svn commit: r338985 - in stable/10/sys: netinet netinet6

2018-09-27 Thread Gordon Tetlow
Author: gordon Date: Thu Sep 27 18:48:50 2018 New Revision: 338985 URL: https://svnweb.freebsd.org/changeset/base/338985 Log: There are various cases where we modify the inp_vflag and inp_inc.inc_flags fields during a syscall, but don't restore those fields if the operation fails. This can

svn commit: r338984 - stable/10/sys/kern

2018-09-27 Thread Gordon Tetlow
Author: gordon Date: Thu Sep 27 18:44:40 2018 New Revision: 338984 URL: https://svnweb.freebsd.org/changeset/base/338984 Log: MFC r338982. Clear stack allocated data structure to prevent kernel memory leak. Reported by: Thomas Barabosch, Fraunhofer FKIE Reviewed by: wes@

svn commit: r338605 - stable/10/sys/kern

2018-09-11 Thread Gordon Tetlow
Author: gordon Date: Wed Sep 12 05:03:30 2018 New Revision: 338605 URL: https://svnweb.freebsd.org/changeset/base/338605 Log: MFC 338603: Correct ELF header parsing code to prevent invalid ELF sections from disclosing memory. Submitted by: markj Reported by: Thomas Barabosch,

svn commit: r331983 - stable/10/sys/dev/vt

2018-04-03 Thread Gordon Tetlow
Author: gordon Date: Wed Apr 4 05:26:33 2018 New Revision: 331983 URL: https://svnweb.freebsd.org/changeset/base/331983 Log: MFC r331981: Limit glyph count in vtfont_load to avoid integer overflow. Invalid font data passed to PIO_VFONT can result in an integer overflow in

svn commit: r330609 - stable/10/sys/netipsec

2018-03-07 Thread Gordon Tetlow
Author: gordon Date: Wed Mar 7 16:55:15 2018 New Revision: 330609 URL: https://svnweb.freebsd.org/changeset/base/330609 Log: Fixup the AH patch to properly compile. Modified: stable/10/sys/netipsec/xform_ah.c Modified: stable/10/sys/netipsec/xform_ah.c

svn commit: r330565 - stable/10/sys/netipsec

2018-03-06 Thread Gordon Tetlow
Author: gordon Date: Wed Mar 7 05:47:48 2018 New Revision: 330565 URL: https://svnweb.freebsd.org/changeset/base/330565 Log: Port r329561 to stable/10. There were structural changes preventing MFC. Check packet length to not make an out of bounds access. Also, save ah_nxt value to use

svn commit: r326721 - stable/10/crypto/openssl/ssl

2017-12-08 Thread Gordon Tetlow
Author: gordon Date: Sat Dec 9 03:41:31 2017 New Revision: 326721 URL: https://svnweb.freebsd.org/changeset/base/326721 Log: Fix error state handling. Security: CVE-2017-3737 Security: FreeBSD-SA-17:12.openssl Modified: stable/10/crypto/openssl/ssl/ssl.h Modified:

svn commit: r325867 - in stable/10/sys: compat/freebsd32 kern

2017-11-15 Thread Gordon Tetlow
Author: gordon Date: Wed Nov 15 22:35:16 2017 New Revision: 325867 URL: https://svnweb.freebsd.org/changeset/base/325867 Log: MFC r325865 Properly bzero kldstat structure to prevent kernel information leak. Security: FreeBSD-SA-17:10.kldstat Security: CVE-2017-1088

svn commit: r324739 - in stable/10/contrib/wpa: src/ap src/common src/rsn_supp wpa_supplicant

2017-10-18 Thread Gordon Tetlow
Author: gordon Date: Thu Oct 19 03:18:22 2017 New Revision: 324739 URL: https://svnweb.freebsd.org/changeset/base/324739 Log: Update wpa_supplicant/hostapd for 2017-01 vulnerability release. Note this is a different patchset than what was applied to head and stable/11 due to the much

svn commit: r323281 - in stable: 10/contrib/file/src 11/contrib/file/src

2017-09-07 Thread Gordon Tetlow
Author: gordon Date: Thu Sep 7 19:23:08 2017 New Revision: 323281 URL: https://svnweb.freebsd.org/changeset/base/323281 Log: MFC r323278: Fix an incorrectly used conditional causing buffer overflow. Reported by: Thomas Jarosch of Intra2net AG Reviewed by: emaste, jhb Approved by: