Module Name: src
Committed By: bouyer
Date: Wed Jul 1 07:19:29 UTC 2015
Modified Files:
src/doc [netbsd-5-1]: CHANGES-5.1.6
Log Message:
ticket 1971
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.31 -r1.1.2.32 src/doc/CHANGES-5.1.6
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-5.1.6
diff -u src/doc/CHANGES-5.1.6:1.1.2.31 src/doc/CHANGES-5.1.6:1.1.2.32
--- src/doc/CHANGES-5.1.6:1.1.2.31 Thu Jun 4 09:07:28 2015
+++ src/doc/CHANGES-5.1.6 Wed Jul 1 07:19:29 2015
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-5.1.6,v 1.1.2.31 2015/06/04 09:07:28 martin Exp $
+# $NetBSD: CHANGES-5.1.6,v 1.1.2.32 2015/07/01 07:19:29 bouyer Exp $
A complete list of changes from the NetBSD 5.1.5 release to the NetBSD 5.1.6
release:
@@ -2633,3 +2633,17 @@ sys/arch/x86/x86/intel_busclock.c 1.10,
[sborrill, ticket #1963]
+usr.bin/calendar/calendar.c 1.51
+
+ Correct privilege handling problems in calendar -a (which runs as root
+ from /etc/daily); do not exec other programs while the real uid is
+ still 0.
+
+ Also, clear the supplementary groups list up front and call initgroups
+ when becoming another user, to avoid leaking any extra group
+ privileges that we might have.
+
+ And finally, don't silently ignore errors changing uid and gid; those
+ are serious if they happen.
+ [dholland, ticket #1971]
+
