| @@ -1,133 +1,147 @@ | | | @@ -1,133 +1,147 @@ |
1 | # $NetBSD: CHANGES-6.0.4,v 1.1.2.11 2013/12/17 22:40:04 riz Exp $ | | 1 | # $NetBSD: CHANGES-6.0.4,v 1.1.2.12 2014/01/06 19:13:07 bouyer Exp $ |
2 | | | 2 | |
3 | A complete list of changes from the NetBSD 6.0.3 release to the NetBSD 6.0.4 | | 3 | A complete list of changes from the NetBSD 6.0.3 release to the NetBSD 6.0.4 |
4 | release: | | 4 | release: |
5 | | | 5 | |
6 | doc/README.files patched by hand | | 6 | doc/README.files patched by hand |
7 | gnu/usr.bin/groff/tmac/mdoc.local patched by hand | | 7 | gnu/usr.bin/groff/tmac/mdoc.local patched by hand |
8 | sys/sys/param.h patched by hand | | 8 | sys/sys/param.h patched by hand |
9 | | | 9 | |
10 | Welcome to 6.0.3_PATCH. | | 10 | Welcome to 6.0.3_PATCH. |
11 | [jdc] | | 11 | [jdc] |
12 | | | 12 | |
13 | xsrc/external/mit/xorg-server/dist/dix/dixfonts.c 1.2 | | 13 | xsrc/external/mit/xorg-server/dist/dix/dixfonts.c 1.2 |
14 | xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c 1.4 | | 14 | xsrc/xfree/xc/programs/Xserver/dix/dixfonts.c 1.4 |
15 | | | 15 | |
16 | Fix CVE-2013-4396 using a patch from Alan Coopersmith: | | 16 | Fix CVE-2013-4396 using a patch from Alan Coopersmith: |
17 | Save a pointer to the passed in closure structure before copying it | | 17 | Save a pointer to the passed in closure structure before copying it |
18 | and overwriting the *c pointer to point to our copy instead of the | | 18 | and overwriting the *c pointer to point to our copy instead of the |
19 | original. If we hit an error, once we free(c), reset c to point to | | 19 | original. If we hit an error, once we free(c), reset c to point to |
20 | the original structure before jumping to the cleanup code that | | 20 | the original structure before jumping to the cleanup code that |
21 | references *c. | | 21 | references *c. |
22 | [spz, ticket #966] | | 22 | [spz, ticket #966] |
23 | | | 23 | |
24 | sys/arch/x86/pci/pci_machdep.c 1.61 via patch | | 24 | sys/arch/x86/pci/pci_machdep.c 1.61 via patch |
25 | | | 25 | |
26 | Force PCI mode 1 when running under QEMU, to work around | | 26 | Force PCI mode 1 when running under QEMU, to work around |
27 | QEMU bug 897771. | | 27 | QEMU bug 897771. |
28 | This should also make it possible to boot NetBSD under versions of KVM | | 28 | This should also make it possible to boot NetBSD under versions of KVM |
29 | that have inherited said QEMU bug. Fixes PR kern/45671. | | 29 | that have inherited said QEMU bug. Fixes PR kern/45671. |
30 | [gson, ticket #963] | | 30 | [gson, ticket #963] |
31 | | | 31 | |
32 | sys/netinet/tcp_usrreq.c 1.168 | | 32 | sys/netinet/tcp_usrreq.c 1.168 |
33 | | | 33 | |
34 | PR/48098: Brian Marcotte: Avoid kernel assertion for embryonic sockets | | 34 | PR/48098: Brian Marcotte: Avoid kernel assertion for embryonic sockets |
35 | that don't have credentials yet. | | 35 | that don't have credentials yet. |
36 | [spz, ticket #967] | | 36 | [spz, ticket #967] |
37 | | | 37 | |
38 | external/mit/xorg/server/drivers/xf86-video-intel/Makefile 1.11 | | 38 | external/mit/xorg/server/drivers/xf86-video-intel/Makefile 1.11 |
39 | | | 39 | |
40 | Add missing i810_dri.c file to SRCS. | | 40 | Add missing i810_dri.c file to SRCS. |
41 | PR xsrc/48315. | | 41 | PR xsrc/48315. |
42 | [martin, ticket #971] | | 42 | [martin, ticket #971] |
43 | | | 43 | |
44 | distrib/utils/sysinst/mbr.c 1.92 | | 44 | distrib/utils/sysinst/mbr.c 1.92 |
45 | | | 45 | |
46 | Add missing braces, which caused the offset of MBR partition 0 to be | | 46 | Add missing braces, which caused the offset of MBR partition 0 to be |
47 | unintentionally set to 2048 even on small (<=128GB) disks. | | 47 | unintentionally set to 2048 even on small (<=128GB) disks. |
