src/contrib/bsnmp/gensnmptree/gensnmptree.1, Revision 1.1.1.7
src/contrib/bsnmp/gensnmptree/gensnmptree.c, Revision 1.1.1.11
src/contrib/bsnmp/gensnmpdef/gensnmpdef.1, Revision 1.1.1.5
src/contrib/bsnmp/gensnmpdef/gensnmpdef.c, Revision 1.1.1.3
Vendor patch: add support for the BITS construct and enumerations in
both gensnmpdef and gensnmptree. Add include and typedef directives to
gensnmptree.
Approved by: bz (mentor)
OKed by: harti
fix servicecurve check; no point in checking the same sc three times, it
was obviously intended to check all three. has been wrong since the
beginning, 4 years... noticed by Earl Lapus <earl.lapus@gmail.com>, Vasil
Dimov <vd@FreeBSD.org> mailed me then, ok mcbride
1. NO_FORTH needs to be defined
2. bootpd.c rev 1.24: make tv_sec a time_t
3. authpf.c rev 1.7: handle timeval.tv_sec change from long to time_t
Approved by: re(BMAH)
since if you're compiling the base with this upgraded, you've already
got your openssl upgraded, but it's a good idea to include this for
completeness sake.
Approved by: re (hrs)
range of bug fixes made as a result of reports on 6.x, as well as some
minor enhancements:
OpenBSM 1.0 alpha 12
- Correct bug in auditreduce which prevented the -c option from working
correctly when the user specifies to process successful or failed events.
The problem stemmed from not having access to the return token at the time
the initial preselection occurred, but now a second preselection process
occurs while processing the return token.
- getacfilesz(3) API added to read new audit_control(5) filesz setting,
which auditd(8) now sets the kernel audit trail rotation size to.
- auditreduce(1) now uses stdin if no file names are specified on the command
line; this was the documented behavior previously, but it was not
implemented. Be more specific in auditreduce(1)'s examples section about
what might be done with the output of auditreduce.
- Add audit_warn(5) closefile event so that administrators can hook
termination of an audit trail file. For example, this might be used to
compress the trail file after it is closed.
- auditreduce(1) now uses regular expressions for pathname matching. Users can
now supply one or more (comma delimited) regular expressions for searching
the pathnames. If one of the regular expressions is prefixed with a tilde
(~), and a path matches, it will be excluded from the search results.
OpenBSM 1.0 alpha 11
- Reclassify certain read/write operations as having no class rather than the
fr/fw class; our default classes audit intent (open) not operations (read,
write).
- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads
and writes of sysctls as separate events. Add additional kernel
environment and jail events for FreeBSD.
- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER
(issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued
by the kernel audit implementation) so that they can be distinguished.
- Disable rate limiting of rotate requests; as the kernel doesn't retransmit
a dropped request, the log file will otherwise grow indefinitely if the
trigger is dropped.
- Improve auditd debugging output.
- Fix a number of threading related bugs in audit_control file reading
routines.
- Add APIs au_poltostr() and au_strtopol() to convert between text
representations of audit_control policy flags and the flags passed to
auditon(A_SETPOLICY) and retrieved from auditon(A_GETPOLICY).
- Add API getacpol() to return the 'policy:' entry from audit_control, an
extension to the Solaris file format to allow specification of policy
persistent flags.
- Update audump to print the audit_control policy field.
- Update auditd to read the audit_control policy field and set the kernel
policy to match it when configuring/reconfiguring. Remove the -s and -h
arguments as these policies are now set via the configuration file. If a
policy line is not found in the configuration file, continue with the
current default of setting AUDIT_CNT.
- Fix bugs in the parsing of large execve(2) arguments and environmental
variable tokens; increase maximum parsed argument and variable count.
- configure now detects strlcat(), used by policy-related functions.
- Reference token and record sample files added to test tree.
Approved by: re (kensmith)
Correct multiple denial-of-service vulnerabilities in BIND related to
SIG Query Processing and Excessive Recursive Queries. [2]
Security: FreeBSD-SA-06:19.openssl [1]
Security: FreeBSD-SA-06:20.bind [2]
* elf64-sparc.c (sparc64_elf_adjust_dynamic_symbol): When linking a
non-shared object, do not reserve space in .plt and .rela.plt
for regular symbols neither defined nor referenced in shared objects.
