svn commit: r303304 - in releng: 10.1 10.1/sys/conf 10.1/usr.bin/bsdiff/bspatch 10.1/usr.sbin/freebsd-update 10.2 10.2/sys/conf 10.2/usr.bin/bsdiff/bspatch 10.2/usr.sbin/freebsd-update 10.3 10.3/sy...
Xin LI
delphij at FreeBSD.org
Mon Jul 25 15:04:20 UTC 2016
Author: delphij
Date: Mon Jul 25 15:04:17 2016
New Revision: 303304
URL: https://svnweb.freebsd.org/changeset/base/303304
Log:
Fix bspatch heap overflow vulnerability. [SA-16:25]
Fix freebsd-update(8) support of FreeBSD 11.0 release
distribution. [EN-16:09]
Approved by: so
Modified:
releng/10.1/UPDATING
releng/10.1/sys/conf/newvers.sh
releng/10.1/usr.bin/bsdiff/bspatch/bspatch.c
releng/10.1/usr.sbin/freebsd-update/freebsd-update.sh
releng/10.2/UPDATING
releng/10.2/sys/conf/newvers.sh
releng/10.2/usr.bin/bsdiff/bspatch/bspatch.c
releng/10.2/usr.sbin/freebsd-update/freebsd-update.sh
releng/10.3/UPDATING
releng/10.3/sys/conf/newvers.sh
releng/10.3/usr.bin/bsdiff/bspatch/bspatch.c
releng/10.3/usr.sbin/freebsd-update/freebsd-update.sh
releng/9.3/UPDATING
releng/9.3/sys/conf/newvers.sh
releng/9.3/usr.bin/bsdiff/bspatch/bspatch.c
releng/9.3/usr.sbin/freebsd-update/freebsd-update.sh
Modified: releng/10.1/UPDATING
==============================================================================
--- releng/10.1/UPDATING Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.1/UPDATING Mon Jul 25 15:04:17 2016 (r303304)
@@ -16,6 +16,14 @@ from older versions of FreeBSD, try WITH
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20160725 p37 FreeBSD-SA-16:25.bspatch
+ FreeBSD-EN-16:09.freebsd-update
+
+ Fix bspatch heap overflow vulnerability. [SA-16:25]
+
+ Fix freebsd-update(8) support of FreeBSD 11.0 release
+ distribution. [EN-16:09]
+
20160604 p36 FreeBSD-SA-16:24.ntp
Fix multiple vulnerabilities of ntp.
Modified: releng/10.1/sys/conf/newvers.sh
==============================================================================
--- releng/10.1/sys/conf/newvers.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.1/sys/conf/newvers.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.1"
-BRANCH="RELEASE-p36"
+BRANCH="RELEASE-p37"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/10.1/usr.bin/bsdiff/bspatch/bspatch.c
==============================================================================
--- releng/10.1/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.1/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:17 2016 (r303304)
@@ -155,6 +155,10 @@ int main(int argc,char * argv[])
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
Modified: releng/10.1/usr.sbin/freebsd-update/freebsd-update.sh
==============================================================================
--- releng/10.1/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.1/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -1229,7 +1229,7 @@ fetch_metadata_sanity () {
# Check that the first four fields make sense.
if gunzip -c < files/$1.gz |
- grep -qvE "^[a-z]+\|[0-9a-z]+\|${P}+\|[fdL-]\|"; then
+ grep -qvE "^[a-z]+\|[0-9a-z-]+\|${P}+\|[fdL-]\|"; then
fetch_metadata_bogus ""
return 1
fi
Modified: releng/10.2/UPDATING
==============================================================================
--- releng/10.2/UPDATING Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.2/UPDATING Mon Jul 25 15:04:17 2016 (r303304)
@@ -16,6 +16,14 @@ from older versions of FreeBSD, try WITH
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20160725 p20 FreeBSD-SA-16:25.bspatch
+ FreeBSD-EN-16:09.freebsd-update
+
+ Fix bspatch heap overflow vulnerability. [SA-16:25]
+
+ Fix freebsd-update(8) support of FreeBSD 11.0 release
+ distribution. [EN-16:09]
+
20160604 p19 FreeBSD-SA-16:24.ntp
Fix multiple vulnerabilities of ntp.
