Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.Hawaii.Edu!news.caldera.com!enews.sgi.com!news.corp.sgi.com!news.sgi.com!news-west.sprintlink.net!news-peer.sprintlink.net!news.sprintlink.net!sprint!uunet!in3.uu.net!198.133.164.1!omega.metrics.com!omega.metrics.com!not-for-mail
From: polk@BSDI.COM (Jeff Polk)
Newsgroups: comp.unix.bsd.bsdi.announce
Subject: BSDI: New official patches for BSD/OS 3.0 (SECURITY, OTHERS)
Followup-To: comp.unix.bsd.bsdi.misc
Date: 23 Apr 1997 06:24:36 -0400
Organization: Software Metrics Inc.
Lines: 188
Sender: tomh@omega.metrics.com
Approved: tomh@metrics.com
Message-ID: <5jko14$avo@omega.metrics.com>
NNTP-Posting-Host: omega.metrics.com
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.bsdi.announce:40
The first official mods for BSD/OS 3.0 are now available via anonymous
ftp from ftp.bsdi.com://ftp.bsdi.com/bsdi/patches/patches-3.0
or via the <patches@BSDI.COM> email server.
The README file entries for the mods are included below. The new mod
format may include sub-mods (the sub-mod names are shown following the
mod name in square brackets). The mods are no longer /bin/sh scripts,
but are instead perl5 scripts. You run them with commands like:
# perl5 U300-001
to show the description of the mod or with:
# perl5 U300-001 apply
to apply the mod. In general, the new format also supports
the ability to back-out a mod with a command like:
# perl5 U300-001 undo
and the command:
# perl5 U300-001 commit
will remove the backup files and ``commit'' the mod permanently
(after which you may no longer ``undo'' it).
Please contact BSDI support at support@BSDI.COM if you have problems
with these mods.
BSDI always appreciates being advised of security problems. Please
send reports of suspected security problems to bsdi-security@BSDI.COM.
Jeff
--
/\ Jeff Polk Berkeley Software Design, Inc. (BSDI)
/\/ \ polk@BSDI.COM 5575 Tech Center Dr. #110, Colo Spgs, CO 80919
===========================================================================
K300-001 [ KERNEL-K300-001 BK300-001 SK300-001 ]
Fix a potential crash for SCSI operations transferring no
data; the only known way to trigger this bug is with the
sound programs such as cdctl.
----------
Add delay before power-down when using halt -h, as some
laptop disks appear to acknowledge data as being written
when it is still in an on-disk cache and not yet really
written out to the disk.
----------
Fix problems that can allow a program that ran set-user-ID
from making possibly-sensitive data visible via ptrace.
----------
Fix an obscure bug with multiple non-blocking opens while
a process is blocked awaiting carrier that was exercised
by the new gettystat program. The symptom is that modems
would answer, but no login banner or login prompt would
appear.
----------
Make file generation numbers harder to guess, making it
somewhat harder for unauthorized hosts to gain access via
NFS.
----------
Fix a crash on NFS servers.
----------
These changes remove misleading kernel error messages,
"icmp_newmtu: rtcalloc() returned non-host route?", and
"rtinit: fixed ifa (%x was %x)", which can happen in normal
operation.
----------
Fix problem that prevented header PPP compression from being
enabled; fix problem with header compression while tcpdump
was in use.
Properly handle 'poison' PPP packets.
----------
When IP forwarding was not explicitly enabled (generally
with "options GATEWAY"), forwarding of source-routed packets
was incorrectly defaulting to be enabled.
----------
Fix problem that could cause system hang if VM "regions"
are not a multiple of the page size.
----------
Fix a problem in cache consistency with mapped files when
a file is written with the IO_APPEND flag.
----------
Add a missing binary for the ICS 1890 PHY chip used on some Zynx
Ethernet cards.
----------
Fixes to umap filesystem:
problems copying group maps into kernel
panic when running on top of cd9660 filesystem
----------
Work around bug in 3C619C ASIC (caused hung output condition)
Insure that we never use all transmit descriptors (this would also
cause an output hang)
----------
Fix typo that caused multicast filter to be programmed incorrectly
under some circumstances.
----------
Add COMPAT_SOCKADDR option that recognizes malformed sockaddr
structures (typically generated by perl programs). Make this option
default to on (the change to GENERIC and OBJ are made in a patch above)
----------
Work around SCSI devices with broken disconnect function.
This allows operation with targets that do not do a "save
data pointers" prior to disconnect (as required by the SCSI
standard). The typical symptom exhibited by targets with
this problem will be short or zero length writes. Setting
this bit could cause some targets to corrupt data, particularly
during error recovery.
----------
Support 80Mhz internal clock speed on NCR SCSI controllers
----------
Prevent deadlock when garbage collection occurs on kernel memory map.
----------
Fix compilation error with COMPAT_SEMAPHORE turned off
----------
Install new GENERIC kernel with all these fixes if confirmed
by the user (it will not be installed if patch is installed with
-n (noask) set).
----------
The following operations are available:
perl5 K300-001 - Print mod description
perl5 K300-001 unpack - Unpack (but do not apply) mod
perl5 K300-001 apply [submod] - Unpack and apply mod
md5 checksum: 0e581aa9416bde012f9d0fe39c155051 K300-001
===========================================================================
U300-001 [ BU300-001 SU300-001 BU300-000 ]
Add a hostid(1) program.
Fix accounting bug in ac(8).
New aic(4), ncr(4) man pages.
Clean up amd(8) mount maps.
New versions of libdialer, gettyd, ppp.
New version of elm.
Put config_www back into the release.
New version of rlogind.
Uuxqt fix.
New version of innd.
New version of the termcap library.
New version of pagesize.
New version of imapd.
New version of Lynx.
New version of MaxIM.
New version of the C library.
Updated Perl files.
New version of sysctl.
New modlog command to show mod status.
The following operations are available:
perl5 U300-001 - Print mod description
perl5 U300-001 unpack - Unpack (but do not apply) mod
perl5 U300-001 apply [submod] - Unpack and apply mod
md5 checksum: 2a6be8fea749bd4f647094f1faa29665 U300-001
===========================================================================
D300-001 [ ]
Prerequisites: BU300-001
Domestic version of BU300-001 rlogind.
The following operations are available:
perl5 D300-001 - Print mod description
perl5 D300-001 unpack - Unpack (but do not apply) mod
perl5 D300-001 apply [submod] - Unpack and apply mod
md5 checksum: 846d74e5ff61cae441a99cde1658c437 D300-001
===========================================================================
U300-002 [ ]
Update to Xaccel Release 3.1 from XI Graphics.
The following operations are available:
perl5 U300-002 - Print mod description
perl5 U300-002 unpack - Unpack (but do not apply) mod
perl5 U300-002 apply [submod] - Unpack and apply mod
md5 checksum: 2dd9e634081f371cb8004e306c80c61f U300-002
===========================================================================
--
[ /tom haapanen -- tomh@metrics.com -- software metrics inc -- waterloo, ont ]
[ "i live in the fear of not being misunderstood" -- oscar wilde ]