Commit Graph

24 Commits

Author SHA1 Message Date
Colin Percival
66e576525d Fix an integer overflow in RLE length parsing when decompressing
corrupt bzip2 data.

Approved by:	so (cperciva)
Security:	FreeBSD-SA-10:08.bzip2
2010-09-20 14:58:08 +00:00
Dag-Erling Smørgrav
9517e86625 Update and remove CVS-specific items
Approved by:	re (kib)
2009-08-13 06:07:38 +00:00
Xin LI
577cb6d743 Resolve conflicts. 2008-03-20 02:56:24 +00:00
Xin LI
b74c250e77 Update upgrade instructions to reflect 1.0.5 import; add FREEBSD-vendor
metadata file.
2008-03-20 02:45:32 +00:00
Xin LI
4fd2d3b692 This commit was generated by cvs2svn to compensate for changes in r177420,
which included commits to RCS files with non-trunk default branches.
2008-03-20 02:16:44 +00:00
Xin LI
0c9ffc952b Virgin import (trimmed) of Bzip2 version 1.0.5. 2008-03-20 02:16:44 +00:00
Xin LI
735e7a1ab2 Update with bzip2's URL. 2007-03-30 16:33:05 +00:00
Xin LI
078c615eac Remove manual.texi which does not belong to this distribution 2007-03-28 07:58:30 +00:00
Xin LI
b578e49563 This commit was generated by cvs2svn to compensate for changes in r167984,
which included commits to RCS files with non-trunk default branches.
2007-03-28 07:58:30 +00:00
Xin LI
7e114e8385 Reflect 1.0.4 import. 2007-03-28 07:56:14 +00:00
Xin LI
4446b1794f Remove Y2K_INFO which does not belong to this distribution 2007-03-28 07:55:07 +00:00
Xin LI
31d4699f65 This commit was generated by cvs2svn to compensate for changes in r167981,
which included commits to RCS files with non-trunk default branches.
2007-03-28 07:55:07 +00:00
Xin LI
19d9af52da Resolve conflicts. 2007-03-28 07:46:20 +00:00
Xin LI
555470d474 bzip2.c: SA-05:14.bzip2 has been resolved by the author
in a different way.  Make the file just the same as it
is in the vendor branch to make it easier for future
upgrade.
2007-03-28 07:45:41 +00:00
Xin LI
1b79bae0f8 Virgin import (trimmed) of Bzip2 version 1.0.4. 2007-03-28 07:35:07 +00:00
Xin LI
c737bf586a This commit was generated by cvs2svn to compensate for changes in r167974,
which included commits to RCS files with non-trunk default branches.
2007-03-28 07:35:07 +00:00
Simon L. B. Nielsen
0a389eab22 Fix ipfw packet matching errors with address tables.
The ipfw tables lookup code caches the result of the last query.  The
kernel may process multiple packets concurrently, performing several
concurrent table lookups.  Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.

Submitted by:	ru
Reviewed by:	csjp, mlaier
Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 permission race condition vulnerability.

Obtained from:	Steve Grubb via RedHat
Security:	CAN-2005-0953
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial of service vulnerability.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Submitted by:	Noritoshi Demizu
Reviewed by:	andre, Mohan Srinivasan
Security:	CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	re (security blanket), cperciva
2005-06-29 21:36:49 +00:00
Maxim Sobolev
55f88dd25e Make bzip2 support working again after bzip2 upgrade. This time commit
BZ_NO_COMPRESS support to the bzip2 sources directly (yes, this takes file
off the vendor branch, but looks like bzip2 maintainer doesn't care), so that
it will not be removed when the next upgrade is performed. Also, add a short
note on how to test bzip2 support.

Pointy hat to:  obrien

Correct comment (libz -> libbz2) and remove useless full path to zutil.h
while I am here.
2005-05-29 21:56:38 +00:00
David E. O'Brien
d87b8d2a1b Update to match the 1.0.3 import. 2005-05-16 18:56:30 +00:00
David E. O'Brien
f7a4f99f70 Virgin import (trimmed) of Bzip2 version 1.0.3. 2005-05-16 18:31:55 +00:00
David E. O'Brien
9dba3024c3 This commit was generated by cvs2svn to compensate for changes in r146293,
which included commits to RCS files with non-trunk default branches.
2005-05-16 18:31:55 +00:00
Maxim Sobolev
e5826fad57 Add upgrade instructions. 2002-02-01 16:34:13 +00:00
Maxim Sobolev
ed14b6e01a Virgin import (trimmed) of Bzip2 version 1.0.2 2002-02-01 16:28:01 +00:00
David E. O'Brien
df9de0eba1 Virgin import (trimmed) of Bzip2 version 1.0.1. 2001-06-21 18:37:17 +00:00