arch/amd64/amd64/cpufunc.S Mon Jun 1 14:43:47 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: cpufunc.S,v 1.15 2008/06/24 16:32:53 ad Exp $ */ +/* $NetBSD: cpufunc.S,v 1.15.16.1 2015/06/01 14:43:47 sborrill Exp $ */ /*- * Copyright (c) 1998, 2007, 2008 The NetBSD Foundation, Inc. @@ -33,6 +33,8 @@ * Functions to provide access to i386-specific instructions. */ +#include sys/errno.h + #include machine/asm.h #include machine/specialreg.h #include machine/segments.h @@ -215,6 +217,37 @@ ENTRY(wrmsr_locked) wrmsr ret +/* + * Support for reading MSRs in the safe manner (returns EFAULT on fault) + */ +/* int rdmsr_safe(u_int msr, uint64_t *data) */ +ENTRY(rdmsr_safe) + movq CPUVAR(CURLWP), %r8 + movq L_ADDR(%r8), %r8 + movq $_C_LABEL(msr_onfault), PCB_ONFAULT(%r8) + + movl %edi, %ecx /* u_int msr */ + rdmsr /* Read MSR pointed by %ecx. Returns + hi byte in edx, lo in %eax */ + salq $32, %rdx /* sign-shift %rdx left */ + movl %eax, %eax /* zero-extend %eax - %rax */ + orq %rdx, %rax + movq %rax, (%rsi) /* *data */ + xorq %rax, %rax/* no error */ + + movq %rax, PCB_ONFAULT(%r8) + ret + +/* + * MSR operations fault handler + */ +NENTRY(msr_onfault) + movq CPUVAR(CURLWP), %r8 + movq L_ADDR(%r8), %r8 + movq $0, PCB_ONFAULT(%r8) + movl $EFAULT, %eax + ret + #ifndef XEN ENTRY(wbinvd) wbinvd Index: src/sys/arch/i386/i386/cpufunc.S diff -u src/sys/arch/i386/i386/cpufunc.S:1.13 src/sys/arch/i386/i386/cpufunc.S:1.13.10.1 --- src/sys/arch/i386/i386/cpufunc.S:1.13 Tue Sep 23 08:50:11 2008 +++ src/sys/arch/i386/i386/cpufunc.S Mon Jun 1 14:43:48 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: cpufunc.S,v 1.13 2008/09/23 08:50:11 ad Exp $ */ +/* $NetBSD: cpufunc.S,v 1.13.10.1 2015/06/01 14:43:48 sborrill Exp $ */ /*- * Copyright (c) 1998, 2007 The NetBSD Foundation, Inc. @@ -35,8 +35,10 @@ * These are shared with NetBSD/xen. */ +#include sys/errno.h + #include machine/asm.h -__KERNEL_RCSID(0, $NetBSD: cpufunc.S,v 1.13 2008/09/23 08:50:11 ad Exp $); +__KERNEL_RCSID(0, $NetBSD: cpufunc.S,v 1.13.10.1 2015/06/01 14:43:48 sborrill Exp $); #include opt_xen.h @@ -141,6 +143,39 @@ ENTRY(wrmsr_locked) ret END(wrmsr_locked) +/* + * Support for reading MSRs in the safe manner (returns EFAULT on fault) + */ +/* int rdmsr_safe(u_int msr, uint64_t *data) */ +ENTRY(rdmsr_safe) + movl CPUVAR(CURLWP), %ecx + movl L_ADDR(%ecx), %ecx + movl $_C_LABEL(msr_onfault), PCB_ONFAULT(%ecx) + + movl 4(%esp), %ecx /* u_int msr */ + rdmsr + movl 8(%esp), %ecx /* *data */ + movl %eax, (%ecx) /* low-order bits */ + movl %edx, 4(%ecx) /* high-order bits */ + xorl %eax, %eax/* no error */ + + movl CPUVAR(CURLWP), %ecx + movl L_ADDR(%ecx), %ecx + movl %eax, PCB_ONFAULT(%ecx) + + ret + +/* + * MSR operations fault handler + */ +NENTRY(msr_onfault) + movl CPUVAR(CURLWP), %ecx + movl L_ADDR(%ecx), %ecx + movl $0, PCB_ONFAULT(%ecx) + movl $EFAULT, %eax + ret +END(msr_onfault) + ENTRY(cpu_counter) rdtsc addl CPUVAR(CC_SKEW), %eax Index: src/sys/arch/x86/include/cpufunc.h diff -u src/sys/arch/x86/include/cpufunc.h:1.8.10.3 src/sys/arch/x86/include/cpufunc.h:1.8.10.3.6.1 --- src/sys/arch/x86/include/cpufunc.h:1.8.10.3 Mon Feb 2 21:38:50 2009 +++ src/sys/arch/x86/include/cpufunc.h Mon Jun 1 14:43:48 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: cpufunc.h,v 1.8.10.3 2009/02/02 21:38:50 snj Exp $ */ +/* $NetBSD: cpufunc.h,v 1.8.10.3.6.1 2015/06/01 14:43:48 sborrill Exp $ */ /*- * Copyright (c) 1998, 2007 The NetBSD Foundation, Inc. @@ -118,6 +118,7 @@ void x86_reset(void); uint64_t rdmsr(u_int); uint64_t rdmsr_locked(u_int, u_int); +int rdmsr_safe(u_int, uint64_t *); uint64_t rdtsc(void); uint64_t rdpmc(u_int); void wrmsr(u_int, uint64_t);
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Mon Jun 1 14:45:27 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1969 To generate a diff of this commit: cvs rdiff -u -r1.1.2.27 -r1.1.2.28 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.27 src/doc/CHANGES-5.1.6:1.1.2.28 --- src/doc/CHANGES-5.1.6:1.1.2.27 Fri May 22 11:22:34 2015 +++ src/doc/CHANGES-5.1.6 Mon Jun 1 14:45:27 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.27 2015/05/22 11:22:34 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.28 2015/06/01 14:45:27 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2612,3 +2612,10 @@ sys/arch/xen/xen/xenevt.c 1.42 Fix off by one error, addresses port-xen/49919. [bouyer, ticket #1965] +sys/arch/x86/include/cpufunc.h 1.13 +sys/arch/amd64/amd64/cpufunc.S 1.20-1.21 via patch +sys/arch/i386/i386/cpufunc.S 1.16-1.17, 1.21 via patch + + Backport rdmsr_safe() to access MSR safely. + [msaitoh, ticket #1969] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Fri May 22 11:22:34 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1965 To generate a diff of this commit: cvs rdiff -u -r1.1.2.26 -r1.1.2.27 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.26 src/doc/CHANGES-5.1.6:1.1.2.27 --- src/doc/CHANGES-5.1.6:1.1.2.26 Sun Apr 26 12:55:28 2015 +++ src/doc/CHANGES-5.1.6 Fri May 22 11:22:34 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.26 2015/04/26 12:55:28 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.27 2015/05/22 11:22:34 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2606,3 +2606,9 @@ sys/kern/sys_select.cpatch exceeded, then return EINVAL instead of silently truncating the list. Addresses PR/17507. [prlw1, ticket #1957] + +sys/arch/xen/xen/xenevt.c 1.42 + + Fix off by one error, addresses port-xen/49919. + [bouyer, ticket #1965] +
CVS commit: [netbsd-5-1] src/sys/arch/xen/xen
Module Name:src
Committed By: sborrill
Date: Fri May 22 11:22:03 UTC 2015
Modified Files:
src/sys/arch/xen/xen [netbsd-5-1]: xenevt.c
Log Message:
Pull up the following revisions(s) (requested by bouyer in ticket #1965):
sys/arch/xen/xen/xenevt.c: revision 1.42
Fix off by one error, addresses port-xen/49919.
To generate a diff of this commit:
cvs rdiff -u -r1.29.4.2 -r1.29.4.2.2.1 src/sys/arch/xen/xen/xenevt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/xen/xen/xenevt.c
diff -u src/sys/arch/xen/xen/xenevt.c:1.29.4.2 src/sys/arch/xen/xen/xenevt.c:1.29.4.2.2.1
--- src/sys/arch/xen/xen/xenevt.c:1.29.4.2 Wed Sep 30 00:08:03 2009
+++ src/sys/arch/xen/xen/xenevt.c Fri May 22 11:22:03 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: xenevt.c,v 1.29.4.2 2009/09/30 00:08:03 snj Exp $ */
+/* $NetBSD: xenevt.c,v 1.29.4.2.2.1 2015/05/22 11:22:03 sborrill Exp $ */
/*
* Copyright (c) 2005 Manuel Bouyer.
@@ -31,7 +31,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: xenevt.c,v 1.29.4.2 2009/09/30 00:08:03 snj Exp $);
+__KERNEL_RCSID(0, $NetBSD: xenevt.c,v 1.29.4.2.2.1 2015/05/22 11:22:03 sborrill Exp $);
#include opt_xen.h
#include sys/param.h
@@ -496,7 +496,7 @@ xenevt_fwrite(struct file *fp, off_t *of
if (uio-uio_resid == 0)
return (0);
nentries = uio-uio_resid / sizeof(uint16_t);
- if (nentries NR_EVENT_CHANNELS)
+ if (nentries = NR_EVENT_CHANNELS)
return EMSGSIZE;
chans = kmem_alloc(nentries * sizeof(uint16_t), KM_SLEEP);
if (chans == NULL)
@@ -580,7 +580,7 @@ xenevt_fioctl(struct file *fp, u_long cm
{
struct ioctl_evtchn_unbind *unbind = addr;
- if (unbind-port NR_EVENT_CHANNELS)
+ if (unbind-port = NR_EVENT_CHANNELS)
return EINVAL;
if (devevent[unbind-port] != d)
return ENOTCONN;
@@ -596,7 +596,7 @@ xenevt_fioctl(struct file *fp, u_long cm
{
struct ioctl_evtchn_notify *notify = addr;
- if (notify-port NR_EVENT_CHANNELS)
+ if (notify-port = NR_EVENT_CHANNELS)
return EINVAL;
if (devevent[notify-port] != d)
return ENOTCONN;
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Sun Apr 26 12:55:28 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Update ticket 1958. To generate a diff of this commit: cvs rdiff -u -r1.1.2.25 -r1.1.2.26 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.25 src/doc/CHANGES-5.1.6:1.1.2.26 --- src/doc/CHANGES-5.1.6:1.1.2.25 Fri Apr 24 05:49:18 2015 +++ src/doc/CHANGES-5.1.6 Sun Apr 26 12:55:28 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.25 2015/04/24 05:49:18 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.26 2015/04/26 12:55:28 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2584,7 +2584,10 @@ crypto/dist/openssl/dist/ssl/s2_srvr.c 1 X509_to_X509_REQ NULL pointer deref (CVE-2015-0288) [spz, ticket #1954] -sys/arch/sparc/stand/ofwboot/Locore.c 1.14 +sys/arch/sparc/include/openfirm.h 1.7 +sys/arch/sparc/stand/ofwboot/Locore.c 1.11, 1.14 +sys/arch/sparc/stand/ofwboot/loadfile_machdep.c 1.7 +sys/arch/sparc/stand/ofwboot/openfirm.h 1.4 Fix kernel loading failures from partitions started from over first 4GB of disks on sparc64.
CVS commit: [netbsd-5-1] src/sys/arch/sparc
Module Name:src
Committed By: msaitoh
Date: Sun Apr 26 12:54:38 UTC 2015
Modified Files:
src/sys/arch/sparc/include [netbsd-5-1]: openfirm.h
src/sys/arch/sparc/stand/ofwboot [netbsd-5-1]: Locore.c
loadfile_machdep.c openfirm.h
Log Message:
Pullup another commit for ticket #1958 requested by martin:
sys/arch/sparc/include/openfirm.h 1.7
sys/arch/sparc/stand/ofwboot/Locore.c 1.11
sys/arch/sparc/stand/ofwboot/loadfile_machdep.c 1.7
sys/arch/sparc/stand/ofwboot/openfirm.h 1.4
Make ofwboot can handle over 4GB physical memory by using OpenFirmware
calls properly, and some cosmetic changes. Idea from OpenBSD.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.6.92.1 src/sys/arch/sparc/include/openfirm.h
cvs rdiff -u -r1.10.40.1 -r1.10.40.2 \
src/sys/arch/sparc/stand/ofwboot/Locore.c
cvs rdiff -u -r1.6 -r1.6.14.1 \
src/sys/arch/sparc/stand/ofwboot/loadfile_machdep.c
cvs rdiff -u -r1.3 -r1.3.82.1 src/sys/arch/sparc/stand/ofwboot/openfirm.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/sparc/include/openfirm.h
diff -u src/sys/arch/sparc/include/openfirm.h:1.6 src/sys/arch/sparc/include/openfirm.h:1.6.92.1
--- src/sys/arch/sparc/include/openfirm.h:1.6 Sat Mar 4 02:56:21 2006
+++ src/sys/arch/sparc/include/openfirm.h Sun Apr 26 12:54:38 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: openfirm.h,v 1.6 2006/03/04 02:56:21 uwe Exp $ */
+/* $NetBSD: openfirm.h,v 1.6.92.1 2015/04/26 12:54:38 msaitoh Exp $ */
/*
* Copyright (C) 1995, 1996 Wolfgang Solfrank.
@@ -49,6 +49,9 @@ typedef uint64_t cell_t;
#define HDL2CELL(x) (cell_t)(u_int)(int)(x)
#define ADR2CELL(x) (cell_t)(u_int)(int)(x)
#endif
+#define HDQ2CELL_HI(x) (cell_t)(0)
+#define HDQ2CELL_LO(x) (cell_t)(x)
+#define CELL2HDQ(hi,lo) (lo)
#else /* SUN4U */
/* All cells are 4 byte slots */
typedef uint32_t cell_t;
Index: src/sys/arch/sparc/stand/ofwboot/Locore.c
diff -u src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10.40.1 src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10.40.2
--- src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10.40.1 Fri Apr 17 10:51:28 2015
+++ src/sys/arch/sparc/stand/ofwboot/Locore.c Sun Apr 26 12:54:38 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: Locore.c,v 1.10.40.1 2015/04/17 10:51:28 msaitoh Exp $ */
+/* $NetBSD: Locore.c,v 1.10.40.2 2015/04/26 12:54:38 msaitoh Exp $ */
/*
* Copyright (C) 1995, 1996 Wolfgang Solfrank.
@@ -36,15 +36,6 @@
#include machine/cpu.h
-vaddr_t OF_claim_virt(vaddr_t, int);
-vaddr_t OF_alloc_virt(int, int);
-int OF_free_virt(vaddr_t, int);
-int OF_unmap_virt(vaddr_t, int);
-vaddr_t OF_map_phys(paddr_t, off_t, vaddr_t, int);
-paddr_t OF_alloc_phys(int, int);
-paddr_t OF_claim_phys(paddr_t, int);
-int OF_free_phys(paddr_t, int);
-
extern int openfirmware(void *);
@@ -450,9 +441,9 @@ OF_claim_virt(vaddr_t vaddr, int len)
args.align = 0;
args.len = len;
args.vaddr = ADR2CELL(vaddr);
- if(openfirmware(args) != 0)
+ if (openfirmware(args) != 0)
return -1LL;
- return args.retaddr; /* Kluge till we go 64-bit */
+ return (vaddr_t)args.retaddr;
}
/*
@@ -486,13 +477,13 @@ OF_alloc_virt(int len, int align)
args.nargs = 4;
args.nreturns = 2;
args.method = ADR2CELL(claim);
- args.ihandle = mmuh;
+ args.ihandle = HDL2CELL(mmuh);
args.align = align;
args.len = len;
args.retaddr = ADR2CELL(retaddr);
- if(openfirmware(args) != 0)
+ if (openfirmware(args) != 0)
return -1LL;
- return (vaddr_t)args.retaddr; /* Kluge till we go 64-bit */
+ return (vaddr_t)args.retaddr;
}
/*
@@ -601,8 +592,8 @@ OF_map_phys(paddr_t paddr, off_t size, v
args.mode = mode;
args.size = size;
args.vaddr = ADR2CELL(vaddr);
- args.paddr_hi = ADR2CELL(paddr32);
- args.paddr_lo = ADR2CELL(paddr);
+ args.paddr_hi = HDQ2CELL_HI(paddr);
+ args.paddr_lo = HDQ2CELL_LO(paddr);
if (openfirmware(args) == -1)
return -1;
@@ -620,7 +611,6 @@ OF_map_phys(paddr_t paddr, off_t size, v
paddr_t
OF_alloc_phys(int len, int align)
{
- paddr_t paddr;
struct {
cell_t name;
cell_t nargs;
@@ -647,10 +637,9 @@ OF_alloc_phys(int len, int align)
args.ihandle = HDL2CELL(memh);
args.align = align;
args.len = len;
- if(openfirmware(args) != 0)
+ if (openfirmware(args) != 0)
return -1LL;
- paddr = (paddr_t)(args.phys_hi32)|((unsigned int)(args.phys_lo));
- return paddr; /* Kluge till we go 64-bit */
+ return (paddr_t)CELL2HDQ(args.phys_hi, args.phys_lo);
}
/*
@@ -661,7 +650,6 @@ OF_alloc_phys(int len, int align)
paddr_t
OF_claim_phys(paddr_t phys, int len)
{
- paddr_t paddr;
struct {
cell_t name;
cell_t nargs;
@@ -691,12 +679,11 @@ OF_claim_phys(paddr_t phys, int len)
args.ihandle = HDL2CELL(memh);
args.align = 0;
args.len = len;
- args.phys_hi = HDL2CELL(phys32);
- args.phys_lo = HDL2CELL(phys);
- if(openfirmware(args) != 0)
+ args.phys_hi = HDQ2CELL_HI(phys);
+ args.phys_lo = HDQ2CELL_LO(phys);
+ if
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src
Committed By: msaitoh
Date: Fri Apr 24 05:46:33 UTC 2015
Modified Files:
src/sys/kern [netbsd-5-1]: sys_select.c
Log Message:
Pull up following revision(s) (requested by prlw1 in ticket #1957):
sys/kern/sys_select.c patch
Limit nfds arg to poll() to a large enough value that user programs
cannot allocate indefinite sized blocks of kvm. If the limit is
exceeded, then return EINVAL instead of silently truncating the list.
Addresses PR/17507.
[prlw1, ticket #1957]
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.10.10.1 src/sys/kern/sys_select.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/sys_select.c
diff -u src/sys/kern/sys_select.c:1.10 src/sys/kern/sys_select.c:1.10.10.1
--- src/sys/kern/sys_select.c:1.10 Wed Oct 15 08:13:17 2008
+++ src/sys/kern/sys_select.c Fri Apr 24 05:46:33 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: sys_select.c,v 1.10 2008/10/15 08:13:17 ad Exp $ */
+/* $NetBSD: sys_select.c,v 1.10.10.1 2015/04/24 05:46:33 msaitoh Exp $ */
/*-
* Copyright (c) 2007, 2008 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: sys_select.c,v 1.10 2008/10/15 08:13:17 ad Exp $);
+__KERNEL_RCSID(0, $NetBSD: sys_select.c,v 1.10.10.1 2015/04/24 05:46:33 msaitoh Exp $);
#include sys/param.h
#include sys/systm.h
@@ -432,9 +432,17 @@ pollcommon(lwp_t *l, register_t *retval,
struct timeval sleeptv;
selcpu_t *sc;
- if (nfds p-p_fd-fd_nfiles) {
- /* forgiving; slightly wrong */
- nfds = p-p_fd-fd_nfiles;
+ if (nfds 1000 + p-p_fd-fd_nfiles) {
+ /*
+ * Either the user passed in a very sparse 'fds' or junk!
+ * The kmem_alloc() call below would be bad news.
+ * We could process the 'fds' array in chunks, but that
+ * is a lot of code that isn't normally useful.
+ * (Or just move the copyin/out into pollscan().)
+ * Historically the code silently truncated 'fds' to
+ * dt_nfiles entries - but that does cause issues.
+ */
+ return EINVAL;
}
ni = nfds * sizeof(struct pollfd);
if (ni sizeof(smallbits)) {
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Apr 24 05:49:18 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1957. To generate a diff of this commit: cvs rdiff -u -r1.1.2.24 -r1.1.2.25 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.24 src/doc/CHANGES-5.1.6:1.1.2.25 --- src/doc/CHANGES-5.1.6:1.1.2.24 Sun Apr 19 07:46:48 2015 +++ src/doc/CHANGES-5.1.6 Fri Apr 24 05:49:18 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.24 2015/04/19 07:46:48 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.25 2015/04/24 05:49:18 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2595,3 +2595,11 @@ xsrc/xfree/xc/lib/X11/Xlibint.h1.2 Fix CVE-2013-7439: Buffer overflow in MakeBigReq macro in libX11. [mrg, ticket #1959] + +sys/kern/sys_select.cpatch + + Limit nfds arg to poll() to a large enough value that user programs + cannot allocate indefinite sized blocks of kvm. If the limit is + exceeded, then return EINVAL instead of silently truncating the list. + Addresses PR/17507. + [prlw1, ticket #1957]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Sun Apr 19 07:46:49 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1959. To generate a diff of this commit: cvs rdiff -u -r1.1.2.23 -r1.1.2.24 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.23 src/doc/CHANGES-5.1.6:1.1.2.24 --- src/doc/CHANGES-5.1.6:1.1.2.23 Fri Apr 17 10:52:38 2015 +++ src/doc/CHANGES-5.1.6 Sun Apr 19 07:46:48 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.23 2015/04/17 10:52:38 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.24 2015/04/19 07:46:48 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2589,3 +2589,9 @@ sys/arch/sparc/stand/ofwboot/Locore.c 1 Fix kernel loading failures from partitions started from over first 4GB of disks on sparc64. [nakayama, ticket #1958] + +xsrc/external/mit/libX11/dist/include/X11/Xlibint.h patch +xsrc/xfree/xc/lib/X11/Xlibint.h1.2 + + Fix CVE-2013-7439: Buffer overflow in MakeBigReq macro in libX11. + [mrg, ticket #1959]
CVS commit: [netbsd-5-1] src/sys/arch/sparc/stand/ofwboot
Module Name:src
Committed By: msaitoh
Date: Fri Apr 17 10:51:28 UTC 2015
Modified Files:
src/sys/arch/sparc/stand/ofwboot [netbsd-5-1]: Locore.c
Log Message:
Pull up following revision(s) (requested by nakayama in ticket #1958):
sys/arch/sparc/stand/ofwboot/Locore.c: revision 1.14
Fix kernel loading failures from partitions started from over first
4GB of disks on sparc64.
To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.10.40.1 src/sys/arch/sparc/stand/ofwboot/Locore.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/sparc/stand/ofwboot/Locore.c
diff -u src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10 src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10.40.1
--- src/sys/arch/sparc/stand/ofwboot/Locore.c:1.10 Wed Oct 17 19:57:16 2007
+++ src/sys/arch/sparc/stand/ofwboot/Locore.c Fri Apr 17 10:51:28 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: Locore.c,v 1.10 2007/10/17 19:57:16 garbled Exp $ */
+/* $NetBSD: Locore.c,v 1.10.40.1 2015/04/17 10:51:28 msaitoh Exp $ */
/*
* Copyright (C) 1995, 1996 Wolfgang Solfrank.
