Disable SSL renegotiation in order to protect against a serious

protocol flaw. [09:15] Correctly handle failures from unsetenv resulting from a corrupt environment in rtld-elf. [09:16] Fix permissions in freebsd-update in order to prevent leakage of sensitive files. [09:17] Approved by: so (cperciva) Security: FreeBSD-SA-09:15.ssl Security: FreeBSD-SA-09:16.rtld Security: FreeBSD-SA-09:17.freebsd-udpate
author: cperciva <cperciva@FreeBSD.org> 2009-12-03 09:18:40 +0000
committer: cperciva <cperciva@FreeBSD.org> 2009-12-03 09:18:40 +0000
commit: e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94 (patch)
tree: 634486f3b4fdeff7825df168fb7cdfa087556d06 /usr.sbin/freebsd-update
parent: 3cb9e82d646d4d75b9d93dd39dc387aac8732e8c (diff)
download: FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.zip
FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh
index 372add2..e1453c6 100644
--- a/usr.sbin/freebsd-update/freebsd-update.sh
+++ b/usr.sbin/freebsd-update/freebsd-update.sh
@@ -603,6 +603,7 @@ fetch_check_params () {
 		echo ${WORKDIR}
 		exit 1
 	fi
+	chmod 700 ${WORKDIR}
 	cd ${WORKDIR} || exit 1
 
 	# Generate release number.  The s/SECURITY/RELEASE/ bit exists
author	cperciva <cperciva@FreeBSD.org>	2009-12-03 09:18:40 +0000
committer	cperciva <cperciva@FreeBSD.org>	2009-12-03 09:18:40 +0000
commit	e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94 (patch)
tree	634486f3b4fdeff7825df168fb7cdfa087556d06 /usr.sbin/freebsd-update
parent	3cb9e82d646d4d75b9d93dd39dc387aac8732e8c (diff)
download	FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.zip FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.tar.gz