src

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 12201 does not exist.

Create SECURITY.md

bump for mountd change.

mention the mountd change.

Merge branch 'master' of github.com:MidnightBSD/src

Avoid reading one byte before the path buffer.

This happens when there's only one component (e.g. "/foo"). This

(mostly-harmless) bug has been present since June 1990 when it was

commited to mountd.c SCCS version 5.9.

Note: the bug is on the second changed line, the first line is changed

for visual consistency.

Obtained from: CheriBSD, FreeBSD svn 363435

Avoid reading one byte before the path buffer.

This happens when there's only one component (e.g. "/foo"). This

(mostly-harmless) bug has been present since June 1990 when it was

commited to mountd.c SCCS version 5.9.

Note: the bug is on the second changed line, the first line is changed

for visual consistency.

Obtained from: CheriBSD, FreeBSD svn 363435

MFC: fix @() and @sample() mode use

    • -1
    • +2
    /lib/libmport/bundle_read_install_pkg.c
fix a bug where @(,mail,2755) or similar commands are ignored for the mode

    • -1
    • +2
    /lib/libmport/bundle_read_install_pkg.c
MidnightBSD 1.2.4

bump for mport fixes.

MNBSD-1 MFC: libmport fixes for sample files.

    • -13
    • +27
    /lib/libmport/bundle_read_install_pkg.c
MNBSD-1 MFC: libmport fixes for sample files.

    • -10
    • +18
    /lib/libmport/bundle_read_install_pkg.c
MNBSD-1 move the logic outside the is reg file test for sample.

    • -4
    • +6
    /lib/libmport/bundle_read_install_pkg.c
change mode

MNBSD-1 set the mode, owner or group as needed for sample files.

    • -2
    • +3
    /lib/libmport/bundle_read_install_pkg.c
MNBSD-1 add mode parsing in plist read.

MNBSD-1 start work on ASSET_SAMPLE_OWNER_MODE

    • -5
    • +9
    /lib/libmport/bundle_read_install_pkg.c
bump

update unbound to 1.10.1 due to security issues.

    • -299
    • +607
    /contrib/unbound/Makefile.in
    • -0
    • +38
    /contrib/unbound/README.md
    • -1136
    • +1965
    /contrib/unbound/aclocal.m4
    • -25
    • +50
    /contrib/unbound/acx_nlnetlabs.m4
    • -0
    • +857
    /contrib/unbound/cachedb/cachedb.c
    • -0
    • +112
    /contrib/unbound/cachedb/cachedb.h
    • -0
    • +283
    /contrib/unbound/cachedb/redis.c
    • -0
    • +45
    /contrib/unbound/cachedb/redis.h
    • -1
    • +16
    /contrib/unbound/compat/arc4_lock.c
    • -2
    • +75
    /contrib/unbound/compat/arc4random.c
  1. … 273 more files in changeset.
update sqlite3 to fix a security issue.

    • -4250
    • +15402
    /contrib/sqlite3/shell.c
    • -24452
    • +49805
    /contrib/sqlite3/sqlite3.c
    • -489
    • +1963
    /contrib/sqlite3/sqlite3.h
document updated unbound, security issues and sqlite3

Update SQLite3 to 3.32.3

    • -4250
    • +15402
    /contrib/sqlite3/shell.c
    • -24452
    • +49805
    /contrib/sqlite3/sqlite3.c
    • -489
    • +1963
    /contrib/sqlite3/sqlite3.h
The IPV6_2292PKTOPTIONS set handler was missing synchronization, so racing accesses could modify freed memory.

Obtained from: FreeBSD

Merge branch 'master' of github.com:MidnightBSD/src

Update unbuond to fix a security vulnerability.

Malformed answers from upstream name servers can send Unbound into an infinite

loop, resulting in denial of service. A malicious query can cause a traffic

amplification attack against third party authoritative nameservers.

    • -375
    • +409
    /contrib/unbound/Makefile.in
    • -34
    • +60
    /contrib/unbound/cachedb/cachedb.c
    • -27
    • +39
    /contrib/unbound/compat/getentropy_solaris.c
    • -302
    • +284
    /contrib/unbound/config.guess
    • -120
    • +142
    /contrib/unbound/config.sub
    • -0
    • +39
    /contrib/unbound/contrib/drop2rpz
    • -54
    • +54
    /contrib/unbound/contrib/fastrpz.patch
    • -4
    • +4
    /contrib/unbound/contrib/libunbound.pc.in
  1. … 77 more files in changeset.
posix_spawnp spawns a new thread with a limited stack allocated on the heap before delegating to execvp for the final execution within that thread.

execvp would previously make unbounded allocations on the stack, directly

proportional to the length of the user-controlled PATH environment variable.

Long values in the user-controlled PATH environment variable cause

posix_spawnp to write beyond the end of stack that was allocated, ultimately

overflowing the heap-allocated stack with a direct copy of the value stored

in PATH.

Obtained from: FreeBSD

    • -0
    • +39
    /lib/libc/tests/gen/posix_spawn_test.c
fix some more issues.

fix the elf def for freebsd binaries.

add mtree configs

    • -0
    • +14
    /etc/mtree/BSD.lib32.dist
    • -0
    • +14
    /etc/mtree/BSD.libsoft.dist
update devd config