Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
151,023 Commits 606 Branches 0 Tags 3.1 GiB
c76c4d01d3
Commit Graph

1240 Commits

Author SHA1 Message Date
adrianp
ee74a1421a Fixes for CVE-2006-4095 and CVE-2006-4096 from bind-9.3.2-P1 
* Assertion failure in ISC BIND SIG query processing (CVE-2006-4095)

- Recursive servers
Queries for SIG records will trigger an assertion failure if more
than one RRset is returned. However exposure can be minimized by
restricting which sources can ask for recursion.

- Authoritative servers
If a nameserver is serving a RFC 2535 DNSSEC zone and is queried
for the SIG records where there are multiple RRsets, then the
named program will trigger an assertion failure when it tries
to construct the response.

* INSIST failure in ISC BIND recursive query handling code (CVE-2006-4096)

It is possible to trigger an INSIST failure by sending enough
recursive queries such that the response to the query arrives after
all the clients waiting for the response have left the recursion
queue. However exposure can be minimized by restricting which sources
can ask for recursion.

ok'ed christos@
 2006-09-05 19:31:47 +00:00
seb
4a00cfc811 Typo. 2006-08-28 21:21:52 +00:00
christos
18b025cbc8 PR/34286: Gene ENonymous: Increase YYSTACKSIZE so that we can handle huge 
pools.
 2006-08-26 23:20:56 +00:00
jnemeth
50fe2341d5 force all assertions on when __COVERITY__ is set 2006-08-23 04:10:51 +00:00
thorpej
5da5f197c5 Use "unsigned int" rather than "u_int" to be consistent with the rest 
of file(1).
 2006-08-20 19:49:31 +00:00
christos
95ee253760 Print rejected rpc packet reason. 2006-08-11 19:01:18 +00:00
peter
a916e7d758 Document the "tos" keyword. Spotted by maxim bourmistrov, patch supplied by 
jared r r spiegel and forwarded by Thomas Klausner via Jason McIntyre.
 2006-08-10 12:30:49 +00:00
pavel
5145dd52fa Belatedly Bump date after my not-so-recent changes. 2006-08-07 20:57:56 +00:00
dyoung
cc94fcb6e9 Correct units on IEEE80211_RADIOTAP_DBM_ANTSIGNAL, 
IEEE80211_RADIOTAP_DBM_ANTNOISE.
 2006-08-06 17:52:17 +00:00
agc
9410ca204b mark VPD 0x80 (Unit Serial Number VPD Page) as being done 2006-08-03 20:50:45 +00:00
agc
72a3c3e7b9 Add support for Vital Product Data 0x80, Unit Serial Number, reported to be 
used by the beta FreeBSD initiator by Paul Dekkers.
 2006-08-03 20:49:11 +00:00
agc
66644e0749 + add support for IPv6 in the target (CIDR scoping has still to be 
implemented for IPv6, but works fine for IPv4)

+ now poll any connections opened in the target.  select is used if
poll is not available

+ remove ramdisk type of backing store, since it was never used, and
is of no use for our needs

