freebsd kernel with SKQ
Go to file
Simon L. B. Nielsen 0a389eab22 Fix ipfw packet matching errors with address tables.
The ipfw tables lookup code caches the result of the last query.  The
kernel may process multiple packets concurrently, performing several
concurrent table lookups.  Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.

Submitted by:	ru
Reviewed by:	csjp, mlaier
Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 permission race condition vulnerability.

Obtained from:	Steve Grubb via RedHat
Security:	CAN-2005-0953
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial of service vulnerability.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Submitted by:	Noritoshi Demizu
Reviewed by:	andre, Mohan Srinivasan
Security:	CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	re (security blanket), cperciva
2005-06-29 21:36:49 +00:00
bin Sort sections. 2005-06-14 08:25:54 +00:00
contrib Fix ipfw packet matching errors with address tables. 2005-06-29 21:36:49 +00:00
crypto Forgot to bump the version addendum. 2005-06-05 18:30:53 +00:00
etc Introduce new per-jail variable jail_<name>_flags, which allows to specify 2005-06-26 16:30:20 +00:00
games Correct an error in the previous revision. RAND_MAX is the maximum value 2005-06-22 15:24:00 +00:00
gnu kvm_openfiles() uses the supplied buffer for storing error messages 2005-06-24 00:50:12 +00:00
include MFP4: 2005-06-09 19:45:09 +00:00
kerberos5 Remove kludges intended to support src trees with partial obj trees. 2005-06-10 06:12:53 +00:00
lib - Tidy up the markup. 2005-06-24 16:56:24 +00:00
libexec Removed trailing whitespace. 2005-06-14 08:41:11 +00:00
release Merge the following from the English version: 2005-06-27 17:48:20 +00:00
rescue Fix path to dhclient-script and reconnect to build. 2005-06-07 04:51:24 +00:00
sbin Install the dhcp-options.5 manpage. 2005-06-25 11:03:06 +00:00
secure Revert the commits that made libssh an INTERNALLIB; they caused too much 2005-06-07 09:31:28 +00:00
share Use 'manual page' instead of 'man page' for consistency. 2005-06-28 20:15:19 +00:00
sys Fix ipfw packet matching errors with address tables. 2005-06-29 21:36:49 +00:00
tools Upgrade these regression tests to track recent changes to `env'. 2005-06-21 21:43:38 +00:00
usr.bin Fixed troff warnings. 2005-06-27 07:37:01 +00:00
usr.sbin remove a few uses of the word `really' 2005-06-27 17:10:22 +00:00
COPYRIGHT Complete 2005 transition. 2005-01-01 07:29:20 +00:00
LOCKS Document the previously existing RELENG_[45]_* security branch locks. 2005-06-02 22:57:30 +00:00
MAINTAINERS Since there's no emulation person, move the entry to upper section 2005-06-04 16:56:35 +00:00
Makefile Provide 32-bit runtime support on amd64 as a separate distribution, lib32. 2005-06-16 18:16:14 +00:00
Makefile.inc1 Provide 32-bit runtime support on amd64 as a separate distribution, lib32. 2005-06-16 18:16:14 +00:00
README
UPDATING Mention hwpmc(4) ABI/API changes in the 20050609 entry. 2005-06-10 19:59:26 +00:00

This is the top level of the FreeBSD source directory.  This file
was last revised on:
$FreeBSD$

For copyright information, please see the file COPYRIGHT in this
directory (additional copyright information also exists for some
sources in this tree - please see the specific source directories for
more information).

The Makefile in this directory supports a number of targets for
building components (or all) of the FreeBSD source tree, the most
commonly used one being ``world'', which rebuilds and installs
everything in the FreeBSD system from the source tree except the
kernel, the kernel-modules and the contents of /etc.  The
``buildkernel'' and ``installkernel'' targets build and install
the kernel and the modules (see below).  Please see the top of
the Makefile in this directory for more information on the
standard build targets and compile-time flags.

Building a kernel is a somewhat more involved process, documentation
for which can be found at:
   http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html
And in the config(8) man page.
Note: If you want to build and install the kernel with the
``buildkernel'' and ``installkernel'' targets, you might need to build
world before.  More information is available in the handbook.

The sample kernel configuration files reside in the sys/<arch>/conf
sub-directory (assuming that you've installed the kernel sources), the
file named GENERIC being the one used to build your initial installation
kernel.  The file NOTES contains entries and documentation for all possible
devices, not just those commonly used.  It is the successor of the ancient
LINT file, but in contrast to LINT, it is not buildable as a kernel but a
pure reference and documentation file.


Source Roadmap:
---------------
bin		System/user commands.

contrib		Packages contributed by 3rd parties.

crypto		Cryptography stuff (see crypto/README).

etc		Template files for /etc.

games		Amusements.

gnu		Various commands and libraries under the GNU Public License.
		Please see gnu/COPYING* for more information.

include		System include files.

kerberos5	Kerberos5 (Heimdal) package.

lib		System libraries.

libexec		System daemons.

release		Release building Makefile & associated tools.

sbin		System commands.

secure		Cryptographic libraries and commands.

share		Shared resources.

sys		Kernel sources.

tools		Utilities for regression testing and miscellaneous tasks.

usr.bin		User commands.

usr.sbin	System administration commands.


For information on synchronizing your source tree with one or more of
the FreeBSD Project's development branches, please see:

  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/synching.html