Thu Aug 29 16:15:06 2019 UTC ()
Ticket #1703


(martin)
diff -r1.1.2.54 -r1.1.2.55 src/doc/CHANGES-7.1.3
cvs diff -r1.1.2.54 -r1.1.2.55 src/doc/Attic/CHANGES-7.1.3 (switch to unified diff)

--- src/doc/Attic/CHANGES-7.1.3 2019/06/15 15:59:55 1.1.2.54
+++ src/doc/Attic/CHANGES-7.1.3 2019/08/29 16:15:06 1.1.2.55
@@ -1,549 +1,555 @@ @@ -1,549 +1,555 @@
1# $NetBSD: CHANGES-7.1.3,v 1.1.2.54 2019/06/15 15:59:55 martin Exp $ 1# $NetBSD: CHANGES-7.1.3,v 1.1.2.55 2019/08/29 16:15:06 martin Exp $
2 2
3A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3 3A complete list of changes from the NetBSD 7.1.2 release to the NetBSD 7.1.3
4release: 4release:
5 5
6doc/README.files patched by hand 6doc/README.files patched by hand
7gnu/usr.bin/groff/tmac/mdoc.local patched by hand 7gnu/usr.bin/groff/tmac/mdoc.local patched by hand
8sys/sys/param.h patched by hand 8sys/sys/param.h patched by hand
9 9
10 Welcome to 7.1.2_PATCH. 10 Welcome to 7.1.2_PATCH.
11 [snj] 11 [snj]
12 12
13sys/dev/ppbus/if_plip.c 1.28 13sys/dev/ppbus/if_plip.c 1.28
14 14
15 Fix an spl(9) leak. 15 Fix an spl(9) leak.
16 [msaitoh, ticket #1579] 16 [msaitoh, ticket #1579]
17 17
18sys/sys/bitops.h 1.12-1.14 18sys/sys/bitops.h 1.12-1.14
19 19
20 Fix sign issues. 20 Fix sign issues.
21 Avoid undefined behaviour when a left shift may be greater than 21 Avoid undefined behaviour when a left shift may be greater than
22 the size of the bitmap type. 22 the size of the bitmap type.
23 [mrg, ticket #1582] 23 [mrg, ticket #1582]
24 24
25external/public-domain/tz/dist/ziguard.awk up to 1.1.1.1 25external/public-domain/tz/dist/ziguard.awk up to 1.1.1.1
26external/public-domain/tz/dist/CONTRIBUTING up to 1.1.1.5 26external/public-domain/tz/dist/CONTRIBUTING up to 1.1.1.5
27external/public-domain/tz/dist/Makefile up to 1.1.1.20 27external/public-domain/tz/dist/Makefile up to 1.1.1.20
28external/public-domain/tz/dist/NEWS up to 1.1.1.21 28external/public-domain/tz/dist/NEWS up to 1.1.1.21
29external/public-domain/tz/dist/README up to 1.1.1.6 29external/public-domain/tz/dist/README up to 1.1.1.6
30external/public-domain/tz/dist/TZDATA_VERSION up to 1.11 30external/public-domain/tz/dist/TZDATA_VERSION up to 1.11
31external/public-domain/tz/dist/africa up to 1.1.1.14 31external/public-domain/tz/dist/africa up to 1.1.1.14
32external/public-domain/tz/dist/antarctica up to 1.1.1.10 32external/public-domain/tz/dist/antarctica up to 1.1.1.10
33external/public-domain/tz/dist/asia up to 1.1.1.19 33external/public-domain/tz/dist/asia up to 1.1.1.19
34external/public-domain/tz/dist/australasia up to 1.1.1.14 34external/public-domain/tz/dist/australasia up to 1.1.1.14
35external/public-domain/tz/dist/backzone up to 1.1.1.14 35external/public-domain/tz/dist/backzone up to 1.1.1.14
36external/public-domain/tz/dist/checktab.awk up to 1.1.1.9 36external/public-domain/tz/dist/checktab.awk up to 1.1.1.9
37external/public-domain/tz/dist/europe up to 1.1.1.20 37external/public-domain/tz/dist/europe up to 1.1.1.20
38external/public-domain/tz/dist/leap-seconds.list up to 1.1.1.9 38external/public-domain/tz/dist/leap-seconds.list up to 1.1.1.9
39external/public-domain/tz/dist/leapseconds up to 1.1.1.10 39external/public-domain/tz/dist/leapseconds up to 1.1.1.10
40external/public-domain/tz/dist/northamerica up to 1.1.1.19 40external/public-domain/tz/dist/northamerica up to 1.1.1.19
41external/public-domain/tz/dist/southamerica up to 1.1.1.14 41external/public-domain/tz/dist/southamerica up to 1.1.1.14
42external/public-domain/tz/dist/theory.html up to 1.1.1.3 42external/public-domain/tz/dist/theory.html up to 1.1.1.3
43external/public-domain/tz/dist/version up to 1.1.1.8 43external/public-domain/tz/dist/version up to 1.1.1.8
44external/public-domain/tz/dist/zishrink.awk up to 1.1.1.3 44external/public-domain/tz/dist/zishrink.awk up to 1.1.1.3
45external/public-domain/tz/dist/zone.tab up to 1.1.1.14 45external/public-domain/tz/dist/zone.tab up to 1.1.1.14
46external/public-domain/tz/dist/zone1970.tab up to 1.1.1.16 46external/public-domain/tz/dist/zone1970.tab up to 1.1.1.16
47doc/3RDPARTY 1.1506 (patch) 47doc/3RDPARTY 1.1506 (patch)
48 48
49 Updated tzdata to 2018d. 49 Updated tzdata to 2018d.
50 [kre, ticket #1589] 50 [kre, ticket #1589]
51 51
52sys/netinet6/ip6_forward.c 1.91 (patch) 52sys/netinet6/ip6_forward.c 1.91 (patch)
53 53
54 Fix two IPv6 ipsec use-after-free issues. 54 Fix two IPv6 ipsec use-after-free issues.
55 [maxv, ticket #1590] 55 [maxv, ticket #1590]
56 56
57sys/netinet6/raw_ip6.c 1.161 57sys/netinet6/raw_ip6.c 1.161
58 58
59 Fix use-after-free. 59 Fix use-after-free.
60 [maxv, ticket #1591] 60 [maxv, ticket #1591]
61 61
62sys/net/npf/npf.h 1.55 62sys/net/npf/npf.h 1.55
63 63
64 Fix an integer overflow that allows incoming IPv6 packets 64 Fix an integer overflow that allows incoming IPv6 packets
65 to bypass a certain number of filtering rules. 65 to bypass a certain number of filtering rules.
