Module Name: src
Committed By: msaitoh
Date: Wed Jun 18 02:20:05 UTC 2014
Modified Files:
src/doc [netbsd-6-0]: CHANGES-6.0.6
Log Message:
Ticket 1076.
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.9 -r1.1.2.10 src/doc/CHANGES-6.0.6
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.0.6
diff -u src/doc/CHANGES-6.0.6:1.1.2.9 src/doc/CHANGES-6.0.6:1.1.2.10
--- src/doc/CHANGES-6.0.6:1.1.2.9 Fri Jun 6 05:36:43 2014
+++ src/doc/CHANGES-6.0.6 Wed Jun 18 02:20:05 2014
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.0.6,v 1.1.2.9 2014/06/06 05:36:43 msaitoh Exp $
+# $NetBSD: CHANGES-6.0.6,v 1.1.2.10 2014/06/18 02:20:05 msaitoh Exp $
A complete list of changes from the NetBSD 6.0.5 release to the NetBSD 6.0.6
release:
@@ -590,3 +590,12 @@ crypto/external/bsd/openssl/lib/libcrypt
CVE-2014-0195, CVE-2014-3470 and fix some double free.
Avoid NULL dereference. (FreeBSD SA14:10).
[christos, ticket #1078]
+
+src/external/bsd/openpam/dist/lib/openpam_configure.c 1.8 via patch
+
+ CVE-2014-3879: Incorrect error handling in PAM policy parser:
+ Missing module files were treated as soft failures leading to
+ unexpected behavior if policy files were copied between hosts with
+ differently installed modules or in the short period during upgrades
+ when module files were being replaced.
+ [christos, ticket #1076]
