NetBSD/src JuKjXJldoc CHANGES-9.5

   Tickets #2024 - #2026
VersionDeltaFile
1.1.2.107+23-1doc/CHANGES-9.5
+23-11 files

NetBSD/src aKjP4UAdoc CHANGES-10.2

   Tickets #1294 - #1296
VersionDeltaFile
1.1.2.105+23-1doc/CHANGES-10.2
+23-11 files

NetBSD/src e9onyGqdoc CHANGES-11.0

   Tickets #350 - #352
VersionDeltaFile
1.1.2.111+23-1doc/CHANGES-11.0
+23-11 files

NetBSD/src KMxlzYXsys/dev mm.c

   Pull up following revision(s) (requested by riastradh in ticket #2026):

        sys/dev/mm.c: revision 1.26

   mm(4): Only grant kva exposure if user opens /dev/kmem.

   Don't apply the same to /dev/null, /dev/zero, or anything else.
   PR kern/60374: opening /dev/null exposes kva
VersionDeltaFile
1.24.4.1+6-3sys/dev/mm.c
+6-31 files

NetBSD/src FH9KAhEsys/dev mm.c

   Pull up following revision(s) (requested by riastradh in ticket #1296):

        sys/dev/mm.c: revision 1.26

   mm(4): Only grant kva exposure if user opens /dev/kmem.

   Don't apply the same to /dev/null, /dev/zero, or anything else.
   PR kern/60374: opening /dev/null exposes kva
VersionDeltaFile
1.24.30.1+6-3sys/dev/mm.c
+6-31 files

NetBSD/src YRls6E4sys/dev mm.c

   Pull up following revision(s) (requested by riastradh in ticket #352):

        sys/dev/mm.c: revision 1.26

   mm(4): Only grant kva exposure if user opens /dev/kmem.

   Don't apply the same to /dev/null, /dev/zero, or anything else.
   PR kern/60374: opening /dev/null exposes kva
VersionDeltaFile
1.25.2.1+6-3sys/dev/mm.c
+6-31 files

NetBSD/src XEkQTlosys/compat/netbsd32 netbsd32_socket.c

   Pull up following revision(s) (requested by riastradh in ticket #2025):

        sys/compat/netbsd32/netbsd32_socket.c: revision 1.57

   compat32: Fix accidental use of error branch in recvmsg(2).

   Avoids use-after-free / double-free.
   PR kern/60373: compat32: kernel use-after-free in recvmsg
VersionDeltaFile
1.49.4.2+4-3sys/compat/netbsd32/netbsd32_socket.c
+4-31 files

NetBSD/src kQLjT1fsys/compat/netbsd32 netbsd32_socket.c

   Pull up following revision(s) (requested by riastradh in ticket #1295):

        sys/compat/netbsd32/netbsd32_socket.c: revision 1.57

   compat32: Fix accidental use of error branch in recvmsg(2).

   Avoids use-after-free / double-free.
   PR kern/60373: compat32: kernel use-after-free in recvmsg
VersionDeltaFile
1.56.18.1+4-3sys/compat/netbsd32/netbsd32_socket.c
+4-31 files

NetBSD/src cuY5IiQsys/compat/netbsd32 netbsd32_socket.c

   Pull up following revision(s) (requested by riastradh in ticket #351):

        sys/compat/netbsd32/netbsd32_socket.c: revision 1.57

   compat32: Fix accidental use of error branch in recvmsg(2).

   Avoids use-after-free / double-free.
   PR kern/60373: compat32: kernel use-after-free in recvmsg
VersionDeltaFile
1.56.26.1+4-3sys/compat/netbsd32/netbsd32_socket.c
+4-31 files

NetBSD/src j9H9q0setc MAKEDEV.tmpl, sys/modules/lua lua.c

   Pull up following revision(s) (requested by riastradh in ticket #2024):

        sys/modules/lua/lua.c: revision 1.29
        distrib/sets/lists/tests/mi: revision 1.1422
        tests/kernel/t_lua.c: revision 1.1
        etc/MAKEDEV.tmpl: revision 1.239
        distrib/sets/lists/debug/mi: revision 1.514
        tests/kernel/Makefile: revision 1.97
        sys/sys/lua.h: revision 1.10

   MAKEDEV: Set default perms on /dev/lua to 0600.

   Otherwise unprivileged users can submit Lua code into the kernel, if
   lua.kmod is loaded (which doesn't happen by default, not even
   autoloaded on demand).
   PR misc/60375: lua.kmod enables local privilege escalation


   lua(4): Fix and test some issues.