66 [maxv, ticket #1593] 66 [maxv, ticket #1593]
67 67
68sys/kern/uipc_mbuf.c 1.182 68sys/kern/uipc_mbuf.c 1.182
69sys/netinet/ip_reass.c 1.14 69sys/netinet/ip_reass.c 1.14
70sys/netinet6/frag6.c 1.67 70sys/netinet6/frag6.c 1.67
71sys/sys/mbuf.h 1.179 71sys/sys/mbuf.h 1.179
72 72
73 Remove M_PKTHDR from secondary mbufs when reassembling packets. 73 Remove M_PKTHDR from secondary mbufs when reassembling packets.
74 [maxv, ticket #1594] 74 [maxv, ticket #1594]
75 75
76external/gpl3/binutils/dist/bfd/elflink.c 1.14 76external/gpl3/binutils/dist/bfd/elflink.c 1.14
77 77
78 When trying to decide the status of a weak symbol, resolve any 78 When trying to decide the status of a weak symbol, resolve any
79 indirectness first. 79 indirectness first.
80 [joerg, ticket #1595] 80 [joerg, ticket #1595]
81 81
82bin/ed/ed.1 1.32 82bin/ed/ed.1 1.32
83bin/ed/main.c 1.29 83bin/ed/main.c 1.29
84usr.bin/patch/pch.c 1.29 84usr.bin/patch/pch.c 1.29
85 85
86 patch: Pass -S to ed(1) so that patches containing ! commands 86 patch: Pass -S to ed(1) so that patches containing ! commands
87 don't run commands. 87 don't run commands.
88 ed: add -S to disable ! commands. 88 ed: add -S to disable ! commands.
89 [christos, ticket #1596] 89 [christos, ticket #1596]
90 90
91sys/arch/amiga/amiga/cc.c 1.27 91sys/arch/amiga/amiga/cc.c 1.27
92 92
93 Fix a spl(9) leak. 93 Fix a spl(9) leak.
94 [msaitoh, ticket #1597] 94 [msaitoh, ticket #1597]
95 95
96sys/kern/uipc_mbuf.c 1.190 96sys/kern/uipc_mbuf.c 1.190
97 97
98 m_pkthdr_remove(): if the mbuf is shared leave M_PKTHDR 98 m_pkthdr_remove(): if the mbuf is shared leave M_PKTHDR
99 in place. 99 in place.
100 [maxv, ticket #1598] 100 [maxv, ticket #1598]
101 101
102sys/netipsec/ipsec_mbuf.c 1.23,1.24 (patch) 102sys/netipsec/ipsec_mbuf.c 1.23,1.24 (patch)
103 103
104 Don't assume M_PKTHDR is set only on the first mbuf of the chain. 104 Don't assume M_PKTHDR is set only on the first mbuf of the chain.
105 Fix a pretty bad mistake (IPsec DoS). 105 Fix a pretty bad mistake (IPsec DoS).
106 [maxv, ticket #1599] 106 [maxv, ticket #1599]
107 107
108sys/netipsec/ipsec_output.c 1.67,1.75 (patch) 108sys/netipsec/ipsec_output.c 1.67,1.75 (patch)
109 109
110 compute_ipsec_pos: strengthen checks to avoid overruns, 110 compute_ipsec_pos: strengthen checks to avoid overruns,
111 allow the function to fail (and drop the misformed packet). 111 allow the function to fail (and drop the misformed packet).
112 [maxv, ticket #1600] 112 [maxv, ticket #1600]
113 113
114crypto/external/bsd/heimdal/dist/kdc/connect.c 1.3 114crypto/external/bsd/heimdal/dist/kdc/connect.c 1.3
115 115
116 Avoid busy-waiting on a dead child. 116 Avoid busy-waiting on a dead child.
117 [spz, ticket #1601] 117 [spz, ticket #1601]
118 118
119sys/kern/uipc_mbuf.c 1.211 (patch) 119sys/kern/uipc_mbuf.c 1.211 (patch)
120 120
121 Modify m_defrag, so that it never frees the first mbuf of 121 Modify m_defrag, so that it never frees the first mbuf of
122 the chain. 122 the chain.
123 [maxv, ticket #1602] 123 [maxv, ticket #1602]
124 124
125sys/net/npf/npf_alg_icmp.c 1.27-1.29 125sys/net/npf/npf_alg_icmp.c 1.27-1.29
126sys/net/npf/npf_inet.c 1.45 126sys/net/npf/npf_inet.c 1.45
127 127
128 Fix use-after-free. 128 Fix use-after-free.
129 [maxv, ticket #1605] 129 [maxv, ticket #1605]
130 130
131sys/kern/uipc_mbuf.c 1.214 131sys/kern/uipc_mbuf.c 1.214
132 132
133 Revert ticket #1598: 133 Revert ticket #1598:
134 remove the M_READONLY check. The initial code was correct. 134 remove the M_READONLY check. The initial code was correct.
135 [maxv, ticket #1606] 135 [maxv, ticket #1606]
136 136
137sys/netinet/udp_usrreq.c 1.237 (patch) 137sys/netinet/udp_usrreq.c 1.237 (patch)
138 138
139 Fix bad/wrong memory deallocations and dangling pointer 139 Fix bad/wrong memory deallocations and dangling pointer
140 issues in NAT-T. 140 issues in NAT-T.
