d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0a389eab22
freebsd-dev/contrib
History
Simon L. B. Nielsen 0a389eab22 Fix ipfw packet matching errors with address tables. 
The ipfw tables lookup code caches the result of the last query.  The
kernel may process multiple packets concurrently, performing several
concurrent table lookups.  Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.

Submitted by:	ru
Reviewed by:	csjp, mlaier
Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 permission race condition vulnerability.

Obtained from:	Steve Grubb via RedHat
Security:	CAN-2005-0953
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial of service vulnerability.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Submitted by:	Noritoshi Demizu
Reviewed by:	andre, Mohan Srinivasan
Security:	CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	re (security blanket), cperciva
2005-06-29 21:36:49 +00:00
..
amd Apply a series of scripts to automatically fix some markup bugs. 2005-06-16 20:21:03 +00:00
bc Remove files no longer needed 2004-02-17 01:04:18 +00:00
bind9 Expand and refine a few sections for future reference 2005-03-17 08:40:41 +00:00
binutils This commit was generated by cvs2svn to compensate for changes in r131722, 2004-07-06 19:16:23 +00:00
bsnmp This commit was generated by cvs2svn to compensate for changes in r146609, 2005-05-25 12:00:03 +00:00
bzip2 Fix ipfw packet matching errors with address tables. 2005-06-29 21:36:49 +00:00
com_err Markup fixes. 2005-06-16 20:51:10 +00:00
cpio Recognize and skip 'x' and 'g' pax extension entries. In particular, 2004-08-28 03:13:05 +00:00
cvs Correct multiple security related errors: a buffer overflow, NULL 2005-04-22 17:58:25 +00:00
diff Make diff(1) follow traditional UNIX SOP of later options nullify earlier 2005-06-03 06:46:56 +00:00
expat
file This commit was generated by cvs2svn to compensate for changes in r139368, 2004-12-28 04:31:47 +00:00
gcc Enable handling of MS-compatible packing push and pop pragmas. This change was 2005-06-03 17:35:13 +00:00
gdb Abstract the handling of dirty stacked registers in ia64_read_reg() and 2004-09-05 06:17:25 +00:00
gdtoa Configure gdtoa so that floating-point numbers are correctly rounded 2005-01-18 18:56:18 +00:00
gnu-sort Correct va_end usage. 2004-08-27 03:52:29 +00:00
gperf Remove unneded files 2004-02-17 01:51:07 +00:00
groff MFV: Latest mdoc(7) fixes. 2005-01-25 09:32:56 +00:00
hostapd resolve merge conflicts 2005-06-13 17:07:31 +00:00
ipfilter Remove these files from src/contrib/ipfilter as they are already present 2005-06-23 14:22:02 +00:00
less Merge vendor changes onto mainline. 2004-04-17 07:24:09 +00:00
libbegemot Vendor import of harti's begemot library. 2004-09-24 21:48:46 +00:00
libf2c This commit was generated by cvs2svn to compensate for changes in r146901, 2005-06-03 03:30:16 +00:00
libobjc Gcc 3.4.4 Objective C support bits. 2005-06-03 03:29:59 +00:00
libpcap resolve merge conflicts 2005-05-29 18:09:04 +00:00
libreadline Fix some more files that got butchered to appear to be back on the 2004-10-21 20:10:14 +00:00
libstdc++ This commit was generated by cvs2svn to compensate for changes in r146897, 2005-06-03 03:29:38 +00:00
lukemftp This commit was generated by cvs2svn to compensate for changes in r146309, 2005-05-17 03:11:29 +00:00
lukemftpd NetBSD has updated their groff to a version that handles .Nm the same 2004-08-18 06:41:13 +00:00
ncurses
netcat Fix markup in local FreeBSD additions. 2005-06-27 07:07:55 +00:00
ngatm This commit was generated by cvs2svn to compensate for changes in r146611, 2005-05-25 12:03:26 +00:00
ntp This commit was generated by cvs2svn to compensate for changes in r138451, 2004-12-06 14:33:29 +00:00
nvi Remove ru_SU, we don't need it in favour to ru_RU 2003-06-23 13:21:15 +00:00
one-true-awk Update for the 2005/04/24 import. 2005-05-16 19:19:32 +00:00
openpam Fix markup errors caused by a bug in gendoc.pl (see P4 change #78671) 2005-06-17 14:39:09 +00:00
opie FreeBSD does not use this code, but ftpd_popen() contains a buffer overflow. 2003-07-13 05:59:50 +00:00
pam_modules/pam_passwdqc
pf Resolve conflicts created during the import of pf 3.7 Some features are 2005-05-03 16:55:20 +00:00
pnpinfo Markup fixes. 2005-06-16 20:51:10 +00:00
sendmail This commit was generated by cvs2svn to compensate for changes in r147353, 2005-06-14 02:23:14 +00:00
smbfs Make smbfs capable to use 16bit char set in filenames. 2005-05-04 15:05:46 +00:00
tar Add */lib/getopt* I miss somehow initially. 2004-02-18 18:53:13 +00:00
tcp_wrappers NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines 2005-05-13 16:31:11 +00:00
tcpdump pullup security fix on vendor branch 2005-06-09 15:54:42 +00:00
tcsh This commit was generated by cvs2svn to compensate for changes in r145479, 2005-04-24 19:41:08 +00:00
telnet NI_WITHSCOPEID cleanup 2005-05-21 15:28:42 +00:00
texinfo Update for version 4.8 import. 2005-05-23 10:55:29 +00:00
top The 'text' argument of u_header() is not used, so we don't need to 2005-05-19 13:34:19 +00:00
traceroute Fix minor discrepancy between documentation and implementation: the 2005-04-12 15:16:32 +00:00
wpa_supplicant resolve merge conflicts 2005-06-13 16:54:21 +00:00