    [16 lines not shown]
VersionDeltaFile
1.1.6.1+0-233tests/kernel/t_lua.c
1.1.6.2+233-0tests/kernel/t_lua.c
1.24.8.1+13-1sys/modules/lua/lua.c
1.205.2.4+2-2etc/MAKEDEV.tmpl
1.8.22.1+3-1sys/sys/lua.h
1.60.2.3+2-1tests/kernel/Makefile
+253-2382 files not shown
+257-2408 files

NetBSD/src drtebFBetc MAKEDEV.tmpl, sys/modules/lua lua.c

   Pull up following revision(s) (requested by riastradh in ticket #1294):

        sys/modules/lua/lua.c: revision 1.29
        distrib/sets/lists/tests/mi: revision 1.1422
        tests/kernel/t_lua.c: revision 1.1
        etc/MAKEDEV.tmpl: revision 1.239
        distrib/sets/lists/debug/mi: revision 1.514
        tests/kernel/Makefile: revision 1.97
        sys/sys/lua.h: revision 1.10

   MAKEDEV: Set default perms on /dev/lua to 0600.

   Otherwise unprivileged users can submit Lua code into the kernel, if
   lua.kmod is loaded (which doesn't happen by default, not even
   autoloaded on demand).
   PR misc/60375: lua.kmod enables local privilege escalation


   lua(4): Fix and test some issues.

    [16 lines not shown]
VersionDeltaFile
1.1.4.1+0-233tests/kernel/t_lua.c
1.1.4.2+233-0tests/kernel/t_lua.c
1.28.4.1+13-1sys/modules/lua/lua.c
1.232.2.3+2-2etc/MAKEDEV.tmpl
1.8.48.2+3-1sys/sys/lua.h
1.70.2.2+2-1tests/kernel/Makefile
+253-2382 files not shown
+257-2408 files

NetBSD/src Xgvm70Metc MAKEDEV.tmpl, sys/modules/lua lua.c

   Pull up following revision(s) (requested by riastradh in ticket #350):

        sys/modules/lua/lua.c: revision 1.29
        distrib/sets/lists/tests/mi: revision 1.1422
        tests/kernel/t_lua.c: revision 1.1
        etc/MAKEDEV.tmpl: revision 1.239
        distrib/sets/lists/debug/mi: revision 1.514
        tests/kernel/Makefile: revision 1.97
        sys/sys/lua.h: revision 1.10

   MAKEDEV: Set default perms on /dev/lua to 0600.

   Otherwise unprivileged users can submit Lua code into the kernel, if
   lua.kmod is loaded (which doesn't happen by default, not even
   autoloaded on demand).
   PR misc/60375: lua.kmod enables local privilege escalation


   lua(4): Fix and test some issues.

    [16 lines not shown]
VersionDeltaFile
1.1.2.2+233-0tests/kernel/t_lua.c
1.1.2.1+0-233tests/kernel/t_lua.c
1.28.12.1+13-1sys/modules/lua/lua.c
1.9.8.1+3-1sys/sys/lua.h
1.237.2.1+2-2etc/MAKEDEV.tmpl
1.96.2.1+2-1tests/kernel/Makefile
+253-2382 files not shown
+257-2408 files

NetBSD/src FlkrCDMdoc CHANGES-11.0

   Ticket #349
VersionDeltaFile
1.1.2.110+6-1doc/CHANGES-11.0
+6-11 files

NetBSD/src k0g9rKrcrypto/external/bsd/openssh/dist sshd-auth.c

   Pull up following revision(s) (requested by nia in ticket #349):

        crypto/external/bsd/openssh/dist/sshd-auth.c: revision 1.7

   sshd(8): Restore rlimit sandbox from portable openssh.

   This is used as an alternative to pledge sandboxing.
   PR security/60367
VersionDeltaFile
1.3.2.4+17-2crypto/external/bsd/openssh/dist/sshd-auth.c
+17-21 files

NetBSD/src uGEztx0share/man/man9 pmap.9

   pmap(9): Clarify obligations around pmap_update.

   Note: pmap_kenter_pa does not specify for now, because there is still
   some disagreement over what the rule SHOULD be, and current usage is to
   use pmap_update.

   Prompted by:

   PR kern/60377: x86 cpu_uarea_alloc: pmap_update before freeing
   redzone pages
VersionDeltaFile
1.49+53-2share/man/man9/pmap.9
+53-21 files

NetBSD/src Pse9kDMsys/dev/sbus tcx.c

   - implement WSDISPLAYIO_{PUT|GET}CMAP
   - set the right attribute bits for 24bit and 8bit
   now 8bit mode works as expected on S24
VersionDeltaFile
1.66+36-8sys/dev/sbus/tcx.c
+36-81 files

NetBSD/src 3z5JbOzsys/dev/sbus tcx.c

   support lazy cursor updates and use VCONS_NO_COPYCOLS and VCONS_NO_CURSOR to
   avoid framebuffer reads
VersionDeltaFile
1.65+50-4sys/dev/sbus/tcx.c
+50-41 files

