laffer1 | 23 Oct 14:32 2014

src [6888] change the order of default algorithms.

Revision: 6888
          http://svnweb.midnightbsd.org/src/?rev=6888
Author:   laffer1
Date:     2014-10-23 08:32:17 -0400 (Thu, 23 Oct 2014)
Log Message:
-----------
change the order of default algorithms. DES has to be last so that old apps dont crash

Modified Paths:
--------------
    trunk/lib/libcrypt/crypt.3
    trunk/lib/libcrypt/crypt.c

Property Changed:
----------------
    trunk/lib/libcrypt/crypt.3

Modified: trunk/lib/libcrypt/crypt.3
===================================================================
--- trunk/lib/libcrypt/crypt.3	2014-10-22 12:31:54 UTC (rev 6887)
+++ trunk/lib/libcrypt/crypt.3	2014-10-23 12:32:17 UTC (rev 6888)
 <at>  <at>  -29,7 +29,7  <at>  <at> 
 .\"
 .\" $MidnightBSD$
 .\"
-.Dd April 9, 2011
+.Dd March 9, 2014
 .Dt CRYPT 3
 .Os
 .Sh NAME
(Continue reading)

laffer1 | 22 Oct 14:41 2014

www [568] trunk/index.html: 0.5.3

Revision: 568
          http://svnweb.midnightbsd.org/www/?rev=568
Author:   laffer1
Date:     2014-10-22 08:41:59 -0400 (Wed, 22 Oct 2014)
Log Message:
-----------
0.5.3

Modified Paths:
--------------
    trunk/index.html

Modified: trunk/index.html
===================================================================
--- trunk/index.html	2014-10-22 12:39:31 UTC (rev 567)
+++ trunk/index.html	2014-10-22 12:41:59 UTC (rev 568)
 <at>  <at>  -48,6 +48,16  <at>  <at> 
 				<div id="security">
 					<h2><a href="security/">Security &#187;</a></h2>

+					<blockquote>
+						<p class="date">October 21, 2014</p>
+
+						<p class="update">0.5.3-RELEASE
+						<br>Fix several security vulnerabilities in OpenSSL, routed, rtsold,
+and namei with respect to Capsicum sandboxes looking up
+nonexistent path names and leaking memory.</p>
+						<p class="more"><a href="security/#a20141021">Read more ...</a></p>
+					</blockquote>
+
(Continue reading)

laffer1 | 22 Oct 14:39 2014

www [567] trunk/download/index.html: 0.5.2 is latest iso version

Revision: 567
          http://svnweb.midnightbsd.org/www/?rev=567
Author:   laffer1
Date:     2014-10-22 08:39:31 -0400 (Wed, 22 Oct 2014)
Log Message:
-----------
0.5.2 is latest iso version

Modified Paths:
--------------
    trunk/download/index.html

Modified: trunk/download/index.html
===================================================================
--- trunk/download/index.html	2014-10-22 12:39:18 UTC (rev 566)
+++ trunk/download/index.html	2014-10-22 12:39:31 UTC (rev 567)
 <at>  <at>  -16,7 +16,7  <at>  <at> 
 				<p>You may download MidnightBSD below or purchase from <a href="http://on-disk.com/product_info.php/cPath/29_250/products_id/552">OnDisk.com</a>.</p>
 				<p><a href="http://contentdb.emule-project.net/view.php?pid=2486">0.5-RELEASE on eMule</a></p>
 					<table class="download">
-						<caption>Latest Stable Release: 0.5 - 
+						<caption>Latest Stable Release: 0.5.2 - 
 						<a href="../notes/">Release Notes</a></caption>
 						<tr>
 							<th>Site</th>

laffer1 | 22 Oct 14:39 2014

www [566] trunk/security/index.html: 0.5.3

Revision: 566
          http://svnweb.midnightbsd.org/www/?rev=566
Author:   laffer1
Date:     2014-10-22 08:39:18 -0400 (Wed, 22 Oct 2014)
Log Message:
-----------
0.5.3

Modified Paths:
--------------
    trunk/security/index.html

Modified: trunk/security/index.html
===================================================================
--- trunk/security/index.html	2014-10-22 12:36:41 UTC (rev 565)
+++ trunk/security/index.html	2014-10-22 12:39:18 UTC (rev 566)
 <at>  <at>  -17,6 +17,33  <at>  <at> 
 			<div id="text">
 				<h2><img src="../images/oxygen/security32.png" alt="" /> Security Updates</h2>

