login
Search
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2007-005
=================================Topic: IPv6 Type 0 Routing Header
Version: NetBSD-current: source prior to April 22, 2007
NetBSD 4.0_BETA2 affected
NetBSD 3.1: affected
NetBSD 3.0.*: affected
NetBSD 3.0: affected
NetBSD 2.1: affected
NetBSD 2.0.*: affected
NetBSD 2.0: affectedSeverity: Remote Denial of Service
Fixed: NetBSD-current: April 22, 2007
NetBSD-4 branch: April 28, 2007
(4.0 will include the fix)
NetBSD-3-1 branch April 26, 2007
(3.1.1 will include the fix)
NetBSD-3-0 branch: April 26, 2007
(3.0.3 will include the fix)
NetBSD-3 branch: April 26, 2007
NetBSD-2-1 branch: June 04, 2007
NetBSD-2-0 branch: June 04, 2007
NetBSD-2 branch: June 04, 2007Abstract
========A crafted IPv6 Type 0 Routing Header packet(s) can be used to launch a
denial of service attack on an IPv6 host.This vulnerability has been assigned CVE reference CVE-2007-2242.
Technical Details
=================A remote attacker can transmit crafted IPv6 packets using a Type 0 Routing
Header. The result is a type of denial of service attack known as a
traffic amplification attack where the bandwidth between the sending
and receiving hosts increases during the attack.Solutions and Workarounds
=========================To rectify these problems a kernel built from sources containing the
fixes must be installed and the system rebooted. The fixes introduce a
new sysctl(8) that can be used to control the processing of IPv6 type 0
packets. The new sysctl is named net.inet6.ip6.rht0 and has three possible
values:-1 Processing is disabled (default).
0 Processing is enabled only for routers and not for hosts.
1 Processing is enabled for both routers and hosts.NOTE: This sysctl was later removed from NetBSD-current on May 17 2007 and
the default was hard set to drop IPv6 type 0 packets. This sysctl may
disappear from future NetBSD...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1A NetBSD developer's summit is currently being planned for Friday, October
10th, 2008. The event is sponsored by and leads up to this year's
NYCBSDCon and will take place at Columbia University on the island of
Manhattan in New York City, NY, USA.While the program for this full-day event is not yet finalized, it will be
open to the public and may include formal presentations as well as
informal discussions of both technical and administrative nature. A
public hackathon is anticipated to run in parallel throughout the weekend.The common social activities such as PGP signing and consumation of
refreshing beverages or communal ingestion of nutrition are likely to
follow.If you have any suggestions, would like to offer your help, plan on
attending or have any other comments, please contact
<jschauma@netbsd.org>.-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)iD8DBQFIeQihfFtkr68iakwRAi3vAJoCU/DyO0hzkpN19ftfnn6NAJYSjwCdEhca
21woVpx1kl5InYjG3el1leI=
=e8Ac
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2008-001
=================================Topic: file(1) Integer overflow
Version: NetBSD-current: affected
NetBSD 4.0: not affected
NetBSD 3.1.1: not affected
NetBSD 3.1 affected
NetBSD 3.0: affected
NetBSD 3.0.3: not affected
NetBSD 3.0.2: affected
NetBSD 3.0.1: affected
NetBSD 3.0: affected
NetBSD 2.1 affected
NetBSD 2.0.* affectedSeverity: Local code execution
Fixed: NetBSD-current: June 7, 2007
NetBSD-3-1 branch: June 24, 2007
NetBSD-3-0 branch: June 24, 2007
NetBSD-3 branch: June 24, 2007
(3.2 will include the fix)
pkgsrc: file-4.2.1 corrects the issueAbstract
========An integer underflow was initially fixed in file 4.20 and soon after, a
new integer overflow was identified in the original fix. To address the
latest issue file 4.21 was release. Either of these issues could result
in local code execution if using file(1) on a maliciously crafted file.This vulnerability has been assigned CVE reference CVE-2007-1536 for the
initial issue and CVE-2007-2799 for the issue in the initial fix.Technical Details
=================An integer underflow was found in file_printf() which can lead to an
exploitable heap overflow. The initial fix for this issue was found
to introduce an integer overflow which could again lead to code execution.
