Wed Oct 5 09:51:18 2016 UTC ()
tickets 1262,1263


(bouyer)
diff -r1.1.2.14 -r1.1.2.15 src/doc/CHANGES-7.0.2
cvs diff -r1.1.2.14 -r1.1.2.15 src/doc/Attic/CHANGES-7.0.2 (expand / switch to unified diff)

--- src/doc/Attic/CHANGES-7.0.2 2016/09/25 12:24:51 1.1.2.14
+++ src/doc/Attic/CHANGES-7.0.2 2016/10/05 09:51:18 1.1.2.15
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: CHANGES-7.0.2,v 1.1.2.14 2016/09/25 12:24:51 bouyer Exp $ 1# $NetBSD: CHANGES-7.0.2,v 1.1.2.15 2016/10/05 09:51:18 bouyer Exp $
2 2
3A complete list of changes from the NetBSD 7.0.1 release to the NetBSD 7.0.2 3A complete list of changes from the NetBSD 7.0.1 release to the NetBSD 7.0.2
4release: 4release:
5 5
6gnu/usr.bin/groff/tmac/mdoc.local patched by hand 6gnu/usr.bin/groff/tmac/mdoc.local patched by hand
7sys/sys/param.h patched by hand 7sys/sys/param.h patched by hand
8 8
9 Welcome to 7.0.1_PATCH. 9 Welcome to 7.0.1_PATCH.
10 [snj] 10 [snj]
11 11
12external/gpl3/gcc/dist/gcc/cp/Make-lang.in 1.6 12external/gpl3/gcc/dist/gcc/cp/Make-lang.in 1.6
13external/gpl3/gcc/dist/gcc/cp/cfns.gperf 1.2 13external/gpl3/gcc/dist/gcc/cp/cfns.gperf 1.2
14external/gpl3/gcc/dist/gcc/cp/cfns.h 1.2 14external/gpl3/gcc/dist/gcc/cp/cfns.h 1.2
@@ -263,13 +263,136 @@ etc/namedb/root.cache 1.21 @@ -263,13 +263,136 @@ etc/namedb/root.cache 1.21
263 Update root.cache to 2016/8/25 version. 263 Update root.cache to 2016/8/25 version.
264 [taca, ticket #1246] 264 [taca, ticket #1246]
265 265
266sys/lib/libsa/checkpasswd.c 1.10 266sys/lib/libsa/checkpasswd.c 1.10
267 267
268 Check bounds on input. From Michael Plass. 268 Check bounds on input. From Michael Plass.
269 [dholland, ticket #1250] 269 [dholland, ticket #1250]
270 270
271sys/arch/sparc64/sparc64/locore.s 1.401 271sys/arch/sparc64/sparc64/locore.s 1.401
272 272
273 Fix RAS for 32-bit kernels. trapframe is always 64-bit. 273 Fix RAS for 32-bit kernels. trapframe is always 64-bit.
274 [nakayama, ticket #1257] 274 [nakayama, ticket #1257]
275 275
 276xsrc/external/mit/libX11/dist/src/FontNames.c patch
 277xsrc/external/mit/libX11/dist/src/GetImage.c patch
 278xsrc/external/mit/libX11/dist/src/ListExt.c patch
 279xsrc/external/mit/libX11/dist/src/ModMap.c patch
 280xsrc/external/mit/libXfixes/dist/src/Region.c patch
 281xsrc/external/mit/libXi/dist/src/XGMotion.c patch
 282xsrc/external/mit/libXi/dist/src/XGetBMap.c patch
 283xsrc/external/mit/libXi/dist/src/XGetDCtl.c patch
 284xsrc/external/mit/libXi/dist/src/XGetFCtl.c patch
 285xsrc/external/mit/libXi/dist/src/XGetKMap.c patch
 286xsrc/external/mit/libXi/dist/src/XGetMMap.c patch
 287xsrc/external/mit/libXi/dist/src/XIQueryDevice.c patch
 288xsrc/external/mit/libXi/dist/src/XListDev.c patch
 289xsrc/external/mit/libXi/dist/src/XOpenDev.c patch
 290xsrc/external/mit/libXi/dist/src/XQueryDv.c patch
 291xsrc/external/mit/libXrandr/dist/src/XrrConfig.c patch
 292xsrc/external/mit/libXrandr/dist/src/XrrCrtc.c patch
 293xsrc/external/mit/libXrandr/dist/src/XrrOutput.c patch
 294xsrc/external/mit/libXrandr/dist/src/XrrProvider.c patch
 295xsrc/external/mit/libXrandr/dist/src/XrrScreen.c patch
 296xsrc/external/mit/libXrender/dist/src/Filter.c patch
 297xsrc/external/mit/libXrender/dist/src/Xrender.c patch
 298xsrc/external/mit/libXtst/dist/src/XRecord.c patch
 299xsrc/external/mit/libXv/dist/src/Xv.c patch
 300xsrc/external/mit/libXvMC/dist/src/XvMC.c patch
 301
 302 Fix (backported from upstream) the following issues in X client
 303 libraries:
 304 libX11 - insufficient validation of data from the X server
 305 can cause out of boundary memory read (XGetImage())
 306 or write (XListFonts()).