+				<blockquote class="bluebox" id="a20141021">
+					<h3>October 21, 2014</h3>
+					<p>0.5.3-RELEASE</p>
+
+					<p>MidnightBSD 0.5.3-RELEASE is now available via subversion. 
+
+<p>Fix several security vulnerabilities in OpenSSL, routed, rtsold,
+and namei with respect to Capsicum sandboxes looking up
+nonexistent path names and leaking memory.
+
(Continue reading)

laffer1 | 22 Oct 14:36 2014

www [565] trunk/index.html: tell users about 0.5.2

Revision: 565
          http://svnweb.midnightbsd.org/www/?rev=565
Author:   laffer1
Date:     2014-10-22 08:36:41 -0400 (Wed, 22 Oct 2014)
Log Message:
-----------
tell users about 0.5.2

Modified Paths:
--------------
    trunk/index.html

Modified: trunk/index.html
===================================================================
--- trunk/index.html	2014-10-11 12:52:43 UTC (rev 564)
+++ trunk/index.html	2014-10-22 12:36:41 UTC (rev 565)
 <at>  <at>  -32,7 +32,7  <at>  <at> 
 				<div id="getbox">
 					<div id="gettext">
 						<h2><a href="download/">Get MidnightBSD</a></h2>
-						<h3>Latest Release - 0.5</h3>
+						<h3>Latest Release - 0.5.2</h3>
 						<div id="getcd"><a href="download/" title="Get MidnightBSD"></a></div>
 						<div class="clear"></div>
 						<h4><a href="notes/">Release Notes</a></h4>

laffer1 | 22 Oct 14:31 2014

src [6887] release/0.5.3/: MidnightBSD 0.5.3-RELEASE

Revision: 6887
          http://svnweb.midnightbsd.org/src/?rev=6887
Author:   laffer1
Date:     2014-10-22 08:31:54 -0400 (Wed, 22 Oct 2014)
Log Message:
-----------
MidnightBSD 0.5.3-RELEASE

Added Paths:
-----------
    release/0.5.3/

laffer1 | 22 Oct 03:05 2014

mports [17781] trunk/security/openssl: openssl 1.0.1j

Revision: 17781
          http://svnweb.midnightbsd.org/mports/?rev=17781
Author:   laffer1
Date:     2014-10-21 21:05:15 -0400 (Tue, 21 Oct 2014)
Log Message:
-----------
openssl 1.0.1j

Modified Paths:
--------------
    trunk/security/openssl/Makefile
    trunk/security/openssl/distinfo
    trunk/security/openssl/pkg-plist

Modified: trunk/security/openssl/Makefile
===================================================================
--- trunk/security/openssl/Makefile	2014-10-19 12:57:23 UTC (rev 17780)
+++ trunk/security/openssl/Makefile	2014-10-22 01:05:15 UTC (rev 17781)
 <at>  <at>  -2,8 +2,8  <at>  <at> 

 PORTNAME=	openssl
 PORTVERSION=	1.0.1
-PORTREVISION=	2
-DISTVERSIONSUFFIX=	i
+PORTREVISION=	3
+DISTVERSIONSUFFIX=	j
 CATEGORIES=	security devel
 MASTER_SITES=	http://www.openssl.org/%SUBDIR%/ \
 		ftp://ftp.openssl.org/%SUBDIR%/ \

(Continue reading)

laffer1 | 22 Oct 00:34 2014

src [6886] trunk/UPDATING: Mention security patches.

Revision: 6886
          http://svnweb.midnightbsd.org/src/?rev=6886
Author:   laffer1
Date:     2014-10-21 18:34:00 -0400 (Tue, 21 Oct 2014)
Log Message:
-----------
Mention security patches. Note this list is not the same as 0.5 because of the different OpenSSL version in progress.

Modified Paths:
--------------
    trunk/UPDATING

Modified: trunk/UPDATING
===================================================================
--- trunk/UPDATING	2014-10-21 22:32:29 UTC (rev 6885)
+++ trunk/UPDATING	2014-10-21 22:34:00 UTC (rev 6886)
 <at>  <at>  -1,5 +1,19  <at>  <at> 
 Updating Information for MidnightBSD users.

