or --license as most apps would do, instead it waits for data to
compress on stdin. Because of that, if `bzip2 --version' is called,
bogus `bzip2: I won't write compressed data to a terminal' error
message will be displayed, and checking for bzip2 version in scripts
as in
bzip2 --version 2>&1 | grep -o "Version [^,]*"
will hand as bzip2 would wait for data to compress on stdin. Fix
this by exiting right after showing version/license text.
I've tried to push this upstream for more than a year, but author
is unresponsive, so upstream may be considered dead.
Ubuntu applies similar fix, for the note.
PR: 199443
Approved by: dim, bapt
MFC after: 2 weeks
Differential Revision: D8924
The ipfw tables lookup code caches the result of the last query. The
kernel may process multiple packets concurrently, performing several
concurrent table lookups. Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.
Submitted by: ru
Reviewed by: csjp, mlaier
Security: CAN-2005-2019
Security: FreeBSD-SA-05:13.ipfw
Correct bzip2 permission race condition vulnerability.
Obtained from: Steve Grubb via RedHat
Security: CAN-2005-0953
Security: FreeBSD-SA-05:14.bzip2
Approved by: obrien
Correct TCP connection stall denial of service vulnerability.
A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.
Submitted by: Noritoshi Demizu
Reviewed by: andre, Mohan Srinivasan
Security: CAN-2005-2068
Security: FreeBSD-SA-05:15.tcp
Approved by: re (security blanket), cperciva
