[odc] Daily src changes for 2007-08-09
ODC
auto at squish.net
Fri Aug 10 07:00:01 BST 2007
OpenBSD src changes summary for 2007-08-09
==========================================
distrib/amd64 distrib/i386
share/man sys/dev/ic
sys/dev/pcmcia sys/kern
usr.bin/calendar usr.bin/cvs
usr.bin/sudo usr.bin/systat
usr.sbin/httpd
== distrib =========================================================== 01/05 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/distrib
amd64
~ common/Makefile.inc ~ ramdisk_cd/Makefile
> do not install the cdromXX.fs file, it is useless (deraadt@)
i386
~ common/Makefile.inc ~ ramdisk_cd/Makefile
> do not install the cdromXX.fs file, it is useless (deraadt@)
== share ============================================================= 02/05 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/share
man
~ man4/man4.i386/glxsb.4
> glxsb can now be used for IPsec; from Okan Demirmen; ok tom (markus@)
== sys =============================================================== 03/05 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/sys
dev/ic
~ aic6360.c
> size_t != int: use %lu in format strings and cast variables to
> u_long.
> OK millert and kettenis. (ray@)
dev/pcmcia
~ if_malo.c ~ if_maloreg.h
> Add event handler. Events notify us about things like when a
> disassociation frame has arrived.
> Nice side effect; As we acknowledge the event reason after receiving
> a disassociation frame (which happens pretty often by wi(4) hostap) now,
> the FW issues an automatic reassociation, and we do not loose network
> connectivity anymore. (mglocker@)
~ if_malo.c ~ if_maloreg.h
> Comment. Sort some register values. (mglocker@)
~ if_malo.c
> Correctly acknowledge event interrupts. Got the wrong register value
> before. (mglocker@)
~ if_malo.c ~ if_maloreg.h
~ if_malovar.h
> o Add a mechanism to execute single commands even if are are not context
> save. Protects cmalo_cmd_set_assoc() for now.
> o In case of deauthentication or disassociation, try to reassociate.
> (mglocker@)
~ if_malo.c
> Check all FW commands in the init path. None of them shall timeout,
> otherwise we abort initialization. (mglocker@)
~ if_malo.c ~ if_malovar.h
> If an association has failed, set the device back to INIT state.
> (mglocker@)
kern
~ kern_sysctl.c
> be more consistent in memcpy usage; no md5 change in .o; ok deraadt@
> (cnst@)
== usr.bin =========================================================== 04/05 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin
calendar
~ calendars/calendar.history
> spelling fixes; from Matthew Clarke (jmc@)
cvs
~ buf.c
> Correct function name in fatal(). From Igor Zinovik. (ray@)
~ history.c
> Use '\0', not NULL, for NUL characters.
> Pointed out by Anonymous Coward on slashdot.
> OK niallo. (ray@)
sudo
~ sudoers
> - more missing variables for proper ports work
> ok millert@ (ajacoutot@)
systat
~ extern.h ~ netcmds.c
> Let realloc handle NULL. Check for integer overflow and realloc
> failure. Avoid passing negative integers to realloc by changing
> variables to size_t.
> Initial diff from Charles Longeau.
> OK millert. (ray@)
== usr.sbin ========================================================== 05/05 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin
httpd
~ src/main/http_main.c
> fix CVE-2007-3304
> The Apache HTTP server did not verify that a process was an Apache child
> process before sending it signals. A local attacker with the ability to
> run scripts on the HTTP server could manipulate the scoreboard and cause
> arbitrary processes to be terminated which could lead to a denial of
> service.
> ok miod@ (who also noticed to protect reclaim_child_processes); henning@;
> djm@ (martynas@)
===============================================================================
More information about the odc
mailing list