+20141021:
+	Fix several security vulnerabilities in routed, rtsold,
+        and namei with respect to Capsicum sandboxes looking up
+        nonexistent path names and leaking memory.
+
+        The input path in routed(8) will accept queries from any source and
+        attempt to answer them.  However, the output path assumes that the
+        destination address for the response is on a directly connected
+        network.
+
+        Due to a missing length check in the code that handles DNS parameters,
(Continue reading)

laffer1 | 22 Oct 00:32 2014

src [6885] trunk/sys/kern/vfs_lookup.c: The namei facility will leak a small amount of kernel memory every

Revision: 6885
          http://svnweb.midnightbsd.org/src/?rev=6885
Author:   laffer1
Date:     2014-10-21 18:32:29 -0400 (Tue, 21 Oct 2014)
Log Message:
-----------
The namei facility will leak a small amount of kernel memory every
time a sandboxed process looks up a nonexistent path name.

Obtained from: FreeBSD

Modified Paths:
--------------
    trunk/sys/kern/vfs_lookup.c

Modified: trunk/sys/kern/vfs_lookup.c
===================================================================
--- trunk/sys/kern/vfs_lookup.c	2014-10-21 22:30:33 UTC (rev 6884)
+++ trunk/sys/kern/vfs_lookup.c	2014-10-21 22:32:29 UTC (rev 6885)
 <at>  <at>  -121,6 +121,16  <at>  <at> 
  *		if symbolic link, massage name in buffer and continue
  *	}
  */
+static void
+namei_cleanup_cnp(struct componentname *cnp)
+{
+	uma_zfree(namei_zone, cnp->cn_pnbuf);
+#ifdef DIAGNOSTIC
+	cnp->cn_pnbuf = NULL;
+	cnp->cn_nameptr = NULL;
(Continue reading)

laffer1 | 22 Oct 00:30 2014

src [6884] trunk/sbin/routed/input.c: The input path in routed(8) will accept queries from any source and

Revision: 6884
          http://svnweb.midnightbsd.org/src/?rev=6884
Author:   laffer1
Date:     2014-10-21 18:30:33 -0400 (Tue, 21 Oct 2014)
Log Message:
-----------
The input path in routed(8) will accept queries from any source and
attempt to answer them.  However, the output path assumes that the
destination address for the response is on a directly connected
network.

Obtained from: FreeBSD

Modified Paths:
--------------
    trunk/sbin/routed/input.c

Modified: trunk/sbin/routed/input.c
===================================================================
--- trunk/sbin/routed/input.c	2014-10-21 22:29:37 UTC (rev 6883)
+++ trunk/sbin/routed/input.c	2014-10-21 22:30:33 UTC (rev 6884)
 <at>  <at>  -288,6 +288,10  <at>  <at> 
 				/* Answer a query from a utility program
 				 * with all we know.
 				 */
+				if (aifp == NULL) {
+					trace_pkt("ignore remote query");
+					return;
+				}
 				if (from->sin_port != htons(RIP_PORT)) {
(Continue reading)

laffer1 | 22 Oct 00:29 2014

src [6883] trunk/usr.sbin/rtsold/rtsol.c: Due to a missing length check in the code that handles DNS parameters,

Revision: 6883
          http://svnweb.midnightbsd.org/src/?rev=6883
Author:   laffer1
Date:     2014-10-21 18:29:37 -0400 (Tue, 21 Oct 2014)
Log Message:
-----------
Due to a missing length check in the code that handles DNS parameters,
a malformed router advertisement message can result in a stack buffer
overflow in rtsold(8).

Obtained from: FreeBSD

Modified Paths:
--------------
    trunk/usr.sbin/rtsold/rtsol.c

Modified: trunk/usr.sbin/rtsold/rtsol.c
===================================================================
--- trunk/usr.sbin/rtsold/rtsol.c	2014-10-21 22:27:35 UTC (rev 6882)
+++ trunk/usr.sbin/rtsold/rtsol.c	2014-10-21 22:29:37 UTC (rev 6883)
 <at>  <at>  -933,7 +933,8  <at>  <at> 
 	dst_origin = dst;
 	memset(dst, '\0', dlen);
 	while (src && (len = (uint8_t)(*src++) & 0x3f) &&
-	    (src + len) <= src_last) {
+	    (src + len) <= src_last &&
+	    (dst - dst_origin < (ssize_t)dlen)) {
 		if (dst != dst_origin)
 			*dst++ = '.';
 		warnmsg(LOG_DEBUG, __func__, "labellen = %zd", len);
(Continue reading)


Gmane