[src/netbsd-1-5]: src Do (hopefully) the last batch of pullups for 1.5.3.

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-1-5]: src Do (hopefully) the last batch of pullups for 1.5.3.
From: he <he%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 07:39:56 +0000

details:   https://anonhg.NetBSD.org/src/rev/af3e7da15235
branches:  netbsd-1-5
changeset: 493169:af3e7da15235
user:      he <he%NetBSD.org@localhost>
date:      Wed Jun 26 19:50:16 2002 +0000

description:
Do (hopefully) the last batch of pullups for 1.5.3.
Some of these are security related, so the release was stalled.
 o libc resolver: fix buffer overrun on hostbuf[]
 o pkg_install: synchronize with recent developments, e.g. @blddep
 o scsipi/cd.c: fix DVD ioctls to use the correctly sized CDBs
 o user management commands: synchronize with recent developments
 o mvme68k: fix detection of booted device
 o dhcpd.conf example file: add mandatory declaration
 o newsyslog: make it possible to not gzip log files on rotation
 o vfs_lookup.c: plug a chroot escape method, and log attempts
 o openssh: point fix for preauth security vulnerability

diffstat:

 CHANGES-1.5.3 |  88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 87 insertions(+), 1 deletions(-)

diffs (99 lines):

diff -r e74ac3cd6e03 -r af3e7da15235 CHANGES-1.5.3
--- a/CHANGES-1.5.3     Wed Jun 26 19:30:59 2002 +0000
+++ b/CHANGES-1.5.3     Wed Jun 26 19:50:16 2002 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-1.5.3,v 1.1.2.70 2002/06/12 20:46:23 he Exp $
+#      $NetBSD: CHANGES-1.5.3,v 1.1.2.71 2002/06/26 19:50:16 he Exp $
 
 A complete list of changes from NetBSD 1.5.2 to NetBSD 1.5.3:
 
@@ -2906,3 +2906,89 @@
 sys/conf/osrelease.sh                          patch
 
   Mark this as NetBSD 1.5.3.
+
+lib/libc/net/gethnamaddr.c                     1.45-1.46
+lib/libc/net/getnetnamadr.c                    1.22
+
+  Fix remote buffer overrun on hostbuf[].  Also fix up logic of
+  buffer handling.
+
+lib/libc/net/gethnamaddr.c                     1.47
+
+  Correct usage of DIAGASSERT after recent change.
+
+usr.sbin/pkg_install/lib/file.c                        1.49-1.52
+usr.sbin/pkg_install/lib/ftpio.c               1.35-1.37
+usr.sbin/pkg_install/lib/lib.h                 1.37-1.41
+usr.sbin/pkg_install/lib/plist.c               1.32-1.33
+usr.sbin/pkg_install/lib/str.c                 1.34-1.37
+usr.sbin/pkg_install/lib/version.h             1.11-1.13
+usr.sbin/pkg_install/add/main.c                        1.24
+usr.sbin/pkg_install/add/perform.c             1.62-1.66
+usr.sbin/pkg_install/add/verify.c              1.3
+usr.sbin/pkg_install/admin/main.c              1.24-1.26
+usr.sbin/pkg_install/create/main.c             1.21
+usr.sbin/pkg_install/create/perform.c          1.29-1.32
+usr.sbin/pkg_install/delete/delete.h           1.7
+usr.sbin/pkg_install/delete/main.c             1.19
+usr.sbin/pkg_install/delete/perform.c          1.35-1.36
+usr.sbin/pkg_install/info/info.h               1.13
+usr.sbin/pkg_install/info/main.c               1.28-1.29
+usr.sbin/pkg_install/info/perform.c            1.38-1.39
+usr.sbin/pkg_install/info/show.c               1.21-1.23
+
+  Synchronize with recent developments:
+   o close a memory leak
+   o clarify error message if running out of file descriptors
+   o implement new packing list directive, @blddep
+   o improve buffer size checks
+   o improve error handling on installation of prerequisite packages
+   o add optional file verification (none, gpg, pgp5)
+
+sys/dev/scsipi/cd.c                            1.150 via patch
+
+  Make DVD ioctls use the right size CDB (16 instead of 12).  Fixes
+  PR#12991.
+
+usr.sbin/user/user.8                           1.8-1.14
+usr.sbin/user/user.c                           1.38-1.52
+usr.sbin/user/useradd.8                                1.10-1.20
+usr.sbin/user/userdel.8                                1.9-1.19
+usr.sbin/user/userinfo.8                       1.5-1.7
+usr.sbin/user/usermod.8                                1.10-1.16
+usr.sbin/user/usermgmt.conf.5                  1.1-1.2 (new)
+usr.sbin/user/usermgmt.h                       1.5
+usr.sbin/user/Makefile                         patch
+distrib/sets/lists/man/mi                      patch
+
+  Synchronize with recent developments:
+   o add usermgmt.conf manual page
+   o accept "month day year" for -e and -f option arguments of ``user''
+   o support multiple uid ranges
+   o fix skeleton directory changes
+   o improve error handling
+   o fix varargs usage
+
+sys/arch/mvme68k/mvme68k/disksubr.c            patch
+
+  Fix detection of booted device.  Required to make it possible to
+  boot from tape.
+
+dist/dhcp/server/dhcpd.conf                    1.2
+
+  Add a mandatory declaration to the dhcpd example configuration file.
+  Fixes PR#12702.
+
+usr.bin/newsyslog/newsyslog.c                  1.44
+
+  Make it actually possible to not compress logs on log rotation.
+  Fixes PR#16291.
+
+sys/kern/vfs_lookup.c                          1.40
+
+  Fix a chroot escape method, and log attempts.
+
+crypto/dist/ssh/auth2-chall.c                  patch
+
+  Pull in a point patch for the preauth security vulnerability,
+  taken from http://www.openssh.com/txt/preauth.adv.

Prev by Date: [src/netbsd-1-5]: src/sys/kern Pull up revision 1.40 (requested by wrstuden):
Next by Date: [src/netbsd-1-5]: src/crypto/dist/ssh Apply patch (requested by he):
Previous by Thread: [src/netbsd-1-5]: src/sys/kern Pull up revision 1.40 (requested by wrstuden):
Next by Thread: [src/netbsd-1-5]: src/crypto/dist/ssh Apply patch (requested by he):
Indexes:

Home | Main Index | Thread Index | Old Index