An updated patch was released as a part of file(1) 4.21.Solutions and Workarounds
=========================It is recommended that NetBSD users of vulnerable versions update
their binaries.The following instructions describe how to upgrade your file(1)
binaries by updating your source tree and rebuilding and
installing a new version of file(1).* NetBSD-current:
Systems running NetBSD-current dated from before 2007-06-07
should be upgraded to NetBSD-current dated 2007-06-08 or later.The following files/directories need to be updated from the
netbsd-curren...
The NetBSD project has decided to host "regional" mailing lists for
the purpose of discussions which are relevant to a specific region
rather than being interesting to the entire user community.The following regional lists have been created so far:
regional-au Australia
regional-cz Czechoslovakia
regional-nyc New York CityThe mailing lists are accessible through the majordomo mailing list
software on netbsd.org. See http://www.netbsd.org/MailingLists/ for
more information on the NetBSD mailing lists.(Requests for new regional mailing lists should be sent to
communication-exec@netbsd.org, preferably by a NetBSD developer
willing to sponsor the list by being the mailing-list owner)--
Luke Mewburn <lukem@netbsd.org>, on behalf of the The NetBSD Foundation
Executive Committee for Communications <communication-exec@netbsd.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1For the fifth consecutive year, the NetBSD Project is proud to
participate in Google's Summer of Code program[1] as a mentoring
organization and we're pleased to announce the list of projects[2] that
have been accepted for this summer. This year's selected students
include a number of NetBSD developers, returning SoC alumni and a few
freshmen. We're very excited to have projects ranging from the areas of
filesystems over install automation to userland tools and we expect the
entire NetBSD community to benefit tremendously.In the coming weeks, you will see our students engage the NetBSD
community for support with their projects; please give them a warm
welcome and help our developers, students and mentors lead all these
projects to success![1] http://code.google.com/soc/
[2] http://www.NetBSD.org/foundation/press/soc2009.html-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)iD8DBQFJ7TLYfFtkr68iakwRAoS/AJwJFAKjFYK1eB6Fw7dMlN+0Ei1NpQCg9vb+
Jaowkpoc3Lig2x7+MxM7ZQc=
=ghvZ
-----END PGP SIGNATURE-----
Hello,
A new mailing list has been created to further support the NetBSD
community in Portugal; the name of the list is "regional-pt".
To subscribe send mail to majordomo@NetBSD.org.
See http://www.netbsd.org/MailingLists for more information.Enjoy,
christos
The NetBSD Project celebrates its 15th anniversary!
The Internet, March 20 -- This week marks the fifteenth anniversary of
the beginning of development of the NetBSD Operating System, one of
the oldest actively maintained, freely-available operating systems.
NetBSD runs on everything from embedded systems to desktop
workstations, from handhelds to big-iron servers, and is developed by
the NetBSD Project - http://www.NetBSD.org/ - one of the first Open
Source projects.The first commits were made to the NetBSD source code repository on
March 21, 1993, and the first release of the NetBSD Operating System,
NetBSD 0.8, was announced on USENET shortly thereafter. Throughout
the past fifteen years, NetBSD has increased the portability and security
of the 4.4BSD operating system on which NetBSD was based, and added
support for new processor and system families, while enhancing the
system's performance to such an extent that NetBSD has become known as
the most portable operating system in the world. Innovations in the
storage, networking and virtualization arena have been added, and much
work has been done recently on performance, especially with multi-core
and multi-threaded machines in mind.NetBSD 4.0, the latest release, includes support for most major
current processor architectures, including x86, x86_64, SPARC,
ARM, M68K, MIPS, PowerPC, and SH, as well as several legacy processor
architectures. It supports 13 different system architectures.The next major release, NetBSD 5.0, will continue the tradition of the
last fifteen years by providing additional features and hardware
support while maintaining the stability and performance that users
have come to expect from NetBSD. NetBSD 5.0 will include a rewritten
threading implementation based on a 1:1 threading model, support for
different scheduler implementations, and support for dom0 ("host") and
domU ("guest") domains for both Xen2 and Xen3 virtualization, as well
as PAE domU support, a new power management framework, iS...
