Module Name: src Committed By: msaitoh Date: Wed Jun 18 02:15:51 UTC 2014
Modified Files: src/doc [netbsd-6-1]: CHANGES-6.1.5 Log Message: Ticket 1076. To generate a diff of this commit: cvs rdiff -u -r1.1.2.9 -r1.1.2.10 src/doc/CHANGES-6.1.5 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-6.1.5 diff -u src/doc/CHANGES-6.1.5:1.1.2.9 src/doc/CHANGES-6.1.5:1.1.2.10 --- src/doc/CHANGES-6.1.5:1.1.2.9 Fri Jun 6 05:33:38 2014 +++ src/doc/CHANGES-6.1.5 Wed Jun 18 02:15:51 2014 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-6.1.5,v 1.1.2.9 2014/06/06 05:33:38 msaitoh Exp $ +# $NetBSD: CHANGES-6.1.5,v 1.1.2.10 2014/06/18 02:15:51 msaitoh Exp $ A complete list of changes from the NetBSD 6.1.4 release to the NetBSD 6.1.5 release: @@ -590,3 +590,12 @@ crypto/external/bsd/openssl/lib/libcrypt CVE-2014-0195, CVE-2014-3470 and fix some double free. Avoid NULL dereference. (FreeBSD SA14:10). [christos, ticket #1078] + +src/external/bsd/openpam/dist/lib/openpam_configure.c 1.8 via patch + + CVE-2014-3879: Incorrect error handling in PAM policy parser: + Missing module files were treated as soft failures leading to + unexpected behavior if policy files were copied between hosts with + differently installed modules or in the short period during upgrades + when module files were being replaced. + [christos, ticket #1076]