141 [maxv, ticket #1607] 141 [maxv, ticket #1607]
142 142
143sbin/fsck_lfs/bufcache.c 1.20 143sbin/fsck_lfs/bufcache.c 1.20
144sbin/fsck_lfs/bufcache.h 1.14 144sbin/fsck_lfs/bufcache.h 1.14
145 145
146 Fix incore(), use a 64bit logical block number. 146 Fix incore(), use a 64bit logical block number.
147 [maya, ticket #1612] 147 [maya, ticket #1612]
148 148
149usr.sbin/makefs/ffs.c 1.70 149usr.sbin/makefs/ffs.c 1.70
150 150
151 Fix makefs UFS2 lazy inode initialization. 151 Fix makefs UFS2 lazy inode initialization.
152 [maya, ticket #1615] 152 [maya, ticket #1615]
153 153
154share/i18n/esdb/ISO-8859/ISO-8859.alias 1.4 154share/i18n/esdb/ISO-8859/ISO-8859.alias 1.4
155 155
156 Add more aliases for Hebrew and Arabic ISO-8859-... encodings. 156 Add more aliases for Hebrew and Arabic ISO-8859-... encodings.
157 [maya, ticket #1616] 157 [maya, ticket #1616]
158 158
159xsrc/xfree/xc/programs/mkfontscale/ident.c (apply patch) 159xsrc/xfree/xc/programs/mkfontscale/ident.c (apply patch)
160 160
161 Pass gzFile, not gzFile * to gzio functions. 161 Pass gzFile, not gzFile * to gzio functions.
162 [mrg, ticket #1618] 162 [mrg, ticket #1618]
163 163
164usr.bin/printf/printf.c 1.37-1.39 164usr.bin/printf/printf.c 1.37-1.39
165 165
166 Fix some error handling. 166 Fix some error handling.
167 Avoid running off into oblivion when a format string, 167 Avoid running off into oblivion when a format string,
168 or arg to a %b conversion ends in an unescaped backslash. 168 or arg to a %b conversion ends in an unescaped backslash.
169 Avoid printing error messages twice when an invalid 169 Avoid printing error messages twice when an invalid
170 escape sequence (\ sequence) is present in an arg to a %b 170 escape sequence (\ sequence) is present in an arg to a %b
171 conversion. 171 conversion.
172 [kre, ticket #1619] 172 [kre, ticket #1619]
173 173
174sys/netinet6/frag6.c 1.64 174sys/netinet6/frag6.c 1.64
175 175
176 Ignore zero-sized fragments. 176 Ignore zero-sized fragments.
177 [maxv, ticket #1630] 177 [maxv, ticket #1630]
178 178
179xsrc/external/mit/libX11/dist/src/FontNames. (patch) 179xsrc/external/mit/libX11/dist/src/FontNames. (patch)
180xsrc/external/mit/libX11/dist/src/GetFPath.c (patch) 180xsrc/external/mit/libX11/dist/src/GetFPath.c (patch)
181xsrc/external/mit/libX11/dist/src/LiHosts.c (patch) 181xsrc/external/mit/libX11/dist/src/LiHosts.c (patch)
182xsrc/external/mit/libX11/dist/src/ListExt.c (patch) 182xsrc/external/mit/libX11/dist/src/ListExt.c (patch)
183 183
184 Apply fixes from libX11 1.6.5 for the following vulnerabilities: 184 Apply fixes from libX11 1.6.5 for the following vulnerabilities:
185 Fixed off-by-one writes (CVE-2018-14599) 185 Fixed off-by-one writes (CVE-2018-14599)
186 Validation of server response in XListHosts 186 Validation of server response in XListHosts
187 Fixed out of boundary write (CVE-2018-14600) 187 Fixed out of boundary write (CVE-2018-14600)
188 Fixed crash on invalid reply (CVE-2018-14598) 188 Fixed crash on invalid reply (CVE-2018-14598)
189 [mrg, ticket #1635] 189 [mrg, ticket #1635]
190 190
191external/public-domain/tz/dist/CONTRIBUTING up to 1.1.1.6 191external/public-domain/tz/dist/CONTRIBUTING up to 1.1.1.6
192external/public-domain/tz/dist/Makefile up to 1.1.1.22 192external/public-domain/tz/dist/Makefile up to 1.1.1.22
193external/public-domain/tz/dist/NEWS up to 1.1.1.24 193external/public-domain/tz/dist/NEWS up to 1.1.1.24
194external/public-domain/tz/dist/README up to 1.1.1.7 194external/public-domain/tz/dist/README up to 1.1.1.7
195external/public-domain/tz/dist/TZDATA_VERSION up to 1.14 195external/public-domain/tz/dist/TZDATA_VERSION up to 1.14
196external/public-domain/tz/dist/africa up to 1.1.1.17 196external/public-domain/tz/dist/africa up to 1.1.1.17
197external/public-domain/tz/dist/antarctica up to 1.1.1.11 197external/public-domain/tz/dist/antarctica up to 1.1.1.11
198external/public-domain/tz/dist/asia up to 1.1.1.21 198external/public-domain/tz/dist/asia up to 1.1.1.21
199external/public-domain/tz/dist/australasia up to 1.1.1.16 199external/public-domain/tz/dist/australasia up to 1.1.1.16
200external/public-domain/tz/dist/backward up to 1.1.1.9 200external/public-domain/tz/dist/backward up to 1.1.1.9
201external/public-domain/tz/dist/backzone up to 1.1.1.15 201external/public-domain/tz/dist/backzone up to 1.1.1.15
202external/public-domain/tz/dist/etcetera up to 1.1.1.3 202external/public-domain/tz/dist/etcetera up to 1.1.1.3
203external/public-domain/tz/dist/europe up to 1.1.1.23 203external/public-domain/tz/dist/europe up to 1.1.1.23
204external/public-domain/tz/dist/factory up to 1.1.1.3 204external/public-domain/tz/dist/factory up to 1.1.1.3
205external/public-domain/tz/dist/leap-seconds.list up to 1.1.1.10 205external/public-domain/tz/dist/leap-seconds.list up to 1.1.1.10
206external/public-domain/tz/dist/leapseconds up to 1.1.1.11 206external/public-domain/tz/dist/leapseconds up to 1.1.1.11
207external/public-domain/tz/dist/leapseconds.awk up to 1.1.1.7 207external/public-domain/tz/dist/leapseconds.awk up to 1.1.1.7