We are pleased to announce that the following people have joined the
NetBSD project as new developer:* Peter Postma (login: peter), who will be working on pf and the NetBSD Packages Collection.
Welcome to the NetBSD team.
-----BEGIN PGP SIGNED MESSAGE-----
NetBSD Security Advisory 2004-010
=================================Topic: Insufficient argument validation in compat code
Version: NetBSD-current: source prior to Oct 27, 2004
NetBSD 2.0: not affected
NetBSD 1.6.2: affected
NetBSD 1.6.1: affected
NetBSD 1.6: affected
NetBSD 1.5.3: affected
NetBSD 1.5.2: affected
NetBSD 1.5.1: affected
NetBSD 1.5: affectedSeverity: Local Denial of Service
possible Local Privilege EscalationFixed: NetBSD-current: Oct 28, 2004
NetBSD-2.0 branch: Nov 13, 2004 (2.0 includes the fix)
NetBSD-1.6 branch: Dec 17, 2004 (1.6.3 will include the fix)Abstract
========Kernel syscall implementations must perform appropriate sanity checks on
data passed from userland. The native system calls perform appropriate
checks.Some of the functions in /usr/src/sys/compat/* which implement execution
of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and
ULTRIX) used argument data in unsafe ways prior to calling the kernel
syscall.This issue was reported by Evgeny Demidov.
Technical Details
=================The compat subsystem, in /usr/src/sys/compat/*, allows NetBSD users to
run binaries compiled for other operating systems which run on the same
CPU architecture as the NetBSD host.Typically, the foreign OS supports a set of system calls which are very
similar to NetBSD's. Native instructions do not need to be translated,
but calls to the operating system do.A binary's native OS is determined at exec() time. The kernel maps the
syscall table for the native OS so that each syscall is delivered to a
foreign OS -> NetBSD translation function, if needed.These translation functions reorder arguments, reformat them, perform
mapping of constants (such as signal(3) IDs) and call the appropriate
native NetBSD system call to service the application's needs.Some of the translation functions performed unsafe operations using the
syscall argu...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2008-011
=================================Topic: ICMPv6 MLD query
Version: NetBSD-current: affected
NetBSD 4.0: affected
NetBSD 3.1.*: not affected
NetBSD 3.1: not affected
NetBSD 3.0.*: not affected
NetBSD 3.0: not affectedSeverity: Denial of service
Fixed: NetBSD-current: August 22, 2008
NetBSD-4-0 branch: August 23, 2008
(4.0.1 will include the fix)
NetBSD-4 branch: August 23, 2008
(4.1 will include the fix)Abstract
========A malformed ICMPv6 MLD (RFC 2710) query directed at a NetBSD host can
result in a denial of service (system panic).This vulnerability has been assigned CVE-2008-2464.
Technical Details
=================An error occurs when processing an MLD packet with certain values
in the Maximum Response Delay field.Solutions and Workarounds
=========================Only kernels compiled with the following option are vulnerable to this issue:
options INET6
As a temporary workaround recompile the kernel with the above option
commented out. The default NetBSD GENERIC kernels have this
option enabled.For all NetBSD versions, you need to obtain fixed kernel sources,
rebuild and install the new kernel, and reboot the system.The fixed source may be obtained from the NetBSD CVS repository.
The following instructions briefly summarise how to upgrade your
kernel. In these instructions, replace:ARCH with your architecture (from uname -m), and
KERNCONF with the name of your kernel configuration file.To update from CVS, re-build, and re-install the kernel:
# cd src
# cvs update -d -P sys/netinet6/mld6.c
# ./build.sh kernel=KERNCONF
# mv /netbsd /netbsd.old
# cp sys/arch/ARCH/compile/obj/KERNCONF/netbsd /netbsd
# shutdown -r nowFor more information on how to do this, se...
cvsweb.NetBSD.org (pigu.iri.co.jp) will be down at times in this week
for software maintenance.You are welcome to use one of the following mirrors during the outage:
http://cvsweb2.jp.netbsd.org/
http://cvsweb.lt.netbsd.org/
http://cvsweb.no.netbsd.org/
http://cvsweb.se.netbsd.org/This also affects the Japanese mailing lists (@jp.NetBSD.org) and the
following Japanese mirror services* cvsup.jp.NetBSD.org
* cvsweb.jp.NetBSD.org
* www.jp.NetBSD.orgSorry for the inconvenience.