48 | PR/48304. | | 48 | PR/48304. |
49 | [tsutsui, ticket #972] | | 49 | [tsutsui, ticket #972] |
50 | | | 50 | |
51 | sys/arch/xen/xen/xbdback_xenbus.c 1.58 | | 51 | sys/arch/xen/xen/xbdback_xenbus.c 1.58 |
52 | | | 52 | |
53 | Fix a dom0 panic, or crash with a hypervisor panic, when creating | | 53 | Fix a dom0 panic, or crash with a hypervisor panic, when creating |
54 | some domUs (domUs where the frontend driver doesn't provide a | | 54 | some domUs (domUs where the frontend driver doesn't provide a |
55 | "protocol" entry in the xenstore). | | 55 | "protocol" entry in the xenstore). |
56 | [bouyer, ticket #974] | | 56 | [bouyer, ticket #974] |
57 | | | 57 | |
58 | libexec/ld.elf_so/tls.c 1.9 | | 58 | libexec/ld.elf_so/tls.c 1.9 |
59 | tests/lib/libc/tls/dso/h_tls_dlopen.c 1.5 | | 59 | tests/lib/libc/tls/dso/h_tls_dlopen.c 1.5 |
60 | | | 60 | |
61 | Only initialise TLS space from the PT_TLS segment, if the size is | | 61 | Only initialise TLS space from the PT_TLS segment, if the size is |
62 | positive and the offset has been computed. Fixes PR lib/48324. | | 62 | positive and the offset has been computed. Fixes PR lib/48324. |
63 | [joerg, ticket #976] | | 63 | [joerg, ticket #976] |
64 | | | 64 | |
65 | usr.sbin/npf/npfctl/npf_ncgen.c patch | | 65 | usr.sbin/npf/npfctl/npf_ncgen.c patch |
66 | sys/net/npf/npf_instr.c patch | | 66 | sys/net/npf/npf_instr.c patch |
67 | | | 67 | |
68 | fix the byteorder for port range comparison | | 68 | fix the byteorder for port range comparison |
69 | [rmind, ticket #986] | | 69 | [rmind, ticket #986] |
70 | | | 70 | |
71 | sys/kern/uipc_socket.c 1.220 | | 71 | sys/kern/uipc_socket.c 1.220 |
72 | | | 72 | |
73 | PR/48098: Brian Marcotte: | | 73 | PR/48098: Brian Marcotte: |
74 | panic: kernel diagnostic assertion "cred != NULL": | | 74 | panic: kernel diagnostic assertion "cred != NULL": |
75 | Fix from Michael van Elst, tcpdrop crashes kernel on | | 75 | Fix from Michael van Elst, tcpdrop crashes kernel on |
76 | ebryonic connections. | | 76 | ebryonic connections. |
77 | [spz, ticket #988] | | 77 | [spz, ticket #988] |
78 | | | 78 | |
79 | sys/uvm/uvm_km.c 1.125 | | 79 | sys/uvm/uvm_km.c 1.125 |
80 | | | 80 | |
81 | uvm_km_kmem_alloc: don't hardcode kmem_va_arena. This could lead to | | 81 | uvm_km_kmem_alloc: don't hardcode kmem_va_arena. This could lead to |
82 | freeing to the wrong vmem arena in case of failed page allocations. | | 82 | freeing to the wrong vmem arena in case of failed page allocations. |
83 | [para, ticket #989] | | 83 | [para, ticket #989] |
84 | | | 84 | |
85 | sys/arch/sparc64/sparc64/locore.s 1.350 | | 85 | sys/arch/sparc64/sparc64/locore.s 1.350 |
86 | | | 86 | |
87 | Increase an interrupt depth only in the case of hardware interrupts, | | 87 | Increase an interrupt depth only in the case of hardware interrupts, |
88 | and remove the ci_idepth trick in softint_fastintr. | | 88 | and remove the ci_idepth trick in softint_fastintr. |
89 | Fixes the following diagnostic panic reported in port-sparc64. | | 89 | Fixes the following diagnostic panic reported in port-sparc64. |
90 | panic: kernel diagnostic assertion "!cpu_intr_p()" failed: file | | 90 | panic: kernel diagnostic assertion "!cpu_intr_p()" failed: file |
91 | "../../../../kern/subr_xcall.c", line 351 | | 91 | "../../../../kern/subr_xcall.c", line 351 |
92 | [nakayama, ticket #994] | | 92 | [nakayama, ticket #994] |
93 | | | 93 | |
94 | sys/kern/uipc_syscalls.c 1.163 | | 94 | sys/kern/uipc_syscalls.c 1.163 |
95 | | | 95 | |
96 | PR/47591: Michael Plass: If the unix socket is closed before accept, | | 96 | PR/47591: Michael Plass: If the unix socket is closed before accept, |
