Fix multiple vulnerabilities of ntp. Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@310419 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix possible login(1) argument injection in telnetd(8). [SA-16:36] Fix link_ntoa(3) buffer overflow in libc. [SA-16:37] Fix warnings about valid time zone abbreviations. [EN-16:19] Update timezone database information. [EN-16:20] Security: FreeBSD-SA-16:36.telnetd Security: FreeBSD-SA-16:37.libc Errata Notice: FreeBSD-EN-16:19.tzcode Errata Notice: FreeBSD-EN-16:20.tzdata Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@309637 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Update tzdata to 2016i. Note: because of what appears to be a missing MFC to stable branches, these patches were generated by doing: % rsync -av stable/9/contrib/tzdata releng/9.3/contrib/tzdata % svn add releng/9.3/contrib/tzdata Errata Notice: EN-16:19 Submitted by: gjb Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@309568 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Merge r307360 from stable/9: Incorporate a change from OpenBSD by millert@OpenBSD.org Don't warn about valid time zone abbreviations. POSIX through 2000 says that an abbreviation cannot start with ':', and cannot contain ',', '-', '+', NUL, or a digit. POSIX from 2001 on changes this rule to say that an abbreviation can contain only '-', '+', and alphanumeric characters from the portable character set in the current locale. To be portable to both sets of rules, an abbreviation must therefore use only ASCII letters." Adapted from tzcode2015f. Errata Notice: EN-16:19.tzcode Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@309567 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix BIND remote Denial of Service vulnerability. [SA-16:34] Fix OpenSSL remote DoS vulnerability. [SA-16:35] Security: FreeBSD-SA-16:34.bind Security: FreeBSD-SA-16:35.openssl Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@308205 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Revised SA-16:15. The initial patch didn't cover all possible overflows based on passing incorrect parameters to sysarch(2). Security: SA-16:15 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@307931 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix BIND remote Denial of Service vulnerability. [SA-16:28] Fix bspatch heap overflow vulnerability. [SA-16:29] Fix multiple portsnap vulnerabilities. [SA-16:30] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@306942 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Apply upstream revision 3612ff6fcec0e3d1f2a598135fe12177c0419582: Fix overflow check in BN_bn2dec() Fix an off by one error in the overflow check added by 07bed46 ("Check for errors in BN_bn2dec()"). This fixes a regression introduced in SA-16:26.openssl. Submitted by: jkim PR: 212921 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@306336 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple OpenSSL vulnerabilitites. Approved by: so Security: FreeBSD-SA-16:26.openssl git-svn-id: svn://svn.freebsd.org/base/releng/9.3@306230 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix bspatch heap overflow vulnerability. [SA-16:25] Fix freebsd-update(8) support of FreeBSD 11.0 release distribution. [EN-16:09] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@303304 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple ntp vulnerabilities. Security: FreeBSD-SA-16:24.ntp Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@301301 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix kernel stack disclosure in Linux compatibility layer. [SA-16:20] Fix kernel stack disclosure in 4.3BSD compatibility layer. [SA-16:21] Security: SA-16:20 Security: SA-16:21 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@301049 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Merge r300363 by mm@: Backport security fix for absolute path traversal vulnerability in bsdcpio. Security: CVE-2015-2304 Security: SA-16:22 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@301044 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
- Use unsigned version of min() when handling arguments of SETFKEY ioctl. - Validate that user supplied control message length in sendmsg(2) is not negative. Security: SA-16:18 Security: CVE-2016-1886 Security: SA-16:19 Security: CVE-2016-1887 Submitted by: C Turt <cturt hardenedbsd.org> Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@300088 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple OpenSSL vulnerabilitites. [SA-16:17] Fix memory leak in ZFS. [EN-16:08] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@299068 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix ntp multiple vulnerabilities. Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@298770 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
o Fix OpenSSH xauth(1) command injection. [SA-16:14] o Fix incorrect argument validation in sysarch(2). [SA-16:15] Security: FreeBSD-SA-16:14.openssh-xauth, CVE-2016-3115 Security: FreeBSD-SA-16:15.sysarch, CVE-2016-1885 Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@296953 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple vulnerabilities of BIND. [SA-16:13] Fix a regression with OpenSSL patch. [SA-16:12] Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@296611 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
Fix multiple OpenSSL vulnerabilities. Security: FreeBSD-SA-16:12.openssl Approved by: so git-svn-id: svn://svn.freebsd.org/base/releng/9.3@296465 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f