--
soda
* Announcing NetBSD and the Google "Summer of Code" Projects
When Google announced the ``Summer of Code'', its program designed to
introduce students to the world of open source software development,
the NetBSD Project immediately understood the value of this project
and entered as a mentoring organization. Over a period of two weeks,
students researched the list of possible projects and discussed their
proposals on the public mailing lists and in private with developers
and other users alike. After evaluating over 100 distinct
applications, the NetBSD Foundation is now pleased to announce the
list of projects that have been chosen:1. Project: Efficient memory file-system
Student: Julio M. Merino Vidal
Mentor: Luke Mewburn
Mentor: Bill Studenmund2. Project: Wide Character Support for Curses
Student: Ruibiao Qiu
Mentor: Julian Coleman
Mentor: Brett Lymn3. Project: BSD licenses privacy guard (pgp)
Student: Manuel Freire
Mentor: Alistair Crooks
Mentor: Curt Sampson4. Project: Zeroconfd
Student: Silvio Valenti
Mentor: Christos Zoulas
Mentor: David Young
Mentor: Jason R. Thorpe
Mentor: Ignatios Souvatzis5. Project: Regression testing
Student: Chetan S Patil
Mentor: Martin Husemann6. Project: Userspace file system hooks
Student: Antti Kantee
Mentor: Bill Studenmund7. Project: NDIS network driver
Student: Alan Ritter
Mentor: Phil Nelson8. Project: HFS+
Student: Yevgeny Binder
Mentor: Bill Studenmund``We are very excited to be taking part in the Summer of Code'', says
Jan Schaumann, the NetBSD Foundation's main point of contact for this
project. ``The quality of the selected proposals was very impressive
and we are looking forward to guiding the students to fulfill the high
expectations implied by NetBSD's mentorship so that we can hopefully
integrate the results into our code base at the end of the summer.``As yo...
At or around 02:45:00 UTC today, ftp.netbsd.org will be unavailable for
a brief interval expected to be less than two hours, for a CPU and memory
upgrade. This is the first step of a major round of upgrades planned for
the NetBSD Foundation servers, and should provide better performance and
more reliable service for our users.Apologies for the short notice. We hope the outage will actually be so
short it will be invisible to most of the users of ftp.netbsd.org.Thor
Thanks to the generous response of the NetBSD community, the NetBSD
Foundation is pleased to announce a hardware infrastructure upgrade.
Responding to a special request issued a month ago in this mailing
list and widely disseminated, almost 300 contributors donated
approximately $27,000 to help modernize and improve our service
machines.We used your donations to purchase five new machines; three of
those machines will be added to our nightly build infrastructure
and two of those machines will become anonymous cvs servers.These machines cost the foundation approximately $18,000 and have
the following specifications:Anonymous CVS servers (two machines)
2 CPU [2 cpu Opteron 244 (1.8GHz)]
8 GB Memory (8 x 1GB PC3200 DDR 400MHz ECC memory)
150 GB Disk (4 SATA 36.7GB 10K RPM drives)Build Servers (three machines)
4 CPU [2 cpu (dual core) Opteron 265 (1.8GHz)]
4 GB Memory (4 x 1GB PC3200 DDR 400MHz ECC memory)
210 GB Disk (3 SATA 74GB 10K RPM 8MB Raptor drives)The two anonymous CVS servers will quadruple the capacity of the
current service and improve its reliability. The three new build
servers will allow us to build the two supported release tags and
the head continuously, providing binaries for all architectures
every two days, while also greatly expanding our ability to provide
popular binary packages.As an all-volunteer effort, the NetBSD Foundation has no paid staff
and no administrative overhead. All donations are used strictly
in support of the project. The remaining funds will be used towards
more hardware purchases as needed and to pay tax preparation fees.