@@ -311,8 +311,8 @@ OF_seek(int handle, u_quad_t pos)
args.nargs = 3;
args.nreturns = 1;
args.handle = HDL2CELL(handle);
- args.poshi = HDL2CELL(pos 32);
- args.poslo = HDL2CELL(pos);
+ args.poshi = HDQ2CELL_HI(pos);
+ args.poslo = HDQ2CELL_LO(pos);
if (openfirmware(args) == -1) {
return -1;
}
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Apr 17 10:52:38 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1958. To generate a diff of this commit: cvs rdiff -u -r1.1.2.22 -r1.1.2.23 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.22 src/doc/CHANGES-5.1.6:1.1.2.23 --- src/doc/CHANGES-5.1.6:1.1.2.22 Thu Mar 19 18:13:25 2015 +++ src/doc/CHANGES-5.1.6 Fri Apr 17 10:52:38 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.22 2015/03/19 18:13:25 riz Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.23 2015/04/17 10:52:38 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2584,3 +2584,8 @@ crypto/dist/openssl/dist/ssl/s2_srvr.c 1 X509_to_X509_REQ NULL pointer deref (CVE-2015-0288) [spz, ticket #1954] +sys/arch/sparc/stand/ofwboot/Locore.c 1.14 + + Fix kernel loading failures from partitions started from over first + 4GB of disks on sparc64. + [nakayama, ticket #1958]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: riz Date: Thu Mar 19 18:13:25 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Fix paths in previous. To generate a diff of this commit: cvs rdiff -u -r1.1.2.21 -r1.1.2.22 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.21 src/doc/CHANGES-5.1.6:1.1.2.22 --- src/doc/CHANGES-5.1.6:1.1.2.21 Thu Mar 19 16:40:32 2015 +++ src/doc/CHANGES-5.1.6 Thu Mar 19 18:13:25 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.21 2015/03/19 16:40:32 riz Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.22 2015/03/19 18:13:25 riz Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2565,13 +2565,13 @@ xsrc/xfree/xc/lib/font/bitmap/bdfread.c (bdfReadCharacters: ensure metrics fit into xCharInfo struct) [mrg, ticket #1953] -crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2 -crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2 -crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2 -crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2 -crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2 -crypto/external/bsd/openssl/dist/ssl/s2_lib.c 1.3 -crypto/external/bsd/openssl/dist/ssl/s2_srvr.c 1.2 +crypto/dist/openssl/dist/crypto/asn1/a_type.c 1.2 +crypto/dist/openssl/dist/crypto/asn1/tasn_dec.c 1.2 +crypto/dist/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2 +crypto/dist/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2 +crypto/dist/openssl/dist/doc/crypto/d2i_X509.pod 1.2 +crypto/dist/openssl/dist/ssl/s2_lib.c 1.3 +crypto/dist/openssl/dist/ssl/s2_srvr.c 1.2 Address OpenSSL Security Advisory [19 Mar 2015]: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
CVS commit: [netbsd-5-1] src/crypto/dist/openssl
Module Name:src Committed By: riz Date: Thu Mar 19 16:40:07 UTC 2015 Modified Files: src/crypto/dist/openssl/crypto/asn1 [netbsd-5-1]: a_type.c tasn_dec.c src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-1]: pk7_doit.c pk7_lib.c src/crypto/dist/openssl/doc/crypto [netbsd-5-1]: d2i_X509.pod src/crypto/dist/openssl/ssl [netbsd-5-1]: s2_lib.c s2_srvr.c Log Message: Pull up following revision(s) (requested by spz in ticket #1954): crypto/external/bsd/openssl/dist/ssl/s2_lib.c: revision 1.3 crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c: revision 1.2 crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod: revision 1.2 crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c: revision 1.2 crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c: revision 1.2 crypto/external/bsd/openssl/dist/ssl/s2_srvr.c: revision 1.2 crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c: revision 1.2 patches for todays' OpenSSL security advisory from OpenSSL, as relevant to NetBSD base: OpenSSL Security Advisory [19 Mar 2015] === Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) Severity: High This security issue was previously announced by the OpenSSL project and classified as low severity. This severity rating has now been changed to high. This was classified low because it was originally thought that server RSA export ciphersuite support was rare: a client was only vulnerable to a MITM attack against a server which supports an RSA export ciphersuite. Recent studies have shown that RSA export ciphersuites support is far more common. This issue affects OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8. ** issue already committed see last release ** OpenSSL 1.0.1 users should upgrade to 1.0.1k. OpenSSL 1.0.0 users should upgrade to 1.0.0p. OpenSSL 0.9.8 users should upgrade to 0.9.8zd. This issue was reported to OpenSSL on 22nd October 2014 by Karthikeyan Bhargavan of the PROSECCO team at INRIA. The fix was developed by Stephen Henson of the OpenSSL core team. It was previously announced in the OpenSSL security advisory on 8th January 2015. Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286) === Severity: Moderate The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check certificate signature algorithm consistency this can be used to crash any certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2a commit 1b8ac2b07d02207f2b88e0b009b0bff4ef7eda96 OpenSSL 1.0.1 users should upgrade to 1.0.1m. commit ee5a1253285e5c9f406c8b57b0686319b70c07d8 OpenSSL 1.0.0 users should upgrade to 1.0.0r. commit 1e3ca524cb38ec92deea37629718e98aba43bc5d OpenSSL 0.9.8 users should upgrade to 0.9.8zf. commit 7058bd1712828a78d34457b1cfc32bdc1e6d3d33 This issue was discovered and fixed by Stephen Henson of the OpenSSL development team. ASN.1 structure reuse memory corruption (CVE-2015-0287) === Severity: Moderate Reusing a structure in ASN.1 parsing may allow an attacker to cause memory corruption via an invalid write. Such reuse is and has been strongly discouraged and is believed to be rare. Applications that parse structures containing CHOICE or ANY DEFINED BY components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected. This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2a commit 0ca8edbe6ec402e39c9e095f8ae11dba8fa93fc1 OpenSSL 1.0.1 users should upgrade to 1.0.1m. commit a9f34a7aac5fd89f33a34fb71e954b85fbf35875 OpenSSL 1.0.0 users should upgrade to 1.0.0r. commit d96692c933fe02829c3e922bf7f239e0bd003759 OpenSSL 0.9.8 users should upgrade to 0.9.8zf. commit 5722767d5dc1a3b5505058fe27877fc993fe9a5a This issue was discovered by Emilia K�sper and a fix developed by Stephen Henson of the OpenSSL development team. PKCS7 NULL pointer dereferences (CVE-2015-0289) === Severity: Moderate The PKCS#7 parsing code does not handle missing outer ContentInfo correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing. Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: riz Date: Thu Mar 19 16:40:32 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1594 To generate a diff of this commit: cvs rdiff -u -r1.1.2.20 -r1.1.2.21 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.20 src/doc/CHANGES-5.1.6:1.1.2.21 --- src/doc/CHANGES-5.1.6:1.1.2.20 Tue Mar 17 18:43:50 2015 +++ src/doc/CHANGES-5.1.6 Thu Mar 19 16:40:32 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.20 2015/03/17 18:43:50 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.21 2015/03/19 16:40:32 riz Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2565,3 +2565,22 @@ xsrc/xfree/xc/lib/font/bitmap/bdfread.c (bdfReadCharacters: ensure metrics fit into xCharInfo struct) [mrg, ticket #1953] +crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c 1.2 +crypto/external/bsd/openssl/dist/crypto/asn1/tasn_dec.c 1.2 +crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c 1.2 +crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_lib.c 1.2 +crypto/external/bsd/openssl/dist/doc/crypto/d2i_X509.pod 1.2 +crypto/external/bsd/openssl/dist/ssl/s2_lib.c 1.3 +crypto/external/bsd/openssl/dist/ssl/s2_srvr.c 1.2 + + Address OpenSSL Security Advisory [19 Mar 2015]: + RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) + Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286) + ASN.1 structure reuse memory corruption (CVE-2015-0287) + PKCS7 NULL pointer dereferences (CVE-2015-0289) + Base64 decode (CVE-2015-0292) + DoS via reachable assert in SSLv2 servers (CVE-2015-0293) + Use After Free following d2i_ECPrivatekey error (CVE-2015-0209) + X509_to_X509_REQ NULL pointer deref (CVE-2015-0288) + [spz, ticket #1954] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Tue Mar 17 18:43:50 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: 1953 To generate a diff of this commit: cvs rdiff -u -r1.1.2.19 -r1.1.2.20 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.19 src/doc/CHANGES-5.1.6:1.1.2.20 --- src/doc/CHANGES-5.1.6:1.1.2.19 Mon Mar 16 21:22:17 2015 +++ src/doc/CHANGES-5.1.6 Tue Mar 17 18:43:50 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.19 2015/03/16 21:22:17 bouyer Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.20 2015/03/17 18:43:50 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2556,3 +2556,12 @@ distrib/utils/x_gzip/Makefile patch Sync gzip core with HEAD. [mrg, ticket #1951] +xsrc/external/mit/libXfont/dist/src/bitmap/bdfread.c patch +xsrc/xfree/xc/lib/font/bitmap/bdfread.c patch + + Fix CVE-2015-1802 (bdfReadProperties: property count needs + range check), CVE-2015-1803 (bdfReadCharacters: bailout if a + char's bitmap cannot be read), and CVE-2015-1804 + (bdfReadCharacters: ensure metrics fit into xCharInfo struct) + [mrg, ticket #1953] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: bouyer Date: Mon Mar 16 21:22:18 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: complete list for ticket #1951 To generate a diff of this commit: cvs rdiff -u -r1.1.2.18 -r1.1.2.19 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.18 src/doc/CHANGES-5.1.6:1.1.2.19 --- src/doc/CHANGES-5.1.6:1.1.2.18 Sun Mar 15 21:17:44 2015 +++ src/doc/CHANGES-5.1.6 Mon Mar 16 21:22:17 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.18 2015/03/15 21:17:44 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.19 2015/03/16 21:22:17 bouyer Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2551,6 +2551,7 @@ usr.bin/gzip/Makefilepatch usr.bin/gzip/gzip.11.20-1.24 usr.bin/gzip/gzip.c1.98-1.107 usr.bin/gzip/zuncompress.c 1.7-1.8 +distrib/utils/x_gzip/Makefile patch Sync gzip core with HEAD. [mrg, ticket #1951]
CVS commit: [netbsd-5-1] src/distrib/utils/x_gzip
Module Name:src
Committed By: bouyer
Date: Mon Mar 16 21:20:42 UTC 2015
Modified Files:
src/distrib/utils/x_gzip [netbsd-5-1]: Makefile
Log Message:
usr.bin/gzip/Makefile patch
usr.bin/gzip/gzip.1 1.20-1.24
usr.bin/gzip/gzip.c 1.98-1.107
usr.bin/gzip/zuncompress.c 1.7-1.8
distrib/utils/x_gzip/Makefile patch
Sync gzip core with HEAD.
[mrg, ticket #1951]
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.7.48.1 src/distrib/utils/x_gzip/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/utils/x_gzip/Makefile
diff -u src/distrib/utils/x_gzip/Makefile:1.7 src/distrib/utils/x_gzip/Makefile:1.7.48.1
--- src/distrib/utils/x_gzip/Makefile:1.7 Sun Mar 28 04:10:43 2004
+++ src/distrib/utils/x_gzip/Makefile Mon Mar 16 21:20:41 2015
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.7 2004/03/28 04:10:43 mrg Exp $
+# $NetBSD: Makefile,v 1.7.48.1 2015/03/16 21:20:41 bouyer Exp $
# Build a tiny limited gzip (i.e. for tiny boot media)
SRCDIR= ${.CURDIR}/../../../usr.bin/gzip
@@ -6,7 +6,7 @@ SRCDIR= ${.CURDIR}/../../../usr.
PROG= gzip
NOMAN= # defined
-CPPFLAGS+= -DSMALL -DNO_BZIP2_SUPPORT -DNO_COMPRESS_SUPPORT
+CPPFLAGS+= -DSMALL -DNO_BZIP2_SUPPORT -DNO_COMPRESS_SUPPORT -DNO_XZ_SUPPORT
DPADD= ${LIBZ}
LDADD= -lz
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Sun Mar 15 21:17:44 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: 1951 To generate a diff of this commit: cvs rdiff -u -r1.1.2.17 -r1.1.2.18 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.17 src/doc/CHANGES-5.1.6:1.1.2.18 --- src/doc/CHANGES-5.1.6:1.1.2.17 Mon Feb 23 09:42:23 2015 +++ src/doc/CHANGES-5.1.6 Sun Mar 15 21:17:44 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.17 2015/02/23 09:42:23 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.18 2015/03/15 21:17:44 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2546,3 +2546,12 @@ dist/bind/lib/dns/zone.c patch an untrusted replacement could cause named to crash with an assertion failure. [spz, ticket #1950] + +usr.bin/gzip/Makefilepatch +usr.bin/gzip/gzip.11.20-1.24 +usr.bin/gzip/gzip.c1.98-1.107 +usr.bin/gzip/zuncompress.c 1.7-1.8 + + Sync gzip core with HEAD. + [mrg, ticket #1951] +
CVS commit: [netbsd-5-1] src/usr.bin/gzip
Module Name:src
Committed By: snj
Date: Sun Mar 15 21:15:11 UTC 2015
Modified Files:
src/usr.bin/gzip [netbsd-5-1]: Makefile gzip.1 gzip.c zuncompress.c
Log Message:
Pull up following revision(s) (requested by mrg in ticket #1951):
usr.bin/gzip/Makefile: patch
usr.bin/gzip/gzip.1: revisions 1.20-1.24
usr.bin/gzip/gzip.c: revisions 1.98-1.107
usr.bin/gzip/zuncompress.c: revisions 1.7-1.8
Sync gzip core with HEAD.
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.12.1 src/usr.bin/gzip/Makefile
cvs rdiff -u -r1.19 -r1.19.12.1 src/usr.bin/gzip/gzip.1
cvs rdiff -u -r1.93.4.3 -r1.93.4.3.2.1 src/usr.bin/gzip/gzip.c
cvs rdiff -u -r1.6.36.1 -r1.6.36.2 src/usr.bin/gzip/zuncompress.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/gzip/Makefile
diff -u src/usr.bin/gzip/Makefile:1.12 src/usr.bin/gzip/Makefile:1.12.12.1
--- src/usr.bin/gzip/Makefile:1.12 Fri Aug 29 00:02:24 2008
+++ src/usr.bin/gzip/Makefile Sun Mar 15 21:15:11 2015
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.12 2008/08/29 00:02:24 gmcgarry Exp $
+# $NetBSD: Makefile,v 1.12.12.1 2015/03/15 21:15:11 snj Exp $
USE_FORT?= yes # data-driven bugs?
@@ -30,3 +30,6 @@ LINKS+= ${BINDIR}/gzip ${BINDIR}/gunzip
.if (defined(HAVE_GCC) ${HAVE_GCC} == 4) || defined(HAVE_PCC)
COPTS.gzip.c+= -Wno-pointer-sign
.endif
+
+# NetBSD-5 has no -lzma
+CPPFLAGS+= -DNO_XZ_SUPPORT
Index: src/usr.bin/gzip/gzip.1
diff -u src/usr.bin/gzip/gzip.1:1.19 src/usr.bin/gzip/gzip.1:1.19.12.1
--- src/usr.bin/gzip/gzip.1:1.19 Thu May 29 14:51:27 2008
+++ src/usr.bin/gzip/gzip.1 Sun Mar 15 21:15:11 2015
@@ -1,4 +1,4 @@
-.\ $NetBSD: gzip.1,v 1.19 2008/05/29 14:51:27 mrg Exp $
+.\ $NetBSD: gzip.1,v 1.19.12.1 2015/03/15 21:15:11 snj Exp $
.\
.\ Copyright (c) 1997, 2003, 2004 Matthew R. Green
.\ All rights reserved.
@@ -24,7 +24,7 @@
.\ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\ SUCH DAMAGE.
.\
-.Dd April 27, 2004
+.Dd January 13, 2015
.Dt GZIP 1
.Os
.Sh NAME
@@ -138,8 +138,8 @@ embedded in the file.
This option causes the stored filename in the input file to be used
as the output file.
.It Fl n , -no-name
-This option stops the filename from being stored in the output
-file.
+This option stops the filename and timestamp from being stored in
+the output file.
.It Fl q , -quiet
With this option, no warnings or errors are printed.
.It Fl r , -recursive
@@ -171,6 +171,7 @@ Options on the command line will overrid
.Sh SEE ALSO
.Xr bzip2 1 ,
.Xr compress 1 ,
+.Xr xz 1 ,
.Xr fts 3 ,
.Xr zlib 3
.Sh HISTORY
@@ -190,9 +191,9 @@ program for
This manual documents
.Nx
.Nm
-version 20040427.
+version 20150113.
.Sh AUTHORS
This implementation of
.Nm
was written by
-.An Matthew R. Green Aq m...@eterna.com.au .
+.An Matthew R. Green Aq Mt m...@eterna.com.au .
Index: src/usr.bin/gzip/gzip.c
diff -u src/usr.bin/gzip/gzip.c:1.93.4.3 src/usr.bin/gzip/gzip.c:1.93.4.3.2.1
--- src/usr.bin/gzip/gzip.c:1.93.4.3 Sun Nov 8 22:55:24 2009
+++ src/usr.bin/gzip/gzip.c Sun Mar 15 21:15:11 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: gzip.c,v 1.93.4.3 2009/11/08 22:55:24 snj Exp $ */
+/* $NetBSD: gzip.c,v 1.93.4.3.2.1 2015/03/15 21:15:11 snj Exp $ */
/*
* Copyright (c) 1997, 1998, 2003, 2004, 2006 Matthew R. Green
@@ -30,7 +30,7 @@
#ifndef lint
__COPYRIGHT(@(#) Copyright (c) 1997, 1998, 2003, 2004, 2006\
Matthew R. Green. All rights reserved.);
-__RCSID($NetBSD: gzip.c,v 1.93.4.3 2009/11/08 22:55:24 snj Exp $);
+__RCSID($NetBSD: gzip.c,v 1.93.4.3.2.1 2015/03/15 21:15:11 snj Exp $);
#endif /* not lint */
/*
@@ -81,6 +81,9 @@ enum filetype {
#ifndef NO_PACK_SUPPORT
FT_PACK,
#endif
+#ifndef NO_XZ_SUPPORT
+ FT_XZ,
+#endif
FT_LAST,
FT_UNKNOWN
};
@@ -101,6 +104,12 @@ enum filetype {
#define PACK_MAGIC \037\036
#endif
+#ifndef NO_XZ_SUPPORT
+#include lzma.h
+#define XZ_SUFFIX .xz
+#define XZ_MAGIC \3757zXZ
+#endif
+
#define GZ_SUFFIX .gz
#define BUFLEN (64 * 1024)
@@ -141,6 +150,9 @@ static suffixes_t suffixes[] = {
#ifndef NO_COMPRESS_SUPPORT
SUFFIX(Z_SUFFIX, ),
#endif
+#ifndef NO_XZ_SUPPORT
+ SUFFIX(XZ_SUFFIX, ),
+#endif
SUFFIX(GZ_SUFFIX, ), /* Overwritten by -S */
#endif /* SMALL */
#undef SUFFIX
@@ -148,7 +160,7 @@ static suffixes_t suffixes[] = {
#define NUM_SUFFIXES (sizeof suffixes / sizeof suffixes[0])
#define SUFFIX_MAXLEN 30
-static const char gzip_version[] = NetBSD gzip 20091011;
+static const char gzip_version[] = NetBSD gzip 20150113;
static int cflag; /* stdout mode */
static int dflag; /* decompress mode */
@@ -157,6 +169,7 @@ static int numflag = 6; /* gzip -1..-9
#ifndef SMALL
static int fflag; /* force mode */
+static int kflag; /* don't delete input files */
static int nflag; /* don't save name/timestamp */
static int Nflag; /* don't restore name/timestamp */
static int qflag; /* quiet mode */
@@ -172,16 +185,17 @@
CVS commit: [netbsd-5-1] src/dist/bind/lib/dns
Module Name:src
Committed By: msaitoh
Date: Mon Feb 23 09:40:08 UTC 2015
Modified Files:
src/dist/bind/lib/dns [netbsd-5-1]: zone.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1950):
dist/bind/lib/dns/zone.cpatch
Patch for CVE-2015-1349: Revoking a managed trust anchor and supplying
an untrusted replacement could cause named to crash with an assertion
failure.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.6.4.1.2.3 -r1.1.1.6.4.1.2.4 src/dist/bind/lib/dns/zone.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/dist/bind/lib/dns/zone.c
diff -u src/dist/bind/lib/dns/zone.c:1.1.1.6.4.1.2.3 src/dist/bind/lib/dns/zone.c:1.1.1.6.4.1.2.4
--- src/dist/bind/lib/dns/zone.c:1.1.1.6.4.1.2.3 Wed Jul 25 12:13:12 2012
+++ src/dist/bind/lib/dns/zone.c Mon Feb 23 09:40:08 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: zone.c,v 1.1.1.6.4.1.2.3 2012/07/25 12:13:12 jdc Exp $ */
+/* $NetBSD: zone.c,v 1.1.1.6.4.1.2.4 2015/02/23 09:40:08 msaitoh Exp $ */
/*
* Copyright (C) 2004-2012 Internet Systems Consortium, Inc. (ISC)
@@ -7671,8 +7671,15 @@ keyfetch_done(isc_task_t *task, isc_even
namebuf, tag);
trustkey = ISC_TRUE;
}
+ } else {
+ /*
+ * No previously known key, and the key is not
+ * secure, so skip it.
+ */
+ continue;
}
+
/* Delete old version */
if (deletekey || !newkey)
CHECK(update_one_rr(kfetch-db, ver, diff,
@@ -7717,7 +7724,7 @@ keyfetch_done(isc_task_t *task, isc_even
trust_key(zone, keyname, dnskey, mctx);
}
- if (!deletekey)
+ if (secure !deletekey)
set_refreshkeytimer(zone, keydata, now);
}
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Feb 23 09:42:23 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1950. To generate a diff of this commit: cvs rdiff -u -r1.1.2.16 -r1.1.2.17 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.16 src/doc/CHANGES-5.1.6:1.1.2.17 --- src/doc/CHANGES-5.1.6:1.1.2.16 Wed Feb 11 15:43:38 2015 +++ src/doc/CHANGES-5.1.6 Mon Feb 23 09:42:23 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.16 2015/02/11 15:43:38 martin Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.17 2015/02/23 09:42:23 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2540,3 +2540,9 @@ sys/dev/usb/usbdi.c1.163 (via patch) Clip xfer-actlen also in the !DIAGNOSTIC case. [aymeric, ticket #1948] +dist/bind/lib/dns/zone.c patch + + Patch for CVE-2015-1349: Revoking a managed trust anchor and supplying + an untrusted replacement could cause named to crash with an assertion + failure. + [spz, ticket #1950]
CVS commit: [netbsd-5-1] src/sys/dev/usb
Module Name:src
Committed By: martin
Date: Wed Feb 11 15:40:38 UTC 2015
Modified Files:
src/sys/dev/usb [netbsd-5-1]: usbdi.c
Log Message:
Pull up following revision(s) (requested by aymeric in ticket #1948):
sys/dev/usb/usbdi.c: revision 1.163
clip xfer-actlen also in the !DIAGNOSTIC case
To generate a diff of this commit:
cvs rdiff -u -r1.124.4.2 -r1.124.4.2.2.1 src/sys/dev/usb/usbdi.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/usb/usbdi.c
diff -u src/sys/dev/usb/usbdi.c:1.124.4.2 src/sys/dev/usb/usbdi.c:1.124.4.2.2.1
--- src/sys/dev/usb/usbdi.c:1.124.4.2 Wed Jan 27 20:56:45 2010
+++ src/sys/dev/usb/usbdi.c Wed Feb 11 15:40:38 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: usbdi.c,v 1.124.4.2 2010/01/27 20:56:45 sborrill Exp $ */
+/* $NetBSD: usbdi.c,v 1.124.4.2.2.1 2015/02/11 15:40:38 martin Exp $ */
/* $FreeBSD: src/sys/dev/usb/usbdi.c,v 1.28 1999/11/17 22:33:49 n_hibma Exp $ */
/*
@@ -32,7 +32,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: usbdi.c,v 1.124.4.2 2010/01/27 20:56:45 sborrill Exp $);
+__KERNEL_RCSID(0, $NetBSD: usbdi.c,v 1.124.4.2.2.1 2015/02/11 15:40:38 martin Exp $);
#include opt_compat_netbsd.h
@@ -773,13 +773,13 @@ usb_transfer_complete(usbd_xfer_handle x
if (!(xfer-flags USBD_NO_COPY) xfer-actlen != 0
usbd_xfer_isread(xfer)) {
-#ifdef DIAGNOSTIC
if (xfer-actlen xfer-length) {
+#ifdef DIAGNOSTIC
printf(usb_transfer_complete: actlen len %d %d\n,
xfer-actlen, xfer-length);
+#endif
xfer-actlen = xfer-length;
}
-#endif
memcpy(xfer-buffer, KERNADDR(dmap, 0), xfer-actlen);
}
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: martin Date: Wed Feb 11 15:35:07 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1949 To generate a diff of this commit: cvs rdiff -u -r1.1.2.14 -r1.1.2.15 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.14 src/doc/CHANGES-5.1.6:1.1.2.15 --- src/doc/CHANGES-5.1.6:1.1.2.14 Wed Feb 4 04:48:10 2015 +++ src/doc/CHANGES-5.1.6 Wed Feb 11 15:35:07 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.14 2015/02/04 04:48:10 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.15 2015/02/11 15:35:07 martin Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2528,3 +2528,10 @@ lib/libevent/buffer.cpatch Fix CVE-2014-6272. [spz, ticket #1947] +external/mit/xorg-server/dist/xkb/xkb.c 1.2 (via patch) +xfree/xc/programs/Xserver/xkb/xkb.c 1.2 (via patch) + + Apply fixes for CVE-2015-0255: + Information leak in the XkbSetGeometry request of X servers. + [mrg, ticket #1949] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: martin Date: Wed Feb 11 15:43:38 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1948 To generate a diff of this commit: cvs rdiff -u -r1.1.2.15 -r1.1.2.16 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.15 src/doc/CHANGES-5.1.6:1.1.2.16 --- src/doc/CHANGES-5.1.6:1.1.2.15 Wed Feb 11 15:35:07 2015 +++ src/doc/CHANGES-5.1.6 Wed Feb 11 15:43:38 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.15 2015/02/11 15:35:07 martin Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.16 2015/02/11 15:43:38 martin Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2535,3 +2535,8 @@ xfree/xc/programs/Xserver/xkb/xkb.c 1.2 Information leak in the XkbSetGeometry request of X servers. [mrg, ticket #1949] +sys/dev/usb/usbdi.c1.163 (via patch) + + Clip xfer-actlen also in the !DIAGNOSTIC case. + [aymeric, ticket #1948] +
CVS commit: [netbsd-5-1] src/lib/libevent
Module Name:src
Committed By: snj
Date: Wed Feb 4 04:46:21 UTC 2015
Modified Files:
src/lib/libevent [netbsd-5-1]: buffer.c
Log Message:
Apply patch (requested by spz in ticket 1947):
Fix CVE-2014-6272.
To generate a diff of this commit:
cvs rdiff -u -r1.4.4.1 -r1.4.4.1.2.1 src/lib/libevent/buffer.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libevent/buffer.c
diff -u src/lib/libevent/buffer.c:1.4.4.1 src/lib/libevent/buffer.c:1.4.4.1.2.1
--- src/lib/libevent/buffer.c:1.4.4.1 Tue Aug 4 18:32:08 2009
+++ src/lib/libevent/buffer.c Wed Feb 4 04:46:21 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: buffer.c,v 1.4.4.1 2009/08/04 18:32:08 snj Exp $ */
+/* $NetBSD: buffer.c,v 1.4.4.1.2.1 2015/02/04 04:46:21 snj Exp $ */
/*
* Copyright (c) 2002, 2003 Niels Provos pro...@citi.umich.edu
* All rights reserved.
@@ -120,7 +120,8 @@ evbuffer_add_vprintf(struct evbuffer *bu
va_list aq;
/* make sure that at least some space is available */
- evbuffer_expand(buf, 64);
+ if (evbuffer_expand(buf, 64) 0)
+ return (-1);
for (;;) {
size_t used = buf-misalign + buf-off;
buffer = (char *)buf-buffer + buf-off;
@@ -233,31 +234,47 @@ evbuffer_align(struct evbuffer *buf)
buf-misalign = 0;
}
+#ifndef SIZE_MAX
+#define SIZE_MAX ((size_t)-1)
+#endif
+
/* Expands the available space in the event buffer to at least datlen */
int
evbuffer_expand(struct evbuffer *buf, size_t datlen)
{
- size_t need = buf-misalign + buf-off + datlen;
+ size_t used = buf-misalign + buf-off;
+
+ assert(buf-totallen = used);
/* If we can fit all the data, then we don't have to do anything */
- if (buf-totallen = need)
+ if (buf-totallen - used = datlen)
return (0);
+ /* If we would need to overflow to fit this much data, we can't
+ * do anything. */
+ if (datlen SIZE_MAX - buf-off)
+ return (-1);
/*
* If the misalignment fulfills our data needs, we just force an
* alignment to happen. Afterwards, we have enough space.