 307 Affected versions libX11 <= 1.6.3
 308
 309 libXfixes - insufficient validation of data from the X server
 310 can cause an integer overflow on 32 bit architectures.
 311 Affected versions : libXfixes <= 5.0.2
 312
 313 libXi - insufficient validation of data from the X server
 314 can cause out of boundary memory access or
 315 endless loops (Denial of Service).
 316 Affected versions libXi <= 1.7.6
 317
 318 libXrandr - insufficient validation of data from the X server
 319 can cause out of boundary memory writes.
 320 Affected versions: libXrandr <= 1.5.0
 321
 322 libXrender - insufficient validation of data from the X server
 323 can cause out of boundary memory writes.
 324 Affected version: libXrender <= 0.9.9
 325
 326 XRecord - insufficient validation of data from the X server
 327 can cause out of boundary memory access or
 328 endless loops (Denial of Service).
 329 Affected version libXtst <= 1.2.2
 330
 331 libXv - insufficient validation of data from the X server
 332 can cause out of boundary memory and memory corruption.
 333 CVE-2016-5407
 334 affected versions libXv <= 1.0.10
 335
 336 libXvMC - insufficient validation of data from the X server
 337 can cause a one byte buffer read underrun.
 338 Affected versions: libXvMC <= 1.0.9
 339 [mrg, ticket 1262]
 340
 341xsrc/xfree/xc/lib/X11/FontNames.c patch
 342xsrc/xfree/xc/lib/X11/GetImage.c patch
 343xsrc/xfree/xc/lib/X11/ListExt.c patch
 344xsrc/xfree/xc/lib/X11/ModMap.c patch
 345xsrc/xfree/xc/lib/X11/Xlibint.h patch
 346xsrc/xfree/xc/lib/Xi/XGMotion.c patch
 347xsrc/xfree/xc/lib/Xi/XGetBMap.c patch
 348xsrc/xfree/xc/lib/Xi/XGetDCtl.c patch
 349xsrc/xfree/xc/lib/Xi/XGetFCtl.c patch
 350xsrc/xfree/xc/lib/Xi/XGetKMap.c patch
 351xsrc/xfree/xc/lib/Xi/XGetMMap.c patch
 352xsrc/xfree/xc/lib/Xi/XOpenDev.c patch
 353xsrc/xfree/xc/lib/Xi/XQueryDv.c patch
 354xsrc/xfree/xc/lib/Xrender/Filter.c patch
 355xsrc/xfree/xc/lib/Xrender/Xrender.c patch
 356xsrc/xfree/xc/lib/Xtst/XRecord.c patch
 357xsrc/xfree/xc/lib/Xv/Xv.c patch
 358xsrc/xfree/xc/programs/Xserver/include/dix.h patch
 359
 360 Fix (backported from upstream) the following issues in X client
 361 libraries:
 362 libX11 - insufficient validation of data from the X server
 363 can cause out of boundary memory read (XGetImage())
 364 or write (XListFonts()).
 365 Affected versions libX11 <= 1.6.3
 366
 367 libXfixes - insufficient validation of data from the X server
 368 can cause an integer overflow on 32 bit architectures.
 369 Affected versions : libXfixes <= 5.0.2
 370
 371 libXi - insufficient validation of data from the X server
 372 can cause out of boundary memory access or
 373 endless loops (Denial of Service).
 374 Affected versions libXi <= 1.7.6
 375
 376 libXrandr - insufficient validation of data from the X server
 377 can cause out of boundary memory writes.
 378 Affected versions: libXrandr <= 1.5.0
 379
 380 libXrender - insufficient validation of data from the X server
 381 can cause out of boundary memory writes.
 382 Affected version: libXrender <= 0.9.9
 383
 384 XRecord - insufficient validation of data from the X server
 385 can cause out of boundary memory access or
 386 endless loops (Denial of Service).
 387 Affected version libXtst <= 1.2.2
 388
 389 libXv - insufficient validation of data from the X server
 390 can cause out of boundary memory and memory corruption.
 391 CVE-2016-5407
 392 affected versions libXv <= 1.0.10
 393
 394 libXvMC - insufficient validation of data from the X server
 395 can cause a one byte buffer read underrun.
 396 Affected versions: libXvMC <= 1.0.9
 397 [mrg, ticket 1263]
 398