10.3/releng-p29.diff - freebsd-patches - Rivoreo Source Code Repositories

 Index: UPDATING
 ===================================================================
 --- UPDATING	(版本 330631)
 +++ UPDATING	(版本 331984)
 @@ -16,6 +16,19 @@
  stable/10, and then rebuild without this option. The bootstrap process from
  older version of current is a bit fragile.

 +20180404	p29	FreeBSD-SA-18:04.vt
 +			FreeBSD-SA-18:05.ipsec
 +			FreeBSD-EN-18:03.tzdata
 +			FreeBSD-EN-18:04.mem
 +
 +	Fix vt console memory disclosure. [SA-18:04.vt]
 +
 +	Fix ipsec crash or denial of service. [SA-18:05.ipsec]
 +
 +	Update timezone database information. [EN-18:03.tzdata]
 +
 +	Fix multiple small kernel memory disclosures. [EN-18:04.mem]
 +
  20180308	p28	FreeBSD-SA-18:01.ipsec [revised]

  	Fix ipsec validation and use-after-free.
 Index: sys/conf/newvers.sh
 ===================================================================
 --- sys/conf/newvers.sh	(版本 330631)
 +++ sys/conf/newvers.sh	(版本 331984)
 @@ -32,7 +32,7 @@

  TYPE="FreeBSD"
  REVISION="10.3"
 -BRANCH="RELEASE-p28"
 +BRANCH="RELEASE-p29"
  if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
  	BRANCH=${BRANCH_OVERRIDE}
  fi
 Index: sys/dev/vt/vt_font.c
 ===================================================================
 --- sys/dev/vt/vt_font.c	(版本 330631)
 +++ sys/dev/vt/vt_font.c	(版本 331984)
 @@ -42,6 +42,7 @@

  /* Some limits to prevent abnormal fonts from being loaded. */
  #define	VTFONT_MAXMAPPINGS	65536
 +#define	VTFONT_MAXGLYPHS	131072
  #define	VTFONT_MAXGLYPHSIZE	2097152
  #define	VTFONT_MAXDIMENSION	128

 @@ -171,7 +172,8 @@
  	/* Make sure the dimensions are valid. */
  	if (f->width < 1 || f->height < 1)
  		return (EINVAL);
 -	if (f->width > VTFONT_MAXDIMENSION || f->height > VTFONT_MAXDIMENSION)
 +	if (f->width > VTFONT_MAXDIMENSION || f->height > VTFONT_MAXDIMENSION ||
 +	    f->glyph_count > VTFONT_MAXGLYPHS)
  		return (E2BIG);

  	/* Not too many mappings. */
	Index: UPDATING
	===================================================================
	--- UPDATING (版本 330631)
	+++ UPDATING (版本 331984)
	@@ -16,6 +16,19 @@
	stable/10, and then rebuild without this option. The bootstrap process from
	older version of current is a bit fragile.

	+20180404 p29 FreeBSD-SA-18:04.vt
	+ FreeBSD-SA-18:05.ipsec
	+ FreeBSD-EN-18:03.tzdata
	+ FreeBSD-EN-18:04.mem
	+
	+ Fix vt console memory disclosure. [SA-18:04.vt]
	+
	+ Fix ipsec crash or denial of service. [SA-18:05.ipsec]
	+
	+ Update timezone database information. [EN-18:03.tzdata]
	+
	+ Fix multiple small kernel memory disclosures. [EN-18:04.mem]
	+
	20180308 p28 FreeBSD-SA-18:01.ipsec [revised]

	Fix ipsec validation and use-after-free.
	Index: sys/conf/newvers.sh
	===================================================================
	--- sys/conf/newvers.sh (版本 330631)
	+++ sys/conf/newvers.sh (版本 331984)
	@@ -32,7 +32,7 @@

	TYPE="FreeBSD"
	REVISION="10.3"
	-BRANCH="RELEASE-p28"
	+BRANCH="RELEASE-p29"
	if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
	BRANCH=${BRANCH_OVERRIDE}
	fi
	Index: sys/dev/vt/vt_font.c
	===================================================================
	--- sys/dev/vt/vt_font.c (版本 330631)
	+++ sys/dev/vt/vt_font.c (版本 331984)
	@@ -42,6 +42,7 @@

	/* Some limits to prevent abnormal fonts from being loaded. */
	#define VTFONT_MAXMAPPINGS 65536
	+#define VTFONT_MAXGLYPHS 131072
	#define VTFONT_MAXGLYPHSIZE 2097152
	#define VTFONT_MAXDIMENSION 128

	@@ -171,7 +172,8 @@
	/* Make sure the dimensions are valid. */
	if (f->width < 1 \|\| f->height < 1)
	return (EINVAL);
	- if (f->width > VTFONT_MAXDIMENSION \|\| f->height > VTFONT_MAXDIMENSION)
	+ if (f->width > VTFONT_MAXDIMENSION \|\| f->height > VTFONT_MAXDIMENSION \|\|
	+ f->glyph_count > VTFONT_MAXGLYPHS)
	return (E2BIG);

	/* Not too many mappings. */