*/
- if (buf-misalign = datlen) {
+ if (buf-totallen - buf-off = datlen) {
evbuffer_align(buf);
} else {
void *newbuf;
size_t length = buf-totallen;
+ size_t need = buf-off + datlen;
if (length 256)
length = 256;
- while (length need)
- length = 1;
+ if (need SIZE_MAX / 2) {
+ while (length need) {
+length = 1;
+ }
+ } else {
+ length = need;
+ }
if (buf-orig_buffer != buf-buffer)
evbuffer_align(buf);
@@ -274,10 +291,10 @@ evbuffer_expand(struct evbuffer *buf, si
int
evbuffer_add(struct evbuffer *buf, const void *data, size_t datlen)
{
- size_t need = buf-misalign + buf-off + datlen;
+ size_t used = buf-misalign + buf-off;
size_t oldoff = buf-off;
- if (buf-totallen need) {
+ if (buf-totallen - used datlen) {
if (evbuffer_expand(buf, datlen) == -1)
return (-1);
}
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Wed Feb 4 04:48:10 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: ticket 1947 To generate a diff of this commit: cvs rdiff -u -r1.1.2.13 -r1.1.2.14 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.13 src/doc/CHANGES-5.1.6:1.1.2.14 --- src/doc/CHANGES-5.1.6:1.1.2.13 Mon Jan 26 11:51:16 2015 +++ src/doc/CHANGES-5.1.6 Wed Feb 4 04:48:10 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.13 2015/01/26 11:51:16 martin Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.14 2015/02/04 04:48:10 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2523,4 +2523,8 @@ lib/libssl/shlib_version Bignum squaring may produce incorrect results (CVE-2014-3570) [spz, ticket #1945] +lib/libevent/buffer.cpatch + + Fix CVE-2014-6272. + [spz, ticket #1947]
CVS commit: [netbsd-5-1] src
Module Name:src Committed By: martin Date: Mon Jan 26 11:47:24 UTC 2015 Modified Files: src/crypto/dist/openssl/apps [netbsd-5-1]: s_client.c s_server.c speed.c src/crypto/dist/openssl/crypto [netbsd-5-1]: Makefile constant_time_locl.h cversion.c src/crypto/dist/openssl/crypto/asn1 [netbsd-5-1]: a_bitstr.c a_type.c a_verify.c asn1.h asn1_err.c tasn_dec.c x_algor.c src/crypto/dist/openssl/crypto/bio [netbsd-5-1]: bio.h bss_dgram.c src/crypto/dist/openssl/crypto/bn [netbsd-5-1]: bn_asm.c bntest.c src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-1]: mips3.s x86_64-gcc.c src/crypto/dist/openssl/crypto/dsa [netbsd-5-1]: dsa_vrf.c src/crypto/dist/openssl/crypto/ec [netbsd-5-1]: ec_mult.c ec_pmeth.c src/crypto/dist/openssl/crypto/ecdsa [netbsd-5-1]: ecs_vrf.c src/crypto/dist/openssl/crypto/evp [netbsd-5-1]: Makefile evp_enc.c src/crypto/dist/openssl/crypto/objects [netbsd-5-1]: obj_xref.h objxref.pl src/crypto/dist/openssl/crypto/ts [netbsd-5-1]: ts_rsp_sign.c src/crypto/dist/openssl/crypto/x509 [netbsd-5-1]: x509.h x509_vpm.c x_all.c src/crypto/dist/openssl/ssl [netbsd-5-1]: d1_both.c d1_clnt.c d1_enc.c d1_lib.c d1_pkt.c d1_srvr.c dtls1.h s23_srvr.c s2_enc.c s2_pkt.c s2_srvr.c s3_both.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c ssl.h ssl_cert.c ssl_lib.c ssl_locl.h src/crypto/dist/openssl/util [netbsd-5-1]: libeay.num mk1mf.pl src/distrib/sets/lists/base [netbsd-5-1]: md.amd64 md.sparc64 shl.mi src/lib/libcrypto [netbsd-5-1]: shlib_version src/lib/libssl [netbsd-5-1]: shlib_version Log Message: Change the following, requested by spz in ticket #1945: crypto/dist/openssl/apps/s_client.c patch crypto/dist/openssl/apps/s_server.c patch crypto/dist/openssl/apps/speed.c patch crypto/dist/openssl/crypto/Makefile patch crypto/dist/openssl/crypto/constant_time_locl.h patch crypto/dist/openssl/crypto/cversion.cpatch crypto/dist/openssl/crypto/asn1/a_bitstr.c patch crypto/dist/openssl/crypto/asn1/a_type.c patch crypto/dist/openssl/crypto/asn1/a_verify.c patch crypto/dist/openssl/crypto/asn1/asn1.h patch crypto/dist/openssl/crypto/asn1/asn1_err.c patch crypto/dist/openssl/crypto/asn1/tasn_dec.c patch crypto/dist/openssl/crypto/asn1/x_algor.cpatch crypto/dist/openssl/crypto/bio/bio.h patch crypto/dist/openssl/crypto/bio/bss_dgram.c patch crypto/dist/openssl/crypto/bn/bn_asm.c patch crypto/dist/openssl/crypto/bn/bntest.c patch crypto/dist/openssl/crypto/bn/asm/mips3.spatch crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c patch crypto/dist/openssl/crypto/dsa/dsa_vrf.c patch crypto/dist/openssl/crypto/ec/ec_mult.c patch crypto/dist/openssl/crypto/ec/ec_pmeth.c patch crypto/dist/openssl/crypto/ecdsa/ecs_vrf.c patch crypto/dist/openssl/crypto/evp/Makefile patch crypto/dist/openssl/crypto/evp/evp_enc.c patch crypto/dist/openssl/crypto/objects/obj_xref.hpatch crypto/dist/openssl/crypto/objects/objxref.plpatch crypto/dist/openssl/crypto/ts/ts_rsp_sign.c patch crypto/dist/openssl/crypto/x509/x509.h patch crypto/dist/openssl/crypto/x509/x509_vpm.c patch crypto/dist/openssl/crypto/x509/x_all.c patch crypto/dist/openssl/ssl/d1_both.cpatch crypto/dist/openssl/ssl/d1_clnt.cpatch crypto/dist/openssl/ssl/d1_enc.c patch crypto/dist/openssl/ssl/d1_lib.c patch crypto/dist/openssl/ssl/d1_pkt.c patch crypto/dist/openssl/ssl/d1_srvr.cpatch crypto/dist/openssl/ssl/dtls1.h patch crypto/dist/openssl/ssl/s23_srvr.c patch crypto/dist/openssl/ssl/s2_enc.c patch crypto/dist/openssl/ssl/s2_pkt.c patch crypto/dist/openssl/ssl/s2_srvr.cpatch
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: martin Date: Mon Jan 26 11:51:16 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1945 To generate a diff of this commit: cvs rdiff -u -r1.1.2.12 -r1.1.2.13 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.12 src/doc/CHANGES-5.1.6:1.1.2.13 --- src/doc/CHANGES-5.1.6:1.1.2.12 Wed Jan 7 18:44:13 2015 +++ src/doc/CHANGES-5.1.6 Mon Jan 26 11:51:16 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.12 2015/01/07 18:44:13 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.13 2015/01/26 11:51:16 martin Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -2449,3 +2449,78 @@ etc/rc.d/ntpd 1.15 New ntpd wants to be able to translate ntp into a port number after chroot, so give it its own small copy of /etc/services in the chroot [he, ticket #1940] + +crypto/dist/openssl/apps/s_client.c patch +crypto/dist/openssl/apps/s_server.c patch +crypto/dist/openssl/apps/speed.c patch +crypto/dist/openssl/crypto/Makefile patch +crypto/dist/openssl/crypto/constant_time_locl.h patch +crypto/dist/openssl/crypto/cversion.c patch +crypto/dist/openssl/crypto/asn1/a_bitstr.cpatch +crypto/dist/openssl/crypto/asn1/a_type.c patch +crypto/dist/openssl/crypto/asn1/a_verify.cpatch +crypto/dist/openssl/crypto/asn1/asn1.hpatch +crypto/dist/openssl/crypto/asn1/asn1_err.cpatch +crypto/dist/openssl/crypto/asn1/tasn_dec.cpatch +crypto/dist/openssl/crypto/asn1/x_algor.c patch +crypto/dist/openssl/crypto/bio/bio.h patch +crypto/dist/openssl/crypto/bio/bss_dgram.cpatch +crypto/dist/openssl/crypto/bn/bn_asm.cpatch +crypto/dist/openssl/crypto/bn/bntest.cpatch +crypto/dist/openssl/crypto/bn/asm/mips3.s patch +crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.cpatch +crypto/dist/openssl/crypto/dsa/dsa_vrf.c patch +crypto/dist/openssl/crypto/ec/ec_mult.c patch +crypto/dist/openssl/crypto/ec/ec_pmeth.c patch +crypto/dist/openssl/crypto/ecdsa/ecs_vrf.cpatch +crypto/dist/openssl/crypto/evp/Makefile patch +crypto/dist/openssl/crypto/evp/evp_enc.c patch +crypto/dist/openssl/crypto/objects/obj_xref.h patch +crypto/dist/openssl/crypto/objects/objxref.pl patch +crypto/dist/openssl/crypto/ts/ts_rsp_sign.c patch +crypto/dist/openssl/crypto/x509/x509.hpatch +crypto/dist/openssl/crypto/x509/x509_vpm.cpatch +crypto/dist/openssl/crypto/x509/x_all.c patch +crypto/dist/openssl/ssl/d1_both.c patch +crypto/dist/openssl/ssl/d1_clnt.c patch +crypto/dist/openssl/ssl/d1_enc.c patch +crypto/dist/openssl/ssl/d1_lib.c patch +crypto/dist/openssl/ssl/d1_pkt.c patch +crypto/dist/openssl/ssl/d1_srvr.c patch +crypto/dist/openssl/ssl/dtls1.h patch +crypto/dist/openssl/ssl/s23_srvr.cpatch +crypto/dist/openssl/ssl/s2_enc.c patch +crypto/dist/openssl/ssl/s2_pkt.c patch +crypto/dist/openssl/ssl/s2_srvr.c patch +crypto/dist/openssl/ssl/s3_both.c patch +crypto/dist/openssl/ssl/s3_clnt.c patch +crypto/dist/openssl/ssl/s3_enc.c patch +crypto/dist/openssl/ssl/s3_lib.c patch +crypto/dist/openssl/ssl/s3_pkt.c patch +crypto/dist/openssl/ssl/s3_srvr.c patch +crypto/dist/openssl/ssl/ssl.h patch +crypto/dist/openssl/ssl/ssl_cert.cpatch +crypto/dist/openssl/ssl/ssl_lib.c patch +crypto/dist/openssl/ssl/ssl_locl.hpatch +crypto/dist/openssl/util/libeay.num patch +crypto/dist/openssl/util/mk1mf.pl
CVS commit: [netbsd-5-1] src/etc/rc.d
Module Name:src
Committed By: msaitoh
Date: Wed Jan 7 18:42:14 UTC 2015
Modified Files:
src/etc/rc.d [netbsd-5-1]: ntpd
Log Message:
Pull up following revision(s) (requested by he in ticket #1940):
etc/rc.d/ntpd: revision 1.15
new ntpd wants to be able to translate ntp into a port number after chroot,
so give it its own small copy of /etc/services in the chroot
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.42.1 src/etc/rc.d/ntpd
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/rc.d/ntpd
diff -u src/etc/rc.d/ntpd:1.13 src/etc/rc.d/ntpd:1.13.42.1
--- src/etc/rc.d/ntpd:1.13 Fri Aug 13 18:08:03 2004
+++ src/etc/rc.d/ntpd Wed Jan 7 18:42:14 2015
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: ntpd,v 1.13 2004/08/13 18:08:03 mycroft Exp $
+# $NetBSD: ntpd,v 1.13.42.1 2015/01/07 18:42:14 msaitoh Exp $
#
# PROVIDE: ntpd
@@ -49,6 +49,21 @@ ntpd_precmd()
fi
ln -fs ${ntpd_chrootdir}/var/db/ntp.drift /var/db/ntp.drift
+ if [ ! -d ${ntpd_chrootdir}/etc ]; then
+ mkdir ${ntpd_chrootdir}/etc
+ fi
+ if [ ! -f ${ntpd_chrootdir}/etc/services ]; then
+ getent services ntp/udp ntp/tcp \
+ ${ntpd_chrootdir}/etc/services
+ fi
+ if [ ! -d ${ntpd_chrootdir}/var/db ]; then
+ mkdir -p ${ntpd_chrootdir}/var/db
+ fi
+ if [ ! -f ${ntpd_chrootdir}/var/db/services.cdb ]; then
+ services_mkdb -o ${ntpd_chrootdir}/var/db/services.cdb \
+ ${ntpd_chrootdir}/etc/services
+ fi
+
# Change run_rc_commands()'s internal copy of $ntpd_flags
#
rc_flags=-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Jan 7 18:44:13 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1938 and 1940. To generate a diff of this commit: cvs rdiff -u -r1.1.2.11 -r1.1.2.12 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.11 src/doc/CHANGES-5.1.6:1.1.2.12 --- src/doc/CHANGES-5.1.6:1.1.2.11 Mon Jan 5 23:33:45 2015 +++ src/doc/CHANGES-5.1.6 Wed Jan 7 18:44:13 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.11 2015/01/05 23:33:45 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.12 2015/01/07 18:44:13 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -151,3 +151,2301 @@ usr.sbin/bind/include/isc/platform.h 1. setup can cause BIND to issue an unlimited sequence of queries to follow a delegation. [spz, ticket #1937] + +dist/ntp/COPYRIGHT delete +dist/ntp/ChangeLog delete +dist/ntp/CommitLog delete +dist/ntp/CommitLog-4.1.0 delete +dist/ntp/ElectricFence/CHANGES delete +dist/ntp/ElectricFence/COPYING delete +dist/ntp/ElectricFence/Makefile.amdelete +dist/ntp/ElectricFence/Makefile.indelete +dist/ntp/ElectricFence/README delete +dist/ntp/ElectricFence/efence.c delete +dist/ntp/ElectricFence/efence.h delete +dist/ntp/ElectricFence/eftest.c delete +dist/ntp/ElectricFence/libefence.3delete +dist/ntp/ElectricFence/page.c delete +dist/ntp/ElectricFence/print.c delete +dist/ntp/ElectricFence/tstheap.cdelete +dist/ntp/INSTALL delete +dist/ntp/Makefile.am delete +dist/ntp/Makefile.in delete +dist/ntp/NEWS delete +dist/ntp/NOTES.y2kfixes delete +dist/ntp/README delete +dist/ntp/README.bk delete +dist/ntp/README.hackers delete +dist/ntp/README.patches delete +dist/ntp/README.refclocks delete +dist/ntp/README.versions delete +dist/ntp/TODO delete +dist/ntp/WHERE-TO-START delete +dist/ntp/aclocal.m4 delete +dist/ntp/adjtimed/Makefile.am delete +dist/ntp/adjtimed/Makefile.in delete +dist/ntp/adjtimed/README delete +dist/ntp/adjtimed/adjtimed.c delete +dist/ntp/arlib/COPYING delete +dist/ntp/arlib/INSTALL delete +dist/ntp/arlib/Makefile.am delete +dist/ntp/arlib/Makefile.in delete +dist/ntp/arlib/README delete +dist/ntp/arlib/UNSHAR.HDR delete +dist/ntp/arlib/aclocal.m4 delete +dist/ntp/arlib/arlib.3 delete +dist/ntp/arlib/arlib.c delete +dist/ntp/arlib/arlib.h delete +dist/ntp/arlib/arplib.h delete +dist/ntp/arlib/configure delete +dist/ntp/arlib/configure.in delete +dist/ntp/arlib/depcomp delete +dist/ntp/arlib/install-sh delete +dist/ntp/arlib/missing delete +dist/ntp/arlib/sample.c delete +dist/ntp/bincheck.mf delete +dist/ntp/bootstrap delete +dist/ntp/build delete +dist/ntp/clockstuff/Makefile.am delete +dist/ntp/clockstuff/Makefile.in delete +dist/ntp/clockstuff/README delete +dist/ntp/clockstuff/chutest.c delete +dist/ntp/clockstuff/clktest.c delete +dist/ntp/clockstuff/propdelay.c delete +dist/ntp/compile delete +dist/ntp/conf/README delete +dist/ntp/conf/baldwin.conf delete +dist/ntp/conf/beauregard.conf delete +dist/ntp/conf/grundoon.conf delete +dist/ntp/conf/malarky.conf delete +dist/ntp/conf/pogo.conf delete +dist/ntp/conf/rackety.conf delete +dist/ntp/config.guess delete +dist/ntp/config.h.in delete +dist/ntp/config.sub delete +dist/ntp/configure delete +dist/ntp/configure.ac delete +dist/ntp/depcomp delete +dist/ntp/dot.emacs delete +dist/ntp/excludes delete +dist/ntp/flock-build delete +dist/ntp/html/accopt.html delete +dist/ntp/html/assoc.html delete +dist/ntp/html/audio.html delete +dist/ntp/html/authopt.html delete +dist/ntp/html/build/build.html delete +dist/ntp/html/build/config.html delete +dist/ntp/html/build/hints.html delete +dist/ntp/html/build/hints/a-ux delete +dist/ntp/html/build/hints/aix delete +dist/ntp/html/build/hints/bsdi delete +dist/ntp/html/build/hints/changesdelete +dist/ntp/html/build/hints/decosf1delete +dist/ntp/html/build/hints/decosf2delete +dist/ntp/html/build/hints/freebsddelete +dist/ntp/html/build/hints/hpux delete +dist/ntp/html/build/hints/linux delete +dist/ntp/html/build/hints/mpeix delete +dist/ntp/html/build/hints/netbsddelete +dist/ntp/html/build/hints/notes-xntp-v3delete +dist/ntp/html/build/hints/parse delete +dist/ntp/html/build/hints/refclocksdelete +dist/ntp/html/build/hints/rs6000delete +dist/ntp/html/build/hints/sco.htmldelete +dist/ntp/html/build/hints/sgi delete
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Jan 5 23:33:45 UTC 2015 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Update ticket 1937. To generate a diff of this commit: cvs rdiff -u -r1.1.2.10 -r1.1.2.11 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.10 src/doc/CHANGES-5.1.6:1.1.2.11 --- src/doc/CHANGES-5.1.6:1.1.2.10 Thu Dec 25 23:46:18 2014 +++ src/doc/CHANGES-5.1.6 Mon Jan 5 23:33:45 2015 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.10 2014/12/25 23:46:18 he Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.11 2015/01/05 23:33:45 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -144,6 +144,7 @@ dist/bind/lib/isc/include/isc/types.h p dist/bind/lib/isccfg/namedconf.c patch lib/libisc/Makefilepatch usr.sbin/bind/Makefile.inc patch +usr.sbin/bind/include/isc/platform.h 1.18 Apply fix for BIND, backported from the patch for 9.8.8 from ISC. This is a fix for CVE-2014-8500, where a maliciously constructed
CVS commit: [netbsd-5-1] src/usr.sbin/bind/include/isc
Module Name:src Committed By: msaitoh Date: Mon Jan 5 23:31:37 UTC 2015 Modified Files: src/usr.sbin/bind/include/isc [netbsd-5-1]: platform.h Log Message: Pullup the following revision (requested by he in ticket #1937): src/external/bsd/bind/include/isc/platform.hrev. 1.18 What ISC wraps under ISC_PLATFORM_HAVEXADD appears to be 32-bit atomic adds, and I beleive all our platforms can do that. Therefore, no need to conditionalize that definition under __HAVE_ATOMIC64_OPS. To generate a diff of this commit: cvs rdiff -u -r1.9.12.1 -r1.9.12.2 src/usr.sbin/bind/include/isc/platform.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/bind/include/isc/platform.h diff -u src/usr.sbin/bind/include/isc/platform.h:1.9.12.1 src/usr.sbin/bind/include/isc/platform.h:1.9.12.2 --- src/usr.sbin/bind/include/isc/platform.h:1.9.12.1 Sun Jan 9 20:43:32 2011 +++ src/usr.sbin/bind/include/isc/platform.h Mon Jan 5 23:31:37 2015 @@ -258,9 +258,7 @@ * If the xadd operation is available on this architecture, * ISC_PLATFORM_HAVEXADD will be defined. */ -#ifdef __HAVE_ATOMIC64_OPS #define ISC_PLATFORM_HAVEXADD 1 -#endif /* * If the xaddq operation (64bit xadd) is available on this architecture,
CVS commit: [netbsd-5-1] src
Module Name:src
Committed By: he
Date: Thu Dec 25 23:43:29 UTC 2014
Modified Files:
src/dist/bind/bin/named [netbsd-5-1]: config.c query.c server.c
src/dist/bind/lib/dns [netbsd-5-1]: adb.c resolver.c
src/dist/bind/lib/dns/include/dns [netbsd-5-1]: adb.h resolver.h
src/dist/bind/lib/export/isc [netbsd-5-1]: Makefile.in
src/dist/bind/lib/isc [netbsd-5-1]: Makefile.in
src/dist/bind/lib/isc/include/isc [netbsd-5-1]: Makefile.in types.h
src/dist/bind/lib/isccfg [netbsd-5-1]: namedconf.c
src/lib/libisc [netbsd-5-1]: Makefile
Added Files:
src/dist/bind/lib/isc [netbsd-5-1]: counter.c
src/dist/bind/lib/isc/include/isc [netbsd-5-1]: counter.h
Log Message:
Apply fix for BIND, backported from the patch for 9.8.8 from ISC.
This is a fix for CVE-2014-8500, where a maliciously constructed
setup can cause BIND to issue an unlimited sequence of queries to
follow a delegation.
[spz, ticket #1937]
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.8.4.1.2.3 -r1.1.1.8.4.1.2.4 \
src/dist/bind/bin/named/config.c
cvs rdiff -u -r1.8.4.2.2.6 -r1.8.4.2.2.7 src/dist/bind/bin/named/query.c
cvs rdiff -u -r1.1.1.9.4.1.2.3 -r1.1.1.9.4.1.2.4 \
src/dist/bind/bin/named/server.c
cvs rdiff -u -r1.6.4.1.2.3 -r1.6.4.1.2.4 src/dist/bind/lib/dns/adb.c
cvs rdiff -u -r1.8.4.2.2.4 -r1.8.4.2.2.5 src/dist/bind/lib/dns/resolver.c
cvs rdiff -u -r1.1.1.5.12.3 -r1.1.1.5.12.4 \
src/dist/bind/lib/dns/include/dns/adb.h
cvs rdiff -u -r1.1.1.5.4.1.2.3 -r1.1.1.5.4.1.2.4 \
src/dist/bind/lib/dns/include/dns/resolver.h
cvs rdiff -u -r1.1.4.4 -r1.1.4.5 src/dist/bind/lib/export/isc/Makefile.in
cvs rdiff -u -r1.1.1.6.4.1.2.3 -r1.1.1.6.4.1.2.4 \
src/dist/bind/lib/isc/Makefile.in
cvs rdiff -u -r0 -r1.1.6.2 src/dist/bind/lib/isc/counter.c
cvs rdiff -u -r1.1.1.5.4.1.2.3 -r1.1.1.5.4.1.2.4 \
src/dist/bind/lib/isc/include/isc/Makefile.in \
src/dist/bind/lib/isc/include/isc/types.h
cvs rdiff -u -r0 -r1.1.6.2 src/dist/bind/lib/isc/include/isc/counter.h
cvs rdiff -u -r1.1.1.7.4.1.2.3 -r1.1.1.7.4.1.2.4 \
src/dist/bind/lib/isccfg/namedconf.c
cvs rdiff -u -r1.2.4.1.2.1 -r1.2.4.1.2.2 src/lib/libisc/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/dist/bind/bin/named/config.c
diff -u src/dist/bind/bin/named/config.c:1.1.1.8.4.1.2.3 src/dist/bind/bin/named/config.c:1.1.1.8.4.1.2.4
--- src/dist/bind/bin/named/config.c:1.1.1.8.4.1.2.3 Wed Jul 25 12:09:57 2012
+++ src/dist/bind/bin/named/config.c Thu Dec 25 23:43:29 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: config.c,v 1.1.1.8.4.1.2.3 2012/07/25 12:09:57 jdc Exp $ */
+/* $NetBSD: config.c,v 1.1.1.8.4.1.2.4 2014/12/25 23:43:29 he Exp $ */
/*
* Copyright (C) 2004-2010 Internet Systems Consortium, Inc. (ISC)
@@ -75,6 +75,8 @@ options {\n\
listen-on {any;};\n\
listen-on-v6 {none;};\n\
match-mapped-addresses no;\n\
+ max-recursion-depth 7;\n\
+ max-recursion-queries 50;\n\
memstatistics-file \named.memstats\;\n\
multiple-cnames no;\n\
# named-xfer obsolete;\n\
Index: src/dist/bind/bin/named/query.c
diff -u src/dist/bind/bin/named/query.c:1.8.4.2.2.6 src/dist/bind/bin/named/query.c:1.8.4.2.2.7
--- src/dist/bind/bin/named/query.c:1.8.4.2.2.6 Wed Jan 15 10:11:37 2014
+++ src/dist/bind/bin/named/query.c Thu Dec 25 23:43:29 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: query.c,v 1.8.4.2.2.6 2014/01/15 10:11:37 bouyer Exp $ */
+/* $NetBSD: query.c,v 1.8.4.2.2.7 2014/12/25 23:43:29 he Exp $ */
/*
* Copyright (C) 2004-2012 Internet Systems Consortium, Inc. (ISC)
@@ -3338,11 +3338,11 @@ query_recurse(ns_client_t *client, dns_r
peeraddr = client-peeraddr;
else
peeraddr = NULL;
- result = dns_resolver_createfetch2(client-view-resolver,
+ result = dns_resolver_createfetch3(client-view-resolver,
client-query.qname,
qtype, qdomain, nameservers,
NULL, peeraddr, client-message-id,
- client-query.fetchoptions,
+ client-query.fetchoptions, 0, NULL,
client-task,
query_resume, client,
rdataset, sigrdataset,
Index: src/dist/bind/bin/named/server.c
diff -u src/dist/bind/bin/named/server.c:1.1.1.9.4.1.2.3 src/dist/bind/bin/named/server.c:1.1.1.9.4.1.2.4
--- src/dist/bind/bin/named/server.c:1.1.1.9.4.1.2.3 Wed Jul 25 12:10:02 2012
+++ src/dist/bind/bin/named/server.c Thu Dec 25 23:43:29 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: server.c,v 1.1.1.9.4.1.2.3 2012/07/25 12:10:02 jdc Exp $ */
+/* $NetBSD: server.c,v 1.1.1.9.4.1.2.4 2014/12/25 23:43:29 he Exp $ */
/*
* Copyright (C) 2004-2012 Internet Systems Consortium, Inc. (ISC)
@@ -1837,6 +1837,16 @@ configure_view(dns_view_t *view, cfg_obj
udpsize = 4096;
dns_resolver_setudpsize(view-resolver, (isc_uint16_t)udpsize);
+ obj = NULL;
+ result = ns_config_get(maps, max-recursion-depth, obj);
+ INSIST(result == ISC_R_SUCCESS);
+ dns_resolver_setmaxdepth(view-resolver, cfg_obj_asuint32(obj));
+
+ obj
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: he Date: Thu Dec 25 23:46:18 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket 1937. To generate a diff of this commit: cvs rdiff -u -r1.1.2.9 -r1.1.2.10 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.9 src/doc/CHANGES-5.1.6:1.1.2.10 --- src/doc/CHANGES-5.1.6:1.1.2.9 Mon Dec 22 12:58:36 2014 +++ src/doc/CHANGES-5.1.6 Thu Dec 25 23:46:18 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.9 2014/12/22 12:58:36 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.10 2014/12/25 23:46:18 he Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -127,3 +127,26 @@ xsrc/xfree/xc/programs/Xserver/render/re the check properly. CVE-2013-6424 [mrg, ticket #1935] + +dist/bind/lib/isc/counter.c new, via patch +dist/bind/lib/isc/include/isc/counter.h new, via patch +dist/bind/bin/named/config.c patch +dist/bind/bin/named/query.c patch +dist/bind/bin/named/server.c patch +dist/bind/lib/dns/adb.cpatch +dist/bind/lib/dns/resolver.c patch +dist/bind/lib/dns/include/dns/adb.h patch +dist/bind/lib/dns/include/dns/resolver.h patch +dist/bind/lib/export/isc/Makefile.in patch +dist/bind/lib/isc/Makefile.in patch +dist/bind/lib/isc/include/isc/Makefile.in patch +dist/bind/lib/isc/include/isc/types.h patch +dist/bind/lib/isccfg/namedconf.c patch +lib/libisc/Makefilepatch +usr.sbin/bind/Makefile.inc patch + + Apply fix for BIND, backported from the patch for 9.8.8 from ISC. + This is a fix for CVE-2014-8500, where a maliciously constructed + setup can cause BIND to issue an unlimited sequence of queries to + follow a delegation. + [spz, ticket #1937]
CVS commit: [netbsd-5-1] src/usr.sbin/bind
Module Name:src
Committed By: he
Date: Thu Dec 25 23:57:50 UTC 2014
Modified Files:
src/usr.sbin/bind [netbsd-5-1]: Makefile.inc
Log Message:
Apply fix for BIND, backported from the patch for 9.8.8 from ISC.