(If you know an accountant who would would like to help the project
by assisting us next year with our tax filing, please let us know.)We would like to express our gratitude to everyone who donated,
and to those who spread the word on our behalf. Each contributor
has received a contribution receipt and the option to be listed in
our donors page. If you have contributed and did not get a receip...
[For the full list of changes, please refer to the tech-pkg mailing
list - agc]Changes to the Packages Collection in September 2005
====================================================By my calculations, at the end of September 2005, there were 5558
packages in the Packages Collection, up from 5541 the previous month,
a rise of 17.One reason that were weren't many packages added was that, in
September, we froze the pkgsrc tree for new additions, so that we
could concentrate on getting the pkgsrc-2005Q3 branched and released.Notable additions include: audio/moc, benchmarks/nbench,
benchmarks/pipebench, benchmarks/ubench, databases/php-sqlite,
devel/acr, devel/p5-Date-Simple, devel/picprg, fonts/dejavu-ttf,
net/scamper, security/bcrypt, sysutils/mesure, textproc/php-pspell,
wm/cwm, wm/mlvwm, www/lighttpd, x11/ede, x11/efltk and x11/gtk2+extra.Notable updates include: archivers/gtar-info, archivers/p7zip,
archivers/pbzip2, archivers/unrar, audio/amarok, audio/cdplayer,
audio/ifp-line, audio/libsndfile, audio/libvisual-plugins,
audio/SDL-arts, audio/SDL-esound, audio/SDL-nas, audio/xhippo,
audio/xmms-bump-scope, benchmarks/dbench, chat/centericq,
chat/gaim-encryption, chat/gale, chat/gg2, chat/gtmess,
chat/loudmouth, chat/ninja, chat/ser, chat/xaric, chat/xchat,
comms/asterisk, comms/efax-gtk, comms/gscmxx, comms/jpilot,
comms/kyopon, comms/minicom, comms/scmxx, converters/bib2xml,
converters/libiconv, databases/gourmet, databases/gramps2,
databases/krecipes, databases/luma, databases/mysql-client,
databases/mysql-server, databases/mysql4-client,
databases/mysql4-server, databases/phpldapadmin, databases/phppgadmin,
databases/postgresql80-plperl, databases/py-postgresql,
databases/ruby-activerecord, databases/ruby-mysql, databases/sqlite3,
databases/sqlite3-tcl, devel/allegro, devel/apache-ant, devel/apr,
devel/bison, devel/bmake, devel/chmlib, devel/cpuflags, devel/cvsync,
devel/elfsh, devel/gcvs, devel/gnustep-base, devel/gnustep-make,
devel/gob2, devel/libidn, deve...
On behalf of the NetBSD Release Engineering team, I am proud to announce
that the first release candidate of NetBSD 5.0 is now available for
download.Those of you who have been paying close attention will have noticed that
RC1 was tagged on Sunday. A few hiccups delayed the availability of
binaries, but they can now be downloaded fromftp://ftp.NetBSD.org/pub/NetBSD-daily/netbsd-5-0-RC1/
Those of you who prefer to build from source can continue to follow the
netbsd-5 branch, but the netbsd-5-0-RC1 tag is available as well.A second release candidate is expected to surface between at an
undetermined time between now and the 8th of February. Please help us
test this and any upcoming release candidates as much as possible.
Remember, any feedback is good feedback.Enjoy,
Soren
I interviewed Manuel Boyuer on his work integrating the Xen virtual
machine monitor to NetBSD. The interview gives an overview of why Xen is
so good, how it can be used in the administrator point of view, and what
kind of work Manuel had to do in order to have it running on NetBSD.Read it at http://ezine.daemonnews.org/200602/xen.html
--=20
Emmanuel Dreyfus
Un bouquin en fran=E7ais sur BSD:
http://www.eyrolles.com/Informatique/Livre/9782212114638/livre-bsd.php
manu@netbsd.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2006-004
=================================Topic: Denial of services issues with pf
Version: NetBSD-current: source prior to January 25, 2006
NetBSD 3.0: affected
NetBSD 2.1: not affected
NetBSD 2.0.*: not affected
NetBSD 2.0: not affected
NetBSD 1.6.*: not affected
NetBSD 1.6: not affectedSeverity: Denial of service
Fixed: NetBSD-current: January 25, 2006
NetBSD-3-0 branch: January 28, 2006
(3.0.1 will include the fix)
NetBSD-3 branch: January 28, 2006Abstract
========There is a logical bug in pf's scrub fragment cache, which in certain
configurations may lead to a remotely exploitable denial of service
attack.This vulnerability has been assigned CVE reference CVE-2006-0381.