208external/public-domain/tz/dist/northamerica up to 1.1.1.21 208external/public-domain/tz/dist/northamerica up to 1.1.1.21
209external/public-domain/tz/dist/pacificnew up to 1.1.1.2 209external/public-domain/tz/dist/pacificnew up to 1.1.1.2
210external/public-domain/tz/dist/southamerica up to 1.1.1.15 210external/public-domain/tz/dist/southamerica up to 1.1.1.15
211external/public-domain/tz/dist/systemv up to 1.1.1.2 211external/public-domain/tz/dist/systemv up to 1.1.1.2
212external/public-domain/tz/dist/theory.html up to 1.1.1.6 212external/public-domain/tz/dist/theory.html up to 1.1.1.6
213external/public-domain/tz/dist/version up to 1.1.1.11 213external/public-domain/tz/dist/version up to 1.1.1.11
214external/public-domain/tz/dist/yearistype.sh up to 1.1.1.2 214external/public-domain/tz/dist/yearistype.sh up to 1.1.1.2
215external/public-domain/tz/dist/ziguard.awk up to 1.1.1.3 215external/public-domain/tz/dist/ziguard.awk up to 1.1.1.3
216external/public-domain/tz/dist/zishrink.awk up to 1.1.1.5 216external/public-domain/tz/dist/zishrink.awk up to 1.1.1.5
217external/public-domain/tz/dist/zone.tab up to 1.1.1.15 217external/public-domain/tz/dist/zone.tab up to 1.1.1.15
218external/public-domain/tz/dist/zone1970.tab up to 1.1.1.17 218external/public-domain/tz/dist/zone1970.tab up to 1.1.1.17
219external/public-domain/tz/dist/zoneinfo2tdf.pl up to 1.1.1.2 219external/public-domain/tz/dist/zoneinfo2tdf.pl up to 1.1.1.2
220doc/3RDPARTY (apply patch) 220doc/3RDPARTY (apply patch)
221 221
222 Updated tzdata to 2018g. 222 Updated tzdata to 2018g.
223 [kre, ticket #1644] 223 [kre, ticket #1644]
224 224
225sys/compat/netbsd32/netbsd32_socket.c 1.48 (patch) 225sys/compat/netbsd32/netbsd32_socket.c 1.48 (patch)
226 226
227 Fix a buffer overflow. 227 Fix a buffer overflow.
228 [maxv, ticket #1652] 228 [maxv, ticket #1652]
229 229
230sys/kern/kern_event.c 1.104 230sys/kern/kern_event.c 1.104
231 231
232 Fix kernel info leak. 232 Fix kernel info leak.
233 [maxv, ticket #1653] 233 [maxv, ticket #1653]
234 234
235libexec/httpd/testsuite/data/.bzremap up to 1.1 235libexec/httpd/testsuite/data/.bzremap up to 1.1
236libexec/httpd/testsuite/t12.out up to 1.1 236libexec/httpd/testsuite/t12.out up to 1.1
237libexec/httpd/testsuite/t12.in up to 1.1 237libexec/httpd/testsuite/t12.in up to 1.1
238libexec/httpd/testsuite/t13.out up to 1.1 238libexec/httpd/testsuite/t13.out up to 1.1
239libexec/httpd/testsuite/t13.in up to 1.1 239libexec/httpd/testsuite/t13.in up to 1.1
240libexec/httpd/testsuite/t14.out up to 1.1 240libexec/httpd/testsuite/t14.out up to 1.1
241libexec/httpd/testsuite/t14.in up to 1.1 241libexec/httpd/testsuite/t14.in up to 1.1
242libexec/httpd/testsuite/t15.out up to 1.1 242libexec/httpd/testsuite/t15.out up to 1.1
243libexec/httpd/testsuite/t15.in up to 1.1 243libexec/httpd/testsuite/t15.in up to 1.1
244libexec/httpd/CHANGES up to 1.28 244libexec/httpd/CHANGES up to 1.28
245libexec/httpd/Makefile up to 1.27 245libexec/httpd/Makefile up to 1.27
246libexec/httpd/auth-bozo.c up to 1.22 246libexec/httpd/auth-bozo.c up to 1.22
247libexec/httpd/bozohttpd.8 up to 1.74 247libexec/httpd/bozohttpd.8 up to 1.74
248libexec/httpd/bozohttpd.c up to 1.96 248libexec/httpd/bozohttpd.c up to 1.96
249libexec/httpd/bozohttpd.h up to 1.56 249libexec/httpd/bozohttpd.h up to 1.56
250libexec/httpd/cgi-bozo.c up to 1.44 250libexec/httpd/cgi-bozo.c up to 1.44
251libexec/httpd/content-bozo.c up to 1.16 251libexec/httpd/content-bozo.c up to 1.16
252libexec/httpd/daemon-bozo.c up to 1.19 252libexec/httpd/daemon-bozo.c up to 1.19
253libexec/httpd/dir-index-bozo.c up to 1.28 253libexec/httpd/dir-index-bozo.c up to 1.28
254libexec/httpd/lua-bozo.c up to 1.15 254libexec/httpd/lua-bozo.c up to 1.15
255libexec/httpd/main.c up to 1.21 255libexec/httpd/main.c up to 1.21
256libexec/httpd/ssl-bozo.c up to 1.25 256libexec/httpd/ssl-bozo.c up to 1.25
257libexec/httpd/tilde-luzah-bozo.c up to 1.16 257libexec/httpd/tilde-luzah-bozo.c up to 1.16
258libexec/httpd/libbozohttpd/Makefile up to 1.3 258libexec/httpd/libbozohttpd/Makefile up to 1.3
259libexec/httpd/lua/bozo.lua up to 1.3 259libexec/httpd/lua/bozo.lua up to 1.3
260libexec/httpd/lua/glue.c up to 1.5 260libexec/httpd/lua/glue.c up to 1.5
261libexec/httpd/lua/optparse.lua up to 1.2 261libexec/httpd/lua/optparse.lua up to 1.2
262libexec/httpd/testsuite/Makefile up to 1.11 262libexec/httpd/testsuite/Makefile up to 1.11
263libexec/httpd/testsuite/html_cmp up to 1.6 263libexec/httpd/testsuite/html_cmp up to 1.6
264libexec/httpd/testsuite/t3.out up to 1.4 264libexec/httpd/testsuite/t3.out up to 1.4
265libexec/httpd/testsuite/t5.out up to 1.4 265libexec/httpd/testsuite/t5.out up to 1.4
266libexec/httpd/testsuite/t6.out up to 1.4 266libexec/httpd/testsuite/t6.out up to 1.4
267libexec/httpd/testsuite/test-bigfile up to 1.5 267libexec/httpd/testsuite/test-bigfile up to 1.5
268libexec/httpd/testsuite/test-simple up to 1.5 268libexec/httpd/testsuite/test-simple up to 1.5
269 269
270 Sync with HEAD as of 2018-11-24. Includes various changes: 270 Sync with HEAD as of 2018-11-24. Includes various changes:
271 Cosmetic changes to Lua binding in bozohttpd. 271 Cosmetic changes to Lua binding in bozohttpd.
272 Fix -C scripts execution and document restrictions. 272 Fix -C scripts execution and document restrictions.
273 Add support for remapping requested paths via a .bzredirect file. 273 Add support for remapping requested paths via a .bzredirect file.
274 Handle redirections for any protocol, not just http:. 274 Handle redirections for any protocol, not just http:.
275 Fix a denial of service attack against header contents, which 275 Fix a denial of service attack against header contents, which
276 is now bounded at 16KiB. 276 is now bounded at 16KiB.
277 Fix access checks for special files. 277 Fix access checks for special files.
278 [mrg, ticket #1655] 278 [mrg, ticket #1655]
279 279
280sys/net/rtsock.c 1.244 (adapted) 280sys/net/rtsock.c 1.244 (adapted)
281 281
282 Fix kernel info leak (2 bytes of padding in struct if_msghdr) 282 Fix kernel info leak (2 bytes of padding in struct if_msghdr)
283 [maxv, ticket #1657] 283 [maxv, ticket #1657]
284 284
285sys/kern/kern_exec.c 1.462 285sys/kern/kern_exec.c 1.462
286 286
287 Fix stack info leak. 287 Fix stack info leak.
288 [maxv, ticket #1658] 288 [maxv, ticket #1658]
289 289
290libexec/httpd/CHANGES 1.29,1.30 290libexec/httpd/CHANGES 1.29,1.30
291libexec/httpd/bozohttpd.c 1.97-1.99 291libexec/httpd/bozohttpd.c 1.97-1.99
292libexec/httpd/bozohttpd.h 1.57 292libexec/httpd/bozohttpd.h 1.57
293libexec/httpd/cgi-bozo.c 1.45 293libexec/httpd/cgi-bozo.c 1.45
294libexec/httpd/main.c 1.22 294libexec/httpd/main.c 1.22
295 295
296 Fix -X option parsing and miscelaneous cleanup. 296 Fix -X option parsing and miscelaneous cleanup.
297 [mrg, ticket #1659] 297 [mrg, ticket #1659]
298 298
299sys/compat/linux/common/linux_misc_notalpha.c 1.110 299sys/compat/linux/common/linux_misc_notalpha.c 1.110
300sys/kern/kern_time.c 1.192,1.193 300sys/kern/kern_time.c 1.192,1.193
301 301
302 Fix kernel info leak. 302 Fix kernel info leak.
303 [maxv, ticket #1660] 303 [maxv, ticket #1660]
304 304
305sys/kern/kern_sig.c 1.350 305sys/kern/kern_sig.c 1.350
306 306
307 Fix kernel info leak. 307 Fix kernel info leak.
308 [maxv, ticket #1661] 308 [maxv, ticket #1661]
309 309
310sys/arch/amd64/amd64/machdep.c 1.321 310sys/arch/amd64/amd64/machdep.c 1.321
311 311
312 Fix stack info leak. 312 Fix stack info leak.
313 [maxv, ticket #1662] 313 [maxv, ticket #1662]
314 314
315sys/kern/sys_sig.c 1.47 315sys/kern/sys_sig.c 1.47
316 316
317 Fix kernel info leak, 4 bytes of padding in struct _ksiginfo. 317 Fix kernel info leak, 4 bytes of padding in struct _ksiginfo.
318 [maxv, ticket #1664] 318 [maxv, ticket #1664]
319 319
320usr.bin/telnet/telnet.c 1.37 320usr.bin/telnet/telnet.c 1.37
321usr.bin/telnet/utilities.c 1.24 321usr.bin/telnet/utilities.c 1.24
322 322
323 Switch some sprintf to snprintf. 323 Switch some sprintf to snprintf.
324 [maya, ticket #1665] 324 [maya, ticket #1665]
325 325
326sys/uvm/uvm_swap.c 1.178 (patch, adapted) 326sys/uvm/uvm_swap.c 1.178 (patch, adapted)
327sys/compat/netbsd32/netbsd32_netbsd.c (patch) 327sys/compat/netbsd32/netbsd32_netbsd.c (patch)
328 328
329 Fix kernel info leak in swapctl(2). 329 Fix kernel info leak in swapctl(2).
330 [maxv, ticket #1666] 330 [maxv, ticket #1666]
331 331
332sys/kern/kern_time.c 1.191 332sys/kern/kern_time.c 1.191
333 333
334 Fix kernel info leak. 334 Fix kernel info leak.
335 [maxv, ticket #1667] 335 [maxv, ticket #1667]
336 336
337sys/compat/netbsd32/netbsd32_compat_14.c 1.27 337sys/compat/netbsd32/netbsd32_compat_14.c 1.27
338sys/compat/netbsd32/netbsd32_conv.h 1.37 338sys/compat/netbsd32/netbsd32_conv.h 1.37
339sys/compat/sys/msg.h 1.5 339sys/compat/sys/msg.h 1.5
340sys/compat/sys/time_types.h 1.3 340sys/compat/sys/time_types.h 1.3
341 341
342 Fix kernel info leaks. 342 Fix kernel info leaks.
343 [maxv, ticket #1668] 343 [maxv, ticket #1668]