This is a fix for CVE-2014-8500, where a maliciously constructed
setup can cause BIND to issue an unlimited sequence of queries to
follow a delegation.
[spz, ticket #1937]
To generate a diff of this commit:
cvs rdiff -u -r1.32.12.1 -r1.32.12.2 src/usr.sbin/bind/Makefile.inc
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/bind/Makefile.inc
diff -u src/usr.sbin/bind/Makefile.inc:1.32.12.1 src/usr.sbin/bind/Makefile.inc:1.32.12.2
--- src/usr.sbin/bind/Makefile.inc:1.32.12.1 Sun Jan 9 20:43:30 2011
+++ src/usr.sbin/bind/Makefile.inc Thu Dec 25 23:57:50 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.inc,v 1.32.12.1 2011/01/09 20:43:30 riz Exp $
+# $NetBSD: Makefile.inc,v 1.32.12.2 2014/12/25 23:57:50 he Exp $
.if !defined(BIND9_MAKEFILE_INC)
BIND9_MAKEFILE_INC=yes
@@ -23,7 +23,10 @@ BIND_HTMLDIR= /usr/share/doc/html/bind9
.include ${IDIST}/version
-VERSION=${MAJORVER}.${MINORVER}.${PATCHVER}${RELEASETYPE}${RELEASEVER}
+# Packager suffix, for local patches past end of support from ISC
+PSUFFIX=nb5
+
+VERSION=${MAJORVER}.${MINORVER}.${PATCHVER}${RELEASETYPE}${RELEASEVER}${PSUFFIX}
SYSCONFDIR=/etc
LOCALSTATEDIR=/var
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Dec 22 12:58:36 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Update ticket 1935. To generate a diff of this commit: cvs rdiff -u -r1.1.2.8 -r1.1.2.9 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.8 src/doc/CHANGES-5.1.6:1.1.2.9 --- src/doc/CHANGES-5.1.6:1.1.2.8 Mon Dec 15 07:13:33 2014 +++ src/doc/CHANGES-5.1.6 Mon Dec 22 12:58:36 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.8 2014/12/15 07:13:33 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.9 2014/12/22 12:58:36 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -53,6 +53,7 @@ xsrc/external/mit/xorg-server/dist/Xi/se xsrc/external/mit/xorg-server/dist/Xi/xiproperty.c patch xsrc/external/mit/xorg-server/dist/dbe/dbe.cpatch xsrc/external/mit/xorg-server/dist/dix/dispatch.c patch +xsrc/external/mit/xorg-server/dist/exa/exa_render.c 1.2 xsrc/external/mit/xorg-server/dist/glx/glxcmds.c patch xsrc/external/mit/xorg-server/dist/glx/glxcmdsswap.c patch xsrc/external/mit/xorg-server/dist/glx/glxserver.h patch @@ -74,6 +75,7 @@ xsrc/external/mit/xorg-server/dist/inclu xsrc/external/mit/xorg-server/dist/os/access.c patch, 1.3 via patch xsrc/external/mit/xorg-server/dist/os/rpcauth.c patch xsrc/external/mit/xorg-server/dist/randr/rrsdispatch.c patch +xsrc/external/mit/xorg-server/dist/render/picture.h 1.2 xsrc/external/mit/xorg-server/dist/render/render.c patch xsrc/external/mit/xorg-server/dist/xfixes/select.c patch xsrc/xfree/xc/programs/Xserver/GL/glx/glxcmds.c 1.2 @@ -121,5 +123,7 @@ xsrc/xfree/xc/programs/Xserver/render/re CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 + If t-bottom is close to MIN_INT, removing top can wraparound, so do + the check properly. + CVE-2013-6424 [mrg, ticket #1935] -
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Mon Dec 15 07:13:33 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: update 1935 To generate a diff of this commit: cvs rdiff -u -r1.1.2.7 -r1.1.2.8 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.7 src/doc/CHANGES-5.1.6:1.1.2.8 --- src/doc/CHANGES-5.1.6:1.1.2.7 Fri Dec 12 06:58:00 2014 +++ src/doc/CHANGES-5.1.6 Mon Dec 15 07:13:33 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.7 2014/12/12 06:58:00 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.8 2014/12/15 07:13:33 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -80,12 +80,14 @@ xsrc/xfree/xc/programs/Xserver/GL/glx/gl xsrc/xfree/xc/programs/Xserver/GL/glx/glxcmdsswap.c 1.2 xsrc/xfree/xc/programs/Xserver/GL/glx/glxserver.h 1.2 xsrc/xfree/xc/programs/Xserver/GL/glx/rensize.c 1.2 -xsrc/xfree/xc/programs/Xserver/GL/glx/single2.c 1.2 -xsrc/xfree/xc/programs/Xserver/GL/glx/single2swap.c 1.2 -xsrc/xfree/xc/programs/Xserver/GL/glx/singlepix.c 1.2 -xsrc/xfree/xc/programs/Xserver/GL/glx/singlepixswap.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/single2.c 1.2, patch +xsrc/xfree/xc/programs/Xserver/GL/glx/single2swap.c 1.2, patch +xsrc/xfree/xc/programs/Xserver/GL/glx/singlepix.c 1.2, patch +xsrc/xfree/xc/programs/Xserver/GL/glx/singlepixswap.c 1.2, patch xsrc/xfree/xc/programs/Xserver/GL/glx/unpack.h 1.2 +xsrc/xfree/xc/programs/Xserver/Xext/EVI.c patch xsrc/xfree/xc/programs/Xserver/Xext/xcmisc.c 1.3 +xsrc/xfree/xc/programs/Xserver/Xext/xf86vmode.c patch xsrc/xfree/xc/programs/Xserver/Xext/xvdisp.c 1.2 xsrc/xfree/xc/programs/Xserver/Xi/chgdctl.c 1.2 xsrc/xfree/xc/programs/Xserver/Xi/chgfctl.c 1.2
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Fri Dec 12 06:58:00 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: update 1935 To generate a diff of this commit: cvs rdiff -u -r1.1.2.6 -r1.1.2.7 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.6 src/doc/CHANGES-5.1.6:1.1.2.7 --- src/doc/CHANGES-5.1.6:1.1.2.6 Wed Dec 10 23:01:02 2014 +++ src/doc/CHANGES-5.1.6 Fri Dec 12 06:58:00 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.6 2014/12/10 23:01:02 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.7 2014/12/12 06:58:00 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -76,6 +76,28 @@ xsrc/external/mit/xorg-server/dist/os/rp xsrc/external/mit/xorg-server/dist/randr/rrsdispatch.c patch xsrc/external/mit/xorg-server/dist/render/render.c patch xsrc/external/mit/xorg-server/dist/xfixes/select.c patch +xsrc/xfree/xc/programs/Xserver/GL/glx/glxcmds.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/glxcmdsswap.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/glxserver.h 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/rensize.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/single2.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/single2swap.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/singlepix.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/singlepixswap.c 1.2 +xsrc/xfree/xc/programs/Xserver/GL/glx/unpack.h 1.2 +xsrc/xfree/xc/programs/Xserver/Xext/xcmisc.c 1.3 +xsrc/xfree/xc/programs/Xserver/Xext/xvdisp.c 1.2 +xsrc/xfree/xc/programs/Xserver/Xi/chgdctl.c 1.2 +xsrc/xfree/xc/programs/Xserver/Xi/chgfctl.c 1.2 +xsrc/xfree/xc/programs/Xserver/Xi/sendexev.c 1.2 +xsrc/xfree/xc/programs/Xserver/dbe/dbe.c 1.3 +xsrc/xfree/xc/programs/Xserver/dix/dispatch.c 1.2 +xsrc/xfree/xc/programs/Xserver/include/dix.h 1.2 +xsrc/xfree/xc/programs/Xserver/include/misc.h 1.2 +xsrc/xfree/xc/programs/Xserver/os/access.c 1.7 +xsrc/xfree/xc/programs/Xserver/os/rpcauth.c 1.2 +xsrc/xfree/xc/programs/Xserver/randr/randr.c 1.2 +xsrc/xfree/xc/programs/Xserver/render/render.c 1.4 apply fixes for X.Org Security Advisory: Dec. 9, 2014 Protocol handling issues in X Window System servers
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Wed Dec 10 23:01:02 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: update 1935 To generate a diff of this commit: cvs rdiff -u -r1.1.2.5 -r1.1.2.6 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.5 src/doc/CHANGES-5.1.6:1.1.2.6 --- src/doc/CHANGES-5.1.6:1.1.2.5 Tue Dec 9 19:59:40 2014 +++ src/doc/CHANGES-5.1.6 Wed Dec 10 23:01:02 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.5 2014/12/09 19:59:40 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.6 2014/12/10 23:01:02 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -69,9 +69,9 @@ xsrc/external/mit/xorg-server/dist/glx/s xsrc/external/mit/xorg-server/dist/glx/swap_interval.c patch xsrc/external/mit/xorg-server/dist/glx/unpack.h patch xsrc/external/mit/xorg-server/dist/hw/xfree86/dri2/dri2ext.c patch -xsrc/external/mit/xorg-server/dist/include/dix.h patch +xsrc/external/mit/xorg-server/dist/include/dix.h patch, 1.3 xsrc/external/mit/xorg-server/dist/include/misc.h patch -xsrc/external/mit/xorg-server/dist/os/access.c patch +xsrc/external/mit/xorg-server/dist/os/access.c patch, 1.3 via patch xsrc/external/mit/xorg-server/dist/os/rpcauth.c patch xsrc/external/mit/xorg-server/dist/randr/rrsdispatch.c patch xsrc/external/mit/xorg-server/dist/render/render.c patch
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Tue Dec 9 19:59:40 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: 1935 To generate a diff of this commit: cvs rdiff -u -r1.1.2.4 -r1.1.2.5 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.4 src/doc/CHANGES-5.1.6:1.1.2.5 --- src/doc/CHANGES-5.1.6:1.1.2.4 Sun Nov 23 04:56:23 2014 +++ src/doc/CHANGES-5.1.6 Tue Dec 9 19:59:40 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.4 2014/11/23 04:56:23 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.5 2014/12/09 19:59:40 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -45,3 +45,57 @@ share/zoneinfo/zone1970.tab patch * Changes to historical data. [apb, ticket #1934] +xsrc/external/mit/xorg-server/dist/Xext/xcmisc.c patch +xsrc/external/mit/xorg-server/dist/Xext/xvdisp.c patch +xsrc/external/mit/xorg-server/dist/Xi/chgdctl.c patch +xsrc/external/mit/xorg-server/dist/Xi/chgfctl.c patch +xsrc/external/mit/xorg-server/dist/Xi/sendexev.c patch +xsrc/external/mit/xorg-server/dist/Xi/xiproperty.c patch +xsrc/external/mit/xorg-server/dist/dbe/dbe.cpatch +xsrc/external/mit/xorg-server/dist/dix/dispatch.c patch +xsrc/external/mit/xorg-server/dist/glx/glxcmds.c patch +xsrc/external/mit/xorg-server/dist/glx/glxcmdsswap.c patch +xsrc/external/mit/xorg-server/dist/glx/glxserver.h patch +xsrc/external/mit/xorg-server/dist/glx/indirect_program.c patch +xsrc/external/mit/xorg-server/dist/glx/indirect_reqsize.c patch +xsrc/external/mit/xorg-server/dist/glx/indirect_reqsize.h patch +xsrc/external/mit/xorg-server/dist/glx/indirect_texture_compression.c patch +xsrc/external/mit/xorg-server/dist/glx/indirect_util.c patch +xsrc/external/mit/xorg-server/dist/glx/rensize.c patch +xsrc/external/mit/xorg-server/dist/glx/single2.c patch +xsrc/external/mit/xorg-server/dist/glx/single2swap.c patch +xsrc/external/mit/xorg-server/dist/glx/singlepix.c patch +xsrc/external/mit/xorg-server/dist/glx/singlepixswap.c patch +xsrc/external/mit/xorg-server/dist/glx/swap_interval.c patch +xsrc/external/mit/xorg-server/dist/glx/unpack.h patch +xsrc/external/mit/xorg-server/dist/hw/xfree86/dri2/dri2ext.c patch +xsrc/external/mit/xorg-server/dist/include/dix.h patch +xsrc/external/mit/xorg-server/dist/include/misc.h patch +xsrc/external/mit/xorg-server/dist/os/access.c patch +xsrc/external/mit/xorg-server/dist/os/rpcauth.c patch +xsrc/external/mit/xorg-server/dist/randr/rrsdispatch.c patch +xsrc/external/mit/xorg-server/dist/render/render.c patch +xsrc/external/mit/xorg-server/dist/xfixes/select.c patch + + apply fixes for X.Org Security Advisory: Dec. 9, 2014 + Protocol handling issues in X Window System servers + included are fixes for: + denial of service due to unchecked malloc in client authentication + CVE-2014-8091 + integer overflows calculating memory needs for requests + CVE-2014-8092 + CVE-2014-8093 + CVE-2014-8094 + out of bounds access due to not validating length or offset values + in requests + CVE-2014-8095 + CVE-2014-8096 + CVE-2014-8097 + CVE-2014-8098 + CVE-2014-8099 + CVE-2014-8100 + CVE-2014-8101 + CVE-2014-8102 + CVE-2014-8103 + [mrg, ticket #1935] +
CVS commit: [netbsd-5-1] src/distrib/sets/lists/base
Module Name:src Committed By: snj Date: Sun Nov 23 04:55:39 UTC 2014 Modified Files: src/distrib/sets/lists/base [netbsd-5-1]: mi Log Message: Pull up following revision(s) (requested by apb in ticket #1934): distrib/sets/lists/base/mi: revision 1.1090 Add ./usr/share/zoneinfo/Pacific/Bougainville for tzdata2014i To generate a diff of this commit: cvs rdiff -u -r1.780.2.16.2.7 -r1.780.2.16.2.8 src/distrib/sets/lists/base/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/base/mi diff -u src/distrib/sets/lists/base/mi:1.780.2.16.2.7 src/distrib/sets/lists/base/mi:1.780.2.16.2.8 --- src/distrib/sets/lists/base/mi:1.780.2.16.2.7 Fri Aug 15 23:02:40 2014 +++ src/distrib/sets/lists/base/mi Sun Nov 23 04:55:39 2014 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.780.2.16.2.7 2014/08/15 23:02:40 riz Exp $ +# $NetBSD: mi,v 1.780.2.16.2.8 2014/11/23 04:55:39 snj Exp $ # # Note: Don't delete entries from here - mark them as obsolete instead, # unless otherwise stated below. @@ -4872,6 +4872,7 @@ ./usr/share/zoneinfo/Pacific base-sys-share ./usr/share/zoneinfo/Pacific/Apia base-sys-share share ./usr/share/zoneinfo/Pacific/Auckland base-sys-share share +./usr/share/zoneinfo/Pacific/Bougainville base-sys-share share ./usr/share/zoneinfo/Pacific/Chatham base-sys-share share ./usr/share/zoneinfo/Pacific/Chuuk base-sys-share share ./usr/share/zoneinfo/Pacific/Easter base-sys-share share
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Sun Nov 23 04:56:23 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: addition to ticket 1934 To generate a diff of this commit: cvs rdiff -u -r1.1.2.3 -r1.1.2.4 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.3 src/doc/CHANGES-5.1.6:1.1.2.4 --- src/doc/CHANGES-5.1.6:1.1.2.3 Fri Nov 21 09:17:25 2014 +++ src/doc/CHANGES-5.1.6 Sun Nov 23 04:56:23 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.3 2014/11/21 09:17:25 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.4 2014/11/23 04:56:23 snj Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -20,6 +20,7 @@ sys/dev/raidframe/rf_reconstruct.c 1.12 Fixes PR kern/49244. [oster, ticket #1933] +distrib/sets/lists/base/mi 1.1090 doc/3RDPARTY patch share/zoneinfo/NEWSnew share/zoneinfo/africapatch
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Fri Nov 21 08:25:26 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1933 To generate a diff of this commit: cvs rdiff -u -r1.1.2.1 -r1.1.2.2 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.1 src/doc/CHANGES-5.1.6:1.1.2.2 --- src/doc/CHANGES-5.1.6:1.1.2.1 Wed Nov 19 06:33:54 2014 +++ src/doc/CHANGES-5.1.6 Fri Nov 21 08:25:26 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.1 2014/11/19 06:33:54 snj Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.2 2014/11/21 08:25:26 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -11,3 +11,12 @@ sys/sys/param.h patched by hand Welcome to 5.1.5_PATCH. [snj] +sys/dev/raidframe/raidframevar.h 1.17 +sys/dev/raidframe/rf_netbsdkintf.c 1.316 +sys/dev/raidframe/rf_reconstruct.c 1.121 via patch + + Fix a long-standing bug related to rebooting while a + reconstruct-to-spare is underway but not yet complete. + Fixes PR kern/49244. + [oster, ticket #1933] +
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: sborrill Date: Fri Nov 21 09:17:25 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Ticket #1934 To generate a diff of this commit: cvs rdiff -u -r1.1.2.2 -r1.1.2.3 src/doc/CHANGES-5.1.6 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.6 diff -u src/doc/CHANGES-5.1.6:1.1.2.2 src/doc/CHANGES-5.1.6:1.1.2.3 --- src/doc/CHANGES-5.1.6:1.1.2.2 Fri Nov 21 08:25:26 2014 +++ src/doc/CHANGES-5.1.6 Fri Nov 21 09:17:25 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.6,v 1.1.2.2 2014/11/21 08:25:26 sborrill Exp $ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.3 2014/11/21 09:17:25 sborrill Exp $ A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 release: @@ -20,3 +20,27 @@ sys/dev/raidframe/rf_reconstruct.c 1.12 Fixes PR kern/49244. [oster, ticket #1933] +doc/3RDPARTY patch +share/zoneinfo/NEWSnew +share/zoneinfo/africapatch +share/zoneinfo/antarctica patch +share/zoneinfo/asiapatch +share/zoneinfo/australasia patch +share/zoneinfo/backwardpatch +share/zoneinfo/backzonenew +share/zoneinfo/europepatch +share/zoneinfo/leapseconds patch +share/zoneinfo/leapseconds.awk patch +share/zoneinfo/northamerica patch +share/zoneinfo/southamerica patch +share/zoneinfo/zone.tabpatch +share/zoneinfo/zone1970.tab patch + + Update tzdata from 2014f to 2014j. Some of the changes are: + * A new Zone Pacific/Bougainville, for the part of Papua New Guinea + that plans to switch from UTC+10 to UTC+11 on 2014-12-28 at 02:00. + * Changes for Fiji, Belarus, and Turks Caicos that take effect + at various times in 2014. + * Changes to historical data. + [apb, ticket #1934] +
CVS commit: [netbsd-5-1] src/sys/dev/raidframe
Module Name:src
Committed By: sborrill
Date: Thu Nov 20 15:52:10 UTC 2014
Modified Files:
src/sys/dev/raidframe [netbsd-5-1]: raidframevar.h rf_netbsdkintf.c
rf_reconstruct.c
Log Message:
Pull up the following revisions(s) (requested by oster in ticket #1933):
sys/dev/raidframe/raidframevar.h: revision 1.17
sys/dev/raidframe/rf_netbsdkintf.c: revision 1.316
sys/dev/raidframe/rf_reconstruct.c: revision 1.121 via patch
Fix a long-standing bug related to rebooting while a reconstruct-to-spare
is underway but not yet complete. Fixes PR kern/49244.
To generate a diff of this commit:
cvs rdiff -u -r1.12.10.1 -r1.12.10.1.2.1 src/sys/dev/raidframe/raidframevar.h
cvs rdiff -u -r1.250.4.6 -r1.250.4.6.2.1 \
src/sys/dev/raidframe/rf_netbsdkintf.c
cvs rdiff -u -r1.105.4.3 -r1.105.4.3.2.1 \
src/sys/dev/raidframe/rf_reconstruct.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/raidframe/raidframevar.h
diff -u src/sys/dev/raidframe/raidframevar.h:1.12.10.1 src/sys/dev/raidframe/raidframevar.h:1.12.10.1.2.1
--- src/sys/dev/raidframe/raidframevar.h:1.12.10.1 Thu Dec 10 22:59:16 2009
+++ src/sys/dev/raidframe/raidframevar.h Thu Nov 20 15:52:10 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: raidframevar.h,v 1.12.10.1 2009/12/10 22:59:16 snj Exp $ */
+/* $NetBSD: raidframevar.h,v 1.12.10.1.2.1 2014/11/20 15:52:10 sborrill Exp $ */
/*-
* Copyright (c) 1996, 1997, 1998 The NetBSD Foundation, Inc.
* All rights reserved.
@@ -384,17 +384,17 @@ struct RF_SparetWait_s {
* IF YOU ADD A STATE, CHECK TO SEE IF YOU NEED TO MODIFY RF_DEAD_DISK().
*/
enum RF_DiskStatus_e {
-rf_ds_optimal, /* no problems */
-rf_ds_failed, /* reconstruction ongoing */
-rf_ds_reconstructing, /* reconstruction complete to spare, dead disk
- * not yet replaced */
-rf_ds_dist_spared, /* reconstruction complete to distributed
+ rf_ds_optimal, /* no problems */
+ rf_ds_failed, /* disk has failed */
+ rf_ds_reconstructing, /* reconstruction ongoing */
+ rf_ds_dist_spared, /* reconstruction complete to distributed
* spare space, dead disk not yet replaced */
-rf_ds_spared, /* reconstruction complete to distributed
- * spare space, dead disk not yet replaced */
-rf_ds_spare,/* an available spare disk */
-rf_ds_used_spare/* a spare which has been used, and hence is
+ rf_ds_spared, /* reconstruction complete, dead disk not
+ yet replaced */
+ rf_ds_spare,/* an available spare disk */
+ rf_ds_used_spare, /* a spare which has been used, and hence is
* not available */
+ rf_ds_rebuilding_spare /* a spare which is being rebuilt to */
};
typedef enum RF_DiskStatus_e RF_DiskStatus_t;
Index: src/sys/dev/raidframe/rf_netbsdkintf.c
diff -u src/sys/dev/raidframe/rf_netbsdkintf.c:1.250.4.6 src/sys/dev/raidframe/rf_netbsdkintf.c:1.250.4.6.2.1
--- src/sys/dev/raidframe/rf_netbsdkintf.c:1.250.4.6 Sat Mar 6 20:56:15 2010
+++ src/sys/dev/raidframe/rf_netbsdkintf.c Thu Nov 20 15:52:10 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: rf_netbsdkintf.c,v 1.250.4.6 2010/03/06 20:56:15 sborrill Exp $ */
+/* $NetBSD: rf_netbsdkintf.c,v 1.250.4.6.2.1 2014/11/20 15:52:10 sborrill Exp $ */
/*-
* Copyright (c) 1996, 1997, 1998, 2008 The NetBSD Foundation, Inc.
* All rights reserved.
@@ -139,7 +139,7 @@
***/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: rf_netbsdkintf.c,v 1.250.4.6 2010/03/06 20:56:15 sborrill Exp $);
+__KERNEL_RCSID(0, $NetBSD: rf_netbsdkintf.c,v 1.250.4.6.2.1 2014/11/20 15:52:10 sborrill Exp $);
#include sys/param.h
#include sys/errno.h
@@ -1470,6 +1470,10 @@ raidioctl(dev_t dev, u_long cmd, void *d
}
for (j = d_cfg-cols, i = 0; i d_cfg-nspares; i++, j++) {
d_cfg-spares[i] = raidPtr-Disks[j];
+ if (d_cfg-spares[i].status == rf_ds_rebuilding_spare) {
+/* XXX: raidctl(8) expects to see this as a used spare */
+d_cfg-spares[i].status = rf_ds_used_spare;
+ }
}
retcode = copyout(d_cfg, *ucfgp, sizeof(RF_DeviceConfig_t));
RF_Free(d_cfg, sizeof(RF_DeviceConfig_t));
Index: src/sys/dev/raidframe/rf_reconstruct.c
diff -u src/sys/dev/raidframe/rf_reconstruct.c:1.105.4.3 src/sys/dev/raidframe/rf_reconstruct.c:1.105.4.3.2.1
--- src/sys/dev/raidframe/rf_reconstruct.c:1.105.4.3 Thu Dec 10 22:59:17 2009
+++ src/sys/dev/raidframe/rf_reconstruct.c Thu Nov 20 15:52:10 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: rf_reconstruct.c,v 1.105.4.3 2009/12/10 22:59:17 snj Exp $ */
+/* $NetBSD: rf_reconstruct.c,v 1.105.4.3.2.1 2014/11/20 15:52:10 sborrill Exp $ */
/*
* Copyright (c) 1995 Carnegie-Mellon University.