Technical Details
=================When 'scrub fragment crop/drop-ovl' is used, certain combinations of fragments
cause double insertion into the fragment cache, which violates an
invariant, and subsequently triggers a kernel panic through KASSERT().pf is not enabled by default on NetBSD.
Solutions and Workarounds
=========================Do not use 'scrub fragment drop-ovl' or 'scrub fragment crop' rules on NetBSD
systems where pf has been enabled.For all NetBSD versions, if you are using pf, you need to obtain
fixed kernel sources, rebuild and install the new kernel, and reboot
the system.The fixed source may be obtained from the NetBSD CVS repository.
The following instructions briefly summarize how to upgrade your
kernel. In these instructions, replace:ARCH with your architecture (from uname -m), and
KERNCONF with the name of your kernel configuration file.To update from CVS, re-build, and re-install the kernel:
# cd src
# cvs update -d -P src/sys/dist/pf/net/pf_norm.c
# ./build.sh kernel=KERNCONF
# mv /netbsd /netbsd.old
# cp sys/arch/ARCH/compile/obj/KERNCONF/netbsd /netbsd
# shutdown -r nowFor more information ...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2006-012
=================================Topic: SIOCGIFALIAS ioctl may cause system crash
Version: NetBSD-current: source prior to September 28, 2005
NetBSD 3.0: affected
NetBSD 2.1: affected
NetBSD 2.0.*: affected
NetBSD 2.0: affected
NetBSD 1.6.*: affected
NetBSD 1.6: affectedSeverity: Any local user can crash the system
Fixed: NetBSD-current: September 28, 2005
NetBSD-3-0 branch: April 02, 2006
(3.0.1 will include the fix)
NetBSD-3 branch: April 02, 2006
NetBSD-2-1 branch: April 02, 2006
(2.1.1 will include the fix)
NetBSD-2-0 branch: April 02, 2006
(2.0.4 will include the fix)
NetBSD-2 branch: April 02, 2006
NetBSD-1-6 branch: April 02, 2006Abstract
========A system crash can occur if a user attempts to gather information on a
non-existent alias of a network interface via the SIOCGIFALIAS ioctl.Technical Details
=================A NULL dereference occurs in the kernel when the alias in question
was not located, rather than returning an error. A socket on the
local machine is required.Solutions and Workarounds
=========================For all NetBSD versions, you need to obtain fixed kernel sources,
rebuild and install the new kernel, and reboot the system.The fixed source may be obtained from the NetBSD CVS repository.
The following instructions briefly summarise how to upgrade your
kernel. In these instructions, replace:ARCH with your architecture (from uname -m), and
KERNCONF with the name of your kernel configuration file.To update from CVS, re-build, and re-install the kernel:
# cd src
# cvs update -d -P sys/netinet/in.c
# ./build.sh kernel=KERNCONF
# mv /netbsd /netbsd.old
# cp sys/arch/ARCH/compile/obj/KERNCONF/netbsd /netbsd
# shutdown -r nowFor more information on how to do this, see:
NetBSD/vax switched to using ELF as its object file format this
past weekend. For general information about why NetBSD is
switching to ELF, please read:http://www.netbsd.org/Documentation/elf.html
An ELF snapshot (which at the moment doesn't include the X sets) is
available in:ftp://ftp.netbsd.org/pub/NetBSD/arch/vax/snapshot/20020331-1.5ZC-ELF/
The upgrade instructions to ELF for mac68k can be used for VAX as
well (for the most part) though it is highly recommended you let
sysinst do the hard work:ftp://ftp.netbsd.org/pub/NetBSD/arch/mac68k/elf-upgrade/README.ELF-UPGRADE
NetBSD/vax 1.5.2 and later bootblocks support loading an ELF
version of /boot. /boot can load either a.out or ELF kernels.Now that NetBSD/vax is ELF, a number of issues/problems have been
addressed:1) By default, all objects are PIC. Indeed, static and shared libraries
are generated from the same objects so builds take less time. The
linker is responsible for doing the magic to make dynamic references.