344 344
345sys/conf/copyright 1.17 345sys/conf/copyright 1.17
346 346
347 Welcome to 2019! 347 Welcome to 2019!
348 [jnemeth, ticket #1669] 348 [jnemeth, ticket #1669]
349 349
350external/public-domain/tz/dist/Makefile up to 1.1.1.23 350external/public-domain/tz/dist/Makefile up to 1.1.1.23
351external/public-domain/tz/dist/NEWS up to 1.1.1.26 351external/public-domain/tz/dist/NEWS up to 1.1.1.26
352external/public-domain/tz/dist/TZDATA_VERSION up to 1.16 352external/public-domain/tz/dist/TZDATA_VERSION up to 1.16
353external/public-domain/tz/dist/africa up to 1.1.1.19 353external/public-domain/tz/dist/africa up to 1.1.1.19
354external/public-domain/tz/dist/asia up to 1.1.1.22 354external/public-domain/tz/dist/asia up to 1.1.1.22
355external/public-domain/tz/dist/australasia up to 1.1.1.17 355external/public-domain/tz/dist/australasia up to 1.1.1.17
356external/public-domain/tz/dist/leapseconds up to 1.1.1.12 356external/public-domain/tz/dist/leapseconds up to 1.1.1.12
357external/public-domain/tz/dist/leapseconds.awk up to 1.1.1.8 357external/public-domain/tz/dist/leapseconds.awk up to 1.1.1.8
358external/public-domain/tz/dist/northamerica up to 1.1.1.22 358external/public-domain/tz/dist/northamerica up to 1.1.1.22
359external/public-domain/tz/dist/theory.html up to 1.1.1.7 359external/public-domain/tz/dist/theory.html up to 1.1.1.7
360external/public-domain/tz/dist/version up to 1.1.1.13 360external/public-domain/tz/dist/version up to 1.1.1.13
361external/public-domain/tz/dist/ziguard.awk up to 1.1.1.4 361external/public-domain/tz/dist/ziguard.awk up to 1.1.1.4
362external/public-domain/tz/dist/zone.tab up to 1.1.1.16 362external/public-domain/tz/dist/zone.tab up to 1.1.1.16
363external/public-domain/tz/dist/zone1970.tab up to 1.1.1.18 363external/public-domain/tz/dist/zone1970.tab up to 1.1.1.18
364distrib/sets/lists/base/mi (patch) 364distrib/sets/lists/base/mi (patch)
365doc/3RDPARTY (patch) 365doc/3RDPARTY (patch)
366 366
367 Updated tzdata to 2018i. 367 Updated tzdata to 2018i.
368 [kre, ticket #1670] 368 [kre, ticket #1670]
369 369
370sys/arch/sparc/sparc/pmap.c 1.366 370sys/arch/sparc/sparc/pmap.c 1.366
371 371
372 Fix deadlocks on machines with more than two cpus. 372 Fix deadlocks on machines with more than two cpus.
373 [mrg, ticket #1672] 373 [mrg, ticket #1672]
374 374
375regress/sys/arch/m68k/060sp/Makefile 1.15 375regress/sys/arch/m68k/060sp/Makefile 1.15
376 376
377 Replace manual realdepend dependency with DPSRCS. 377 Replace manual realdepend dependency with DPSRCS.
378 [msaitoh, ticket #1674] 378 [msaitoh, ticket #1674]
379 379
380sys/kern/kern_ntptime.c 1.60 380sys/kern/kern_ntptime.c 1.60
381 381
382 Zero out the ntptimeval structure to prevent a 4 byte kernel stack 382 Zero out the ntptimeval structure to prevent a 4 byte kernel stack
383 disclosure. 383 disclosure.
384 [maxv, ticket #1675] 384 [maxv, ticket #1675]
385 385
386sys/net/link_proto.c 1.37 386sys/net/link_proto.c 1.37
387sys/netatalk/ddp_usrreq.c 1.72 387sys/netatalk/ddp_usrreq.c 1.72
388sys/netbt/hci_socket.c 1.46 388sys/netbt/hci_socket.c 1.46
389sys/netbt/l2cap_socket.c 1.36 389sys/netbt/l2cap_socket.c 1.36
390sys/netbt/rfcomm_socket.c 1.38 390sys/netbt/rfcomm_socket.c 1.38
391sys/netbt/sco_socket.c 1.38 391sys/netbt/sco_socket.c 1.38
392sys/netinet/tcp_usrreq.c 1.223 via patch 392sys/netinet/tcp_usrreq.c 1.223 via patch
393sys/netinet6/raw_ip6.c 1.173 393sys/netinet6/raw_ip6.c 1.173
394sys/netinet6/udp6_usrreq.c 1.146 394sys/netinet6/udp6_usrreq.c 1.146
395sys/netmpls/mpls_proto.c 1.32 395sys/netmpls/mpls_proto.c 1.32
396sys/netnatm/natm.c patch 396sys/netnatm/natm.c patch
397 397
398 Fix memory leaks pointed out by Ilja Van Sprundel: all 398 Fix memory leaks pointed out by Ilja Van Sprundel: all
399 sendoob() functions are expected to free both passed 399 sendoob() functions are expected to free both passed
400 mbuf chains. 400 mbuf chains.
