| version 1.40, 2020/10/04 21:44:53 |
version 1.41, 2020/10/04 22:12:48 |
|
|
| <li>Rewrote the entropy enqueue ring to collect damage asynchronously and adapted the dequeue to mix a selection of "best" ring entries, exponentially backing off the dequeue timeout, to compensate rapidly for weak seeding in unidentifiable conditions and ensure quality to arc4random() calls early in boot. |
<li>Rewrote the entropy enqueue ring to collect damage asynchronously and adapted the dequeue to mix a selection of "best" ring entries, exponentially backing off the dequeue timeout, to compensate rapidly for weak seeding in unidentifiable conditions and ensure quality to arc4random() calls early in boot. |
| <li>Enabled PAN (Privileged Access Never) on arm64 CPUs supporting it. |
<li>Enabled PAN (Privileged Access Never) on arm64 CPUs supporting it. |
| <li>Skipped scanning file systems which are both nodev and nosuid for SUID, SGID and device files with <a href="https://man.openbsd.org/security">security(8)</a>. |
<li>Skipped scanning file systems which are both nodev and nosuid for SUID, SGID and device files with <a href="https://man.openbsd.org/security">security(8)</a>. |
| |
<li>Fixed two out-of-bounds array accesses in ioctl code pathways in |
| |
<a href="https://man.openbsd.org/wscons">wscons(4)</a>. |
| <li>The following security bugs were addressed: |
<li>Fixed information leak in semctl SEM_GET. |
| <ul> |
<li>Prevented root from freezing the UTC clock with <a href="https://man.openbsd.org/settimeofday">settimeofday(2)</a> at securelevel 2. |
| <li>Fixed two out-of-bounds array accesses in ioctl code pathways in |
<li>Fixed performance problems relating to tty subsystem abuse.<!-- tty.c,v 1.158 2020/07/14 14:33:03 deraadt --> |
| <a href="https://man.openbsd.org/wscons">wscons(4)</a>. |
<li>Fixed heap corruption in the X input method client in libX11. |
| <li>Fixed information leak in semctl SEM_GET. |
<li>Fixed potential information leak via X server pixel data uninitialized memory. |
| <li>Prevented root from freezing the UTC clock with <a href="https://man.openbsd.org/settimeofday">settimeofday(2)</a> at securelevel 2. |
<li>Fixed a race condition for isoc devices during device close. |
| <li>Fixed performance problems relating to tty subsystem abuse.<!-- tty.c,v 1.158 2020/07/14 14:33:03 deraadt --> |
<li>Fixed an integer overflow in libX11 which could lead to a double free. |
| <li>Fixed heap corruption in the X input method client in libX11. |
<li>Corrected multiple input validation deficits in X server extensions. |
| <li>Fixed potential information leak via X server pixel data uninitialized memory. |
|
| <li>Fixed a race condition for isoc devices during device close. |
|
| <li>Fixed an integer overflow in libX11 which could lead to a double free. |
|
| <li>Corrected multiple input validation deficits in X server extensions. |
|
| </ul> |
|
| </ul> |
</ul> |
| |
|
| <li>Routing daemons and other userland network improvements: |
<li>Routing daemons and other userland network improvements: |
![[BACK]](/icons/back.gif){kind=icon}
Return to 68.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www