手机版
你好,游客 登录 注册 搜索
背景:
阅读新闻

NetBSD 7.1.1更新发布,安全漏洞修复版本

[日期:2017-12-29] 来源:Linux公社  作者:鱼鱼 [字体: ]

NetBSD 7.1.1更新发布,安全漏洞修复版本

NetBSD项目的Soren Jacobsen今天宣布NetBSD 7.1操作系统系列的第一个版本发布。

在NetBSD 7.1系列发布9个半月之后,NetBSD 7.1.1主要是一个安全性和bug修复版本,解决了四个图形驱动程序通过cmap缓冲区溢出,x86漏洞以及Vnode引用泄漏等重要问题。 openat系统调用。

“NetBSD项目很高兴地宣布NetBSD 7.1.1是NetBSD 7.1发行版的第一个安全/bug修正版本,它代表了一些被认为是安全或稳定性重要的修补程序的子集,如果你运行的是早期版本的NetBSD ,我们强烈建议更新到7.1.1,“阅读今天的公告

下面是NetBSD 7.1.1的新特性

包括在NetBSD 7.1.1中,我们可以找到Heimdal 7.1,BIND 9.10.5-P2,tzdata 2017c,root.cache 2017102400,ntp 4.2.8p10,expat 2.2.1和wpa_supplicant 2.6。 dhcrelay,mtree,ping,resize_ffs,rtadvd,vi和virecover等组件在本版本中也收到了修复程序,您可以在下面看到完整的修改列表。

您也可以学习发行说明,但是NetBSD 7.1.1发行版中包含的大部分更改都位于内核中,针对与ipfilter,netsmb,vnd,dm9000,cgd,bwi等组件相关的各种问题, altq,compat_svr4,compat_linux,evbmips,i82596,ipw,isp,ural,wm等。

这不是一个主要的版本,但是如果它为初始的NetBSD 7.1安装增加了一层额外的稳定性和安全性改进,那么这个版本是非常值得欢迎的。因此,我们建议所有的NetBSD 7.1用户尽快升级到7.1.1版本,对于新的部署,你可以从我们的网站上下载NetBSD 7.1.1 ISO映像

安全通报修复程序
以下安全建议已经确定:


注意:NetBSD-SA2017-004之前的建议不会影响NetBSD 7.1.1
Userland changes

  • dhcrelay(8): Fix bug that prevented proper operation when run in the background.
  • Heimdal:
    • Update to 7.1.
    • Fix CVE-2017-11103.
  • mtree(8): Don't modify strings stored in hash, otherwise filling up of directory hierarchy stops if the same hash value occurs in directory and leaf.
  • ping(8): Fix cksum calculation for clearing the cached route.
  • resize_ffs(8): Fix numerous overflow errors which can lead to superblock corruption on large filesystems.
  • rtadvd(8): Fix the default value of rltime. PR bin/51994.
  • Update BIND to 9.10.5-P2.
  • Update expat to 2.2.1.
  • Update ntp to 4.2.8p10.
  • Update root.cache to 2017102400.
  • Update tzdata to 2017c.
  • vi(1): Don't garble display when when resizing nvi in xterm.
  • virecover(8): Fix vulnerabilities in the handling of recovery files.
  • wpa_supplicant/hostapd:
    • Update to 2.6.
    • Apply fixes for CVEs 2017-13077 through 2017-13082 and CVEs 2017-13086 through 2017-13088.
  • X: Apply fixes for CVEs 2017-12176 through 2017-12187, 2017-10971, 2017-10972, 2017-13722, 2017-13720, 2017-16611, and 2017-16612.

内核更改

  • altq(4):
    • Fix info leak in get_class_stats().
    • Fix signedness bug in wfq_getstats().
  • Avoid integer overflow in kern_malloc().
  • bwi(4): wrong error checking in bwi_newbuf() can cause an mbuf to declare an mbuf length that is too big.
  • cgd(4): Avoid crashes by checking if a cgd device has been configured before processing most ioctls, and failing with ENXIO if the device is not configured.
  • compat_ibcs2: 
    • Fix info leak in ibcs2_sys_ioctl.
    • Fix out of bound read and endless loop in exec_ibcs2_coff_prep_zmagic().
    • Potenial use of expired pointers in ibcs2_sys_statfs()/ibcs2_sys_statvfs().
  • ciss(4):
    • Fix out of bound read in ciss_ioctl_vol().
    • Fix signedness bug in ciss_ioctl().
  • compat_linux: missing cred check in linux_sys_settimeofday().
  • compat_svr4:
    • Check bounds in svr4_sys_putmsg.
    • Check more svr4_strmcmd bounds.
    • Fix some holes in svr4 streams.
    • Fix indexing of svr4 signals.
    • Improve reference counting.
    • Zero stack data before copyout.
  • dm9000: Missing mbuf cluster allocation error checking in dme_alloc_receive_buffer().
  • et(4): Missing mbuf cluster allocation error checking in et_newbuf().
  • evbmips: Make Malta work on real hardware again.
  • Fix file descriptor locking bug that caused Go to crash the kernel.
  • Fix info leak in ktruser() if copyin fails.
  • Fix mixer device bounds checks in auconv, ac97, and azalia.
  • Fix incorrect setting of O_NONBLOCK and potentially other flags in cloning devices from uninitialized garbage.
  • Fix numerous kernel memory leaks.
  • Fix out of bound read in getcwd_scandir().
  • Fix panic in compat getdents triggered by puffs userland.
  • Fix panic when unloading swsensor module.
  • i82596: Fix double free in iee_init()/iee_stop().
  • ipfilter: Fix use after free issues and resulting panic.
  • ipw(4): Fix double free in ipw_dma_alloc().
  • ipfilter: Disconnect maintaining fragment state from keeping session state. The user now must specify keep frags along with keep state to have ipfilter do what it did before, as documented in ipf.conf.5.
  • isp(4): Unvalidated channel index in ISP_FC_GETDLIST case of ispioctl() can cause out of bound read.
  • lua(4): Fix kernel crash when memory allocation fails. PR kern/52225.
  • netsmb: Fix out of bound reads in smb_usr_vc2spec and smb_usr_t2request.
  • Provide EVFILT_WRITE for the sake of Go.
  • sparc64: compat_13_machdep.c: Fix bug where userland could set PSTATE_PRIV in %pstate and get kernel privileges on the hardware.
  • ural(4): Free the RX list if ural_alloc_rx_list fails part way through.
  • vnd(4): int overflows / truncation issues in vndioctl can cause memory corruption.
  • wm(4): Fix panic on shutdown. PR kern/52039.
  • x86:
    • Properly mask mxcsr to prevent faults.
    • Handle #SS faults on iret properly.
    • amd64: Fix a ring0 escalation vulnerability in compat_linux32 where the index of %cs is controlled by userland, making it easy to trigger the page fault and get kernel privileges.
    • i386: Use %ss instead of %ds in trap06.
    • i386: Disable VM86 in GENERIC.NetBSD 7.1 Operating System Receives First Security Update, Here's What's New

本文永久更新链接地址http://www.linuxidc.com/Linux/2017-12/149933.htm

linux
本文评论   查看全部评论 (0)
表情: 表情 姓名: 字数

       

评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
  • 本站管理人员有权保留或删除其管辖留言中的任意内容
  • 本站有权在网站内转载或引用您的评论
  • 参与本评论即表明您已经阅读并接受上述条款