401 [martin, ticket #1676] 401 [martin, ticket #1676]
402 402
403sys/arch/alpha/alpha/machdep.c 1.352 403sys/arch/alpha/alpha/machdep.c 1.352
404sys/arch/amd64/amd64/netbsd32_machdep.c 1.117 404sys/arch/amd64/amd64/netbsd32_machdep.c 1.117
405sys/arch/arm/arm/sig_machdep.c 1.51 405sys/arch/arm/arm/sig_machdep.c 1.51
406sys/arch/hppa/hppa/sig_machdep.c 1.26 406sys/arch/hppa/hppa/sig_machdep.c 1.26
407sys/arch/i386/i386/machdep.c 1.813 407sys/arch/i386/i386/machdep.c 1.813
408sys/arch/m68k/m68k/sig_machdep.c 1.50 408sys/arch/m68k/m68k/sig_machdep.c 1.50
409sys/arch/mips/mips/netbsd32_machdep.c 1.16 409sys/arch/mips/mips/netbsd32_machdep.c 1.16
410sys/arch/mips/mips/sig_machdep.c 1.24 410sys/arch/mips/mips/sig_machdep.c 1.24
411sys/arch/powerpc/powerpc/sig_machdep.c 1.46 411sys/arch/powerpc/powerpc/sig_machdep.c 1.46
412sys/arch/sh3/sh3/sh3_machdep.c 1.106 412sys/arch/sh3/sh3/sh3_machdep.c 1.106
413sys/arch/sparc64/sparc64/machdep.c 1.289 413sys/arch/sparc64/sparc64/machdep.c 1.289
414sys/arch/sparc64/sparc64/netbsd32_machdep.c 1.111 414sys/arch/sparc64/sparc64/netbsd32_machdep.c 1.111
415sys/arch/usermode/target/i386/cpu_i386.c 1.8 415sys/arch/usermode/target/i386/cpu_i386.c 1.8
416sys/arch/usermode/target/x86_64/cpu_x86_64.c 1.7 416sys/arch/usermode/target/x86_64/cpu_x86_64.c 1.7
417sys/arch/vax/vax/sig_machdep.c 1.23 417sys/arch/vax/vax/sig_machdep.c 1.23
418 418
419 Fix widespread leak in the sendsig_siginfo() functions. 419 Fix widespread leak in the sendsig_siginfo() functions.
420 [maxv, ticket #1677] 420 [maxv, ticket #1677]
421 421
422sys/kern/kern_time.c 1.190,1.194 422sys/kern/kern_time.c 1.190,1.194
423 423
424 Fix kernel info leaks. 424 Fix kernel info leaks.
425 [maxv, ticket #1678] 425 [maxv, ticket #1678]
426 426
427sys/compat/linux/common/linux_ipc.c 1.56 427sys/compat/linux/common/linux_ipc.c 1.56
428sys/compat/linux32/common/linux32_ipccall.c 1.12 428sys/compat/linux32/common/linux32_ipccall.c 1.12
429sys/compat/netbsd32/netbsd32_compat_14.c 1.28 429sys/compat/netbsd32/netbsd32_compat_14.c 1.28
430sys/compat/netbsd32/netbsd32_compat_14.c 1.29 430sys/compat/netbsd32/netbsd32_compat_14.c 1.29
431sys/compat/netbsd32/netbsd32_conv.h 1.38 431sys/compat/netbsd32/netbsd32_conv.h 1.38
432sys/compat/sys/ipc.h 1.6 432sys/compat/sys/ipc.h 1.6
433sys/compat/sys/ipc.h 1.7 433sys/compat/sys/ipc.h 1.7
434sys/compat/sys/msg.h 1.6 434sys/compat/sys/msg.h 1.6
435sys/compat/sys/sem.h 1.7 435sys/compat/sys/sem.h 1.7
436sys/compat/sys/shm.h 1.8 436sys/compat/sys/shm.h 1.8
437sys/kern/sysv_msg.c 1.73 437sys/kern/sysv_msg.c 1.73
438sys/kern/sysv_sem.c 1.96 438sys/kern/sysv_sem.c 1.96
439sys/kern/sysv_shm.c 1.133 439sys/kern/sysv_shm.c 1.133
440 440
441 Fix kernel stack and kernel adddress leaks in msgctl, semctl, and 441 Fix kernel stack and kernel adddress leaks in msgctl, semctl, and
442 shmctl system calls, for native as well as for the netbsd32, linux, 442 shmctl system calls, for native as well as for the netbsd32, linux,
443 and linux32 compatibility calls. 443 and linux32 compatibility calls.
444 [mrg, ticket #1679] 444 [mrg, ticket #1679]
445 445
446sys/net/rtsock.c (patch) 446sys/net/rtsock.c (patch)
447 447
448 Fix locking for sysctl_rtable. 448 Fix locking for sysctl_rtable.
449 [sborrill, ticket #1680] 449 [sborrill, ticket #1680]
450 450
451sys/kern/kern_time.c 1.196 451sys/kern/kern_time.c 1.196
452 452
453 Avoid panic from setitimer(2) for CLOCK_MONOTONIC. 453 Avoid panic from setitimer(2) for CLOCK_MONOTONIC.
454 [mlelstv, ticket #1196] 454 [mlelstv, ticket #1196]
455 455
456sys/dev/scsipi/files.scsipi 1.42 456sys/dev/scsipi/files.scsipi 1.42
457sys/dev/scsipi/st.c 1.236 (patch), 1.237 457sys/dev/scsipi/st.c 1.236 (patch), 1.237
458 458
459 PR kern/53949: fix file mark handling. 459 PR kern/53949: fix file mark handling.
460 st(4): Fix (but disable by default) SUN compatibility mode. 460 st(4): Fix (but disable by default) SUN compatibility mode.
461 [kardel, ticket #1682] 461 [kardel, ticket #1682]
462 462
463external/bsd/bzip2/dist/bzip2recover.c 1.4 463external/bsd/bzip2/dist/bzip2recover.c 1.4
464 464
465 Apply fix for CVE-2016-3189 bzip2: heap use after free in bzip2recover 465 Apply fix for CVE-2016-3189 bzip2: heap use after free in bzip2recover
466 [martin, ticket #1684] 466 [martin, ticket #1684]
467 467
468sys/kern/sys_mqueue.c 1.44 468sys/kern/sys_mqueue.c 1.44
469 469
470 mq_send1: fix argument validation and reject too large lengths early. 470 mq_send1: fix argument validation and reject too large lengths early.
471 Discovered by Andy Nguyen. 471 Discovered by Andy Nguyen.
472 [martin, ticket #1688] 472 [martin, ticket #1688]
473 473
474sys/compat/common/uipc_syscalls_40.c 1.19 (patch) 474sys/compat/common/uipc_syscalls_40.c 1.19 (patch)
475sys/compat/linux/common/linux_socket.c 1.145 (patch) 475sys/compat/linux/common/linux_socket.c 1.145 (patch)
476sys/compat/linux32/common/linux32_socket.c 1.30 (patch) 476sys/compat/linux32/common/linux32_socket.c 1.30 (patch)
477sys/net/if.c 1.449 (patch) 477sys/net/if.c 1.449 (patch)
478 478
479 Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes 479 Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes
480 of stack disclosure. 480 of stack disclosure.
