# $NetBSD: CHANGES-6.0.2,v 1.1.2.34 2013/05/12 23:53:41 riz Exp $ A complete list of changes from the NetBSD 6.0.1 release to the NetBSD 6.0.2 release: gnu/usr.bin/groff/tmac/mdoc.local patched by hand sys/sys/param.h patched by hand Welcome to 6.0.1_PATCH. [riz] sys/dev/usb/ubsa_common.c 1.9 Fix off by one read error. [msaitoh, ticket #761] sys/external/bsd/drm/dist/shared-core/i915_suspend.c 1.6 Avoid out-of-bounds access. [msaitoh, ticket #762] sys/kern/uipc_syscalls.c 1.157-1.158 Prevent ktrace from being able to crash the kernel. [mlelstv, ticket #778] sbin/fsck_ffs/pass1.c 1.50 Show pass1 SIGINFO output on stderr like other passes, not on stdout. [riastradh, ticket #779] etc/namedb/root.cache 1.17 D.ROOT-SERVERS.NET changes IPv4 address. [taca, ticket #781] gnu/dist/grep/lib/getopt.c 1.2 gnu/dist/grep/lib/regex.c 1.2 gnu/dist/grep/src/ansi2knr.c 1.2 gnu/dist/grep/src/dfa.c 1.3 gnu/dist/grep/src/grep.c 1.14 gnu/dist/grep/src/search.c 1.4 Change several int variables to size_t, ssize_t, or ptrdiff_t. This should fix the bug described in CVE-2012-5667 when an input line is so long that its length cannot be stored in an int variable. [apb, ticket #780] sys/kern/subr_cprng.c 1.15 Fix a security issue: when we are reseeding a PRNG seeded early in boot before we had ever had any entropy, if something else has consumed the entropy that triggered the immediate reseed, we can reseed with as little as sizeof(int) bytes of entropy. [tls, ticket #800] sys/kern/kern_softint.c 1.39 sys/kern/subr_pserialize.c 1.6 sys/rump/include/machine/intr.h 1.19 Fixes for pserialize(9). [rmind, ticket #782] sys/dist/ipf/netinet/ip_fil_netbsd.c 1.4 via patch Fix off-by-one read error. [msaitoh, ticket #787] sys/kern/subr_vmem.c 1.77 via patch,1.81 Fix a lock order reversal, and a lock release. [para, ticket #789] sys/kern/kern_rndq.c 1.7 Set resource limits to prevent potential consumption of all kernel memory. [msaitoh, ticket #790] lib/libutil/parsedate.y 1.13 Fix a bug in parsedate(3) where it would treat all input as if it were in the local time zone, even if the input should have been treated as a time in UTC or some other time zone. [apb, ticket #791] sys/compat/netbsd32/netbsd32_execve.c 1.37 Fix memory pool corruption when freeing kmem with wrong size. [hannken, ticket #793] etc/MAKEDEV.tmpl 1.161 The console major number is not always 0. [apb, ticket #801] sys/secmodel/extensions/secmodel_extensions.c 1.4 sys/secmodel/securelevel/secmodel_securelevel.c 1.29 Re-instate backwards compatible security.models.bsd44.{curtain,securelevel}. [jym, ticket #802] crypto/external/bsd/openssl/dist/engines/ccgost/gost_eng.c 1.2 Fix a multiple-free bug. [manu, ticket #806] sys/dev/fss.c 1.84 Don't crash when running multiple dump -X. PR#47514. [hannken, ticket #808] sys/dev/fss.c 1.85 Fix panic in fss(4). PR#47020. [hannken, ticket #810] sys/kern/subr_pserialize.c 1.7 Avoid possible race with softint handler. [rmind, ticket #811] external/historical/nawk/dist/tran.c 1.8 Fix awk segfault due to NULL dereference. PR#47553. [cheusov, ticket #836] doc/3RDPARTY patch share/zoneinfo/africa patch share/zoneinfo/antarctica patch share/zoneinfo/asia patch share/zoneinfo/australasia patch share/zoneinfo/europe patch share/zoneinfo/northamerica patch share/zoneinfo/southamerica patch share/zoneinfo/zone.tab patch distrib/sets/lists/base/mi patch Merge tzdata2013a and tzdata2013b from ftp://ftp.iana.org/tz/releases/tzdata2013a.tar.gz and ftp://ftp.iana.org/tz/releases/tzdata2013b.tar.gz . Important changes from tzdata2012j to tzdata2013a: Chile's 2013 rules, and we guess rules for 2014 and later, will be the same as 2012, namely Apr Sun>=23 