Module Name: src
Committed By: bouyer
Date: Tue May 17 12:12:38 UTC 2022
Modified Files:
src/doc [netbsd-8]: CHANGES-8.3
Log Message:
Ticket 1743
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.129 -r1.1.2.130 src/doc/CHANGES-8.3
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-8.3
diff -u src/doc/CHANGES-8.3:1.1.2.129 src/doc/CHANGES-8.3:1.1.2.130
--- src/doc/CHANGES-8.3:1.1.2.129 Tue May 17 10:35:22 2022
+++ src/doc/CHANGES-8.3 Tue May 17 12:12:38 2022
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-8.3,v 1.1.2.129 2022/05/17 10:35:22 bouyer Exp $
+# $NetBSD: CHANGES-8.3,v 1.1.2.130 2022/05/17 12:12:38 bouyer Exp $
A complete list of changes from the NetBSD 8.2 release to the NetBSD 8.3
release:
@@ -2600,3 +2600,13 @@ share/man/man4/mfi.4 1.13
- KNF. Remove extra semicolon. Whitespace fixes.
[msaitoh, ticket #1742]
+libexec/mail.local/mail.local.c 1.29
+
+ fix local privilege escalation due to a race condition
+
+ NetBSD-SA2016-006 included an incomplete fix for CVE-2016-6253,
+ a local privilege escalation vulnerability in mail.local(8).
+
+ Thanks to Jan Schaumann for bringing this to our attention.
+ [kre, ticket #1743]
+
