Subject: NetBSD master CVS tree commits
To: None <source-changes@NetBSD.ORG>
From: None <source@NetBSD.ORG>
List: source-changes
Date: 10/25/1996 22:10:02
cgd
Fri Oct 25 15:01:45 PDT 1996
Update of /cvsroot/src/sys/kern
In directory netbsd1:/var/slash-tmp/cvs-serv12545

Modified Files:
	subr_prf.c 
Log Message:
don't assign non-const pointers from const pointers; make the appropriate
pointers 'const'.  (-Wcast-qual)


explorer
Fri Oct 25 15:07:54 PDT 1996
Update of /a/cvsroot/src/usr.sbin/lpr/lpr
In directory netbsd1:/var/slash-tmp/cvs-serv12830

Modified Files:
	lpr.c 
Log Message:
Fix the get-a-shell hole, even if we are not currently open to that attack.
(1.2 release is, however, and this should be pulled up and released ASAP)

The previous version (1.11) checked into current limits the duration of
setuid-root periods much more than the 1.2 released version does, so the
attacker DID get a shell, but it was not a root shell.