* All rights
CVS commit: [netbsd-5-1] src
Module Name:src Committed By: snj Date: Wed Nov 19 06:33:54 UTC 2014 Modified Files: src/doc [netbsd-5-1]: LAST_MINUTE README.files src/gnu/usr.bin/groff/tmac [netbsd-5-1]: mdoc.local src/sys/sys [netbsd-5-1]: param.h Added Files: src/doc [netbsd-5-1]: CHANGES-5.1.6 Log Message: Say hello to 5.1.5_PATCH. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1.2.1 src/doc/CHANGES-5.1.6 cvs rdiff -u -r1.2.30.2.2.5 -r1.2.30.2.2.6 src/doc/LAST_MINUTE cvs rdiff -u -r1.4.10.3.2.7 -r1.4.10.3.2.8 src/doc/README.files cvs rdiff -u -r1.43.4.15.2.8 -r1.43.4.15.2.9 \ src/gnu/usr.bin/groff/tmac/mdoc.local cvs rdiff -u -r1.330.4.15.2.10 -r1.330.4.15.2.11 src/sys/sys/param.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/LAST_MINUTE diff -u src/doc/LAST_MINUTE:1.2.30.2.2.5 src/doc/LAST_MINUTE:1.2.30.2.2.6 --- src/doc/LAST_MINUTE:1.2.30.2.2.5 Sat Nov 15 08:11:27 2014 +++ src/doc/LAST_MINUTE Wed Nov 19 06:33:54 2014 @@ -1,6 +1,6 @@ -# $NetBSD: LAST_MINUTE,v 1.2.30.2.2.5 2014/11/15 08:11:27 snj Exp $ +# $NetBSD: LAST_MINUTE,v 1.2.30.2.2.6 2014/11/19 06:33:54 snj Exp $ -This file contains important information on the NetBSD 5.1.5 release that +This file contains important information on the NetBSD 5.1.6 release that did not make it into the main documentation. [all] Index: src/doc/README.files diff -u src/doc/README.files:1.4.10.3.2.7 src/doc/README.files:1.4.10.3.2.8 --- src/doc/README.files:1.4.10.3.2.7 Mon Jan 27 21:29:13 2014 +++ src/doc/README.files Wed Nov 19 06:33:54 2014 @@ -1,4 +1,4 @@ -# $NetBSD: README.files,v 1.4.10.3.2.7 2014/01/27 21:29:13 bouyer Exp $ +# $NetBSD: README.files,v 1.4.10.3.2.8 2014/11/19 06:33:54 snj Exp $ What's in this directory: @@ -18,6 +18,8 @@ CHANGES-5.1.4 Changes between the 5.1.3 CHANGES-5.1.5 Changes between the 5.1.4 and 5.1.5 releases. +CHANGES-5.1.6 Changes between the 5.1.5 and 5.1.6 releases. + CHANGES.prev Changes in previous NetBSD releases. LAST_MINUTE Last minute changes and notes about the release. @@ -32,7 +34,7 @@ source/sets/ Source distribution sets; s In addition to the files and directories listed above, there is one directory per architecture, for each of the architectures for which -NetBSD 5.1.5 has a binary distribution. The contents of each +NetBSD 5.1.6 has a binary distribution. The contents of each architecture's directory are described in an INSTALL file found in that directory. Index: src/gnu/usr.bin/groff/tmac/mdoc.local diff -u src/gnu/usr.bin/groff/tmac/mdoc.local:1.43.4.15.2.8 src/gnu/usr.bin/groff/tmac/mdoc.local:1.43.4.15.2.9 --- src/gnu/usr.bin/groff/tmac/mdoc.local:1.43.4.15.2.8 Mon Jan 27 21:18:44 2014 +++ src/gnu/usr.bin/groff/tmac/mdoc.local Wed Nov 19 06:33:54 2014 @@ -1,4 +1,4 @@ -.\ $NetBSD: mdoc.local,v 1.43.4.15.2.8 2014/01/27 21:18:44 bouyer Exp $ +.\ $NetBSD: mdoc.local,v 1.43.4.15.2.9 2014/11/19 06:33:54 snj Exp $ .\ .\ Copyright (c) 2003, 2004 The NetBSD Foundation, Inc. .\ All rights reserved. @@ -44,9 +44,9 @@ .as doc-str-St--ieee1275-94 (\*[Lq]\*[doc-Tn-font-size]Open Firmware\*[doc-str-St]\*[Rq]) . .\ Default .Os value -.ds doc-operating-system NetBSD\~5.1.5 +.ds doc-operating-system NetBSD\~5.1.5_PATCH .\ Default footer operating system value -.ds doc-default-operating-system NetBSD\~5.1.5 +.ds doc-default-operating-system NetBSD\~5.1.5_PATCH .\ Other known versions, not yet in groff distribution .ds doc-operating-system-NetBSD-1.3.3 1.3.3 .ds doc-operating-system-NetBSD-1.6.3 1.6.3 Index: src/sys/sys/param.h diff -u src/sys/sys/param.h:1.330.4.15.2.10 src/sys/sys/param.h:1.330.4.15.2.11 --- src/sys/sys/param.h:1.330.4.15.2.10 Sat Nov 15 08:11:27 2014 +++ src/sys/sys/param.h Wed Nov 19 06:33:54 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: param.h,v 1.330.4.15.2.10 2014/11/15 08:11:27 snj Exp $ */ +/* $NetBSD: param.h,v 1.330.4.15.2.11 2014/11/19 06:33:54 snj Exp $ */ /*- * Copyright (c) 1982, 1986, 1989, 1993 @@ -63,7 +63,7 @@ * 2.99.9 (299000900) */ -#define __NetBSD_Version__ 501000500 /* NetBSD 5.1.5 */ +#define __NetBSD_Version__ 501000500 /* NetBSD 5.1.5_PATCH */ #define __NetBSD_Prereq__(M,m,p) (M) * 1) + \ (m) * 100) + (p) * 100) = __NetBSD_Version__) Added files: Index: src/doc/CHANGES-5.1.6 diff -u /dev/null src/doc/CHANGES-5.1.6:1.1.2.1 --- /dev/null Wed Nov 19 06:33:54 2014 +++ src/doc/CHANGES-5.1.6 Wed Nov 19 06:33:54 2014 @@ -0,0 +1,13 @@ +# $NetBSD: CHANGES-5.1.6,v 1.1.2.1 2014/11/19 06:33:54 snj Exp $ + +A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6 +release: + +doc/LAST_MINUTE patched by hand +doc/README.filespatched by hand +gnu/usr.bin/groff/tmac/mdoc.local patched by hand +sys/sys/param.h patched by hand + + Welcome to 5.1.5_PATCH. + [snj] +
CVS commit: [netbsd-5-1] src
Module Name:src
Committed By: snj
Date: Sat Nov 15 08:11:27 UTC 2014
Modified Files:
src/distrib/notes/common [netbsd-5-1]: main
src/doc [netbsd-5-1]: CHANGES-5.1.5 LAST_MINUTE
src/sys/sys [netbsd-5-1]: param.h
Log Message:
Welcome to 5.1.5!
To generate a diff of this commit:
cvs rdiff -u -r1.425.2.14.2.9 -r1.425.2.14.2.10 src/distrib/notes/common/main
cvs rdiff -u -r1.1.2.24 -r1.1.2.25 src/doc/CHANGES-5.1.5
cvs rdiff -u -r1.2.30.2.2.4 -r1.2.30.2.2.5 src/doc/LAST_MINUTE
cvs rdiff -u -r1.330.4.15.2.9 -r1.330.4.15.2.10 src/sys/sys/param.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/notes/common/main
diff -u src/distrib/notes/common/main:1.425.2.14.2.9 src/distrib/notes/common/main:1.425.2.14.2.10
--- src/distrib/notes/common/main:1.425.2.14.2.9 Fri Nov 7 08:05:14 2014
+++ src/distrib/notes/common/main Sat Nov 15 08:11:26 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: main,v 1.425.2.14.2.9 2014/11/07 08:05:14 msaitoh Exp $
+.\ $NetBSD: main,v 1.425.2.14.2.10 2014/11/15 08:11:26 snj Exp $
.\
.\ Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
.\ All rights reserved.
@@ -50,7 +50,7 @@
.as MACHINE_LIST sgimips shark sparc sparc64 sun2 sun3 vax x68k xen zaurus .
.so \*[.CURDIR]/../common/macros
.
-.Dd January 18, 2014
+.Dd November 15, 2014
.Dt INSTALL 8
.Os NetBSD
.Sh NAME
@@ -452,47 +452,91 @@ possible, it's likely that
wouldn't exist.
.
.if \n[FOR_RELEASE] \{\
+.Ss Changes Between The NetBSD 5.1.4 and 5.1.5 Releases
+.Pp
+.Nx
+\*V
+is the fifth critical/security update of the NetBSD 5.1 release branch.
+It represents a selected subset of fixes deemed critical for security
+or stability reasons.
.Pp
The complete list of changes can be found in the
-CHANGES-5.1.4:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/NetBSD-5.1.4/CHANGES-5.1.4
-file in the top level directory of the NetBSD 5.1.4 release tree. An abbreviated list is as follows:
-.Ss2 Security Advisory Fixes
+CHANGES-5.1.5:
+.Lk http://ftp.NetBSD.org/pub/NetBSD/NetBSD-5.1.5/CHANGES-5.1.5
+file in the top level directory of the NetBSD 5.1.5 release tree.
+An abbreviated list is as follows:
.(bullet
-NetBSD-SA2013-010:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2013-010.txt.asc
-Use after free in Xserver handling of ImageText requests (CVE-2013-4396)
-.It
-NetBSD-SA2013-011:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2013-011.txt.asc
-embryonic TCP sockets local DoS
-.It
-NetBSD-SA2013-012:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2013-012.txt.asc
-Router Advertisement sysctl local Denial of Service
-.It
-NetBSD-SA2014-001:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-001.txt.asc
-Stack buffer overflow in libXfont (CVE-2013-6462)
-.It
-NetBSD-SA2014-002:
-.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-002.txt.asc
-ntpd used as DDoS amplifier
+NetBSD-SA2014-005:
+.Lk http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-005.txt.asc
+libXfont multiple vulnerabilities
+.It
+NetBSD-SA2014-006:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-006.txt.asc
+Multiple OpenSSL vulnerabilities
+.It
+NetBSD-SA2014-007:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-007.txt.asc
+bozohttpd basic http authentication bypass
+.It
+NetBSD-SA2014-008:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc
+Multiple OpenSSL vulnerabilities
+.It
+NetBSD-SA2014-010:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-010.txt.asc
+Multiple vulnerabilities in the compatibility layers
+.It
+NetBSD-SA2014-011:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-011.txt.asc
+User-controlled memory allocation in the
+.Xr modctl 2
+system call
+.It
+NetBSD-SA2014-012:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-012.txt.asc
+Memory leak in the
+.Xr setsockopt 2
+system call
+.It
+NetBSD-SA2014-013:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-013.txt.asc
+.Xr ftp 1
+can be made to execute arbitrary commands
+.It
+NetBSD-SA2014-014:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-014.txt.asc
+Multiple vulnerabilities in the
+.Xr mount 2
+system call
+.It
+NetBSD-SA2014-015:
+.Lk http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc
+OpenSSL and SSLv3 vulnerabilities
.bullet)
.
.Pp
-Advisories prior to NetBSD-SA2013-010 do not affect
-NetBSD 5.1.4:
-.Lk http://www.NetBSD.org/support/security/patches-5.1.4.html .
-.Ss2 Other Security Fixes
+Advisories prior to NetBSD-SA2014-005 do not affect
+NetBSD 5.1.5:
+.Lk http://www.NetBSD.org/support/security/patches-5.1.5.html .
+.Ss2 Kernel
.(bullet
-bind: Fix CVE-2014-0591.
+Reject unaligned PCI config register ioctl requests before we kassert.
CVS commit: [netbsd-5-1] src/distrib
Module Name:src
Committed By: msaitoh
Date: Sat Nov 8 12:27:25 UTC 2014
Modified Files:
src/distrib/alpha/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/pmax/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/prep/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/sgimips/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/sparc/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/sparc64/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/sun3/cdroms/installcd [netbsd-5-1]: Makefile
src/distrib/vax/cdroms/installcd [netbsd-5-1]: Makefile
Log Message:
Pullup follwing revisions to fix build break of ticket 1931 on some archs:
distrib/alpha/cdroms/installcd/Makefile 1.2
distrib/pmax/cdroms/installcd/Makefile 1.2
distrib/prep/cdroms/installcd/Makefile 1.3
distrib/sgimips/cdroms/installcd/Makefile 1.2
distrib/sparc/cdroms/installcd/Makefile 1.2
distrib/sparc64/cdroms/installcd/Makefile 1.14
distrib/sun3/cdroms/installcd/Makefile 1.2
distrib/vax/cdroms/installcd/Makefile 1.2
Use ${CDIMAGE} instead of ${CDBASE}.iso.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/alpha/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/pmax/cdroms/installcd/Makefile
cvs rdiff -u -r1.2 -r1.2.12.1 src/distrib/prep/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/sgimips/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/sparc/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/sparc64/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/sun3/cdroms/installcd/Makefile
cvs rdiff -u -r1.1 -r1.1.30.1 src/distrib/vax/cdroms/installcd/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/alpha/cdroms/installcd/Makefile
diff -u src/distrib/alpha/cdroms/installcd/Makefile:1.1 src/distrib/alpha/cdroms/installcd/Makefile:1.1.30.1
--- src/distrib/alpha/cdroms/installcd/Makefile:1.1 Tue Mar 6 21:56:49 2007
+++ src/distrib/alpha/cdroms/installcd/Makefile Sat Nov 8 12:27:25 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.1 2007/03/06 21:56:49 bouyer Exp $
+# $NetBSD: Makefile,v 1.1.30.1 2014/11/08 12:27:25 msaitoh Exp $
CDBASE= alphacd # gives ${CDBASE}.iso
CDINSTKERNEL= ../../instkernel/instkernel
CDKERNELS= netbsd netbsd
@@ -6,7 +6,7 @@ CDRELEASE= true # include $RELEASEDIR/
#make the CD bootable
image_md_post:
- ${TOOL_INSTALLBOOT} -m${MACHINE} ${CDBASE}.iso bootxx.${MACHINE}
+ ${TOOL_INSTALLBOOT} -m${MACHINE} ${CDIMAGE} bootxx.${MACHINE}
.include ${.CURDIR}/../../../common/Makefile.bootcd
Index: src/distrib/pmax/cdroms/installcd/Makefile
diff -u src/distrib/pmax/cdroms/installcd/Makefile:1.1 src/distrib/pmax/cdroms/installcd/Makefile:1.1.30.1
--- src/distrib/pmax/cdroms/installcd/Makefile:1.1 Tue Mar 6 21:57:16 2007
+++ src/distrib/pmax/cdroms/installcd/Makefile Sat Nov 8 12:27:25 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.1 2007/03/06 21:57:16 bouyer Exp $
+# $NetBSD: Makefile,v 1.1.30.1 2014/11/08 12:27:25 msaitoh Exp $
CDBASE= pmaxcd # gives ${CDBASE}.iso
CDRELEASE= true # include $RELEASEDIR/$MACHINE
CDKERNELS= netbsd-INSTALL.gz netbsd
@@ -6,6 +6,6 @@ CDINSTKERNEL= ../../instkernel
#make the CD bootable
image_md_post:
- ${TOOL_INSTALLBOOT} -m${MACHINE} ${CDBASE}.iso bootxx.${MACHINE}
+ ${TOOL_INSTALLBOOT} -m${MACHINE} ${CDIMAGE} bootxx.${MACHINE}
.include ${.CURDIR}/../../../common/Makefile.bootcd
Index: src/distrib/prep/cdroms/installcd/Makefile
diff -u src/distrib/prep/cdroms/installcd/Makefile:1.2 src/distrib/prep/cdroms/installcd/Makefile:1.2.12.1
--- src/distrib/prep/cdroms/installcd/Makefile:1.2 Wed Apr 30 08:08:32 2008
+++ src/distrib/prep/cdroms/installcd/Makefile Sat Nov 8 12:27:25 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.2 2008/04/30 08:08:32 garbled Exp $
+# $NetBSD: Makefile,v 1.2.12.1 2014/11/08 12:27:25 msaitoh Exp $
CDBASE= prepcd # gives ${CDBASE}.iso
CDRELEASE= true # include $RELEASEDIR/$MACHINE
CDMAKEFSOPTIONS=bootimage=powerpc;cdrom/prep/installation/floppy/sysinst_com0.fs
@@ -8,7 +8,7 @@ CDMAKEFSOPTIONS=bootimage=powerpc;cdrom/
# it.
image_md_post:
- ${TOOL_FDISK} -F -f -b 1/255/16065 -0 -s 65/80/2799 -i ${CDBASE}.iso
- ${TOOL_FDISK} -F -f -b 1/255/16065 -0 -s 65/80/2799 -u ${CDBASE}.iso
+ ${TOOL_FDISK} -F -f -b 1/255/16065 -0 -s 65/80/2799 -i ${CDIMAGE}
+ ${TOOL_FDISK} -F -f -b 1/255/16065 -0 -s 65/80/2799 -u ${CDIMAGE}
.include ${.CURDIR}/../../../common/Makefile.bootcd
Index: src/distrib/sgimips/cdroms/installcd/Makefile
diff -u src/distrib/sgimips/cdroms/installcd/Makefile:1.1 src/distrib/sgimips/cdroms/installcd/Makefile:1.1.30.1
--- src/distrib/sgimips/cdroms/installcd/Makefile:1.1 Tue Mar 6 21:57:22 2007
+++ src/distrib/sgimips/cdroms/installcd/Makefile Sat Nov 8 12:27:25 2014
@@
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Sun Nov 9 05:29:47 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Add some files for ticket 1931. To generate a diff of this commit: cvs rdiff -u -r1.1.2.23 -r1.1.2.24 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.23 src/doc/CHANGES-5.1.5:1.1.2.24 --- src/doc/CHANGES-5.1.5:1.1.2.23 Fri Nov 7 08:05:34 2014 +++ src/doc/CHANGES-5.1.5 Sun Nov 9 05:29:46 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.23 2014/11/07 08:05:34 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.24 2014/11/09 05:29:46 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -362,6 +362,14 @@ distrib/common/Makefile.bootcd 1.18 distrib/notes/common/main 1.484 distrib/notes/macppc/prep.OPENFIRMWARE 1.15 distrib/notes/sparc/install 1.57 +distrib/alpha/cdroms/installcd/Makefile 1.2 +distrib/pmax/cdroms/installcd/Makefile 1.2 +distrib/prep/cdroms/installcd/Makefile 1.3 +distrib/sgimips/cdroms/installcd/Makefile 1.2 +distrib/sparc/cdroms/installcd/Makefile 1.2 +distrib/sparc64/cdroms/installcd/Makefile 1.14 +distrib/sun3/cdroms/installcd/Makefile 1.2 +distrib/vax/cdroms/installcd/Makefile 1.2 etc/Makefile 1.394 share/man/man7/release.7 1.32
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Nov 7 08:05:34 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1931. To generate a diff of this commit: cvs rdiff -u -r1.1.2.22 -r1.1.2.23 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.22 src/doc/CHANGES-5.1.5:1.1.2.23 --- src/doc/CHANGES-5.1.5:1.1.2.22 Wed Nov 5 14:18:28 2014 +++ src/doc/CHANGES-5.1.5 Fri Nov 7 08:05:34 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.22 2014/11/05 14:18:28 sborrill Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.23 2014/11/07 08:05:34 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -358,3 +358,13 @@ share/man/man7/release.7 1.33-1.36 via this. [snj, ticket #1930] +distrib/common/Makefile.bootcd 1.18 +distrib/notes/common/main 1.484 +distrib/notes/macppc/prep.OPENFIRMWARE 1.15 +distrib/notes/sparc/install 1.57 +etc/Makefile 1.394 +share/man/man7/release.7 1.32 + + Change release ISO's more meaningful names like NetBSD-5.2.3-i386.iso + instead of i386cd.iso. Fix PR# install/44593. + [snj, ticket #1931]
CVS commit: [netbsd-5-1] src
Module Name:src
Committed By: msaitoh
Date: Fri Nov 7 08:05:14 UTC 2014
Modified Files:
src/distrib/common [netbsd-5-1]: Makefile.bootcd
src/distrib/notes/common [netbsd-5-1]: main
src/distrib/notes/macppc [netbsd-5-1]: prep.OPENFIRMWARE
src/distrib/notes/sparc [netbsd-5-1]: install
src/etc [netbsd-5-1]: Makefile
src/share/man/man7 [netbsd-5-1]: release.7
Log Message:
Pull up following revision(s) (requested by snj in ticket #1931):
share/man/man7/release.7: revision 1.32
distrib/common/Makefile.bootcd: revision 1.18
distrib/notes/macppc/prep.OPENFIRMWARE: revision 1.15
distrib/notes/sparc/install: revision 1.57
etc/Makefile: revision 1.394
distrib/notes/common/main: revision 1.484
PR# install/44593: Please give release ISO's more meaningful names
Change release ISO filenames, what was once 'i386cd.iso' will now look
like 'NetBSD-5.99.60-i386.iso'.
ok snj@
To generate a diff of this commit:
cvs rdiff -u -r1.14.2.1.6.1 -r1.14.2.1.6.2 src/distrib/common/Makefile.bootcd
cvs rdiff -u -r1.425.2.14.2.8 -r1.425.2.14.2.9 src/distrib/notes/common/main
cvs rdiff -u -r1.11.2.2.2.1 -r1.11.2.2.2.2 \
src/distrib/notes/macppc/prep.OPENFIRMWARE
cvs rdiff -u -r1.55 -r1.55.10.1 src/distrib/notes/sparc/install
cvs rdiff -u -r1.359.2.6 -r1.359.2.6.2.1 src/etc/Makefile
cvs rdiff -u -r1.25.4.1.2.1 -r1.25.4.1.2.2 src/share/man/man7/release.7
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/common/Makefile.bootcd
diff -u src/distrib/common/Makefile.bootcd:1.14.2.1.6.1 src/distrib/common/Makefile.bootcd:1.14.2.1.6.2
--- src/distrib/common/Makefile.bootcd:1.14.2.1.6.1 Wed Nov 5 14:17:32 2014
+++ src/distrib/common/Makefile.bootcd Fri Nov 7 08:05:14 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.bootcd,v 1.14.2.1.6.1 2014/11/05 14:17:32 sborrill Exp $
+# $NetBSD: Makefile.bootcd,v 1.14.2.1.6.2 2014/11/07 08:05:14 msaitoh Exp $
#
# Makefile snipped to create a CD/DVD ISO
#
@@ -52,6 +52,7 @@ CDRELEASE_EXCLUDE= -s ',./installation/c
.include bsd.own.mk # For PRINTOBJDIR
.include bsd.kernobj.mk # For KERNSRCDIR
+DISTRIBVER!= ${HOST_SH} ${KERNSRCDIR}/conf/osrelease.sh
DISTRIBREV!= ${HOST_SH} ${KERNSRCDIR}/conf/osrelease.sh -s
ISO_VOLID!= echo NETBSD_${DISTRIBREV} | tr a-z A-Z
PUBLISHER?= The_NetBSD_Project
@@ -67,8 +68,13 @@ RM?= rm
MKDIR?= mkdir -p
CHMOD?= chmod
+.if ${CDRELEASE} == false
+CDIMAGE= ${CDBASE}.iso
+.else
+CDIMAGE= NetBSD-${DISTRIBVER}-${CDBASE:S/cd$//}.iso
+.endif
-CLEANFILES+= ${CDBASE}.iso
+CLEANFILES+= ${CDIMAGE}
CLEANFILES+= bootxx.${MACHINE}
@@ -109,7 +115,7 @@ prepare:
# XXX include more than one directory on the image - HF
#
copy-releasedir:
- ${RM} -f ${RELEASEDIR}/${CDROMS_RELEASEDIR}/${CDBASE}.iso
+ ${RM} -f ${RELEASEDIR}/${CDROMS_RELEASEDIR}/${CDIMAGE}
if ${CDRELEASE}; then \
if [ ! -d ${RELEASEDIR}/${RELEASEMACHINEDIR} ]; then \
echo Missing ${RELEASEDIR}/${RELEASEMACHINEDIR}, aborting; \
@@ -176,12 +182,12 @@ copy-releasedir:
fi
image:
- ${TOOL_MAKEFS} -t cd9660 -o ${_CDMAKEFSOPTIONS:Q} ${CDBASE}.iso cdrom
+ ${TOOL_MAKEFS} -t cd9660 -o ${_CDMAKEFSOPTIONS:Q} ${CDIMAGE} cdrom
.if ${CDRELEASE} == false
release: prepare .WAIT prepare_md_post .WAIT copy-releasedir .WAIT image .WAIT image_md_post
${MKDIR} ${RELEASEDIR}/${CDROMS_RELEASEDIR}
- ${RELEASE_INSTALL} ${CDBASE}.iso ${RELEASEDIR}/${CDROMS_RELEASEDIR}
+ ${RELEASE_INSTALL} ${CDIMAGE} ${RELEASEDIR}/${CDROMS_RELEASEDIR}
iso_image:
.else
@@ -189,7 +195,7 @@ release:
iso_image: prepare .WAIT prepare_md_post .WAIT copy-releasedir .WAIT image .WAIT image_md_post
${MKDIR} ${RELEASEDIR}/${CDROMS_RELEASEDIR}
- ${RELEASE_INSTALL} ${CDBASE}.iso ${RELEASEDIR}/${CDROMS_RELEASEDIR}
+ ${RELEASE_INSTALL} ${CDIMAGE} ${RELEASEDIR}/${CDROMS_RELEASEDIR}
.endif
clean:
Index: src/distrib/notes/common/main
diff -u src/distrib/notes/common/main:1.425.2.14.2.8 src/distrib/notes/common/main:1.425.2.14.2.9
--- src/distrib/notes/common/main:1.425.2.14.2.8 Wed Nov 5 14:17:33 2014
+++ src/distrib/notes/common/main Fri Nov 7 08:05:14 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: main,v 1.425.2.14.2.8 2014/11/05 14:17:33 sborrill Exp $
+.\ $NetBSD: main,v 1.425.2.14.2.9 2014/11/07 08:05:14 msaitoh Exp $
.\
.\ Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
.\ All rights reserved.
@@ -171,18 +171,18 @@ bootloader
and the installation kernel
.Pa macppc/binary/kernel/netbsd-GENERIC_MD.gz .
If you have a CD-R, you can fetch the CD image,
-.Pa macppccd-\*V.iso .
+.Pa NetBSD-\*V-macppc.iso .
.\}
.if \n[sparc] \{\
Fetch a CD image,
-.Pa sparccd-\*V.iso
+.Pa NetBSD-\*V-sparc.iso
or the floppy disk images,
.Pa sparc/install/floppy/disk1.gz No and Pa sparc/install/floppy/disk2 .
You need either the pair of floppies or the CD to boot your system.