+ bump version to 20060727
 2006-08-03 20:21:59 +00:00
christos
a6fd778155 don't zerodivide when "backoff-cutoff 0;" tested by zafer 2006-08-03 20:17:43 +00:00
kardel
a1291ab337 cope with struct timeval tv_sec being defined as long instead 
of the SUS mandated time_t.
 2006-07-29 19:22:25 +00:00
kardel
55fde488db using the correct type makes it compile on alpha too - found by Kurt Schreiner 2006-07-29 14:56:57 +00:00
kardel
af2ffb8cb1 backout change from import. 
was introduced within ntp and causing
grief there too (partly reason for p3).
this change is not necessary for NetBSD.
 2006-07-29 10:21:37 +00:00
kardel
f2de40854d merge 4.2.2p2 
signedness fixes
	fd re-allocation for stdio
	PPSAPI fixes in refclock_parse.c
while there clean up last signedness problems for gcc4 compilation
 2006-07-29 08:15:29 +00:00
kardel
36f7d8cda6 Import ntp 4.2.2p2 2006-07-29 07:10:38 +00:00
christos
407a09df84 strdup/strlcat/snprintf changes from Aleksey Cheusov 2006-07-26 20:46:37 +00:00
jnemeth
79d79919df Coverity CID: 682 -- remove dead code 2006-07-26 06:23:59 +00:00
christos
f45b14fd95 add ytab.[ch] 2006-07-25 21:25:55 +00:00
christos
cc3156aaa2 Change the meaning of state count to be the number allocated (like c does) 
instead of the highest number allocated (fortran). Fixes off-by-one errors.
Also change the overallocation of n * 5 / 4 + 10 to just n + 10.
 2006-07-25 20:52:57 +00:00
peter
3942d3e2ab Revert previous and fix properly. 
- The array must be NULL terminated because other code depends on it.
- Use this terminator to check if we're at the end of the array instead
  of doing sizeof(pf_timeouts) / sizeof(pf_timeouts[0]).
 2006-07-03 20:26:19 +00:00
christos
847ba49a2c fix typo. 2006-06-29 21:53:33 +00:00
christos
561776c05e resolve conflicts. 2006-06-29 21:50:16 +00:00
christos
1edf903634 Import pppd-2.4.4 2006-06-29 21:46:38 +00:00
christos
295eac6574 make the gototab unsigned int 2006-06-26 17:58:25 +00:00
christos
80f0134faf - widen gototab so NCHARS states fits. 
- don't allocate more space than we need.
From Aleksey Cheusov
 2006-06-26 13:10:47 +00:00
christos
a504bbc8d8 Don't forget to free gototab[i]; pointed out by Aleksey Cheusov 2006-06-25 22:37:45 +00:00
mrg
5609a371c9 make MKCRYPTO=no work again. 2006-06-25 03:02:19 +00:00
christos
ab7ad9579e PR/33392: Aleksey Cheusov: Incorrect matching due to hard-coded limit in 
number of states. Adapted from patch supplied.
 2006-06-22 21:25:14 +00:00
kardel
d66ddb6f9c use the version that is now in ntp-stable (4.2.2 release branch) 2006-06-18 22:48:51 +00:00
kardel
7d46a5bb55 NetBSD Coverity CID 3804: avoid file pointer leak 2006-06-18 21:35:57 +00:00
kardel
50fd338dac NetBSD Coverity CID 3799: overrun static array (off by one) fixed 2006-06-18 21:30:19 +00:00
kardel
e1a3a74084 NetBSD Coverity CID 3797: bad return code check for open(2) fixed 
(!fd replaced with fd < 0)
 2006-06-18 21:25:13 +00:00
kardel
b58f2a229e NetBSD Coverity CID 3796: possible NULL deref 2006-06-18 21:20:35 +00:00
kardel
d58917ea1c cope with situations where interface are UP and bound to 
INADDR_ANY - ntpd will ignore those interfaces
(bug 637 @bugs.ntp.isc.org)
 2006-06-17 12:11:55 +00:00
christos
b7414305ba Update the manual section 2006-06-14 16:23:46 +00:00
christos
3e2e64af97 Regen 2006-06-14 16:22:54 +00:00
christos
826ade140d Use /dev/tty if possible and only fall back to stdin/stderr if that is not 
available like getpass(3) does.
 2006-06-14 16:17:01 +00:00
christos
2e91d940da PR/33724: Scott Ellis: Building a release with MKINET6=no stops in libisc due 
to compiler warnings. Fixed misplaced and miscommented #endif
 2006-06-13 22:36:36 +00:00
christos
f503e58dd8 PR/33723: Arthur Townsend: file command doesn't show 'executable' for 
statically linked sun3 exec
 2006-06-13 22:20:20 +00:00
christos
d8cec01f6f PR/33722: Scott Presnell: pppd 2.4.3 active-filter functions botched 2006-06-13 22:12:37 +00:00
kardel
d5b727f28d correct pointer advances broken by previous fix 2006-06-13 21:03:53 +00:00
kardel
3dfb395215 sort out pointer types - found & fix by jmmv 2006-06-12 10:46:19 +00:00
kardel
b51cdf6b08 fix pointer deref - found by jmmv 2006-06-12 10:45:27 +00:00
kardel
8704ff927b import and integrate NTP 4.2.2 2006-06-11 19:34:07 +00:00
kardel
9c52afaf31 Import ntp 4.2.2 2006-06-11 14:57:12 +00:00
agc
2b1d5a0345 :g/%i/s//%d/gc 
Also make a first stab at implementing persistent reserve in SCSI command.
 2006-05-31 19:53:13 +00:00
chap
5d80ae61bf Clarify that to avoid ioctl(SIOCGNATS): Input/output error, ipf must be 
enabled (ipf -E) before ipnat is used; this detail is automated by the
rc scripts, but not by ipnat itself. ipf's author agrees this is a doc
bug.

Closes PR kern/33409.
 2006-05-29 16:09:46 +00:00