A side effect of being PIC, an ELF object have a smaller code size
than its corresponding a.out object.2) Since this is a new ABI, the size of a jmp_buf could be extended so
that all callee-saved registers are saved in setjmp/_setjmp/sigsetjmp
so that GNU pth works.3) RRS text relocation warnings that a.out linker emitted are a thing
of the past.4) NetBSD/vax snapshots (modulo X) can be entirely cross-built (hopefully
on a fast machine) without needing to be root. The process is entirely
unprivileged. An example of the commands (with a 600MB MFS mounted
on /tmp) needed to do this are:cd <top-of-source-tree>
mkdir -p /tmp/vax/obj /tmp/vax/tools
sh build.sh -m vax -U -r -T /tmp/vax/tools -D /tmp/vax/root \
-R /tmp/vax/release -O /tmp/vax/obj5) Support for making installable ISO images has been added. After the
above commands do:
cd etc
/tmp/vax/too...
-----BEGIN PGP SIGNED MESSAGE-----
NetBSD Security Advisory 2002-006
=================================Topic: buffer overrun in libc DNS resolver
Version: NetBSD-current: source prior to June 26, 2002
NetBSD-1.6 beta:source prior to June 26, 2002
NetBSD-1.5.2: affected
NetBSD-1.5.1: affected
NetBSD-1.5: affected
NetBSD-1.4.*: affected
All prior NetBSD releases.
pkgsrc: net/bind4, bind-4.9.8 and before affected
net/bind[89] may be vulnerable
emulators/compat1[234]
(there could be more)Severity: remote buffer overrun on any application that uses DNS,
possible remote root exploit (not confirmed)Fixed: NetBSD-current: June 26, 2002
NetBSD-1.6 branch: June 26, 2002 (1.6 will include the fix)
NetBSD-1.5 branch: June 26, 2002 (1.5.3 will include the fix)
NetBSD-1.4 branch: June 26, 2002 (1.4.4 will include the fix)
pkgsrc: net/bind4, bind-4.9.8nb1Abstract
========There was a buffer-length computation bug in BIND-based DNS resolver
code. A malicious DNS response packet may be able to overwrite data
outside the buffer, and it could lead to attacks as serious as a remote
root exploit, though there are no public exploits in circulation at this
time.NetBSD uses BIND4-based DNS resolver code in libc, and is found to be
vulnerable. As there is no version number identification in the pine.nl
advisory, it is uncertain if BIND8/9 resolver code (used in named related
tools like /usr/bin/dig) is totally safe either.Technical Details
=================In lib/libc/net/gethnamaddr.c:getanswer() and
lib/libc/net/getnetnamadr.c:getnetanswer(), two variables manage
packet buffer parsing - a pointer to the byte we are looking at, and
the remaining length on the buffer.The remaining length was not updated consistently, and malicious DNS
responses are able to write outside the buffer. This may present an
attacker with the opportunity to insert arbitrary code for execution as
the user running the resolver query, p...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2006-017
=================================Topic: Sendmail malformed multipart MIME messages
Version: NetBSD-current: source prior to May 30, 2006
NetBSD 3.0: affected
NetBSD 2.1: affected
NetBSD 2.0.*: affected
NetBSD 2.0: affected
pkgsrc: sendmail-8.13.6nb2 and earlier
sendmail-8.12.11nb2 and earlierSeverity: Denial of service
Fixed: NetBSD-current: May 30, 2006
NetBSD-3-0 branch: June 14, 2006
(3.0.1 will include the fix)
NetBSD-3 branch: June 14, 2006
NetBSD-2-1 branch: June 14, 2006
(2.1.1 will include the fix)
NetBSD-2-0 branch: June 14, 2006
(2.0.4 will include the fix)
NetBSD-2 branch: June 14, 2006
pkgsrc: sendmail-8.13.6nb3 corrects this issue
sendmail-8.12.11nb3 corrects this issueAbstract
========Sendmail is vulnerable to a denial of service condition in the handling of
malformed multipart MIME messages. This may allow a remote attacker
to launch a denial of service attack against the sendmail host.This vulnerability has been assigned CVE reference CVE-2006-1173.
