[SA-14:31] Fix multiple vulnerabilities in NTP suite. [EN-14:13] Fix directory deletion issue in freebsd-update. Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@276155 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple vulnerabilities in file(1) and libmagic(3). Security: FreeBSD-SA-14:28.file Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117 Fix BIND remote denial of service vulnerability. Security: FreeBSD-SA-14:29.bind Security: CVE-2014-8500 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@275672 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
[SA-14:24] Fix denial of service attack against sshd(8). [SA-14:25] Fix kernel stack disclosure in setlogin(2) / getlogin(2). [SA-14:26] Fix remote command execution in ftp(1). [EN-14:12] Fix NFSv4 and ZFS cache consistency issue. Approved by: so (des) git-svn-id: svn://svn.freebsd.org/base/releng/9.1@274112 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Time zone data file update. [EN-14:10] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@273439 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20] Fix routed(8) remote denial of service vulnerability. [SA-14:21] Fix memory leak in sandboxed namei lookup. [SA-14:22] Fix OpenSSL multiple vulnerabilities. [SA-14:23] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@273415 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple OpenSSL vulnerabilities: The receipt of a specifically crafted DTLS handshake message may cause OpenSSL to consume large amounts of memory. [CVE-2014-3506] The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak memory. [CVE-2014-3507] A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508] OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. [CVE-2014-3510] Security: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510 Security: FreeBSD-SA-14:18.openssl Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@271305 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix kernel memory disclosure in control message and SCTP notifications. Security: FreeBSD-SA-14:17.kmem Security: CVE-2014-3952, CVE-2014-3953 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@268434 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple vulnerabilities in file(1) and libmagic(3). [SA-14:16] Fix gss_pseudo_random interoperability issue. [EN-14:08] Security: CVE-2013-7345, CVE-2014-1943, CVE-2014-2270 Security: FreeBSD-SA-14:16.file Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@267831 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix OpenSSL multiple vulnerabilities. Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 Security: SA-14:14.openssl Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@267104 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix sendmail improper close-on-exec flag handling. [SA-14:11] Fix ktrace memory disclosure. [SA-14:12] Fix incorrect error handling in PAM policy parser. [SA-14:13] Fix triple-fault when executing from a threaded process. [EN-14:06] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@267018 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Add pkg bootstrapping, configuration and public keys. [EN-14:03] Improve build repeatability for kldxref(8). [EN-14:04] Fix data corruption with ciss(4). [EN-14:05] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@265988 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix NFS deadlock vulnerability. [SA-14:05] Fix ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@264284 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix bsnmpd remote denial of service vulnerability. [SA-14:01] Fix ntpd distributed reflection Denial of Service vulnerability. [SA-14:02] Fix BIND remote denial of service vulnerability. [SA-14:04] Disable hardware RNGs by default. [EN-14:01] Fix incorrect coalescing of stack entry with mmap. [EN-14:02] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@260647 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
MFC r257879: Fix typo in r256646: We want to generate lists of directories in INDEX-OLD and INDEX-NEW and compare them, not generate the same list of directories from INDEX-OLD twice... Pointy hats to: cperciva & everybody who didn't proofread EN-13:04 enough Errata Notice: FreeBSD-EN-13:05.freebsd-update Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@258725 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
MFC r256646, r256767, r257038: When installing updates, install new directories first and remove old directories last. Allow ~ in file names so libtool droppings in contrib don't break updates. It has happened twice now, and is likely to happen again. Be more selective when filtering for lib*.so.N files. These are deleted at the end of the upgrade process, after warning users to upgrade any 3rd party software (e.g., from the ports tree) which might link to the libraries being removed. Errata Notice: FreeBSD-EN-13:04.freebsd-update Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@257194 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather than pass them on to the link layer without validation or credential checks. [SA-13:12] Prevent cross-mount hardlinks between different nullfs mounts of the same underlying filesystem. [SA-13:13] Security: CVE-2013-5691 Security: FreeBSD-SA-13:12.ifioctl Security: CVE-2013-5710 Security: FreeBSD-SA-13:13.nullfs Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@255448 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix an integer overflow in computing the size of a temporary buffer can result in a buffer which is too small for the requested operation. [13:09] Fix a bug that could lead to kernel memory disclosure with SCTP state cookie. [13:10] Fix a data corruption problem with mfi(4) operating on > 2TB disks in a JBOD. [EN-13:03] Security: CVE-2013-3077 Security: FreeBSD-SA-13:09.ip_multicast Security: CVE-2013-5209 Security: FreeBSD-SA-13:10.sctp Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@254631 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix Denial of Service vulnerability in named(8). [13:07] Fix a bug that allows remote client bypass the normal access checks when when -network or -host restrictions are used at the same time with -mapall. [13:08] Security: CVE-2013-4854 Security: FreeBSD-SA-13:07.bind Security: CVE-2013-4851 Security: FreeBSD-SA-13:08.nfsserver Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.1@253693 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f