481 [christos, ticket #1689] 481 [christos, ticket #1689]
482 482
483external/bsd/dhcpcd/dist/src/auth.c (apply patch) 483external/bsd/dhcpcd/dist/src/auth.c (apply patch)
484external/bsd/dhcpcd/dist/src/dhcp.c (apply patch) 484external/bsd/dhcpcd/dist/src/dhcp.c (apply patch)
485external/bsd/dhcpcd/dist/src/dhcpcd.h (apply patch)  485external/bsd/dhcpcd/dist/src/dhcpcd.h (apply patch)
486  486
487 Security fixes for dhcpcd: 487 Security fixes for dhcpcd:
488 Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED. 488 Fix a potential 1 byte read overflow with DHO_OPTSOVERLOADED.
489 Use consttime_memequal(3) to compare hashes. 489 Use consttime_memequal(3) to compare hashes.
490 [roy, ticket #1690] 490 [roy, ticket #1690]
491 491
492sys/arch/amd64/amd64/copy.S 1.33 492sys/arch/amd64/amd64/copy.S 1.33
493sys/arch/i386/i386/copy.S 1.31 493sys/arch/i386/i386/copy.S 1.31
494 494
495 Don't forget to clear the direction flag if kcopy fails. 495 Don't forget to clear the direction flag if kcopy fails.
496 [maxv, ticket #1693] 496 [maxv, ticket #1693]
497 497
498external/bsd/dhcpcd/dist/src/dhcp6.c (apply patch) 498external/bsd/dhcpcd/dist/src/dhcp6.c (apply patch)
499 499
500 DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE. 500 DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE.
501 [roy, ticket #1694] 501 [roy, ticket #1694]
502 502
503sys/netsmb/smb_conn.c 1.30 503sys/netsmb/smb_conn.c 1.30
504 504
505 Prevent a NULL pointer dereference when the local endpoint is not 505 Prevent a NULL pointer dereference when the local endpoint is not
506 defined. 506 defined.
507 [christos, ticket #1696] 507 [christos, ticket #1696]
508 508
509sys/ufs/ffs/ffs_alloc.c 1.164 509sys/ufs/ffs/ffs_alloc.c 1.164
510 510
511 PR 53990, PR 52380, PR 52102: 511 PR 53990, PR 52380, PR 52102:
512 Fix rare allocation botch in ffs_nodealloccg(). 512 Fix rare allocation botch in ffs_nodealloccg().
513 [kardel, ticket #1697] 513 [kardel, ticket #1697]
514 514
515sys/dev/scsipi/scsipi_ioctl.c 1.72 (patch) 515sys/dev/scsipi/scsipi_ioctl.c 1.72 (patch)
516 516
517 Use correct size when copying outgoing sense data. 517 Use correct size when copying outgoing sense data.
518 [mlelstv, ticket #1698] 518 [mlelstv, ticket #1698]
519 519
520libexec/httpd/CHANGES 1.31-1.40 520libexec/httpd/CHANGES 1.31-1.40
521libexec/httpd/Makefile 1.28 521libexec/httpd/Makefile 1.28
522libexec/httpd/auth-bozo.c 1.23-1.24 522libexec/httpd/auth-bozo.c 1.23-1.24
523libexec/httpd/bozohttpd.8 1.75-1.79 523libexec/httpd/bozohttpd.8 1.75-1.79
524libexec/httpd/bozohttpd.c 1.100-1.113 524libexec/httpd/bozohttpd.c 1.100-1.113
525libexec/httpd/bozohttpd.h 1.58-1.60 525libexec/httpd/bozohttpd.h 1.58-1.60
526libexec/httpd/cgi-bozo.c 1.46-1.48 526libexec/httpd/cgi-bozo.c 1.46-1.48
527libexec/httpd/daemon-bozo.c 1.20-1.21 527libexec/httpd/daemon-bozo.c 1.20-1.21
528libexec/httpd/dir-index-bozo.c 1.29-1.32 528libexec/httpd/dir-index-bozo.c 1.29-1.32
529libexec/httpd/ssl-bozo.c 1.26 529libexec/httpd/ssl-bozo.c 1.26
530libexec/httpd/testsuite/Makefile 1.12-1.13 530libexec/httpd/testsuite/Makefile 1.12-1.13
531libexec/httpd/testsuite/t11.out 1.2 531libexec/httpd/testsuite/t11.out 1.2
532libexec/httpd/testsuite/test-bigfile 1.6 532libexec/httpd/testsuite/test-bigfile 1.6
533libexec/httpd/testsuite/test-simple 1.6 533libexec/httpd/testsuite/test-simple 1.6
534 534
535 Don't display special files in the directory index. 535 Don't display special files in the directory index.
536 Use html tables for directory index. 536 Use html tables for directory index.
537 Don't include "index.html" in html headers. 537 Don't include "index.html" in html headers.
538 Fix CGI '+' param and error handling. 538 Fix CGI '+' param and error handling.
539 Remove unused parameter to daemon_poll_err(). 539 Remove unused parameter to daemon_poll_err().
540 Avoid sign extension in % handling 540 Avoid sign extension in % handling
541 Fix a few problems pointed out by clang static analyzer. 541 Fix a few problems pointed out by clang static analyzer.
542 Add ssl specific timeout value (30s).--- 542 Add ssl specific timeout value (30s).---
543 Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing). 543 Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing).
544 Avoid .htpasswd exposure to authenticated users when .htpasswd is 544 Avoid .htpasswd exposure to authenticated users when .htpasswd is
545 in the slashdir too. 545 in the slashdir too.
546 Avoid possible NULL dereference when sending a big request that timeout. 546 Avoid possible NULL dereference when sending a big request that timeout.
547 Avoid an assertion failure when using cgihandler (-C option). 547 Avoid an assertion failure when using cgihandler (-C option).
548 [mrg, ticket #1699] 548 [mrg, ticket #1699]
549 549
 550sys/miscfs/kernfs/kernfs_vnops.c 1.161
 551sys/miscfs/procfs/procfs_vnops.c 1.207
 552
 553 Add missing operation VOP_GETPAGES() returning EFAULT.
 554 [hannken, ticket #1703]
 555