.\}
.if \n[sparc64] \{\
This is either a CD image,
-.Pa
CVS commit: [netbsd-5-1] src
Module Name:src
Committed By: sborrill
Date: Wed Nov 5 14:17:33 UTC 2014
Modified Files:
src/distrib/common [netbsd-5-1]: Makefile.bootcd
src/distrib/notes/arc [netbsd-5-1]: prep
src/distrib/notes/cats [netbsd-5-1]: prep
src/distrib/notes/common [netbsd-5-1]: main
src/distrib/notes/macppc [netbsd-5-1]: prep.OPENFIRMWARE
src/share/man/man7 [netbsd-5-1]: release.7
Log Message:
Apply patch (requested by snj in ticket 1930):
Install fully-populated .iso images in ${RELEASEDIR}/images instead
of ${RELEASEDIR}/iso
To generate a diff of this commit:
cvs rdiff -u -r1.14.2.1 -r1.14.2.1.6.1 src/distrib/common/Makefile.bootcd
cvs rdiff -u -r1.1.6.1 -r1.1.6.1.6.1 src/distrib/notes/arc/prep
cvs rdiff -u -r1.10.2.1 -r1.10.2.1.6.1 src/distrib/notes/cats/prep
cvs rdiff -u -r1.425.2.14.2.7 -r1.425.2.14.2.8 src/distrib/notes/common/main
cvs rdiff -u -r1.11.2.2 -r1.11.2.2.2.1 \
src/distrib/notes/macppc/prep.OPENFIRMWARE
cvs rdiff -u -r1.25.4.1 -r1.25.4.1.2.1 src/share/man/man7/release.7
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/distrib/common/Makefile.bootcd
diff -u src/distrib/common/Makefile.bootcd:1.14.2.1 src/distrib/common/Makefile.bootcd:1.14.2.1.6.1
--- src/distrib/common/Makefile.bootcd:1.14.2.1 Sat Dec 6 21:30:03 2008
+++ src/distrib/common/Makefile.bootcd Wed Nov 5 14:17:32 2014
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.bootcd,v 1.14.2.1 2008/12/06 21:30:03 snj Exp $
+# $NetBSD: Makefile.bootcd,v 1.14.2.1.6.1 2014/11/05 14:17:32 sborrill Exp $
#
# Makefile snipped to create a CD/DVD ISO
#
@@ -42,7 +42,7 @@ CDSOURCE?= false
.if ${CDRELEASE} == false
CDROMS_RELEASEDIR?= ${MACHINE}/installation/cdrom
.else
-CDROMS_RELEASEDIR?= iso
+CDROMS_RELEASEDIR?= images
.endif
.if defined(CDRELEASE_NOISOS)
CDRELEASE_EXCLUDE= -s ',./installation/cdrom.*,,gp'
Index: src/distrib/notes/arc/prep
diff -u src/distrib/notes/arc/prep:1.1.6.1 src/distrib/notes/arc/prep:1.1.6.1.6.1
--- src/distrib/notes/arc/prep:1.1.6.1 Sat Apr 25 23:16:33 2009
+++ src/distrib/notes/arc/prep Wed Nov 5 14:17:33 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: prep,v 1.1.6.1 2009/04/25 23:16:33 snj Exp $
+.\ $NetBSD: prep,v 1.1.6.1.6.1 2014/11/05 14:17:33 sborrill Exp $
.
First and foremost, before beginning the installation process,
.Em make sure you have a reliable backup
@@ -40,7 +40,7 @@ install kernel onto a CD-R.
Go to one of the
.Nx
mirror sites and download CD-R image from the
-.Pa pub/NetBSD/iso
+.Pa pub/NetBSD/images
directory.
.Lk http://www.NetBSD.org/mirrors/#iso
.Pp
Index: src/distrib/notes/cats/prep
diff -u src/distrib/notes/cats/prep:1.10.2.1 src/distrib/notes/cats/prep:1.10.2.1.6.1
--- src/distrib/notes/cats/prep:1.10.2.1 Sat Apr 25 23:16:33 2009
+++ src/distrib/notes/cats/prep Wed Nov 5 14:17:33 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: prep,v 1.10.2.1 2009/04/25 23:16:33 snj Exp $
+.\ $NetBSD: prep,v 1.10.2.1.6.1 2014/11/05 14:17:33 sborrill Exp $
.
A \*M machine usually needs little or no preparation before installing
.Nx ,
@@ -36,7 +36,7 @@ install kernel onto a CD-R.
Go to one of the
.Nx
mirror sites and download CD-R image from the
-.Pa pub/NetBSD/iso
+.Pa pub/NetBSD/images
directory.
.Lk http://www.NetBSD.org/mirrors/#iso
.Pp
Index: src/distrib/notes/common/main
diff -u src/distrib/notes/common/main:1.425.2.14.2.7 src/distrib/notes/common/main:1.425.2.14.2.8
--- src/distrib/notes/common/main:1.425.2.14.2.7 Sat Jan 18 11:23:49 2014
+++ src/distrib/notes/common/main Wed Nov 5 14:17:33 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: main,v 1.425.2.14.2.7 2014/01/18 11:23:49 bouyer Exp $
+.\ $NetBSD: main,v 1.425.2.14.2.8 2014/11/05 14:17:33 sborrill Exp $
.\
.\ Copyright (c) 1999-2008 The NetBSD Foundation, Inc.
.\ All rights reserved.
@@ -118,7 +118,7 @@ Option 1: bootable CD-ROM images contain
.Pp
These can be found
on an FTP site near you, usually located in the
-.Pa /pub/NetBSD/iso/
+.Pa /pub/NetBSD/images/
directory.
Check the NetBSD website for details.
.Pp
Index: src/distrib/notes/macppc/prep.OPENFIRMWARE
diff -u src/distrib/notes/macppc/prep.OPENFIRMWARE:1.11.2.2 src/distrib/notes/macppc/prep.OPENFIRMWARE:1.11.2.2.2.1
--- src/distrib/notes/macppc/prep.OPENFIRMWARE:1.11.2.2 Fri Nov 5 07:29:48 2010
+++ src/distrib/notes/macppc/prep.OPENFIRMWARE Wed Nov 5 14:17:33 2014
@@ -1,4 +1,4 @@
-.\ $NetBSD: prep.OPENFIRMWARE,v 1.11.2.2 2010/11/05 07:29:48 snj Exp $
+.\ $NetBSD: prep.OPENFIRMWARE,v 1.11.2.2.2.1 2014/11/05 14:17:33 sborrill Exp $
.if \*[OF_VERSION_3] \{\
.
.Ss2 Updating your BootROM
@@ -1177,7 +1177,7 @@ Go to one of the
mirror sites and download the CD-R image
.Pa macppccd-\*V.iso
from the
-.Pa pub/NetBSD/iso
+.Pa pub/NetBSD/images
directory.
.Lk http://www.NetBSD.org/mirrors/#iso
.Pp
Index: src/share/man/man7/release.7
diff -u src/share/man/man7/release.7:1.25.4.1 src/share/man/man7/release.7:1.25.4.1.2.1
---
CVS commit: [netbsd-5-1] src/doc
Module Name:src
Committed By: sborrill
Date: Wed Nov 5 14:18:28 UTC 2014
Modified Files:
src/doc [netbsd-5-1]: CHANGES-5.1.5
Log Message:
Ticket #1930
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.21 -r1.1.2.22 src/doc/CHANGES-5.1.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.1.5
diff -u src/doc/CHANGES-5.1.5:1.1.2.21 src/doc/CHANGES-5.1.5:1.1.2.22
--- src/doc/CHANGES-5.1.5:1.1.2.21 Mon Nov 3 13:07:58 2014
+++ src/doc/CHANGES-5.1.5 Wed Nov 5 14:18:28 2014
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.1.5,v 1.1.2.21 2014/11/03 13:07:58 msaitoh Exp $
+# $NetBSD: CHANGES-5.1.5,v 1.1.2.22 2014/11/05 14:18:28 sborrill Exp $
A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5
release:
@@ -345,3 +345,16 @@ usr.bin/ftp/version.h1.85
Change the version that ftp announces to 20141026. It can be a
useful method to determine if CVE-2014-8517 is fixed.
[lukem, ticket #1929]
+
+distrib/common/Makefile.bootcd 1.20 via patch
+distrib/notes/arc/prep1.3 via patch
+distrib/notes/cats/prep1.12 via patch
+distrib/notes/common/main 1.512 via patch
+distrib/notes/macppc/prep.OPENFIRMWARE 1.16 via patch
+share/man/man7/release.7 1.33-1.36 via patch
+
+ Install fully-populated .iso images in ${RELEASEDIR}/images
+ instead of ${RELEASEDIR}/iso. Update documentation to reflect
+ this.
+ [snj, ticket #1930]
+
CVS commit: [netbsd-5-1] src/usr.bin/ftp
Module Name:src Committed By: msaitoh Date: Mon Nov 3 13:07:18 UTC 2014 Modified Files: src/usr.bin/ftp [netbsd-5-1]: version.h Log Message: Pull up following revision(s) (requested by lukem in ticket #1929): usr.bin/ftp/version.h: revision 1.85 Version 20141026 Ignore special characters unless they're from the command line. Fixes CVE-2014-8517 To generate a diff of this commit: cvs rdiff -u -r1.77 -r1.77.12.1 src/usr.bin/ftp/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/ftp/version.h diff -u src/usr.bin/ftp/version.h:1.77 src/usr.bin/ftp/version.h:1.77.12.1 --- src/usr.bin/ftp/version.h:1.77 Wed Aug 13 04:59:13 2008 +++ src/usr.bin/ftp/version.h Mon Nov 3 13:07:18 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.77 2008/08/13 04:59:13 lukem Exp $ */ +/* $NetBSD: version.h,v 1.77.12.1 2014/11/03 13:07:18 msaitoh Exp $ */ /*- * Copyright (c) 1999-2008 The NetBSD Foundation, Inc. @@ -34,5 +34,5 @@ #endif #ifndef FTP_VERSION -#define FTP_VERSION 20080813 +#define FTP_VERSION 20141026 #endif
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Nov 3 13:07:58 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1929. To generate a diff of this commit: cvs rdiff -u -r1.1.2.20 -r1.1.2.21 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.20 src/doc/CHANGES-5.1.5:1.1.2.21 --- src/doc/CHANGES-5.1.5:1.1.2.20 Mon Oct 27 12:46:11 2014 +++ src/doc/CHANGES-5.1.5 Mon Nov 3 13:07:58 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.20 2014/10/27 12:46:11 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.21 2014/11/03 13:07:58 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -339,3 +339,9 @@ usr.bin/ftp/fetch.c1.206 via patch Don't pay attention to special characters if they don't come from the command line. [jmcneill, ticket #1928] + +usr.bin/ftp/version.h1.85 + + Change the version that ftp announces to 20141026. It can be a + useful method to determine if CVE-2014-8517 is fixed. + [lukem, ticket #1929]
CVS commit: [netbsd-5-1] src/usr.bin/ftp
Module Name:src
Committed By: msaitoh
Date: Mon Oct 27 12:22:39 UTC 2014
Modified Files:
src/usr.bin/ftp [netbsd-5-1]: fetch.c
Log Message:
Pull up following revision(s) (requested by jmcneill in ticket #1928):
usr.bin/ftp/fetch.c: revision 1.206 via patch
don't pay attention to special characters if they don't come from the command
line (from jmcneill)
To generate a diff of this commit:
cvs rdiff -u -r1.185 -r1.185.14.1 src/usr.bin/ftp/fetch.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/ftp/fetch.c
diff -u src/usr.bin/ftp/fetch.c:1.185 src/usr.bin/ftp/fetch.c:1.185.14.1
--- src/usr.bin/ftp/fetch.c:1.185 Mon Apr 28 20:24:13 2008
+++ src/usr.bin/ftp/fetch.c Mon Oct 27 12:22:39 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: fetch.c,v 1.185 2008/04/28 20:24:13 martin Exp $ */
+/* $NetBSD: fetch.c,v 1.185.14.1 2014/10/27 12:22:39 msaitoh Exp $ */
/*-
* Copyright (c) 1997-2008 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
#include sys/cdefs.h
#ifndef lint
-__RCSID($NetBSD: fetch.c,v 1.185 2008/04/28 20:24:13 martin Exp $);
+__RCSID($NetBSD: fetch.c,v 1.185.14.1 2014/10/27 12:22:39 msaitoh Exp $);
#endif /* not lint */
/*
@@ -537,7 +537,7 @@ fetch_url(const char *url, const char *p
url_decode(decodedpath);
if (outfile)
- savefile = ftp_strdup(outfile);
+ savefile = outfile;
else {
cp = strrchr(decodedpath, '/'); /* find savefile */
if (cp != NULL)
@@ -561,8 +561,7 @@ fetch_url(const char *url, const char *p
rangestart = rangeend = entitylen = -1;
mtime = -1;
if (restartautofetch) {
- if (strcmp(savefile, -) != 0 *savefile != '|'
- stat(savefile, sb) == 0)
+ if (stat(savefile, sb) == 0)
restart_point = sb.st_size;
}
if (urltype == FILE_URL_T) { /* file:// URLs */
@@ -1087,18 +1086,27 @@ fetch_url(const char *url, const char *p
}
} /* end of ftp:// or http:// specific setup */
- /* Open the output file. */
- if (strcmp(savefile, -) == 0) {
- fout = stdout;
- } else if (*savefile == '|') {
- oldintp = xsignal(SIGPIPE, SIG_IGN);
- fout = popen(savefile + 1, w);
- if (fout == NULL) {
- warn(Can't execute `%s', savefile + 1);
- goto cleanup_fetch_url;
+ /* Open the output file. */
+
+ /*
+ * Only trust filenames with special meaning if they came from
+ * the command line
+ */
+
+ if (savefile == outfile) {
+ if (strcmp(savefile, -) == 0) {
+ fout = stdout;
+ } else if (*savefile == '|') {
+ oldintp = xsignal(SIGPIPE, SIG_IGN);
+ fout = popen(savefile + 1, w);
+ if (fout == NULL) {
+warn(Can't execute `%s', savefile + 1);
+goto cleanup_fetch_url;
+ }
+ closefunc = pclose;
}
- closefunc = pclose;
- } else {
+ }
+ if (fout == NULL) {
if ((rangeend != -1 rangeend = restart_point) ||
(rangestart == -1 filesize != -1 filesize = restart_point)) {
/* already done */
@@ -1308,7 +1316,8 @@ fetch_url(const char *url, const char *p
(*closefunc)(fout);
if (res0)
freeaddrinfo(res0);
- FREEPTR(savefile);
+ if (savefile != outfile)
+ FREEPTR(savefile);
FREEPTR(user);
if (pass != NULL)
memset(pass, 0, strlen(pass));
CVS commit: [netbsd-5-1] src/sys/compat/freebsd
Module Name:src Committed By: msaitoh Date: Mon Oct 27 12:38:29 UTC 2014 Modified Files: src/sys/compat/freebsd [netbsd-5-1]: freebsd_sysctl.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1926): sys/compat/freebsd/freebsd_sysctl.c: revision 1.17 I'm not sure reading from an unsanitized userland pointer is a good idea. Some users might be tempted to give 0x01, in which case the kernel will crash. To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.14.16.1 src/sys/compat/freebsd/freebsd_sysctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/freebsd/freebsd_sysctl.c diff -u src/sys/compat/freebsd/freebsd_sysctl.c:1.14 src/sys/compat/freebsd/freebsd_sysctl.c:1.14.16.1 --- src/sys/compat/freebsd/freebsd_sysctl.c:1.14 Mon Apr 28 20:23:41 2008 +++ src/sys/compat/freebsd/freebsd_sysctl.c Mon Oct 27 12:38:29 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: freebsd_sysctl.c,v 1.14 2008/04/28 20:23:41 martin Exp $ */ +/* $NetBSD: freebsd_sysctl.c,v 1.14.16.1 2014/10/27 12:38:29 msaitoh Exp $ */ /*- * Copyright (c) 2005 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: freebsd_sysctl.c,v 1.14 2008/04/28 20:23:41 martin Exp $); +__KERNEL_RCSID(0, $NetBSD: freebsd_sysctl.c,v 1.14.16.1 2014/10/27 12:38:29 msaitoh Exp $); #include sys/param.h #include sys/systm.h @@ -84,7 +84,7 @@ freebsd_sys_sysctl(struct lwp *l, const } */ int error; int name[CTL_MAXNAME]; - size_t newlen, *oldlenp; + size_t newlen, *oldlenp, oldlen; u_int namelen; void *new, *old; @@ -135,9 +135,14 @@ freebsd_sys_sysctl(struct lwp *l, const old = SCARG(uap, old); oldlenp = SCARG(uap, oldlenp); - if (old == NULL || oldlenp == NULL || *oldlenp sizeof(int)) + if (old == NULL || oldlenp == NULL) return(EINVAL); + if ((error = copyin(oldlenp, oldlen, sizeof(oldlen + return (error); + if (oldlen sizeof(int)) + return (EINVAL); + if ((locnew = (char *) malloc(newlen + 1, M_TEMP, M_WAITOK)) == NULL) return(ENOMEM); @@ -157,11 +162,11 @@ freebsd_sys_sysctl(struct lwp *l, const oidlen *= sizeof(int); error = copyout(oid, SCARG(uap, old), -MIN(oidlen, *SCARG(uap, oldlenp))); +MIN(oidlen, oldlen)); if (error) return(error); ktrmibio(-1, UIO_READ, SCARG(uap, old), - MIN(oidlen, *SCARG(uap, oldlenp)), 0); + MIN(oidlen, oldlen), 0); error = copyout(oidlen, SCARG(uap, oldlenp), sizeof(u_int));
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Oct 27 12:46:11 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1926 and 1928. To generate a diff of this commit: cvs rdiff -u -r1.1.2.19 -r1.1.2.20 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.19 src/doc/CHANGES-5.1.5:1.1.2.20 --- src/doc/CHANGES-5.1.5:1.1.2.19 Sun Oct 19 20:10:28 2014 +++ src/doc/CHANGES-5.1.5 Mon Oct 27 12:46:11 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.19 2014/10/19 20:10:28 snj Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.20 2014/10/27 12:46:11 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -328,3 +328,14 @@ crypto/dist/openssl/test/constant_time_t and adding POODLE mitigation via support for TLS_FALLBACK_SCSV. [spz, ticket #1927] +sys/compat/freebsd/freebsd_sysctl.c 1.17 + + Do not access a userland pointer from kernel space directly, use + copyin() instead, avoiding a crash. + [maxv, ticket #1926] + +usr.bin/ftp/fetch.c1.206 via patch + + Don't pay attention to special characters if they don't come + from the command line. + [jmcneill, ticket #1928]
CVS commit: [netbsd-5-1] src/crypto/dist/openssl
Module Name:src Committed By: snj Date: Sun Oct 19 20:10:12 UTC 2014 Modified Files: src/crypto/dist/openssl/apps [netbsd-5-1]: s_client.c src/crypto/dist/openssl/crypto [netbsd-5-1]: LPdir_vms.c LPdir_win.c Makefile src/crypto/dist/openssl/crypto/bn [netbsd-5-1]: bn_exp.c exptest.c src/crypto/dist/openssl/crypto/bn/asm [netbsd-5-1]: x86_64-gcc.c src/crypto/dist/openssl/crypto/dsa [netbsd-5-1]: dsa_ameth.c src/crypto/dist/openssl/crypto/ec [netbsd-5-1]: ec.h ec_ameth.c ec_asn1.c ec_key.c ecp_smpl.c src/crypto/dist/openssl/crypto/err [netbsd-5-1]: openssl.ec src/crypto/dist/openssl/crypto/evp [netbsd-5-1]: Makefile evp_enc.c src/crypto/dist/openssl/crypto/pkcs7 [netbsd-5-1]: pkcs7.h src/crypto/dist/openssl/crypto/rsa [netbsd-5-1]: Makefile rsa.h rsa_err.c rsa_oaep.c rsa_pk1.c rsa_sign.c src/crypto/dist/openssl/doc/apps [netbsd-5-1]: s_client.pod src/crypto/dist/openssl/doc/crypto [netbsd-5-1]: BIO_s_accept.pod EVP_DigestInit.pod EVP_DigestVerifyInit.pod EVP_EncryptInit.pod EVP_PKEY_set1_RSA.pod EVP_PKEY_sign.pod src/crypto/dist/openssl/doc/ssl [netbsd-5-1]: SSL_CTX_set_mode.pod SSL_CTX_set_tmp_dh_callback.pod src/crypto/dist/openssl/ssl [netbsd-5-1]: Makefile s23_clnt.c s23_srvr.c s2_lib.c s3_clnt.c s3_enc.c s3_lib.c s3_pkt.c s3_srvr.c ssl-lib.com ssl.h ssl3.h ssl_err.c ssl_lib.c t1_enc.c t1_lib.c tls1.h src/crypto/dist/openssl/test [netbsd-5-1]: Makefile Added Files: src/crypto/dist/openssl/crypto [netbsd-5-1]: constant_time_locl.h constant_time_test.c src/crypto/dist/openssl/doc/crypto [netbsd-5-1]: CMS_add1_signer.pod src/crypto/dist/openssl/test [netbsd-5-1]: constant_time_test.c Log Message: Apply patch (requested by spz in ticket #1927): Apply OpenSSL security fixes derived from the diff between OpenSSL 1.0.0n and 1.0.0o, fixing CVE-2014-3567, CVE-2014-3568, and adding POODLE mitigation via support for TLS_FALLBACK_SCSV. To generate a diff of this commit: cvs rdiff -u -r1.1.1.11 -r1.1.1.11.12.1 \ src/crypto/dist/openssl/apps/s_client.c cvs rdiff -u -r1.1.1.1 -r1.1.1.1.34.1 \ src/crypto/dist/openssl/crypto/LPdir_vms.c cvs rdiff -u -r1.1.1.2 -r1.1.1.2.12.1 \ src/crypto/dist/openssl/crypto/LPdir_win.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.12.1 src/crypto/dist/openssl/crypto/Makefile cvs rdiff -u -r0 -r1.1.4.2 \ src/crypto/dist/openssl/crypto/constant_time_locl.h \ src/crypto/dist/openssl/crypto/constant_time_test.c cvs rdiff -u -r1.3 -r1.3.12.1 src/crypto/dist/openssl/crypto/bn/bn_exp.c cvs rdiff -u -r1.4 -r1.4.12.1 src/crypto/dist/openssl/crypto/bn/exptest.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.32.1 \ src/crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c cvs rdiff -u -r1.1.1.1 -r1.1.1.1.16.1 \ src/crypto/dist/openssl/crypto/dsa/dsa_ameth.c cvs rdiff -u -r1.6 -r1.6.12.1 src/crypto/dist/openssl/crypto/ec/ec.h cvs rdiff -u -r1.1.1.1 -r1.1.1.1.16.1 \ src/crypto/dist/openssl/crypto/ec/ec_ameth.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.26.1 \ src/crypto/dist/openssl/crypto/ec/ec_asn1.c cvs rdiff -u -r1.1.1.1 -r1.1.1.1.34.1 \ src/crypto/dist/openssl/crypto/ec/ec_key.c cvs rdiff -u -r1.1.1.4 -r1.1.1.4.34.1 \ src/crypto/dist/openssl/crypto/ec/ecp_smpl.c cvs rdiff -u -r1.1.1.7 -r1.1.1.7.12.1 \ src/crypto/dist/openssl/crypto/err/openssl.ec cvs rdiff -u -r1.1.1.5 -r1.1.1.5.12.1 \ src/crypto/dist/openssl/crypto/evp/Makefile cvs rdiff -u -r1.1.1.8 -r1.1.1.8.26.1 \ src/crypto/dist/openssl/crypto/evp/evp_enc.c cvs rdiff -u -r1.8 -r1.8.12.1 src/crypto/dist/openssl/crypto/pkcs7/pkcs7.h cvs rdiff -u -r1.1.1.4 -r1.1.1.4.12.1 \ src/crypto/dist/openssl/crypto/rsa/Makefile cvs rdiff -u -r1.14 -r1.14.12.1 src/crypto/dist/openssl/crypto/rsa/rsa.h cvs rdiff -u -r1.7 -r1.7.12.1 src/crypto/dist/openssl/crypto/rsa/rsa_err.c cvs rdiff -u -r1.1.1.7 -r1.1.1.7.34.1 \ src/crypto/dist/openssl/crypto/rsa/rsa_oaep.c cvs rdiff -u -r1.1.1.3 -r1.1.1.3.46.1 \ src/crypto/dist/openssl/crypto/rsa/rsa_pk1.c cvs rdiff -u -r1.5 -r1.5.12.1 src/crypto/dist/openssl/crypto/rsa/rsa_sign.c cvs rdiff -u -r1.8 -r1.8.12.1 src/crypto/dist/openssl/doc/apps/s_client.pod cvs rdiff -u -r1.1.1.2 -r1.1.1.2.46.1 \ src/crypto/dist/openssl/doc/crypto/BIO_s_accept.pod cvs rdiff -u -r0 -r1.1.4.2 \ src/crypto/dist/openssl/doc/crypto/CMS_add1_signer.pod cvs rdiff -u -r1.6 -r1.6.34.1 \ src/crypto/dist/openssl/doc/crypto/EVP_DigestInit.pod \ src/crypto/dist/openssl/doc/crypto/EVP_EncryptInit.pod cvs rdiff -u -r1.1.1.1 -r1.1.1.1.16.1 \ src/crypto/dist/openssl/doc/crypto/EVP_DigestVerifyInit.pod \ src/crypto/dist/openssl/doc/crypto/EVP_PKEY_sign.pod cvs rdiff -u -r1.1.1.1 -r1.1.1.1.46.1 \ src/crypto/dist/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod cvs rdiff -u -r1.1.1.2 -r1.1.1.2.46.1 \
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: snj Date: Sun Oct 19 20:10:28 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: 1927 To generate a diff of this commit: cvs rdiff -u -r1.1.2.18 -r1.1.2.19 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.18 src/doc/CHANGES-5.1.5:1.1.2.19 --- src/doc/CHANGES-5.1.5:1.1.2.18 Wed Aug 27 13:46:54 2014 +++ src/doc/CHANGES-5.1.5 Sun Oct 19 20:10:28 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.18 2014/08/27 13:46:54 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.19 2014/10/19 20:10:28 snj Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -267,3 +267,64 @@ sys/netinet6/ip6_output.c 1.158 via pa Fix a memory leak in calling setsockopt() on an INET6 socket. [maxv ticket #1920] + +crypto/dist/openssl/apps/s_client.c patch +crypto/dist/openssl/crypto/LPdir_vms.c patch +crypto/dist/openssl/crypto/LPdir_win.c patch +crypto/dist/openssl/crypto/Makefile patch +crypto/dist/openssl/crypto/constant_time_locl.h patch +crypto/dist/openssl/crypto/constant_time_test.c patch +crypto/dist/openssl/crypto/bn/bn_exp.c patch +crypto/dist/openssl/crypto/bn/exptest.c patch +crypto/dist/openssl/crypto/bn/asm/x86_64-gcc.c patch +crypto/dist/openssl/crypto/dsa/dsa_ameth.c patch +crypto/dist/openssl/crypto/ec/ec.h patch +crypto/dist/openssl/crypto/ec/ec_ameth.c patch +crypto/dist/openssl/crypto/ec/ec_asn1.c patch +crypto/dist/openssl/crypto/ec/ec_key.c patch +crypto/dist/openssl/crypto/ec/ecp_smpl.c patch +crypto/dist/openssl/crypto/err/openssl.ec patch +crypto/dist/openssl/crypto/evp/Makefile patch +crypto/dist/openssl/crypto/evp/evp_enc.c patch +crypto/dist/openssl/crypto/pkcs7/pkcs7.h patch +crypto/dist/openssl/crypto/rsa/Makefile patch +crypto/dist/openssl/crypto/rsa/rsa.h patch +crypto/dist/openssl/crypto/rsa/rsa_err.c patch +crypto/dist/openssl/crypto/rsa/rsa_oaep.c patch +crypto/dist/openssl/crypto/rsa/rsa_pk1.c patch +crypto/dist/openssl/crypto/rsa/rsa_sign.c patch +crypto/dist/openssl/doc/apps/s_client.pod patch +crypto/dist/openssl/doc/crypto/BIO_s_accept.pod patch +crypto/dist/openssl/doc/crypto/CMS_add1_signer.pod patch +crypto/dist/openssl/doc/crypto/EVP_DigestInit.pod patch +crypto/dist/openssl/doc/crypto/EVP_DigestVerifyInit.pod patch +crypto/dist/openssl/doc/crypto/EVP_EncryptInit.pod patch +crypto/dist/openssl/doc/crypto/EVP_PKEY_set1_RSA.pod patch +crypto/dist/openssl/doc/crypto/EVP_PKEY_sign.pod patch +crypto/dist/openssl/doc/ssl/SSL_CTX_set_mode.pod patch +crypto/dist/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod patch +crypto/dist/openssl/ssl/Makefile patch +crypto/dist/openssl/ssl/s23_clnt.c patch +crypto/dist/openssl/ssl/s23_srvr.c patch +crypto/dist/openssl/ssl/s2_lib.c patch +crypto/dist/openssl/ssl/s3_clnt.c patch +crypto/dist/openssl/ssl/s3_enc.c patch +crypto/dist/openssl/ssl/s3_lib.c patch +crypto/dist/openssl/ssl/s3_pkt.c patch +crypto/dist/openssl/ssl/s3_srvr.c patch +crypto/dist/openssl/ssl/ssl-lib.com patch +crypto/dist/openssl/ssl/ssl.h patch +crypto/dist/openssl/ssl/ssl3.h patch +crypto/dist/openssl/ssl/ssl_err.c patch +crypto/dist/openssl/ssl/ssl_lib.c patch +crypto/dist/openssl/ssl/t1_enc.c patch +crypto/dist/openssl/ssl/t1_lib.c patch +crypto/dist/openssl/ssl/tls1.h patch +crypto/dist/openssl/test/Makefile patch +crypto/dist/openssl/test/constant_time_test.c patch + + OpenSSL security fixes derived from the diff between + OpenSSL 1.0.0n and 1.0.0o, fixing CVE-2014-3567, CVE-2014-3568, + and adding POODLE mitigation via support for TLS_FALLBACK_SCSV. + [spz, ticket #1927] +
CVS commit: [netbsd-5-1] src/sys/miscfs/umapfs
Module Name:src
Committed By: msaitoh
Date: Wed Aug 27 06:04:17 UTC 2014
Modified Files:
src/sys/miscfs/umapfs [netbsd-5-1]: umap_vfsops.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #1921):
sys/miscfs/umapfs/umap_vfsops.c: revision 1.94
1) 'error' is returned while it does not even hold an error code. Which
means that zero is returned, and the kernel keeps mounting (and it
probably ends up in a deadlock/memory corruption somewhere).
