to kmem_alloc(). Failure to do this made it possible for user
processes to cause a hard lock on i386 kernels. I believe this only
affects 6-CURRENT on or after 2005-01-26.
Found by: Coverity Prevent analysis tool
Security: Local DOS
with the IP_HDRINCL option set. Without this change, a Linux process
with access to a raw socket could cause a kernel panic. Raw sockets
must be created by root, and are generally not consigned to untrusted
applications; hence, the security implications of this bug are
minimal. I believe this only affects 6-CURRENT on or after 2005-01-30.
Found by: Coverity Prevent analysis tool
Security: Local DOS
validation error in procfs/linprocfs that can be exploited by local
users to cause a kernel panic. All versions of FreeBSD with the patch
referenced in SA-04:17.procfs have this bug, but versions without that
patch have a more serious bug instead. This problem only affects
systems on which procfs or linprocfs is mounted.
Found by: Coverity Prevent analysis tool
Security: Local DOS
variable, because it might be not obvious how to configure carp(4)
devices in rc.conf.
2. Remove the sentence about the not implemented "carpdev" option (this
was not imported from OpenBSD according to our source code) to avoid
confusion.
Reviewed by: glebius@
MFC after: 3 days
there are still a couple of places under src/release such like fixit.profile
assumed that system binary can be retrivied from /stand(ex: boot with the
live CD and run "disklabel -e" in the fixit CD shell).
Since /stand is still functional in fixit floppy, and there are more than
one places in src/release needs to be updated(document for example) if we
want to make use of something like /mnt2/rescue/vi. This commit try to
deal with aforementioned inconsistency with minimal effort by simply
create a symbolic link to /rescue.
Reviewed by: jhb, sam (mentor)
FreeBSD based on aue(4) it was picked by OpenBSD, then from OpenBSD ported
to NetBSD and finally NetBSD version merged with original one goes into
FreeBSD.
Obtained from: http://www.gank.org/freebsd/cdce/
NetBSD
OpenBSD
the closing brace so it is unwise to keep a pointer to it. Make
the variable static to fix this.
Patch: 7.152
Submitted by: Max Okumoto <okumoto@ucsd.edu>
Remove unreachable code for VAR_NOSUBST - it was never set.
Replace redundant code with calls to VarGetPattern().
Patch: 7.143-7.145
Submitted by: Max Okumoto <okumoto@ucsd.edu>
bunch of append calls when adding more ports to an existing list.
- Remove the compatXY packages from disc1 as they are only intended for use
on 5.x (6.x doesn't have them as dists anymore) and on 5.x they aren't
packages but are old-fashioned distribution tarballs anyway.
misread print-cdrom-packages.sh).
- Include x11/xorg-manpages and devel/imake-6 since xorg doesn't pull those
in as requirements. Not including manpages is a bug IMO.
- Add security/freebsd-update to disc2, not sure why I left this one out
but I did by accident.
Reported by: kensmith (2), cpercival (3)
The new system tries to be more automated so that there is less work for
the re's to do. It also no longer uses a /usr/ports tree as its input,
but uses the generated package build including its INDEX file as its input.
It parses the INDEX file, determines which packages should go on which ISO
images, and then builds full-fledged trees of packages that can be added
as an argument to mkisofs along with the tree built by 'make release' to
build a full CD image. The INDEX files in the populated trees are
generated with volume media number to make use of sysinstall's multiple
volume support so that the user is kindly prompted to insert the
appropriate disc for a package if it is not on the current disc. There is
still some more tweaking to be done here, but this part needs to be
committed. This stuff will all be used to prep the 5.4 release as well.
Tested by: kensmith, others on re@
Reviewed by: re