Technical Details
=================A denial of service condition is triggered when sendmail processes a
malformed multipart MIME message. The message can cause the sendmail
process to exhaust its available per-process stack space and abort.
The sendmail server process is not impacted by the abnormal
termination of the child process handling the malformed mail, and will
continue to function. As such your MTA will continue processing mail.However, an attacker can still cause a number of issues by repeatedly
triggering this vulnerability:- By sending multiple malformed MIME messages an attacker may be
able to consume disk space with core dump files.
- Any malformed MIME messages will remain in the sendmail queue and
cause queue runs to abort. This may impact the delivery of other
messages in the queue.Sol...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1NetBSD Security Advisory 2006-019
=================================Topic: Malicious PPP options can overrun a kernel buffer
Version: NetBSD-current: source prior to August 23, 2006
NetBSD 4.0_BETA affected
NetBSD 3.1_RC1: affected
NetBSD 3.0.* affected
NetBSD 3.0: affected
NetBSD 2.1: affected
NetBSD 2.0.* affected
NetBSD 2.0: affectedSeverity: Remote denial-of-service
Potentially exploitable for further impact (unconfirmed)Fixed: NetBSD-current: August 23, 2006
NetBSD-4 branch: August 23, 2006
(4.0 will include the fix)
NetBSD-3-0 branch: August 23, 2006
(3.0.2 will include the fix)
NetBSD-3 branch: August 23, 2006
(3.1 will include the fix)
NetBSD-2-1 branch: August 23, 2006
(2.1.1 will include the fix)
NetBSD-2-0 branch: August 23, 2006
(2.0.4 will include the fix)
NetBSD-2 branch: August 23, 2006Abstract
========A problem has been identified in the in-kernel PPP code shared by ISDN PPP
interfaces ippp(4) and pppoe(4). Insufficient checking of options presented
by the peer may cause writing of copies of the malicious input beyond the
end of a buffer allocated for that purpose.This could cause kernel memory corruption. It is currently unclear if this
issue could be exploited any further than denial of service. There are
currently no known exploits for this issue.This vulnerability has been assigned CVE reference CVE-2006-4304.
Technical Details
=================The critical code deals with parsing and acknowledging or rejecting PPP
options at various levels, including LCP (line control protocol) options
prior to authentication. These options are variable length, starting with
an option identifier (1 byte), followed by a length (1 byte) and the
content - depending on the option either fixed size or variable length.
All options are packed together into a packet with an overall length.
The option parser did not make sure an indi...
Due to the recent move of the mailinglists archives to a different
physical server, the NetBSD Mailinglists Archives are currently not
being updated. All postings since around 2002-12-23 will eventually be
added to the archives; in the mean time, you can browse the lists
through a news frontend at http://news.netbsd.org.The NetBSD Project is aware that our Mailinglist Archives are one of the
main sources of information and support for our users, and we apologize
for the inconvenience.--
http://www.netbsd.org -
Multiarchitecture OS, no hype required.
| Greg KH | [GIT PATCH] driver core patches against 2.6.24 |
| Tarkan Erimer | Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 |
| Bart Van Assche | Integration of SCST in the mainstream Linux kernel |
| Jeff Garzik | Re: fallocate-implementation-on-i86-x86_64-and-powerpc.patch |
git: | |
| David Miller | Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock(). |
| Arjan van de Ven | Re: [GIT]: Networking |
| Gerrit Renker | [PATCH 15/37] dccp: Set per-connection CCIDs via socket options |
| Natalie Protasevich | [BUG] New Kernel Bugs |
