Module Name: src
Committed By: msaitoh
Date: Wed Jun 18 02:15:51 UTC 2014
Modified Files:
src/doc [netbsd-6-1]: CHANGES-6.1.5
Log Message:
Ticket 1076.
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.9 -r1.1.2.10 src/doc/CHANGES-6.1.5
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.1.5
diff -u src/doc/CHANGES-6.1.5:1.1.2.9 src/doc/CHANGES-6.1.5:1.1.2.10
--- src/doc/CHANGES-6.1.5:1.1.2.9 Fri Jun 6 05:33:38 2014
+++ src/doc/CHANGES-6.1.5 Wed Jun 18 02:15:51 2014
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.1.5,v 1.1.2.9 2014/06/06 05:33:38 msaitoh Exp $
+# $NetBSD: CHANGES-6.1.5,v 1.1.2.10 2014/06/18 02:15:51 msaitoh Exp $
A complete list of changes from the NetBSD 6.1.4 release to the NetBSD 6.1.5
release:
@@ -590,3 +590,12 @@ crypto/external/bsd/openssl/lib/libcrypt
CVE-2014-0195, CVE-2014-3470 and fix some double free.
Avoid NULL dereference. (FreeBSD SA14:10).
[christos, ticket #1078]
+
+src/external/bsd/openpam/dist/lib/openpam_configure.c 1.8 via patch
+
+ CVE-2014-3879: Incorrect error handling in PAM policy parser:
+ Missing module files were treated as soft failures leading to
+ unexpected behavior if policy files were copied between hosts with
+ differently installed modules or in the short period during upgrades
+ when module files were being replaced.
+ [christos, ticket #1076]
