Date: Wed, 10 Jun 2009 10:31:11 +0000 (UTC) From: Colin Percival <cperciva@FreeBSD.org> To: cvs-src-old@freebsd.org Subject: cvs commit: src UPDATING src/contrib/ntp/ntpd ntp_crypto.c src/sys/conf newvers.sh src/sys/kern sys_pipe.c src/sys/netinet6 in6.c Message-ID: <200906101048.n5AAmn6r039545@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cperciva 2009-06-10 10:31:11 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_7_1)
. UPDATING
contrib/ntp/ntpd ntp_crypto.c
sys/conf newvers.sh
sys/kern sys_pipe.c
sys/netinet6 in6.c
Log:
SVN rev 193893 on 2009-06-10 10:31:11Z by cperciva
Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]
Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]
Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]
Approved by: so (cperciva)
Approved by: re (not really, but SVN wants this...)
Security: FreeBSD-SA-09:09.pipe
Security: FreeBSD-SA-09:10.ipv6
Security: FreeBSD-SA-09:11.ntpd
Revision Changes Path
1.507.2.13.2.9 +9 -0 src/UPDATING
1.1.1.3.18.1.2.2 +22 -17 src/contrib/ntp/ntpd/ntp_crypto.c
1.72.2.9.2.10 +1 -1 src/sys/conf/newvers.sh
1.191.2.3.2.2 +2 -0 src/sys/kern/sys_pipe.c
1.73.2.4.2.2 +1 -1 src/sys/netinet6/in6.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906101048.n5AAmn6r039545>