03:00 UTC to Sep Sun>=2 04:00 UTC. New Zones Asia/Khandyga, Asia/Ust-Nera, Europe/Busingen. Many changes affect historical time stamps before 1940. Important changes from tzdata2013a to tzdata2013b: Haiti uses US daylight-saving rules this year, and presumably future years. Paraguay will end DST on March 24 this year. Morocco does not observe DST during Ramadan; try to predict Ramadan in Morocco as best we can. [apb, ticket #845] sys/secmodel/extensions/secmodel_extensions.c 1.5 Fix a crash which can happen with sysctl security.curtain=1 set. PR#47598. [martin, ticket #839] lib/libc/arch/alpha/gen/__longjmp14.c 1.6-1.7 lib/libc/arch/alpha/gen/__setjmp14.S 1.6 Fix longjmp/setjmp on alpha for statically linked programs such as those in /rescue. [martin, ticket #846] sys/kern/subr_cprng.c 1.16 Re-fix 'fix' for SA-2013-003. Because the original fix evaluated a flag backwards, in low-entropy conditions there was a time interval in which /dev/urandom could still output bits on an unacceptably short key. Output from /dev/random was *NOT* impacted. Eliminate the flag in question -- it's safest to always fill the requested key buffer with output from the entropy-pool, even if we let the caller know we couldn't provide bytes with the full entropy it requested. Advisory will be updated soon with a full worst-case analysis of the /dev/urandom output path in the presence of either variant of the SA-2013-003 bug. Fortunately, because a large amount of other input is mixed in before users can obtain any output, it doesn't look as dangerous in practice as I'd feared it might be. [tls, ticket #859] sys/sys/ptree.h 1.5 Cast constants to appropriate types to fix crashes in ptree(9). [rmind, ticket #851] sys/netinet6/udp6_output.c 1.44 Fix sendto(2) issue with IPv6 UDP datagrams. PR#47408. [christos, ticket #853] lib/libc/rpc/clnt_vc.c 1.19 Wrong memcpy() can cause memory corruption. PR#13082. [christos, ticket #854] sys/arch/amd64/amd64/machdep.c 1.193 Use printf_nolog() as i386 when print remaing bytes at crash dump to prevent message buffer with cound down. [taca, ticket #866] usr.sbin/dumpfs/dumpfs.c 1.60 Show in-filesystem quotas flag instead of unknown flag bit. [taca, ticket #867] sys/kern/subr_xcall.c 1.15 xc_highpri: fix assert. [rmind, ticket #868] lib/libc/gen/getcwd.c 1.52 lib/libc/gen/realpath.3 1.13 PR/46618: Onno van der Linden: realpath(3) isn't SUSv4 compliant (and causes flactag 2.0.4 to dump core). Fix to accept a NULL argument for resolvedpath. [christos, ticket #874] sys/kern/subr_kmem.c 1.47 addresses PR/47512 properly return NULL for failed allocations not 0x8 with size checks enabled. [para, ticket #876] sys/dev/scsipi/ses.c 1.45 via patch Add detach support for ses(4), fixing a panic. PR#44283. [jakllsch, ticket #878] distrib/hp300/ramdisk/Makefile 1.32 etc/etc.hp300/MAKEDEV.conf 1.14 Fix an openpty() failed error during install for hp300. [tsutsui, ticket #880] sys/arch/x68k/dev/ite_tv.c 1.16 Fix a kernel panic which can be triggered by printf(1) on x68k. [isaki, ticket #881] distrib/hp700/ramdisk/Makefile 1.12 Fix PR/47123 (sysinst failure) for hp700 as well. [skrll, ticket #882] share/zoneinfo/antarctica patch share/zoneinfo/asia patch share/zoneinfo/australasia patch share/zoneinfo/southamerica patch share/zoneinfo/zone.tab patch Merge tzdata2013c from ftp://ftp.iana.org/tz/releases/tzdata2013c.tar.gz [apb, ticket #886] sys/dev/pci/if_vioif.c 1.4 Fix a typo that causes recent QEMU to die configuring a vioif. [minoura, ticket #890] distrib/notes/common/main patched by hand doc/LAST_MINUTE patched by hand doc/README.files patched by hand sys/sys/param.h patched by hand Welcome to 6.0.2! [riz]