Date: Wed, 10 Jun 2009 10:31:11 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src/contrib/ntp/ntpd ntp_crypto.c src/sys/kern sys_pipe.c src/sys/netinet6 in6.c Message-ID: <200906101034.n5AAYq02037021@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-06-10 10:31:11 UTC
FreeBSD src repository
Modified files:
contrib/ntp/ntpd ntp_crypto.c
sys/kern sys_pipe.c
sys/netinet6 in6.c
Log:
SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva
Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]
Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]
Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]
Approved by: so (cperciva)
Approved by: re (not really, but SVN wants this...)
Security: FreeBSD-SA-09:09.pipe
Security: FreeBSD-SA-09:10.ipv6
Security: FreeBSD-SA-09:11.ntpd
Revision Changes Path
1.4 +22 -17 src/contrib/ntp/ntpd/ntp_crypto.c
1.203 +2 -0 src/sys/kern/sys_pipe.c
1.111 +1 -1 src/sys/netinet6/in6.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906101034.n5AAYq02037021>