Author: delphij
Date: Fri Jul 26 22:40:29 2013
New Revision: 253694
URL: http://svnweb.freebsd.org/changeset/base/253694
Log:
Fix a bug that allows remote client bypass the normal
access checks when when -network or -host restrictions
are used at the same time with -mapall. [13:08]
Security: CVE-2013-4851
Security: FreeBSD-SA-13:08.nfsserver
Approved by: so
Modified:
releng/8.3/UPDATING
releng/8.3/sys/kern/vfs_export.c
Modified: releng/8.3/UPDATING
==============================================================================
--- releng/8.3/UPDATING Fri Jul 26 22:40:23 2013 (r253693)
+++ releng/8.3/UPDATING Fri Jul 26 22:40:29 2013 (r253694)
@@ -15,6 +15,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.
debugging tools present in HEAD were left in place because
sun4v support still needs work to become production ready.
+20130429: p9 FreeBSD-SA-13:08.nfsserver
+ Fix a bug that allows remote client bypass the normal
+ access checks when when -network or -host restrictions are
+ used at the same time with -mapall.
+
20130429: p8 FreeBSD-SA-13:05.nfsserver
Fix a bug that allows NFS clients to issue READDIR on files.
Modified: releng/8.3/sys/kern/vfs_export.c
==============================================================================
--- releng/8.3/sys/kern/vfs_export.c Fri Jul 26 22:40:23 2013
(r253693)
+++ releng/8.3/sys/kern/vfs_export.c Fri Jul 26 22:40:29 2013
(r253694)
@@ -208,7 +208,7 @@ vfs_hang_addrlist(struct mount *mp, stru
np->netc_anon = crget();
np->netc_anon->cr_uid = argp->ex_anon.cr_uid;
crsetgroups(np->netc_anon, argp->ex_anon.cr_ngroups,
- np->netc_anon->cr_groups);
+ argp->ex_anon.cr_groups);
np->netc_anon->cr_prison = &prison0;
prison_hold(np->netc_anon->cr_prison);
np->netc_numsecflavors = argp->ex_numsecflavors;
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
