o Fix invalid TCP checksums with pf(4). [EN-16:02.pf]

o Fix YP/NIS client library critical bug. [EN-16:03.yplib]
o Fix SCTP ICMPv6 error message vulnerability. [SA-16:01.sctp]
o Fix ntp panic threshold bypass vulnerability. [SA-16:02.ntp]
o Fix Linux compatibility layer incorrect futex handling. [SA-16:03.linux]
o Fix Linux compatibility layer setgroups(2) system call. [SA-16:04.linux]
o Fix TCP MD5 signature denial of service. [SA-16:05.tcp]
o Fix insecure default bsnmpd.conf permissions. [SA-16:06.bsnmpd]

Errata:		FreeBSD-EN-16:02.pf
Errata:		FreeBSD-EN-16:03.yplib
Security:	FreeBSD-SA-16:01.sctp, CVE-2016-1879
Security:	FreeBSD-SA-16:02.ntp, CVE-2015-5300
Security:	FreeBSD-SA-16:03.linux, CVE-2016-1880
Security:	FreeBSD-SA-16:04.linux, CVE-2016-1881
Security:	FreeBSD-SA-16:05.tcp, CVE-2016-1882
Security:	FreeBSD-SA-16:06.bsnmpd, CVE-2015-5677
Approved by:	so

1 files changed, 2 insertions, 1 deletions

diff --git a/contrib/ntp/libntp/ntp_crypto_rnd.c b/contrib/ntp/libntp/ntp_crypto_rnd.c
index 96348f2..2a4f91a 100644
--- a/contrib/ntp/libntp/ntp_crypto_rnd.c
+++ b/contrib/ntp/libntp/ntp_crypto_rnd.c
@@ -16,6 +16,7 @@
 
 #include <l_stdlib.h>
 #include <ntp_random.h>
+#include "safecast.h"
 
 #ifdef USE_OPENSSL_CRYPTO_RAND
 #include <openssl/err.h>
@@ -93,7 +94,7 @@ ntp_crypto_random_buf(
 #ifdef USE_OPENSSL_CRYPTO_RAND
 	int rc;
 
-	rc = RAND_bytes(buf, nbytes);
+	rc = RAND_bytes(buf, size2int_chk(nbytes));
 	if (1 != rc) {
 		unsigned long err;
 		char *err_str;