Modified: releng/10.2/sys/conf/newvers.sh
==============================================================================
--- releng/10.2/sys/conf/newvers.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.2/sys/conf/newvers.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.2"
-BRANCH="RELEASE-p19"
+BRANCH="RELEASE-p20"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/10.2/usr.bin/bsdiff/bspatch/bspatch.c
==============================================================================
--- releng/10.2/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.2/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:17 2016 (r303304)
@@ -155,6 +155,10 @@ int main(int argc,char * argv[])
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
Modified: releng/10.2/usr.sbin/freebsd-update/freebsd-update.sh
==============================================================================
--- releng/10.2/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.2/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -1245,7 +1245,7 @@ fetch_metadata_sanity () {
# Check that the first four fields make sense.
if gunzip -c < files/$1.gz |
- grep -qvE "^[a-z]+\|[0-9a-z]+\|${P}+\|[fdL-]\|"; then
+ grep -qvE "^[a-z]+\|[0-9a-z-]+\|${P}+\|[fdL-]\|"; then
fetch_metadata_bogus ""
return 1
fi
Modified: releng/10.3/UPDATING
==============================================================================
--- releng/10.3/UPDATING Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.3/UPDATING Mon Jul 25 15:04:17 2016 (r303304)
@@ -16,6 +16,14 @@ from older versions of FreeBSD, try WITH
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20160725 p6 FreeBSD-SA-16:25.bspatch
+ FreeBSD-EN-16:09.freebsd-update
+
+ Fix bspatch heap overflow vulnerability. [SA-16:25]
+
+ Fix freebsd-update(8) support of FreeBSD 11.0 release
+ distribution. [EN-16:09]
+
20160604 p5 FreeBSD-SA-16:24.ntp
Fix multiple vulnerabilities of ntp.
Modified: releng/10.3/sys/conf/newvers.sh
==============================================================================
--- releng/10.3/sys/conf/newvers.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.3/sys/conf/newvers.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.3"
-BRANCH="RELEASE-p5"
+BRANCH="RELEASE-p6"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/10.3/usr.bin/bsdiff/bspatch/bspatch.c
==============================================================================
--- releng/10.3/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.3/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:17 2016 (r303304)
@@ -155,6 +155,10 @@ int main(int argc,char * argv[])
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
Modified: releng/10.3/usr.sbin/freebsd-update/freebsd-update.sh
==============================================================================
--- releng/10.3/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/10.3/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -1250,7 +1250,7 @@ fetch_metadata_sanity () {
# Check that the first four fields make sense.
if gunzip -c < files/$1.gz |
- grep -qvE "^[a-z]+\|[0-9a-z]+\|${P}+\|[fdL-]\|"; then
+ grep -qvE "^[a-z]+\|[0-9a-z-]+\|${P}+\|[fdL-]\|"; then
fetch_metadata_bogus ""
return 1
fi
Modified: releng/9.3/UPDATING
==============================================================================
--- releng/9.3/UPDATING Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/9.3/UPDATING Mon Jul 25 15:04:17 2016 (r303304)
@@ -11,6 +11,14 @@ handbook:
Items affecting the ports and packages system can be found in
/usr/ports/UPDATING. Please read that file before running portupgrade.
+20160725 p45 FreeBSD-SA-16:25.bspatch
+ FreeBSD-EN-16:09.freebsd-update
+
+ Fix bspatch heap overflow vulnerability. [SA-16:25]
+
+ Fix freebsd-update(8) support of FreeBSD 11.0 release
+ distribution. [EN-16:09]
+
20160604 p44 FreeBSD-SA-16:24.ntp
Fix multiple vulnerabilities of ntp.
Modified: releng/9.3/sys/conf/newvers.sh
==============================================================================
--- releng/9.3/sys/conf/newvers.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/9.3/sys/conf/newvers.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="9.3"
-BRANCH="RELEASE-p44"
+BRANCH="RELEASE-p45"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/9.3/usr.bin/bsdiff/bspatch/bspatch.c
==============================================================================
--- releng/9.3/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/9.3/usr.bin/bsdiff/bspatch/bspatch.c Mon Jul 25 15:04:17 2016 (r303304)
@@ -155,6 +155,10 @@ int main(int argc,char * argv[])
};
/* Sanity-check */
+ if ((ctrl[0] < 0) || (ctrl[1] < 0))
+ errx(1,"Corrupt patch\n");
+
+ /* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"Corrupt patch\n");
Modified: releng/9.3/usr.sbin/freebsd-update/freebsd-update.sh
==============================================================================
--- releng/9.3/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:15 2016 (r303303)
+++ releng/9.3/usr.sbin/freebsd-update/freebsd-update.sh Mon Jul 25 15:04:17 2016 (r303304)
@@ -1229,7 +1229,7 @@ fetch_metadata_sanity () {
# Check that the first four fields make sense.
if gunzip -c < files/$1.gz |
- grep -qvE "^[a-z]+\|[0-9a-z]+\|${P}+\|[fdL-]\|"; then
+ grep -qvE "^[a-z]+\|[0-9a-z-]+\|${P}+\|[fdL-]\|"; then
fetch_metadata_bogus ""
return 1
fi
More information about the svn-src-releng
mailing list