[BACK]Return to CHANGES-6.0.2 CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / doc

File: [cvs.NetBSD.org] / src / doc / Attic / CHANGES-6.0.2 (download)

Revision 1.1.2.34, Sun May 12 23:53:41 2013 UTC (7 years, 9 months ago) by riz
Branch: netbsd-6-0
CVS Tags: netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE
Changes since 1.1.2.33: +9 -1 lines

Welcome to 6.0.2!

# $NetBSD: CHANGES-6.0.2,v 1.1.2.34 2013/05/12 23:53:41 riz Exp $

A complete list of changes from the NetBSD 6.0.1 release to the NetBSD 6.0.2
release:

gnu/usr.bin/groff/tmac/mdoc.local		patched by hand
sys/sys/param.h					patched by hand

	Welcome to 6.0.1_PATCH.
	[riz]

sys/dev/usb/ubsa_common.c			1.9

	Fix off by one read error.
	[msaitoh, ticket #761]

sys/external/bsd/drm/dist/shared-core/i915_suspend.c 1.6

	Avoid out-of-bounds access.
	[msaitoh, ticket #762]

sys/kern/uipc_syscalls.c			1.157-1.158

	Prevent ktrace from being able to crash the kernel.
	[mlelstv, ticket #778]

sbin/fsck_ffs/pass1.c				1.50

	Show pass1 SIGINFO output on stderr like other passes, not on stdout.
	[riastradh, ticket #779]

etc/namedb/root.cache				1.17

	D.ROOT-SERVERS.NET changes IPv4 address.
	[taca, ticket #781]

gnu/dist/grep/lib/getopt.c			1.2
gnu/dist/grep/lib/regex.c			1.2
gnu/dist/grep/src/ansi2knr.c			1.2
gnu/dist/grep/src/dfa.c				1.3
gnu/dist/grep/src/grep.c			1.14
gnu/dist/grep/src/search.c			1.4

	Change several int variables to size_t, ssize_t, or ptrdiff_t.
	This should fix the bug described in CVE-2012-5667 when an input
	line is so long that its length cannot be stored in an int
	variable.

	[apb, ticket #780]

sys/kern/subr_cprng.c				1.15

	Fix a security issue: when we are reseeding a PRNG seeded early in
	boot before we had ever had any entropy, if something else has
	consumed the entropy that triggered the immediate reseed, we can
	reseed with as little as sizeof(int) bytes of entropy.
	[tls, ticket #800]

sys/kern/kern_softint.c				1.39
sys/kern/subr_pserialize.c			1.6
sys/rump/include/machine/intr.h			1.19

	Fixes for pserialize(9).
	[rmind, ticket #782]

sys/dist/ipf/netinet/ip_fil_netbsd.c		1.4 via patch

	Fix off-by-one read error.
	[msaitoh, ticket #787]

sys/kern/subr_vmem.c				1.77 via patch,1.81

	Fix a lock order reversal, and a lock release.
	[para, ticket #789]

sys/kern/kern_rndq.c				1.7

	Set resource limits to prevent potential consumption of all
	kernel memory.
	[msaitoh, ticket #790]

lib/libutil/parsedate.y				1.13

	Fix a bug in parsedate(3) where it would treat all input
	as if it were in the local time zone, even if the input should have
	been treated as a time in UTC or some other time zone.
	[apb, ticket #791]

sys/compat/netbsd32/netbsd32_execve.c		1.37

	Fix memory pool corruption when freeing kmem with wrong size.
	[hannken, ticket #793]

etc/MAKEDEV.tmpl				1.161

	The console major number is not always 0.
	[apb, ticket #801]

sys/secmodel/extensions/secmodel_extensions.c	1.4
sys/secmodel/securelevel/secmodel_securelevel.c	1.29

	Re-instate backwards compatible
	security.models.bsd44.{curtain,securelevel}.
	[jym, ticket #802]

crypto/external/bsd/openssl/dist/engines/ccgost/gost_eng.c 1.2

	Fix a multiple-free bug.
	[manu, ticket #806]

sys/dev/fss.c					1.84

	Don't crash when running multiple dump -X. PR#47514.
	[hannken, ticket #808]

sys/dev/fss.c					1.85

	Fix panic in fss(4).  PR#47020.
	[hannken, ticket #810]

sys/kern/subr_pserialize.c			1.7

	Avoid possible race with softint handler.
	[rmind, ticket #811]

external/historical/nawk/dist/tran.c		1.8

	Fix awk segfault due to NULL dereference.  PR#47553.
	[cheusov, ticket #836]

doc/3RDPARTY					patch
share/zoneinfo/africa				patch
share/zoneinfo/antarctica			patch
share/zoneinfo/asia				patch
share/zoneinfo/australasia			patch
share/zoneinfo/europe				patch
share/zoneinfo/northamerica			patch
share/zoneinfo/southamerica			patch
share/zoneinfo/zone.tab				patch
distrib/sets/lists/base/mi			patch

