CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/stable/10.git/commit

projects / FreeBSD / stable / 10.git / commit

author	mm <mm@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Sun, 25 Sep 2016 22:04:02 +0000 (22:04 +0000)
committer	mm <mm@ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f>
	Sun, 25 Sep 2016 22:04:02 +0000 (22:04 +0000)
commit	1c59bae9e3005322caaea92af4eb9dee26acf1d3
tree	7947128e08dc7e298973f86338b436136873a4d2	tree \| snapshot
parent	b20f7bfde324f62cf46f97b3dcbf9b98686e7e66	commit \| diff

MFC r305819:
Sync libarchive with vendor including important security fixes.

Issues fixed (FreeBSD):
PR #778: ACL error handling
Issue #745: Symlink check prefix optimization is too aggressive
Issue #746: Hard links with data can evade sandboxing restrictions

This update fixes the vulnerability #3 and vulnerability #4 as reported in
"non-cryptanalytic attacks against FreeBSD update components".
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f

Fix for vulnerability #2 has already been merged in r305192.

Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f

git-svn-id: svn://svn.freebsd.org/base/stable/10@306322 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f

10-STABLE

RSS Atom

contrib/libarchive/libarchive/archive_platform.h		diff \| blob \| history
contrib/libarchive/libarchive/archive_read_disk_entry_from_file.c		diff \| blob \| history
contrib/libarchive/libarchive/archive_read_disk_posix.c		diff \| blob \| history
contrib/libarchive/libarchive/archive_read_support_format_tar.c		diff \| blob \| history
contrib/libarchive/libarchive/archive_write_disk_acl.c		diff \| blob \| history
contrib/libarchive/libarchive/archive_write_disk_posix.c		diff \| blob \| history
contrib/libarchive/libarchive/test/test_write_disk_secure745.c		diff \| blob \| history
contrib/libarchive/libarchive/test/test_write_disk_secure746.c		diff \| blob \| history
contrib/libarchive/libarchive/test/test_write_format_gnutar_filenames.c		diff \| blob \| history
lib/libarchive/tests/Makefile		diff \| blob \| history