stable

Checkout Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
System calls operating on file descriptors obtain a reference to

relevant struct file which due to a programming error was not always put

back, which in turn could be used to overflow the counter of affected

struct file.

The kernel driver for /dev/midistat implements a handler for read(2).

This handler is not thread-safe, and a multi-threaded program can

exploit races in the handler to cause it to copy out kernel memory

outside the boundaries of midistat's data buffer.

document releases vs patches

document patch

Due do a missing check in the code of m_pulldown(9) data returned may not be

contiguous as requested by the caller.

update version

document some patches

A function extracting the length from type-length-value encoding is not

properly validating the submitted length.

update to 1.0.7

    • -0
    • +850
    ./1.1/contrib/bzip2/sample1.ref.gz.uu
    • too large
    ./1.1/contrib/bzip2/sample2.ref.gz.uu
    • -0
    • +11
    ./1.1/contrib/bzip2/sample3.ref.gz.uu
    • -0
    • +1642
    ./1.1/contrib/bzip2/sample2.bz2.uu
    • -0
    • +722
    ./1.1/contrib/bzip2/sample1.bz2.uu
update bzip2

    • too large
    ./1.1/contrib/bzip2/manual.xml
    • too large
    ./1.1/contrib/bzip2/sample3.ref
    • -0
    • +45
    ./1.1/contrib/bzip2/README.XML.STUFF
  1. … 42 more files in changeset.
update path for 5.28.0

bump version for security patches

If a process attempts to transmit rights over a UNIX-domain socket and

an error causes the attempt to fail, references acquired on the rights

are not released and are leaked. This bug can be used to cause the

reference counter to wrap around and free the corresponding file

structure.

document mqueuefs(5) issue

System calls operating on file descriptors obtain a reference to

relevant struct file which due to a programming error was not always put

back, which in turn could be used to overflow the counter of affected

struct file.

Due to insufficient initialization of memory copied to userland in the

components listed above small amounts of kernel memory may be disclosed

to userland processes.

The code which handles a close(2) of a descriptor created by

posix_openpt(2) fails to undo the configuration which causes SIGIO to be

raised. This bug can lead to a write-after-free of kernel memory.

Fix some security issues in telnet client.

    • -1
    • +1
    ./1.1/contrib/telnet/telnet/utilities.c
    • -4
    • +8
    ./1.1/contrib/telnet/telnet/commands.c
fix some bugs with pkg message printing

bring back deroff to fix spell(1)

    • -0
    • +1741
    ./1.0/usr.bin/deroff/deroff.c
    • -0
    • +0
    ./1.0/usr.bin/deroff/TODO
    • -0
    • +0
    ./1.0/usr.bin/deroff/Makefile
    • -0
    • +185
    ./1.0/usr.bin/deroff/deroff.1
bring deroff back to fix spell

    • -0
    • +0
    ./1.1/usr.bin/deroff/Makefile
    • -0
    • +185
    ./1.1/usr.bin/deroff/deroff.1
    • -0
    • +0
    ./1.1/usr.bin/deroff/TODO
    • -0
    • +1741
    ./1.1/usr.bin/deroff/deroff.c
add config get/set for regions

document mport upgrade

MFC: mport origin feature for info and query

    • -5
    • +15
    ./1.0/libexec/mport.info/mport.info.c
    • -6
    • +18
    ./1.0/libexec/mport.query/mport.query.c
Update mport tool with latest from current. fixes memory free issue, adds region support

document mport changes.

add origin flag aka -o which will print out the origin with query or info

    • -6
    • +18
    ./1.1/libexec/mport.query/mport.query.c
    • -5
    • +15
    ./1.1/libexec/mport.info/mport.info.c
update version checks

document abs path issue

Fix a bug in mport package manager when creating packages with absolute paths.