| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: CHANGES-3.0.4,v 1.1.2.33 2008/10/03 09:22:15 jdc Exp $ | | 1 | # $NetBSD: CHANGES-3.0.4,v 1.1.2.34 2008/10/03 10:48:10 jdc Exp $ |
2 | | | 2 | |
3 | A complete list of changes from the NetBSD 3.0.3 release to the NetBSD 3.0.4 | | 3 | A complete list of changes from the NetBSD 3.0.3 release to the NetBSD 3.0.4 |
4 | release: | | 4 | release: |
5 | | | 5 | |
6 | File Revision(s) | | 6 | File Revision(s) |
7 | ---- -------- | | 7 | ---- -------- |
8 | doc/README.files patch | | 8 | doc/README.files patch |
9 | gnu/usr.bin/groff/tmac/mdoc.local patch | | 9 | gnu/usr.bin/groff/tmac/mdoc.local patch |
10 | sys/sys/param.h patch | | 10 | sys/sys/param.h patch |
11 | | | 11 | |
12 | Welcome to NetBSD 3.0.3_PATCH. | | 12 | Welcome to NetBSD 3.0.3_PATCH. |
13 | | | 13 | |
14 | sys/dev/ic/pcdisplay_subr.c 1.33 via patch | | 14 | sys/dev/ic/pcdisplay_subr.c 1.33 via patch |
| @@ -1170,13 +1170,22 @@ libexec/ftpd/version.h patch | | | @@ -1170,13 +1170,22 @@ libexec/ftpd/version.h patch |
1170 | Don't split large commands into multiple commands; just fail on them. | | 1170 | Don't split large commands into multiple commands; just fail on them. |
1171 | This prevents CSRF-like attacks, when a web browser is used to access | | 1171 | This prevents CSRF-like attacks, when a web browser is used to access |
1172 | an ftp server. | | 1172 | an ftp server. |
1173 | Reported by Maksymilian Arciemowicz <cxib@securityreason.com>. | | 1173 | Reported by Maksymilian Arciemowicz <cxib@securityreason.com>. |
1174 | Fix mostly derived from OpenBSD, written by | | 1174 | Fix mostly derived from OpenBSD, written by |
1175 | Moritz Jodeit <moritz@OpenBSD.org> | | 1175 | Moritz Jodeit <moritz@OpenBSD.org> |
1176 | [lukem, ticket #1964] | | 1176 | [lukem, ticket #1964] |
1177 | | | 1177 | |
1178 | sys/netinet6/icmp6.c 1.150 | | 1178 | sys/netinet6/icmp6.c 1.150 |
1179 | Fix for CVE-2008-3530 from matt@ | | 1179 | Fix for CVE-2008-3530 from matt@ |
1180 | Implement improved checking for MTU values on ICMP 'Packet Too Big | | 1180 | Implement improved checking for MTU values on ICMP 'Packet Too Big |
1181 | Messages' | | 1181 | Messages' |
1182 | [adrianp, ticket #1966] | | 1182 | [adrianp, ticket #1966] |
| | | 1183 | |
| | | 1184 | src/sys/netinet6/in6.c 1.141 via patch |
| | | 1185 | src/sys/netinet6/in6_var.h 1.59 via patch |
| | | 1186 | src/sys/netinet6/nd6_nbr.c 1.89-1.90 via patch |
| | | 1187 | If a neighbor solictation isn't from the unspecified address, |
| | | 1188 | make sure that the source address matches one of the interfaces |
| | | 1189 | address prefixes. Fixes CVE-2008-2476/VU#472363. |
| | | 1190 | [adrianp, ticket #1967] |
| | | 1191 | |