2) 'nentries' and 'gnentries' are int and user-controlled, and there's no
check to ensure they are greater than zero. Since they are used to
compute the size of two copyin's, a user can control the copied size
by giving a negative value (like 128-2^29), and thus overwrite kernel
memory.
Both triggerable from root only.
To generate a diff of this commit:
cvs rdiff -u -r1.80.12.1 -r1.80.12.2 src/sys/miscfs/umapfs/umap_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/miscfs/umapfs/umap_vfsops.c
diff -u src/sys/miscfs/umapfs/umap_vfsops.c:1.80.12.1 src/sys/miscfs/umapfs/umap_vfsops.c:1.80.12.2
--- src/sys/miscfs/umapfs/umap_vfsops.c:1.80.12.1 Mon Apr 28 16:03:16 2014
+++ src/sys/miscfs/umapfs/umap_vfsops.c Wed Aug 27 06:04:17 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: umap_vfsops.c,v 1.80.12.1 2014/04/28 16:03:16 sborrill Exp $ */
+/* $NetBSD: umap_vfsops.c,v 1.80.12.2 2014/08/27 06:04:17 msaitoh Exp $ */
/*
* Copyright (c) 1992, 1993
@@ -41,7 +41,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: umap_vfsops.c,v 1.80.12.1 2014/04/28 16:03:16 sborrill Exp $);
+__KERNEL_RCSID(0, $NetBSD: umap_vfsops.c,v 1.80.12.2 2014/08/27 06:04:17 msaitoh Exp $);
#include sys/param.h
#include sys/systm.h
@@ -152,9 +152,10 @@ umapfs_mount(mp, path, data, data_len)
/*
* Now copy in the number of entries and maps for umap mapping.
*/
- if (args-nentries MAPFILEENTRIES || args-gnentries GMAPFILEENTRIES) {
+ if (args-nentries 0 || args-nentries MAPFILEENTRIES ||
+ args-gnentries 0 || args-gnentries GMAPFILEENTRIES) {
vput(lowerrootvp);
- return (error);
+ return (EINVAL);
}
amp-info_nentries = args-nentries;
CVS commit: [netbsd-5-1] src/sys/dev/pci
Module Name:src Committed By: msaitoh Date: Wed Aug 27 06:17:32 UTC 2014 Modified Files: src/sys/dev/pci [netbsd-5-1]: pci_usrreq.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1922): sys/dev/pci/pci_usrreq.c1.26 via patch Fix to make pci(4) reject unaligned configuration register reads and writes before feeding them to a kassert in pci_conf_read/write or to a trap in the hardware itself. To generate a diff of this commit: cvs rdiff -u -r1.16.6.3 -r1.16.6.3.2.1 src/sys/dev/pci/pci_usrreq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pci_usrreq.c diff -u src/sys/dev/pci/pci_usrreq.c:1.16.6.3 src/sys/dev/pci/pci_usrreq.c:1.16.6.3.2.1 --- src/sys/dev/pci/pci_usrreq.c:1.16.6.3 Tue Sep 15 06:48:49 2009 +++ src/sys/dev/pci/pci_usrreq.c Wed Aug 27 06:17:31 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: pci_usrreq.c,v 1.16.6.3 2009/09/15 06:48:49 snj Exp $ */ +/* $NetBSD: pci_usrreq.c,v 1.16.6.3.2.1 2014/08/27 06:17:31 msaitoh Exp $ */ /* * Copyright 2001 Wasabi Systems, Inc. @@ -40,7 +40,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: pci_usrreq.c,v 1.16.6.3 2009/09/15 06:48:49 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: pci_usrreq.c,v 1.16.6.3.2.1 2014/08/27 06:17:31 msaitoh Exp $); #include sys/param.h #include sys/conf.h @@ -83,7 +83,7 @@ pciioctl(dev_t dev, u_long cmd, void *da case PCI_IOC_BDF_CFGREAD: case PCI_IOC_BDF_CFGWRITE: if (bdfr-bus 255 || bdfr-device = sc-sc_maxndevs || - bdfr-function 7) + bdfr-function 7 || ISSET(bdfr-cfgreg.reg, 3)) return (EINVAL); tag = pci_make_tag(sc-sc_pc, bdfr-bus, bdfr-device, bdfr-function);
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Aug 27 06:58:38 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1912, 1921 and 1922. To generate a diff of this commit: cvs rdiff -u -r1.1.2.14 -r1.1.2.15 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.14 src/doc/CHANGES-5.1.5:1.1.2.15 --- src/doc/CHANGES-5.1.5:1.1.2.14 Fri Aug 15 23:03:35 2014 +++ src/doc/CHANGES-5.1.5 Wed Aug 27 06:58:38 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.14 2014/08/15 23:03:35 riz Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.15 2014/08/27 06:58:38 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -225,3 +225,20 @@ share/zoneinfo/zone1970.tabpatch and zone1970.dat). [apb, ticket #1917] +etc/namedb/root.cache patch +doc/3RDPARTY patch + + Sync root.cache with the latest -current (rev. 1.18). + [taca, ticket #1912] + +sys/miscfs/umapfs/umap_vfsops.c 1.94 + + Fix a overflow and a memory corruption bug in umapfs. + [maxv, ticket #1921] + +sys/dev/pci/pci_usrreq.c 1.26 via patch + + Fix to make pci(4) reject unaligned configuration register reads and + writes before feeding them to a kassert in pci_conf_read/write or to a + trap in the hardware itself. + [riastradh, ticket #1922]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Aug 27 07:39:40 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: s/a/an/ To generate a diff of this commit: cvs rdiff -u -r1.1.2.15 -r1.1.2.16 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.15 src/doc/CHANGES-5.1.5:1.1.2.16 --- src/doc/CHANGES-5.1.5:1.1.2.15 Wed Aug 27 06:58:38 2014 +++ src/doc/CHANGES-5.1.5 Wed Aug 27 07:39:40 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.15 2014/08/27 06:58:38 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.16 2014/08/27 07:39:40 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -233,7 +233,7 @@ doc/3RDPARTY patch sys/miscfs/umapfs/umap_vfsops.c 1.94 - Fix a overflow and a memory corruption bug in umapfs. + Fix an overflow and a memory corruption bug in umapfs. [maxv, ticket #1921] sys/dev/pci/pci_usrreq.c 1.26 via patch
CVS commit: [netbsd-5-1] src/crypto/dist/openssl
Module Name:src
Committed By: msaitoh
Date: Wed Aug 27 13:32:35 UTC 2014
Modified Files:
src/crypto/dist/openssl/crypto/asn1 [netbsd-5-1]: a_object.c asn1.h
asn1_err.c
src/crypto/dist/openssl/crypto/objects [netbsd-5-1]: obj_dat.c
src/crypto/dist/openssl/ssl [netbsd-5-1]: d1_both.c s23_srvr.c
s3_clnt.c t1_lib.c
Log Message:
Pull up following revision(s) (requested by spz in ticket #1918):
crypto/dist/openssl/crypto/asn1/a_object.c patch
crypto/dist/openssl/crypto/asn1/asn1.h patch
crypto/dist/openssl/crypto/asn1/asn1_err.c patch
crypto/dist/openssl/crypto/objects/obj_dat.cpatch
crypto/dist/openssl/ssl/d1_both.c patch
crypto/dist/openssl/ssl/s23_srvr.c patch
crypto/dist/openssl/ssl/s3_clnt.c patch
crypto/dist/openssl/ssl/t1_lib.cpatch
Patches for the following vulnerabilities:
Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)
backported from the recent 1.0.1i OpenSSL release.
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.1.1.7.12.1 \
src/crypto/dist/openssl/crypto/asn1/a_object.c
cvs rdiff -u -r1.9.4.1 -r1.9.4.1.6.1 \
src/crypto/dist/openssl/crypto/asn1/asn1.h
cvs rdiff -u -r1.1.1.8.4.1 -r1.1.1.8.4.1.6.1 \
src/crypto/dist/openssl/crypto/asn1/asn1_err.c
cvs rdiff -u -r1.10 -r1.10.12.1 \
src/crypto/dist/openssl/crypto/objects/obj_dat.c
cvs rdiff -u -r1.3.4.2.2.1 -r1.3.4.2.2.2 \
src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.6 -r1.6.12.1 src/crypto/dist/openssl/ssl/s23_srvr.c
cvs rdiff -u -r1.12.4.2.2.2 -r1.12.4.2.2.3 \
src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.2.12.3 -r1.2.12.4 src/crypto/dist/openssl/ssl/t1_lib.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/openssl/crypto/asn1/a_object.c
diff -u src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7 src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7.12.1
--- src/crypto/dist/openssl/crypto/asn1/a_object.c:1.1.1.7 Fri May 9 21:34:16 2008
+++ src/crypto/dist/openssl/crypto/asn1/a_object.c Wed Aug 27 13:32:35 2014
@@ -95,7 +95,7 @@ int a2d_ASN1_OBJECT(unsigned char *out,
if (num == 0)
return(0);
else if (num == -1)
- num=strlen(buf);
+ num=(int)strlen(buf);
p=buf;
c= *(p++);
@@ -239,7 +239,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT
if ((a == NULL) || (a-data == NULL))
return(BIO_write(bp,NULL,4));
- i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
+ i=i2t_ASN1_OBJECT(buf,(int)sizeof buf,a);
if (i (int)(sizeof(buf) - 1))
{
p = OPENSSL_malloc(i + 1);
@@ -289,7 +289,21 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT
ASN1_OBJECT *ret=NULL;
const unsigned char *p;
unsigned char *data;
- int i;
+ int i, length;
+
+ /* Sanity check OID encoding.
+ * Need at least one content octet.
+ * MSB must be clear in the last octet.
+ * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
+ */
+ if (len = 0 || len INT_MAX || pp == NULL || (p = *pp) == NULL ||
+ p[len - 1] 0x80)
+ {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ /* Now 0 len = INT_MAX, so the cast is safe. */
+ length = (int)len;
/* only the ASN1_OBJECTs from the 'table' will have values
* for -sn or -ln */
@@ -300,28 +314,27 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT
}
else ret=(*a);
- p= *pp;
/* detach data from object */
data = (unsigned char *)ret-data;
ret-data = NULL;
/* once detached we can change it */
- if ((data == NULL) || (ret-length len))
+ if ((data == NULL) || (ret-length length))
{
ret-length=0;
if (data != NULL) OPENSSL_free(data);
- data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+ data=(unsigned char *)OPENSSL_malloc(length);
if (data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
ret-flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
}
- memcpy(data,p,(int)len);
+ memcpy(data,p,length);
/* reattach data to object, after which it remains const */
ret-data =data;
- ret-length=(int)len;
+ ret-length=length;
ret-sn=NULL;
ret-ln=NULL;
/* ret-flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
- p+=len;
+ p+=length;
if (a != NULL) (*a)=ret;
*pp=p;
Index: src/crypto/dist/openssl/crypto/asn1/asn1.h
diff -u src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1 src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1.6.1
--- src/crypto/dist/openssl/crypto/asn1/asn1.h:1.9.4.1 Mon Mar 30 16:29:38 2009
+++
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Aug 27 13:35:45 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1918. To generate a diff of this commit: cvs rdiff -u -r1.1.2.16 -r1.1.2.17 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.16 src/doc/CHANGES-5.1.5:1.1.2.17 --- src/doc/CHANGES-5.1.5:1.1.2.16 Wed Aug 27 07:39:40 2014 +++ src/doc/CHANGES-5.1.5 Wed Aug 27 13:35:45 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.16 2014/08/27 07:39:40 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.17 2014/08/27 13:35:45 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -242,3 +242,23 @@ sys/dev/pci/pci_usrreq.c 1.26 via patc writes before feeding them to a kassert in pci_conf_read/write or to a trap in the hardware itself. [riastradh, ticket #1922] + +crypto/dist/openssl/crypto/asn1/a_object.c patch +crypto/dist/openssl/crypto/asn1/asn1.h patch +crypto/dist/openssl/crypto/asn1/asn1_err.c patch +crypto/dist/openssl/crypto/objects/obj_dat.c patch +crypto/dist/openssl/ssl/d1_both.c patch +crypto/dist/openssl/ssl/s23_srvr.c patch +crypto/dist/openssl/ssl/s3_clnt.c patch +crypto/dist/openssl/ssl/t1_lib.c patch + + Patches for the following vulnerabilities: + - Information leak in pretty printing functions (CVE-2014-3508) + - Double Free when processing DTLS packets (CVE-2014-3505) + - DTLS memory exhaustion (CVE-2014-3506) + - DTLS memory leak from zero-length fragments (CVE-2014-3507) + - OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510) + - Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509) + - OpenSSL TLS protocol downgrade attack (CVE-2014-3511) + Backported from the recent 1.0.1i OpenSSL release. + [spz, ticket #1918]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Aug 27 13:46:54 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1920. To generate a diff of this commit: cvs rdiff -u -r1.1.2.17 -r1.1.2.18 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.17 src/doc/CHANGES-5.1.5:1.1.2.18 --- src/doc/CHANGES-5.1.5:1.1.2.17 Wed Aug 27 13:35:45 2014 +++ src/doc/CHANGES-5.1.5 Wed Aug 27 13:46:54 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.17 2014/08/27 13:35:45 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.18 2014/08/27 13:46:54 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -262,3 +262,8 @@ crypto/dist/openssl/ssl/t1_lib.c patch - OpenSSL TLS protocol downgrade attack (CVE-2014-3511) Backported from the recent 1.0.1i OpenSSL release. [spz, ticket #1918] + +sys/netinet6/ip6_output.c 1.158 via patch + + Fix a memory leak in calling setsockopt() on an INET6 socket. + [maxv ticket #1920]
CVS commit: [netbsd-5-1] src/sys/netinet6
Module Name:src Committed By: msaitoh Date: Wed Aug 27 17:05:25 UTC 2014 Modified Files: src/sys/netinet6 [netbsd-5-1]: ip6_output.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1920): sys/netinet6/ip6_output.c 1.158 via patch Fix a memory leak in calling setsockopt() on an INET6 socket. To generate a diff of this commit: cvs rdiff -u -r1.135.2.1 -r1.135.2.1.6.1 src/sys/netinet6/ip6_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet6/ip6_output.c diff -u src/sys/netinet6/ip6_output.c:1.135.2.1 src/sys/netinet6/ip6_output.c:1.135.2.1.6.1 --- src/sys/netinet6/ip6_output.c:1.135.2.1 Mon Apr 20 22:56:04 2009 +++ src/sys/netinet6/ip6_output.c Wed Aug 27 17:05:25 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: ip6_output.c,v 1.135.2.1 2009/04/20 22:56:04 snj Exp $ */ +/* $NetBSD: ip6_output.c,v 1.135.2.1.6.1 2014/08/27 17:05:25 msaitoh Exp $ */ /* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */ /* @@ -62,7 +62,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: ip6_output.c,v 1.135.2.1 2009/04/20 22:56:04 snj Exp $); +__KERNEL_RCSID(0, $NetBSD: ip6_output.c,v 1.135.2.1.6.1 2014/08/27 17:05:25 msaitoh Exp $); #include opt_inet.h #include opt_inet6.h @@ -1794,6 +1794,8 @@ else \ optp = in6p-in6p_outputopts; error = ip6_pcbopt(optname, optbuf, optbuflen, optp, privileged, uproto); + + free(optbuf, M_IP6OPT); break; } #undef OPTSET
CVS commit: [netbsd-5-1] src
Module Name:src Committed By: msaitoh Date: Wed Aug 27 05:20:20 UTC 2014 Modified Files: src/doc [netbsd-5-1]: 3RDPARTY src/etc/namedb [netbsd-5-1]: root.cache Log Message: Pull up following revision(s) (requested by taca in ticket #1912): etc/namedb/root.cache patch doc/3RDPARTYpatch Sync root.cache with the latest -current (rev. 1.18). To generate a diff of this commit: cvs rdiff -u -r1.647.2.12.2.13 -r1.647.2.12.2.14 src/doc/3RDPARTY cvs rdiff -u -r1.13.20.1 -r1.13.20.2 src/etc/namedb/root.cache Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/3RDPARTY diff -u src/doc/3RDPARTY:1.647.2.12.2.13 src/doc/3RDPARTY:1.647.2.12.2.14 --- src/doc/3RDPARTY:1.647.2.12.2.13 Fri Aug 15 23:02:40 2014 +++ src/doc/3RDPARTY Wed Aug 27 05:20:19 2014 @@ -1,4 +1,4 @@ -# $NetBSD: 3RDPARTY,v 1.647.2.12.2.13 2014/08/15 23:02:40 riz Exp $ +# $NetBSD: 3RDPARTY,v 1.647.2.12.2.14 2014/08/27 05:20:19 msaitoh Exp $ # # This file contains a list of the software that has been integrated into # NetBSD where we are not the primary maintainer. @@ -801,8 +801,8 @@ Notes: Beta versions are available from Purdue (ftp.cs.purdue.edu:/pub/RCS). Package: root.cache -Version: 2007110100 (Nov 01, 2007) -Current Vers: 2007110100 (Nov 01, 2007) +Version: 2014060201 (June 2, 2014) +Current Vers: 2014060201 (June 2, 2014) Maintainer: InterNIC Archive Site: ftp://ftp.internic.net/domain/named.root Home Page: ftp://ftp.internic.net/domain/named.root Index: src/etc/namedb/root.cache diff -u src/etc/namedb/root.cache:1.13.20.1 src/etc/namedb/root.cache:1.13.20.2 --- src/etc/namedb/root.cache:1.13.20.1 Sun Jan 13 17:07:29 2013 +++ src/etc/namedb/root.cache Wed Aug 27 05:20:19 2014 @@ -1,4 +1,4 @@ -; $NetBSD: root.cache,v 1.13.20.1 2013/01/13 17:07:29 bouyer Exp $ +; $NetBSD: root.cache,v 1.13.20.2 2014/08/27 05:20:19 msaitoh Exp $ ; ; This file holds the information on root name servers needed to ; initialize cache of Internet domain name servers @@ -7,12 +7,12 @@ ; ; This file is made available by InterNIC ; under anonymous FTP as -; file/domain/db.cache +; file/domain/named.cache ; on server FTP.INTERNIC.NET ; -OR-RS.INTERNIC.NET ; -; last update:Feb 04, 2008 -; related version of root zone: 2008020400 +; last update:June 2, 2014 +; related version of root zone: 2014060201 ; ; formerly NS.INTERNIC.NET ; @@ -20,69 +20,73 @@ A.ROOT-SERVERS.NET. 360 A 198.41.0.4 A.ROOT-SERVERS.NET. 360 2001:503:BA3E::2:30 ; -; formerly NS1.ISI.EDU +; FORMERLY NS1.ISI.EDU ; .360 NSB.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 360 A 192.228.79.201 +B.ROOT-SERVERS.NET. 360 2001:500:84::B ; -; formerly C.PSI.NET +; FORMERLY C.PSI.NET ; .360 NSC.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 360 A 192.33.4.12 +C.ROOT-SERVERS.NET. 360 2001:500:2::C ; -; formerly TERP.UMD.EDU +; FORMERLY TERP.UMD.EDU ; .360 NSD.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 360 A 199.7.91.13 D.ROOT-SERVERS.NET. 360 2001:500:2D::D ; -; formerly NS.NASA.GOV +; FORMERLY NS.NASA.GOV ; .360 NSE.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. 360 A 192.203.230.10 ; -; formerly NS.ISC.ORG +; FORMERLY NS.ISC.ORG ; .360 NSF.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 360 A 192.5.5.241 -F.ROOT-SERVERS.NET. 360 2001:500:2f::f +F.ROOT-SERVERS.NET. 360 2001:500:2F::F ; -; formerly NS.NIC.DDN.MIL +; FORMERLY NS.NIC.DDN.MIL ; .360 NSG.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. 360 A 192.112.36.4 ; -; formerly AOS.ARL.ARMY.MIL +; FORMERLY AOS.ARL.ARMY.MIL ; .360 NSH.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 360 A 128.63.2.53 -H.ROOT-SERVERS.NET. 360 2001:500:1::803f:235 +H.ROOT-SERVERS.NET. 360 2001:500:1::803F:235 ; -; formerly NIC.NORDU.NET +; FORMERLY NIC.NORDU.NET ; .360 NSI.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 360 A 192.36.148.17 +I.ROOT-SERVERS.NET. 360 2001:7FE::53 ; -; operated by VeriSign, Inc. +; OPERATED BY VERISIGN, INC. ; .360 NSJ.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 360 A 192.58.128.30 J.ROOT-SERVERS.NET. 360 2001:503:C27::2:30 ; -; operated by RIPE NCC
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: riz Date: Fri Aug 15 23:03:35 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1917 To generate a diff of this commit: cvs rdiff -u -r1.1.2.13 -r1.1.2.14 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.13 src/doc/CHANGES-5.1.5:1.1.2.14 --- src/doc/CHANGES-5.1.5:1.1.2.13 Fri Aug 8 06:59:32 2014 +++ src/doc/CHANGES-5.1.5 Fri Aug 15 23:03:35 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.13 2014/08/08 06:59:32 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.14 2014/08/15 23:03:35 riz Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -196,3 +196,32 @@ sys/compat/linux32/common/linux32_socket If SCARG(uap, what) = 0, copyin() will copy (size_t)-1 bytes, and it's not a good idea; but not proven harmful. With the help of njoly@. [maxv, ticket #1916] + +distrib/sets/lists/base/mipatch +doc/3RDPARTY patch +share/zoneinfo/Makefile patch +share/zoneinfo/africa patch +share/zoneinfo/antarcticapatch +share/zoneinfo/asia patch +share/zoneinfo/australasiapatch +share/zoneinfo/backward patch +share/zoneinfo/etcetera patch +share/zoneinfo/europe patch +share/zoneinfo/factory patch +share/zoneinfo/iso3166.tabpatch +share/zoneinfo/leap-seconds.list patch +share/zoneinfo/northamericapatch +share/zoneinfo/pacificnewpatch +share/zoneinfo/southamericapatch +share/zoneinfo/systemv patch +share/zoneinfo/yearistype.shpatch +share/zoneinfo/zone.tab patch +share/zoneinfo/zone1970.tabpatch + + Update timezone database from tzdata2014c to tzdata2014f. + This adds two new timezones (Asia/Chita and Asia/Srednekolymsk), + updates many other timezones, and adds two new + data files in the /usr/share/zoneinfo directory (leapseconds + and zone1970.dat). + [apb, ticket #1917] +
CVS commit: [netbsd-5-1] src/sys/compat
Module Name:src Committed By: msaitoh Date: Fri Aug 8 06:56:50 UTC 2014 Modified Files: src/sys/compat/linux/common [netbsd-5-1]: linux_socketcall.c src/sys/compat/linux32/common [netbsd-5-1]: linux32_socketcall.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1916): sys/compat/linux32/common/linux32_socketcall.c: revision 1.9 sys/compat/linux/common/linux_socketcall.c: revision 1.44 If SCARG(uap, what) = 0, copyin() will copy (size_t)-1 bytes, and it's not a good idea; but not proven harmful. With the help of njoly@ To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.39.20.1 \ src/sys/compat/linux/common/linux_socketcall.c cvs rdiff -u -r1.6 -r1.6.26.1 \ src/sys/compat/linux32/common/linux32_socketcall.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/linux/common/linux_socketcall.c diff -u src/sys/compat/linux/common/linux_socketcall.c:1.39 src/sys/compat/linux/common/linux_socketcall.c:1.39.20.1 --- src/sys/compat/linux/common/linux_socketcall.c:1.39 Thu Jul 3 14:07:09 2008 +++ src/sys/compat/linux/common/linux_socketcall.c Fri Aug 8 06:56:50 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: linux_socketcall.c,v 1.39 2008/07/03 14:07:09 njoly Exp $ */ +/* $NetBSD: linux_socketcall.c,v 1.39.20.1 2014/08/08 06:56:50 msaitoh Exp $ */ /*- * Copyright (c) 1995, 1998 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: linux_socketcall.c,v 1.39 2008/07/03 14:07:09 njoly Exp $); +__KERNEL_RCSID(0, $NetBSD: linux_socketcall.c,v 1.39.20.1 2014/08/08 06:56:50 msaitoh Exp $); #include sys/param.h #include sys/kernel.h @@ -123,7 +123,7 @@ linux_sys_socketcall(struct lwp *l, cons struct linux_socketcall_dummy_args lda; int error; - if (SCARG(uap, what) 0 || SCARG(uap, what) LINUX_MAX_SOCKETCALL) + if (SCARG(uap, what) = 0 || SCARG(uap, what) LINUX_MAX_SOCKETCALL) return ENOSYS; if ((error = copyin(SCARG(uap, args), lda, Index: src/sys/compat/linux32/common/linux32_socketcall.c diff -u src/sys/compat/linux32/common/linux32_socketcall.c:1.6 src/sys/compat/linux32/common/linux32_socketcall.c:1.6.26.1 --- src/sys/compat/linux32/common/linux32_socketcall.c:1.6 Thu Dec 20 23:02:58 2007 +++ src/sys/compat/linux32/common/linux32_socketcall.c Fri Aug 8 06:56:50 2014 @@ -1,4 +1,4 @@ -/* $NetBSD: linux32_socketcall.c,v 1.6 2007/12/20 23:02:58 dsl Exp $ */ +/* $NetBSD: linux32_socketcall.c,v 1.6.26.1 2014/08/08 06:56:50 msaitoh Exp $ */ /*- * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved. @@ -31,7 +31,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include sys/cdefs.h -__KERNEL_RCSID(0, $NetBSD: linux32_socketcall.c,v 1.6 2007/12/20 23:02:58 dsl Exp $); +__KERNEL_RCSID(0, $NetBSD: linux32_socketcall.c,v 1.6.26.1 2014/08/08 06:56:50 msaitoh Exp $); #include opt_ktrace.h #include sys/types.h @@ -95,7 +95,7 @@ linux32_sys_socketcall(struct lwp *l, co union linux32_socketcall_args ua; int error; - if (SCARG(uap, what) 0 || SCARG(uap, what) LINUX32_MAX_SOCKETCALL) + if (SCARG(uap, what) = 0 || SCARG(uap, what) LINUX32_MAX_SOCKETCALL) return ENOSYS; if ((error = copyin(SCARG_P32(uap, args), ua,
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Aug 8 06:59:33 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1916. To generate a diff of this commit: cvs rdiff -u -r1.1.2.12 -r1.1.2.13 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.12 src/doc/CHANGES-5.1.5:1.1.2.13 --- src/doc/CHANGES-5.1.5:1.1.2.12 Mon Jul 14 09:17:04 2014 +++ src/doc/CHANGES-5.1.5 Fri Aug 8 06:59:32 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.12 2014/07/14 09:17:04 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.13 2014/08/08 06:59:32 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -189,3 +189,10 @@ sys/kern/sys_module.c1.15 via patch Fix a user-controlled memory allocation. [maxv, ticket #1914] + +sys/compat/linux/common/linux_socketcall.c 1.44 +sys/compat/linux32/common/linux32_socketcall.c 1.9 + + If SCARG(uap, what) = 0, copyin() will copy (size_t)-1 bytes, and it's + not a good idea; but not proven harmful. With the help of njoly@. + [maxv, ticket #1916]
CVS commit: [netbsd-5-1] src/sys/kern
Module Name:src
Committed By: msaitoh
Date: Mon Jul 14 09:10:18 UTC 2014
Modified Files:
src/sys/kern [netbsd-5-1]: sys_module.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #1914):
sys/kern/sys_module.c: revision 1.15 via patch
Fix a user-controlled memory allocation. kmem_alloc(0) will panic the system.
