diff options
author | cperciva <cperciva@FreeBSD.org> | 2009-12-03 09:18:40 +0000 |
---|---|---|
committer | cperciva <cperciva@FreeBSD.org> | 2009-12-03 09:18:40 +0000 |
commit | e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94 (patch) | |
tree | 634486f3b4fdeff7825df168fb7cdfa087556d06 /usr.sbin/freebsd-update | |
parent | 3cb9e82d646d4d75b9d93dd39dc387aac8732e8c (diff) | |
download | FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.zip FreeBSD-src-e4106d9e8fc87e2ce9e3c00d81098c4ee822ec94.tar.gz |
Disable SSL renegotiation in order to protect against a serious
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
Diffstat (limited to 'usr.sbin/freebsd-update')
-rw-r--r-- | usr.sbin/freebsd-update/freebsd-update.sh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/usr.sbin/freebsd-update/freebsd-update.sh b/usr.sbin/freebsd-update/freebsd-update.sh index 372add2..e1453c6 100644 --- a/usr.sbin/freebsd-update/freebsd-update.sh +++ b/usr.sbin/freebsd-update/freebsd-update.sh @@ -603,6 +603,7 @@ fetch_check_params () { echo ${WORKDIR} exit 1 fi + chmod 700 ${WORKDIR} cd ${WORKDIR} || exit 1 # Generate release number. The s/SECURITY/RELEASE/ bit exists |