Author: gordon
Date: Thu Sep 27 18:48:50 2018
New Revision: 338985
URL: https://svnweb.freebsd.org/changeset/base/338985
Log:
There are various cases where we modify the inp_vflag and inp_inc.inc_flags
fields during a syscall, but don't restore those fields if the operation
fails. This can
Author: gordon
Date: Thu Sep 27 18:44:40 2018
New Revision: 338984
URL: https://svnweb.freebsd.org/changeset/base/338984
Log:
MFC r338982.
Clear stack allocated data structure to prevent kernel memory leak.
Reported by: Thomas Barabosch, Fraunhofer FKIE
Reviewed by: wes@
Author: gordon
Date: Wed Sep 12 05:03:30 2018
New Revision: 338605
URL: https://svnweb.freebsd.org/changeset/base/338605
Log:
MFC 338603:
Correct ELF header parsing code to prevent invalid ELF sections from
disclosing memory.
Submitted by: markj
Reported by: Thomas Barabosch,
Author: gordon
Date: Wed Apr 4 05:26:33 2018
New Revision: 331983
URL: https://svnweb.freebsd.org/changeset/base/331983
Log:
MFC r331981:
Limit glyph count in vtfont_load to avoid integer overflow.
Invalid font data passed to PIO_VFONT can result in an integer overflow
in
Author: gordon
Date: Wed Mar 7 16:55:15 2018
New Revision: 330609
URL: https://svnweb.freebsd.org/changeset/base/330609
Log:
Fixup the AH patch to properly compile.
Modified:
stable/10/sys/netipsec/xform_ah.c
Modified: stable/10/sys/netipsec/xform_ah.c
Author: gordon
Date: Wed Mar 7 05:47:48 2018
New Revision: 330565
URL: https://svnweb.freebsd.org/changeset/base/330565
Log:
Port r329561 to stable/10. There were structural changes preventing MFC.
Check packet length to not make an out of bounds access. Also, save ah_nxt
value to use
Author: gordon
Date: Sat Dec 9 03:41:31 2017
New Revision: 326721
URL: https://svnweb.freebsd.org/changeset/base/326721
Log:
Fix error state handling.
Security: CVE-2017-3737
Security: FreeBSD-SA-17:12.openssl
Modified:
stable/10/crypto/openssl/ssl/ssl.h
Modified:
Author: gordon
Date: Wed Nov 15 22:35:16 2017
New Revision: 325867
URL: https://svnweb.freebsd.org/changeset/base/325867
Log:
MFC r325865
Properly bzero kldstat structure to prevent kernel information leak.
Security: FreeBSD-SA-17:10.kldstat
Security: CVE-2017-1088
Author: gordon
Date: Thu Oct 19 03:18:22 2017
New Revision: 324739
URL: https://svnweb.freebsd.org/changeset/base/324739
Log:
Update wpa_supplicant/hostapd for 2017-01 vulnerability release.
Note this is a different patchset than what was applied to head and
stable/11 due to the much
Author: gordon
Date: Thu Sep 7 19:23:08 2017
New Revision: 323281
URL: https://svnweb.freebsd.org/changeset/base/323281
Log:
MFC r323278: Fix an incorrectly used conditional causing buffer overflow.
Reported by: Thomas Jarosch of Intra2net AG
Reviewed by: emaste, jhb
Approved by:
10 matches
Mail list logo