Correct insecure temporary file usage in ee. [06:02]
Correct a race condition when setting file permissions, sanitize file
names by default, and fix a buffer overflow when handling files
larger than 4GB in cpio. [06:03]
Fix an error in the handling of IP fragments in ipfw which can cause
a kernel panic. [06:04]
Security: FreeBSD-SA-06:01.texindex
Security: FreeBSD-SA-06:02.ee
Security: FreeBSD-SA-06:03.cpio
Security: FreeBSD-SA-06:04.ipfw
probe
Before:
5 *
freebsd (195.250.137.134) 19.086 ms 24.694 ms
After:
5 * freebsd (195.250.137.134) 19.086 ms 24.694 ms
Fixes: bin/90098
Reported by: Jeremy Chadwick <freebsd@jdc.parodius.com>
Approved by: andre
MFC after: 1 day
basically disables any access unless other strings are set in the config
file. Note, that there is no way to set the communities back to NULL once
they're set to something not NULL.
part of the structure was a hack to maintain binary compatibility with
Sun binaries, and my understanding is that it's not needed generally
on sparc systems running other operating systems. Therefore, hide this
code behind the same set of tests as in lib/bind/include/netdb.h.
This file is being imported on the vendor branch because a similar change
(or change with similar effect) will be in the next version of BIND 9.
This change will not affect other platforms in any way.
interface up when it is running AND the link is not down (that is, it is
up or unknown). If the interface is running but the link is down, we return
state 'dormant', because we're waiting for an external event. Otherwise
the interface is 'down'.
Submitted by: csjp
Reviewed by: glebius
* freebsd-spec.h (FBSD_TARGET_OS_CPP_BUILTINS):
Use builtin_define_with_int_value() instead of
adding a new check for every new major FreeBSD version.
Motivated by: simon
Discussed with: obrien, kan
version has a bug where it fails to properly cancel the polling loop
that periodically queries the BSSID (this is done to detect the
association/disassociation state). The timeout is supposed to fire
once a second, but the eloop_cancel_timeout() call uses a different
'user data' value than what was passed to eloop_register_timeout(),
so cancelling the timeouts fails. This results in an additional timeout
being created each time an EAPOL packet is received, which can lead
to dozens of unwanted timeouts firing every second instead of just one.
the range allowed by that function, resulting in undefined behaviour.
Our undefined behaviour in multibyte locales happened to differ from
glibc's, resulting in errors parsing option strings.
Obtained from: Corinna Vinschen (Red Hat)
