Clone Tools
  • last updated a few seconds ago
Constraints: committers
Constraints: files
Constraints: dates
update version

added llvm-symbolizer

add llvm-symbolizer

    • -0
    • +20
Security update for UDF issue.

udf: Validate the full file entry length

Otherwise a corrupted file entry containing invalid extended attribute

lengths or allocation descriptor lengths can trigger an overflow when

the file entry is loaded.

security updates for bhyve.

document ftpd issue

A ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.

Bump for dhclient issue.

When parsing option 119 data, dhclient(8) computes the uncompressed domain list length so that it can allocate an appropriately sized buffer to store the uncompressed list. The code to compute the length failed to handle certain malformed input, resulting in a heap overflow when the uncompressed list is copied into in inadequately sized buffer.

attempt to switch to github

adding PCIV_INVALID const.

Detect invalid PCI devices more correctly in PCI interrupt router drivers.

- Check for an invalid device (vendor is invalid) before reading the

header type register when examining function 0 of a possible device.

- When iterating over functions of a device, reject any device whose

16-bit vendor is invalid rather than requiring the full 32-bit

vendor+device to be all 1's. In practice the latter check is

probably fine, but checking the vendor is what the PCI spec


Obtained from: FreeBSD svn 3540581

Increase the default KSTACK_PAGES from 2 to 4 on i386. This matches AMD64 now.

This fixes the weird crash with mksh on 1.2 stable with vmware esxi with 32bit guest.

FreeBSD did this in a later release (11-current?) also becasue of issues.

Assume all TSCs are synchronized for AMD Family 17h processors and later when it has passed the synchronization test.

"Processor Programming Reference (PPR) for AMD Family 17h" states that

the TSC uses a common reference for all sockets, cores and threads.

document recent fixes.

Don't attempt to measure TSC skew when running as a VM guest.

Obtained from: FreeBSD

    • -0
    • +3
    • -0
    • +3
In em_handle_link(), only re-arm the link state change interrupt for 82574 and also only if such a device uses MSI-X, i. e. takes advantage of autoclearing. In case of INTx and MSI re-arming isn't appropriate here and setting EM_MSIX_LINK isn't either.

Obtained from: FreeBSD

Fix a crash in the NFSv4 server.

Remove the power bit from the super speed root hub port status register because it clobbers the super speed link status when a device is in super speed mode. Currently the power bit is not needed for anything in the USB hub driver.

This fixes USB warm reset for super speed devices.

Obtained from: FreeBSD

change default microphone level from 0 to 25.

Set the maximum exit latency to 0 for XHCI USB 3.0 devices, because we don't implement link power management, LPM.

This fixes error code XHCI_TRB_ERROR_BANDWIDTH for isochronous USB 3.0


Don't report stale signal information in ptrace_lwpinfo.

Once a signal's siginfo was copied to 'td_si' as part of the signal

exchange in issignal(), it was never cleared. This caused future

thread events that are reported as SIGTRAP events without signal

information to report the stale siginfo in 'td_si'. For example, if a

debugger created a new process and used SIGSTOP to stop it after

PT_ATTACH, future system call entry / exit events would set PL_FLAG_SI

with the SIGSTOP siginfo in pl_siginfo. This broke 'catch syscall' in

current versions of gdb as it assumed PL_FLAG_SI with SIGTRAP

indicates a breakpoint or single step trap.

Obtained from: FreeBSD svn rev 342704


When handling a 32-bit sendmsg(2) call, the compat32 subsystem copies the control message to be transmitted (if any) into kernel memory, and adjusts alignment of control message headers. The code which performs this work contained a time-of-check to time-of-use (TOCTOU) vulnerability which allows a malicious userspace program to modify control message headers after they were validated by the kernel.

    • -57
    • +69
A missing length validation code common to these three drivers means that a malicious USB device could write beyond the end of an allocated network packet buffer.

- smsc(4), supporting SMSC (now Microchip) devices

- muge(4), supporting Microchip devices

- cdceem(4), supporting USB Communication Device Class compatible devices

bump for mountd change.

mention the mountd change.

Avoid reading one byte before the path buffer.

This happens when there's only one component (e.g. "/foo"). This

(mostly-harmless) bug has been present since June 1990 when it was

commited to mountd.c SCCS version 5.9.

Note: the bug is on the second changed line, the first line is changed

for visual consistency.

Obtained from: CheriBSD, FreeBSD svn 363435

MFC: fix @() and @sample() mode use

    • -1
    • +2
MidnightBSD 1.2.4