97 | unp->unp_conn will be NULL in PRU_ACCEPT, as called from | | 97 | unp->unp_conn will be NULL in PRU_ACCEPT, as called from |
98 | sys_accept->so_accept. This will cause the usrreq to return with | | 98 | sys_accept->so_accept. This will cause the usrreq to return with |
99 | no error, leaving the mbuf gotten from m_get() with an uninitialized | | 99 | no error, leaving the mbuf gotten from m_get() with an uninitialized |
100 | length, containing junk from a previous call. Initialize m_len to | | 100 | length, containing junk from a previous call. Initialize m_len to |
101 | be 0 to handle this case. | | 101 | be 0 to handle this case. |
102 | [spz, ticket #996] | | 102 | [spz, ticket #996] |
103 | | | 103 | |
104 | sys/netinet6/nd6.c 1.146 | | 104 | sys/netinet6/nd6.c 1.146 |
105 | usr.sbin/ndp/ndp.c 1.42 | | 105 | usr.sbin/ndp/ndp.c 1.42 |
106 | | | 106 | |
107 | Instead of voodo casts use simple byte pointer arithmetic and memcpy to | | 107 | Instead of voodo casts use simple byte pointer arithmetic and memcpy to |
108 | create the "packed" binary format we pass out to userland when querying | | 108 | create the "packed" binary format we pass out to userland when querying |
109 | the router/prefix list. | | 109 | the router/prefix list. |
110 | Simplify code to print the router/prefix list: use memcpy and local | | 110 | Simplify code to print the router/prefix list: use memcpy and local |
111 | structs properly aligned on the stack to decode the binary format | | 111 | structs properly aligned on the stack to decode the binary format |
112 | passed by the kernel - instead of (bogusly) assuming the format will | | 112 | passed by the kernel - instead of (bogusly) assuming the format will |
113 | obey all local alignement requirements. | | 113 | obey all local alignement requirements. |
114 | [martin, ticket #998] | | 114 | [martin, ticket #998] |
115 | | | 115 | |
116 | sys/compat/common/compat_util.c 1.45 | | 116 | sys/compat/common/compat_util.c 1.45 |
117 | | | 117 | |
118 | Free pathbuf in an error path. | | 118 | Free pathbuf in an error path. |
119 | [martin, ticket #999] | | 119 | [martin, ticket #999] |
120 | | | 120 | |
121 | sbin/fsck_ffs/inode.c 1.70 | | 121 | sbin/fsck_ffs/inode.c 1.70 |
122 | | | 122 | |
123 | Fix cut-and-paste error in the non-ufs2 case which can cause | | 123 | Fix cut-and-paste error in the non-ufs2 case which can cause |
124 | fsck_ffs to exit with an internal error. | | 124 | fsck_ffs to exit with an internal error. |
125 | [bouyer, ticket #991] | | 125 | [bouyer, ticket #991] |
126 | | | 126 | |
127 | sys/arch/xen/xen/evtchn.c 1.70 | | 127 | sys/arch/xen/xen/evtchn.c 1.70 |
128 | | | 128 | |
129 | Remove the "evtchn_do_event: handler %p didn't lower ipl %d %d\n" | | 129 | Remove the "evtchn_do_event: handler %p didn't lower ipl %d %d\n" |
130 | printf as analysis shows it actually isn't a bug in the handler, | | 130 | printf as analysis shows it actually isn't a bug in the handler, |
131 | but related to spin mutexes. Fixes port-xen/46313. | | 131 | but related to spin mutexes. Fixes port-xen/46313. |
132 | [bouyer, ticket #995] | | 132 | [bouyer, ticket #995] |
133 | | | 133 | |
| | | 134 | distrib/ews4800mips/Makefile 1.3 |
| | | 135 | |
| | | 136 | Add "cdroms" to the SUBDIR list for src/distrib/ews4800mips. |
| | | 137 | Should prevent the iso image from being created in the source tree |
| | | 138 | [apb, ticket #1009] |
| | | 139 | |
| | | 140 | etc/ntp.conf 1.16, 1.17, 1.18 via patch |
| | | 141 | external/bsd/ntp/dist/ntpd/ntp_request.c patch |
| | | 142 | |
| | | 143 | Patch from ntp 4.2.7p404 to prevent an amplifier and DoS attack. |
| | | 144 | Add several "restrict" lines to the default ntp.conf and |
| | | 145 | improve comments |
| | | 146 | [spz, ticket #1010] |
| | | 147 | |