ok christos@
To generate a diff of this commit:
cvs rdiff -u -r1.8.4.1 -r1.8.4.1.2.1 src/sys/kern/sys_module.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/sys_module.c
diff -u src/sys/kern/sys_module.c:1.8.4.1 src/sys/kern/sys_module.c:1.8.4.1.2.1
--- src/sys/kern/sys_module.c:1.8.4.1 Sun May 3 13:07:39 2009
+++ src/sys/kern/sys_module.c Mon Jul 14 09:10:18 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: sys_module.c,v 1.8.4.1 2009/05/03 13:07:39 bouyer Exp $ */
+/* $NetBSD: sys_module.c,v 1.8.4.1.2.1 2014/07/14 09:10:18 msaitoh Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: sys_module.c,v 1.8.4.1 2009/05/03 13:07:39 bouyer Exp $);
+__KERNEL_RCSID(0, $NetBSD: sys_module.c,v 1.8.4.1.2.1 2014/07/14 09:10:18 msaitoh Exp $);
#include sys/param.h
#include sys/systm.h
@@ -43,6 +43,11 @@ __KERNEL_RCSID(0, $NetBSD: sys_module.c
#include sys/syscall.h
#include sys/syscallargs.h
+/*
+ * Arbitrary limit to avoid DoS for excessive memory allocation.
+ */
+#define MAXPROPSLEN 4096
+
static int
handle_modctl_load(modctl_load_t *ml)
{
@@ -63,6 +68,11 @@ handle_modctl_load(modctl_load_t *ml)
if (error != 0)
goto out2;
+ if (ml-ml_propslen MAXPROPSLEN) {
+ error = ENOMEM;
+ goto out2;
+ }
+
propslen = ml-ml_propslen + 1;
props = (char *)kmem_alloc(propslen, KM_SLEEP);
if (props == NULL) {
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Jul 14 09:17:04 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1914. To generate a diff of this commit: cvs rdiff -u -r1.1.2.11 -r1.1.2.12 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.11 src/doc/CHANGES-5.1.5:1.1.2.12 --- src/doc/CHANGES-5.1.5:1.1.2.11 Wed Jul 9 16:12:11 2014 +++ src/doc/CHANGES-5.1.5 Mon Jul 14 09:17:04 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.11 2014/07/09 16:12:11 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.12 2014/07/14 09:17:04 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -184,3 +184,8 @@ libexec/httpd/testsuite/data/index.html Update bozohttpd from 20080303+patches to 20140708. [mrg, ticket #1913] + +sys/kern/sys_module.c1.15 via patch + + Fix a user-controlled memory allocation. + [maxv, ticket #1914]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Wed Jul 9 16:12:11 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1913. To generate a diff of this commit: cvs rdiff -u -r1.1.2.10 -r1.1.2.11 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.10 src/doc/CHANGES-5.1.5:1.1.2.11 --- src/doc/CHANGES-5.1.5:1.1.2.10 Mon Jun 30 11:00:06 2014 +++ src/doc/CHANGES-5.1.5 Wed Jul 9 16:12:11 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.10 2014/06/30 11:00:06 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.11 2014/07/09 16:12:11 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -125,3 +125,62 @@ sys/compat/freebsd/freebsd_sched.c 1.20 Avoid NULL dereference and fix sched param conversion. Pointed out by Maxime Villard. [maxv, ticket #1909] + +libexec/httpd/CHANGES1.3-1.18 +libexec/httpd/Makefile1.8-1.22 via patch +libexec/httpd/Makefile.boot 1.3-1.6 +libexec/httpd/auth-bozo.c 1.5-1.13 +libexec/httpd/bozohttpd.8 1.6-1.46 +libexec/httpd/bozohttpd.c 1.8,1.12-1.54 +libexec/httpd/bozohttpd.h 1.8-1.32 +libexec/httpd/cgi-bozo.c 1.11-1.25 +libexec/httpd/content-bozo.c 1.4-1.10 +libexec/httpd/daemon-bozo.c 1.5-1.16 +libexec/httpd/dir-index-bozo.c 1.6-1.19 +libexec/httpd/ssl-bozo.c 1.5-1.16 +libexec/httpd/tilde-luzah-bozo.c 1.5-1.10 +libexec/httpd/lua-bozo.c 1.1-1.9 +libexec/httpd/main.c1.1-1.7 +libexec/httpd/netbsd_queue.h 1.1 +libexec/httpd/printenv.lua 1.1-1.2 +libexec/httpd/debug/Makefile 1.1 +libexec/httpd/libbozohttpd/Makefile 1.2 +libexec/httpd/libbozohttpd/libbozohttpd.3 1.3 +libexec/httpd/libbozohttpd/shlib_version 1.1 +libexec/httpd/lua/Makefile 1.1 +libexec/httpd/lua/bozo.lua 1.1 +libexec/httpd/lua/glue.c 1.1 +libexec/httpd/lua/optparse.lua 1.1 +libexec/httpd/lua/shlib_version 1.1 +libexec/httpd/small/Makefile 1.1-1.2 +libexec/httpd/testsuite/Makefile 1.4 +libexec/httpd/testsuite/html_cmp 1.4 +libexec/httpd/testsuite/t1.in 1.3 +libexec/httpd/testsuite/t1.out 1.3 +libexec/httpd/testsuite/t10.in 1.1 +libexec/httpd/testsuite/t10.out 1.1 +libexec/httpd/testsuite/t2.in 1.3 +libexec/httpd/testsuite/t2.out 1.3 +libexec/httpd/testsuite/t3.in 1.3 +libexec/httpd/testsuite/t3.out 1.3 +libexec/httpd/testsuite/t4.in 1.3 +libexec/httpd/testsuite/t4.out 1.3 +libexec/httpd/testsuite/t5.in 1.3 +libexec/httpd/testsuite/t5.out 1.3 +libexec/httpd/testsuite/t6.in 1.3 +libexec/httpd/testsuite/t6.out 1.3 +libexec/httpd/testsuite/t7.in 1.3 +libexec/httpd/testsuite/t7.out 1.3 +libexec/httpd/testsuite/t8.in 1.3 +libexec/httpd/testsuite/t8.out 1.3 +libexec/httpd/testsuite/t9.in 1.3 +libexec/httpd/testsuite/t9.out 1.3 +libexec/httpd/testsuite/test-bigfile 1.1 +libexec/httpd/testsuite/data/bigfile 1.1 +libexec/httpd/testsuite/data/bigfile.partial4000 1.1 +libexec/httpd/testsuite/data/bigfile.partial8000 1.1 +libexec/httpd/testsuite/data/file 1.3 +libexec/httpd/testsuite/data/index.html 1.3 + + Update bozohttpd from 20080303+patches to 20140708. + [mrg, ticket #1913]
CVS commit: [netbsd-5-1] src/sys/compat/freebsd
Module Name:src
Committed By: msaitoh
Date: Mon Jun 30 10:59:09 UTC 2014
Modified Files:
src/sys/compat/freebsd [netbsd-5-1]: freebsd_sched.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #1909):
sys/compat/freebsd/freebsd_sched.c 1.20-1.21
Avoid NULL dereference and fix sched param conversion (at least make it
do something). Pointed out by Maxime Villard.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.19.24.1 src/sys/compat/freebsd/freebsd_sched.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/compat/freebsd/freebsd_sched.c
diff -u src/sys/compat/freebsd/freebsd_sched.c:1.19 src/sys/compat/freebsd/freebsd_sched.c:1.19.24.1
--- src/sys/compat/freebsd/freebsd_sched.c:1.19 Mon Apr 28 20:23:41 2008
+++ src/sys/compat/freebsd/freebsd_sched.c Mon Jun 30 10:59:09 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: freebsd_sched.c,v 1.19 2008/04/28 20:23:41 martin Exp $ */
+/* $NetBSD: freebsd_sched.c,v 1.19.24.1 2014/06/30 10:59:09 msaitoh Exp $ */
/*-
* Copyright (c) 1999 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: freebsd_sched.c,v 1.19 2008/04/28 20:23:41 martin Exp $);
+__KERNEL_RCSID(0, $NetBSD: freebsd_sched.c,v 1.19.24.1 2014/06/30 10:59:09 msaitoh Exp $);
#include sys/param.h
#include sys/mount.h
@@ -62,72 +62,72 @@ freebsd_sys_yield(struct lwp *l, const v
*/
static int
sched_freebsd2native(int freebsd_policy,
-struct freebsd_sched_param *freebsd_params, int *native_policy,
+const struct freebsd_sched_param *freebsd_params, int *native_policy,
struct sched_param *native_params)
{
- int error;
-
- error = 0;
+ int p;
switch (freebsd_policy) {
case FREEBSD_SCHED_OTHER:
- *native_policy = SCHED_OTHER;
+ p = SCHED_OTHER;
break;
case FREEBSD_SCHED_FIFO:
- *native_policy = SCHED_FIFO;
+ p = SCHED_FIFO;
break;
case FREEBSD_SCHED_RR:
- *native_policy = SCHED_RR;
+ p = SCHED_RR;
break;
default:
- error = EINVAL;
- break;
+ return EINVAL;
}
- if (freebsd_params != NULL native_params != NULL !error) {
- native_params = (struct sched_param *)freebsd_params;
+ if (native_policy != NULL)
+ *native_policy = p;
+
+ if (freebsd_params != NULL native_params != NULL) {
+ /* XXX: Needs adjustment to do a proper conversion. */
+ native_params-sched_priority = freebsd_params-sched_priority;
}
-
- return (error);
+ return 0;
}
/*
- * XXX: Needs adjustment to do a proper conversion.
*/
static int
-sched_native2freebsd(int native_policy, struct sched_param *native_params,
+sched_native2freebsd(int native_policy, const struct sched_param *native_params,
int *freebsd_policy, struct freebsd_sched_param *freebsd_params)
{
- int error;
-
- error = 0;
+ int p;
switch (native_policy) {
case SCHED_OTHER:
- *freebsd_policy = FREEBSD_SCHED_OTHER;
+ p = FREEBSD_SCHED_OTHER;
break;
case SCHED_FIFO:
- *freebsd_policy = FREEBSD_SCHED_FIFO;
+ p = FREEBSD_SCHED_FIFO;
break;
case SCHED_RR:
- *freebsd_policy = FREEBSD_SCHED_RR;
+ p = FREEBSD_SCHED_RR;
break;
default:
- error = EINVAL;
- break;
+ return EINVAL;
}
- if (native_params != NULL freebsd_params != NULL !error) {
- freebsd_params = (struct freebsd_sched_param *)native_params;
+ if (freebsd_policy != NULL)
+ *freebsd_policy = p;
+
+ if (native_params != NULL freebsd_params != NULL) {
+ /* XXX: Needs adjustment to do a proper conversion. */
+ freebsd_params-sched_priority = native_params-sched_priority;
}
-
- return (error);
+
+ return 0;
}
int
@@ -199,7 +199,7 @@ freebsd_sys_sched_getparam(struct lwp *l
goto out;
out:
- return (error);
+ return error;
}
int
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Mon Jun 30 11:00:06 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1909. To generate a diff of this commit: cvs rdiff -u -r1.1.2.9 -r1.1.2.10 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.9 src/doc/CHANGES-5.1.5:1.1.2.10 --- src/doc/CHANGES-5.1.5:1.1.2.9 Fri Jun 6 07:04:33 2014 +++ src/doc/CHANGES-5.1.5 Mon Jun 30 11:00:06 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.9 2014/06/06 07:04:33 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.10 2014/06/30 11:00:06 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -119,3 +119,9 @@ crypto/dist/openssl/ssl/ssl3.h patch Fix CVE-2014-0224, CVE-2014-0221, CVE-2014-0195 and CVE-2014-3470. [spz, ticket #1908] + +sys/compat/freebsd/freebsd_sched.c 1.20-1.21 + + Avoid NULL dereference and fix sched param conversion. + Pointed out by Maxime Villard. + [maxv, ticket #1909]
CVS commit: [netbsd-5-1] src/crypto/dist/openssl
Module Name:src
Committed By: msaitoh
Date: Fri Jun 6 06:44:04 UTC 2014
Modified Files:
src/crypto/dist/openssl/crypto/bn [netbsd-5-1]: bn.h bn_lib.c
src/crypto/dist/openssl/crypto/ec [netbsd-5-1]: ec2_mult.c
src/crypto/dist/openssl/ssl [netbsd-5-1]: d1_both.c s3_clnt.c s3_pkt.c
s3_srvr.c ssl3.h
Log Message:
Pull up following revision(s) (requested by spz in ticket #1908):
crypto/dist/openssl/crypto/bn/bn.h patch
crypto/dist/openssl/crypto/bn/bn_lib.c patch
crypto/dist/openssl/crypto/ec/ec2_mult.cpatch
crypto/dist/openssl/ssl/d1_both.c patch
crypto/dist/openssl/ssl/s3_clnt.c patch
crypto/dist/openssl/ssl/s3_pkt.cpatch
crypto/dist/openssl/ssl/s3_srvr.c patch
crypto/dist/openssl/ssl/ssl3.h patch
*) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
handshake can force the use of weak keying material in OpenSSL
SSL/TLS clients and servers.
Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
researching this issue. (CVE-2014-0224)
[KIKUCHI Masashi, Steve Henson]
*) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
OpenSSL DTLS client the code can be made to recurse eventually crashing
in a DoS attack.
Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
(CVE-2014-0221)
[Imre Rad, Steve Henson]
*) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
client or server. This is potentially exploitable to run arbitrary
code on a vulnerable client or server.
Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
[Jüri Aedla, Steve Henson]
*) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
are subject to a denial of service attack.
Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
this issue. (CVE-2014-3470)
[Felix Gröbert, Ivan Fratric, Steve Henson]
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.12.12.1 src/crypto/dist/openssl/crypto/bn/bn.h
cvs rdiff -u -r1.7 -r1.7.12.1 src/crypto/dist/openssl/crypto/bn/bn_lib.c
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.12.1 \
src/crypto/dist/openssl/crypto/ec/ec2_mult.c
cvs rdiff -u -r1.3.4.2 -r1.3.4.2.2.1 src/crypto/dist/openssl/ssl/d1_both.c
cvs rdiff -u -r1.12.4.2.2.1 -r1.12.4.2.2.2 \
src/crypto/dist/openssl/ssl/s3_clnt.c
cvs rdiff -u -r1.9.4.3 -r1.9.4.3.2.1 src/crypto/dist/openssl/ssl/s3_pkt.c
cvs rdiff -u -r1.15.4.3.2.1 -r1.15.4.3.2.2 \
src/crypto/dist/openssl/ssl/s3_srvr.c
cvs rdiff -u -r1.8 -r1.8.12.1 src/crypto/dist/openssl/ssl/ssl3.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/dist/openssl/crypto/bn/bn.h
diff -u src/crypto/dist/openssl/crypto/bn/bn.h:1.12 src/crypto/dist/openssl/crypto/bn/bn.h:1.12.12.1
--- src/crypto/dist/openssl/crypto/bn/bn.h:1.12 Fri May 9 21:49:39 2008
+++ src/crypto/dist/openssl/crypto/bn/bn.h Fri Jun 6 06:44:04 2014
@@ -520,6 +520,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *ret,
BIGNUM *BN_mod_sqrt(BIGNUM *ret,
const BIGNUM *a, const BIGNUM *n,BN_CTX *ctx);
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
/* Deprecated versions */
#ifndef OPENSSL_NO_DEPRECATED
BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,
@@ -742,11 +744,20 @@ int RAND_pseudo_bytes(unsigned char *buf
#define bn_fix_top(a) bn_check_top(a)
+#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+#define bn_wcheck_size(bn, words) \
+ do { \
+ const BIGNUM *_bnum2 = (bn); \
+ assert(words = (_bnum2)-dmax words = (_bnum2)-top); \
+ } while(0)
+
#else /* !BN_DEBUG */
#define bn_pollute(a)
#define bn_check_top(a)
#define bn_fix_top(a) bn_correct_top(a)
+#define bn_check_size(bn, bits)
+#define bn_wcheck_size(bn, words)
#endif
Index: src/crypto/dist/openssl/crypto/bn/bn_lib.c
diff -u src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7 src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7.12.1
--- src/crypto/dist/openssl/crypto/bn/bn_lib.c:1.7 Fri May 9 21:49:39 2008
+++ src/crypto/dist/openssl/crypto/bn/bn_lib.c Fri Jun 6 06:44:04 2014
@@ -843,3 +843,55 @@ int bn_cmp_part_words(const BN_ULONG *a,
}
return bn_cmp_words(a,b,cl);
}
+
+/*
+ * Constant-time conditional swap of a and b.
+ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+ {
+ BN_ULONG t;
+ int i;
+
+ bn_wcheck_size(a, nwords);
+
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Jun 6 06:44:24 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket 1908. To generate a diff of this commit: cvs rdiff -u -r1.1.2.7 -r1.1.2.8 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.7 src/doc/CHANGES-5.1.5:1.1.2.8 --- src/doc/CHANGES-5.1.5:1.1.2.7 Wed May 21 21:58:11 2014 +++ src/doc/CHANGES-5.1.5 Fri Jun 6 06:44:24 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.7 2014/05/21 21:58:11 bouyer Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.8 2014/06/06 06:44:24 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -108,3 +108,15 @@ distrib/sets/lists/base/mi patch [apb, ticket #1906] +crypto/dist/openssl/crypto/bn/bn.h patch +crypto/dist/openssl/crypto/bn/bn_lib.c patch +crypto/dist/openssl/crypto/ec/ec2_mult.c patch +crypto/dist/openssl/ssl/d1_both.c patch +crypto/dist/openssl/ssl/s3_clnt.c patch +crypto/dist/openssl/ssl/s3_pkt.c patch +crypto/dist/openssl/ssl/s3_srvr.c patch +crypto/dist/openssl/ssl/ssl3.h patch + + Update openssl to 1.0.1h which includes CVE-2014-0224, CVE-2014-0221, + CVE-2014-0195, CVE-2014-3470. + [spz, ticket #1908]
CVS commit: [netbsd-5-1] src/doc
Module Name:src Committed By: msaitoh Date: Fri Jun 6 07:04:33 UTC 2014 Modified Files: src/doc [netbsd-5-1]: CHANGES-5.1.5 Log Message: Ticket #1908 is not openssl 1.0.1h. To generate a diff of this commit: cvs rdiff -u -r1.1.2.8 -r1.1.2.9 src/doc/CHANGES-5.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-5.1.5 diff -u src/doc/CHANGES-5.1.5:1.1.2.8 src/doc/CHANGES-5.1.5:1.1.2.9 --- src/doc/CHANGES-5.1.5:1.1.2.8 Fri Jun 6 06:44:24 2014 +++ src/doc/CHANGES-5.1.5 Fri Jun 6 07:04:33 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-5.1.5,v 1.1.2.8 2014/06/06 06:44:24 msaitoh Exp $ +# $NetBSD: CHANGES-5.1.5,v 1.1.2.9 2014/06/06 07:04:33 msaitoh Exp $ A complete list of changes from the NetBSD 5.1.4 release to the NetBSD 5.1.5 release: @@ -117,6 +117,5 @@ crypto/dist/openssl/ssl/s3_pkt.c patch crypto/dist/openssl/ssl/s3_srvr.c patch crypto/dist/openssl/ssl/ssl3.h patch - Update openssl to 1.0.1h which includes CVE-2014-0224, CVE-2014-0221, - CVE-2014-0195, CVE-2014-3470. + Fix CVE-2014-0224, CVE-2014-0221, CVE-2014-0195 and CVE-2014-3470. [spz, ticket #1908]
CVS commit: [netbsd-5-1] src/sys/fs/cd9660
Module Name:src
Committed By: bouyer
Date: Wed May 21 21:49:49 UTC 2014
Modified Files:
src/sys/fs/cd9660 [netbsd-5-1]: cd9660_node.c
Log Message:
Pull up following revision(s) (requested by martin in ticket #1904):
sys/fs/cd9660/cd9660_node.c: revision 1.31
PR kern/48787: inode calculation from ISO9660 block offset might get
truncated to 32bit - force the whole expression to be evaluated as ino_t.
Patch from Thomas Schmitt, with minor modifications (and reworded comment).
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.24.24.1 src/sys/fs/cd9660/cd9660_node.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/fs/cd9660/cd9660_node.c
diff -u src/sys/fs/cd9660/cd9660_node.c:1.24 src/sys/fs/cd9660/cd9660_node.c:1.24.24.1
--- src/sys/fs/cd9660/cd9660_node.c:1.24 Mon May 5 17:11:16 2008
+++ src/sys/fs/cd9660/cd9660_node.c Wed May 21 21:49:49 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: cd9660_node.c,v 1.24 2008/05/05 17:11:16 ad Exp $ */
+/* $NetBSD: cd9660_node.c,v 1.24.24.1 2014/05/21 21:49:49 bouyer Exp $ */
/*-
* Copyright (c) 1982, 1986, 1989, 1994
@@ -37,7 +37,7 @@
*/
#include sys/cdefs.h
-__KERNEL_RCSID(0, $NetBSD: cd9660_node.c,v 1.24 2008/05/05 17:11:16 ad Exp $);
+__KERNEL_RCSID(0, $NetBSD: cd9660_node.c,v 1.24.24.1 2014/05/21 21:49:49 bouyer Exp $);
#include sys/param.h
#include sys/systm.h
@@ -439,7 +439,14 @@ isodirino(struct iso_directory_record *i
{
ino_t ino;
- ino = (isonum_733(isodir-extent) + isonum_711(isodir-ext_attr_length))
- imp-im_bshift;
- return (ino);
+ /*
+ * Note there is an inverse calculation in
+ * cd9660_vfsops.c:cd9660_vget_internal():
+ * ip-iso_start = ino imp-im_bshift;
+ * and also a calculation of the isodir pointer
+ * from an inode in cd9660_vnops.c:cd9660_readlink()
+ */
+ ino = ((ino_t)isonum_733(isodir-extent) +
+ isonum_711(isodir-ext_attr_length)) imp-im_bshift;
+ return ino;
}