NetBSD/src o67j6izsys/dev/sbus tcx.c

   support WSDISPLAYIO_SET_DEPTH to select between 8bit and 32bit framebuffer for
   mmap()
VersionDeltaFile
1.64+18-4sys/dev/sbus/tcx.c
+18-41 files

NetBSD/src Ozmc4VUsys/dev/wscons wsconsio.h

   add ioctl(WSDISPLAYIO_SET_DEPTH)
VersionDeltaFile
1.132+7-1sys/dev/wscons/wsconsio.h
+7-11 files

NetBSD/src CRwl28Kgames/larn README

   fix the article.
VersionDeltaFile
1.4+2-2games/larn/README
+2-21 files

NetBSD/src D9QsaD3games/larn README

   s/intall/install/ in larn(6) README file.
VersionDeltaFile
1.3+3-3games/larn/README
+3-31 files

NetBSD/src AKMOMQYsys/dev/sbus tcx.c

   support WSDISPLAYIO_GET_FBINFO
VersionDeltaFile
1.63+34-6sys/dev/sbus/tcx.c
+34-61 files

NetBSD/src 27OJkLLtests/lib/libcurses/check_files wcolor_set.chk mutt_test5.chk

   Update check outputs to match updated curses code.
VersionDeltaFile
1.4+5-6tests/lib/libcurses/check_files/wcolor_set.chk
1.4+2-3tests/lib/libcurses/check_files/mutt_test5.chk
1.3+0-1tests/lib/libcurses/check_files/mutt_test3.chk
1.4+0-1tests/lib/libcurses/check_files/mutt_test4.chk
1.4+0-1tests/lib/libcurses/check_files/mutt_test6.chk
1.3+0-1tests/lib/libcurses/check_files/mutt_test8.chk
+7-137 files not shown
+7-2013 files

NetBSD/src R8ZY00Xsys/net if_ethersubr.c

   Properly add a hook to ec->ec_ifdetach_hooks for l2tp(4)

   Fixes kern/60351
VersionDeltaFile
1.336+4-4sys/net/if_ethersubr.c
+4-41 files

NetBSD/src WaXje0Tlib/libcurses refresh.c

   Part of fix for PR lib/58282

   Redo the logic for erasing lines when we have the capability, it was
   broken and caused blanks to be written when clearing the screen instead
   which caused thrashing and large outputs.
VersionDeltaFile
1.132+110-84lib/libcurses/refresh.c
+110-841 files

NetBSD/src Piqj4iHlib/libcurses addbytes.c

   Part of fix for PR lib/58282

   Ensure change pointers are consistent.
VersionDeltaFile
1.72+9-2lib/libcurses/addbytes.c
+9-21 files

NetBSD/src 3nZuADDlib/libcurses cur_hash.c curses_private.h

   Part of fix for PR lib/58282

   Force the type of the hash to be an unsigned int, the PJW hash was
   written expecting 32bit integers so ensure this is so.

   Also, don't hash NULL bytes, they mess up the hashing which, in turn,
   messes up quickch().
VersionDeltaFile
1.15+14-12lib/libcurses/cur_hash.c
1.83+4-4lib/libcurses/curses_private.h
+18-162 files

NetBSD/src MqTJcyplib/libc/citrus/modules citrus_utf8.c

   Be truly pedantic about UTF-8 encodings

   If we're not going to be accepting "legacy" UTF-8
   (5 and 6 byte encodings for code points >= 0x00200000 which the
   standards don't allow, as they won't fit in UTF-16) then we
   certainly should never be able to generate them, and even more
   should certainly be pedantic about not allowing the various
   forms of mis-coded strings for which there is no justification
   but have been known to be used to attempt to violate security.

   This, I believe, now enforces all the current restrictions, eg,
   it will no longer be possible to encode ascii in 2 bytes (0xc0 '.')
   and similar, the shortest legal encoding is all that will be
   accepted (and all that will be generated, but that was always true).

   It is quite possible that this will break things, probably many
   tests, as now random garbage won't be accepted as valid, things
   must be properly encodedd.
VersionDeltaFile
1.20+57-9lib/libc/citrus/modules/citrus_utf8.c
+57-91 files

NetBSD/src 4LyLrAWdoc CHANGES-11.0

   Ticket #348
VersionDeltaFile
1.1.2.109+7-1doc/CHANGES-11.0
+7-11 files

NetBSD/src 2pQEbXFusr.sbin/npf/npftest/libnpftest npf_rid_test.c

   Pull up following revision(s) (requested by riastradh in ticket #348):

        usr.sbin/npf/npftest/libnpftest/npf_rid_test.c: revision 1.4

   adjust to holding the softnet_lock now that the kernel has changed to not do it.
VersionDeltaFile
1.3.2.1+5-1usr.sbin/npf/npftest/libnpftest/npf_rid_test.c
+5-11 files