From owner-svn-src-stable-8@FreeBSD.ORG Wed Feb 25 05:43:04 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 25400873; Wed, 25 Feb 2015 05:43:04 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 100CC827; Wed, 25 Feb 2015 05:43:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t1P5h37J083360; Wed, 25 Feb 2015 05:43:03 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t1P5h378083359; Wed, 25 Feb 2015 05:43:03 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201502250543.t1P5h378083359@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Wed, 25 Feb 2015 05:43:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r279263 - in stable: 10/sys/netinet 8/sys/netinet 9/sys/netinet X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Feb 2015 05:43:04 -0000 Author: delphij Date: Wed Feb 25 05:43:02 2015 New Revision: 279263 URL: https://svnweb.freebsd.org/changeset/base/279263 Log: Instant MFC: Fix integer overflow in IGMP protocol. Security: FreeBSD-SA-15:04.igmp Security: CVE-2015-1414 Found by: Mateusz Kocielski, Logicaltrust Analyzed by: Marek Kroemeke, Mateusz Kocielski (shm@NetBSD.org) and 22733db72ab3ed94b5f8a1ffcde850251fe6f466 Submited by: Mariusz Zaborski Reviewed by: bms Approved by: so Modified: stable/8/sys/netinet/igmp.c Changes in other areas also in this revision: Modified: stable/10/sys/netinet/igmp.c stable/9/sys/netinet/igmp.c Modified: stable/8/sys/netinet/igmp.c ============================================================================== --- stable/8/sys/netinet/igmp.c Wed Feb 25 05:42:59 2015 (r279262) +++ stable/8/sys/netinet/igmp.c Wed Feb 25 05:43:02 2015 (r279263) @@ -1532,8 +1532,8 @@ igmp_input(struct mbuf *m, int off) case IGMP_VERSION_3: { struct igmpv3 *igmpv3; uint16_t igmpv3len; - uint16_t srclen; - int nsrc; + uint16_t nsrc; + int srclen; IGMPSTAT_INC(igps_rcv_v3_queries); igmpv3 = (struct igmpv3 *)igmp; From owner-svn-src-stable-8@FreeBSD.ORG Wed Feb 25 16:36:46 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 75AC694D; Wed, 25 Feb 2015 16:36:46 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 43DFDEEF; Wed, 25 Feb 2015 16:36:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t1PGakaS096466; Wed, 25 Feb 2015 16:36:46 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t1PGajXS096464; Wed, 25 Feb 2015 16:36:45 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201502251636.t1PGajXS096464@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 25 Feb 2015 16:36:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r279285 - in stable: 10/release/doc/share/xml 8/release/doc/share/xml 9/release/doc/share/xml X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Feb 2015 16:36:46 -0000 Author: gjb Date: Wed Feb 25 16:36:44 2015 New Revision: 279285 URL: https://svnweb.freebsd.org/changeset/base/279285 Log: Document FreeBSD-EN-15:01.vt, FreeBSD-EN-15:02.openssl, FreeBSD-EN-15:03.freebsd-update, FreeBSD-SA-15:04.igmp, FreeBSD-SA-15:05.bind Sponsored by: The FreeBSD Foundation Modified: stable/8/release/doc/share/xml/errata.xml stable/8/release/doc/share/xml/security.xml Changes in other areas also in this revision: Modified: stable/10/release/doc/share/xml/errata.xml stable/10/release/doc/share/xml/security.xml stable/9/release/doc/share/xml/errata.xml stable/9/release/doc/share/xml/security.xml Modified: stable/8/release/doc/share/xml/errata.xml ============================================================================== --- stable/8/release/doc/share/xml/errata.xml Wed Feb 25 16:18:26 2015 (r279284) +++ stable/8/release/doc/share/xml/errata.xml Wed Feb 25 16:36:44 2015 (r279285) @@ -111,6 +111,21 @@ 23 December 2014 Fix directory deletion issue + + + FreeBSD-EN-15:02.openssl + 25 February 2015 + OpenSSL update + + + + FreeBSD-EN-15:03.freebsd-update + 25 February 2015 + &man.freebsd-update.8; updates libraries in + suboptimal order + Modified: stable/8/release/doc/share/xml/security.xml ============================================================================== --- stable/8/release/doc/share/xml/security.xml Wed Feb 25 16:18:26 2015 (r279284) +++ stable/8/release/doc/share/xml/security.xml Wed Feb 25 16:36:44 2015 (r279285) @@ -216,6 +216,21 @@ Fix SCTP stream reset vulnerability + + + FreeBSD-SA-15:04.igmp + 25 February 2015 + Integer overflow in IGMP protocol + + + + FreeBSD-SA-15:05.igmp + 25 February 2015 + Remote denial of service + vulnerability + From owner-svn-src-stable-8@FreeBSD.ORG Wed Feb 25 16:44:42 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2C4121B7; Wed, 25 Feb 2015 16:44:42 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 16E71FE7; Wed, 25 Feb 2015 16:44:42 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t1PGif3F001380; Wed, 25 Feb 2015 16:44:41 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t1PGifbu001379; Wed, 25 Feb 2015 16:44:41 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201502251644.t1PGifbu001379@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 25 Feb 2015 16:44:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r279287 - in stable: 10/sys/sys 8/sys/sys 9/sys/sys X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Feb 2015 16:44:42 -0000 Author: gjb Date: Wed Feb 25 16:44:40 2015 New Revision: 279287 URL: https://svnweb.freebsd.org/changeset/base/279287 Log: Bump __FreeBSD_version after FreeBSD-EN-15:01.vt, FreeBSD-EN-15:02.openssl, FreeBSD-EN-15:03.freebsd-update, FreeBSD-SA-15:04.igmp, FreeBSD-SA-15:05.bind Sponsored by: The FreeBSD Foundation Modified: stable/8/sys/sys/param.h Changes in other areas also in this revision: Modified: stable/10/sys/sys/param.h stable/9/sys/sys/param.h Modified: stable/8/sys/sys/param.h ============================================================================== --- stable/8/sys/sys/param.h Wed Feb 25 16:44:07 2015 (r279286) +++ stable/8/sys/sys/param.h Wed Feb 25 16:44:40 2015 (r279287) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 804507 /* Master, propagated to newvers */ +#define __FreeBSD_version 804508 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, From owner-svn-src-stable-8@FreeBSD.ORG Fri Feb 27 12:23:31 2015 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E61251FD; Fri, 27 Feb 2015 12:23:31 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D09D92D5; Fri, 27 Feb 2015 12:23:31 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t1RCNVaP051255; Fri, 27 Feb 2015 12:23:31 GMT (envelope-from hselasky@FreeBSD.org) Received: (from hselasky@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t1RCNVbZ051254; Fri, 27 Feb 2015 12:23:31 GMT (envelope-from hselasky@FreeBSD.org) Message-Id: <201502271223.t1RCNVbZ051254@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: hselasky set sender to hselasky@FreeBSD.org using -f From: Hans Petter Selasky Date: Fri, 27 Feb 2015 12:23:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r279355 - stable/8/sys/dev/usb/controller X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Feb 2015 12:23:32 -0000 Author: hselasky Date: Fri Feb 27 12:23:30 2015 New Revision: 279355 URL: https://svnweb.freebsd.org/changeset/base/279355 Log: MFC r279233: Ensure that the XHCI driver will refresh the control endpoint settings when re-enumerating a FULL speed device. Else the wrong max packet setting might be used when trying to re-enumerate a FULL speed device. Modified: stable/8/sys/dev/usb/controller/xhci.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/dev/ (props changed) stable/8/sys/dev/usb/ (props changed) Modified: stable/8/sys/dev/usb/controller/xhci.c ============================================================================== --- stable/8/sys/dev/usb/controller/xhci.c Fri Feb 27 12:22:07 2015 (r279354) +++ stable/8/sys/dev/usb/controller/xhci.c Fri Feb 27 12:23:30 2015 (r279355) @@ -1385,6 +1385,13 @@ xhci_set_address(struct usb_device *udev pepext = xhci_get_endpoint_ext(udev, &udev->ctrl_ep_desc); + + /* ensure the control endpoint is setup again */ + USB_BUS_LOCK(udev->bus); + pepext->trb_halted = 1; + pepext->trb_running = 0; + USB_BUS_UNLOCK(udev->bus); + err = xhci_configure_endpoint(udev, &udev->ctrl_ep_desc, pepext->physaddr, 0, 1, 1, 0, mps, mps);