	Merge tzdata2013a and tzdata2013b from
	ftp://ftp.iana.org/tz/releases/tzdata2013a.tar.gz and
	ftp://ftp.iana.org/tz/releases/tzdata2013b.tar.gz .
	Important changes from tzdata2012j to tzdata2013a:
	 Chile's 2013 rules, and we guess rules for 2014 and later, will be
	 the same as 2012, namely Apr Sun>=23 03:00 UTC to
	 Sep Sun>=2 04:00 UTC.
	 New Zones Asia/Khandyga, Asia/Ust-Nera, Europe/Busingen.
	 Many changes affect historical time stamps before 1940.
	Important changes from tzdata2013a to tzdata2013b:
	 Haiti uses US daylight-saving rules this year, and presumably
	 future years.
	 Paraguay will end DST on March 24 this year.
	 Morocco does not observe DST during Ramadan;
	 try to predict Ramadan in Morocco as best we can. 
	[apb, ticket #845]

sys/secmodel/extensions/secmodel_extensions.c	1.5

	Fix a crash which can happen with sysctl security.curtain=1
	set.  PR#47598.
	[martin, ticket #839]

lib/libc/arch/alpha/gen/__longjmp14.c		1.6-1.7
lib/libc/arch/alpha/gen/__setjmp14.S		1.6

	Fix longjmp/setjmp on alpha for statically linked programs
	such as those in /rescue.
	[martin, ticket #846]

sys/kern/subr_cprng.c				1.16

	Re-fix 'fix' for SA-2013-003.  Because the original fix evaluated a
	flag backwards, in low-entropy conditions there was a time interval
	in which /dev/urandom could still output bits on an unacceptably
	short key.  Output from /dev/random was *NOT* impacted.

	Eliminate the flag in question -- it's safest to always fill the
	requested key buffer with output from the entropy-pool, even if we
	let the caller know we couldn't provide bytes with the full entropy
	it requested.

	Advisory will be updated soon with a full worst-case analysis of the
	/dev/urandom output path in the presence of either variant of the
	SA-2013-003 bug.  Fortunately, because a large amount of other input
	is mixed in before users can obtain any output, it doesn't look as
	dangerous in practice as I'd feared it might be.
	[tls, ticket #859]
sys/sys/ptree.h					1.5

	Cast constants to appropriate types to fix crashes in ptree(9).
	[rmind, ticket #851]

sys/netinet6/udp6_output.c			1.44

	Fix sendto(2) issue with IPv6 UDP datagrams.  PR#47408.
	[christos, ticket #853]

lib/libc/rpc/clnt_vc.c				1.19

	Wrong memcpy() can cause memory corruption.  PR#13082.
	[christos, ticket #854]

sys/arch/amd64/amd64/machdep.c			1.193

	Use printf_nolog() as i386 when print remaing bytes at crash dump to
	prevent message buffer with cound down.
	[taca, ticket #866]

usr.sbin/dumpfs/dumpfs.c			1.60

	Show in-filesystem quotas flag instead of unknown flag bit.
	[taca, ticket #867]

sys/kern/subr_xcall.c				1.15

	xc_highpri: fix assert.
	[rmind, ticket #868]

lib/libc/gen/getcwd.c				1.52
lib/libc/gen/realpath.3				1.13

	PR/46618: Onno van der Linden: realpath(3) isn't SUSv4 compliant
	(and causes flactag 2.0.4 to dump core). Fix to accept a NULL
	argument for resolvedpath.
	[christos, ticket #874]

sys/kern/subr_kmem.c				1.47

	addresses PR/47512
	properly return NULL for failed allocations not 0x8 with size checks
	enabled.
	[para, ticket #876]

sys/dev/scsipi/ses.c				1.45 via patch

	Add detach support for ses(4), fixing a panic. PR#44283.
	[jakllsch, ticket #878]

distrib/hp300/ramdisk/Makefile			1.32
etc/etc.hp300/MAKEDEV.conf			1.14

	Fix an openpty() failed error during install for hp300.
	[tsutsui, ticket #880]

sys/arch/x68k/dev/ite_tv.c			1.16

	Fix a kernel panic which can be triggered by printf(1) on x68k.
	[isaki, ticket #881]

distrib/hp700/ramdisk/Makefile			1.12

	Fix PR/47123 (sysinst failure) for hp700 as well.
	[skrll, ticket #882]

share/zoneinfo/antarctica			patch
share/zoneinfo/asia				patch
share/zoneinfo/australasia			patch
share/zoneinfo/southamerica			patch
share/zoneinfo/zone.tab				patch

	Merge tzdata2013c from
	ftp://ftp.iana.org/tz/releases/tzdata2013c.tar.gz
	[apb, ticket #886]

sys/dev/pci/if_vioif.c				1.4

	Fix a typo that causes recent QEMU to die configuring a vioif.
	[minoura, ticket #890]

distrib/notes/common/main			patched by hand
doc/LAST_MINUTE					patched by hand
doc/README.files				patched by hand
sys/sys/param.h					patched by hand

	Welcome to 6.0.2!
	[riz]