diff options
author | delphij <delphij@FreeBSD.org> | 2015-08-25 20:48:58 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2015-08-25 20:48:58 +0000 |
commit | ec93d5dbe4b95ced72fd0f81a1c31f62248298a9 (patch) | |
tree | 21996998ffdcda226bf1ed60f812c5afe77e3bd1 /usr.sbin | |
parent | 6d9bdf0d259efe6e0294c97bfe994a87779aca02 (diff) | |
download | FreeBSD-src-ec93d5dbe4b95ced72fd0f81a1c31f62248298a9.zip FreeBSD-src-ec93d5dbe4b95ced72fd0f81a1c31f62248298a9.tar.gz |
Fix local privilege escalation in IRET handler. [SA-15:21]
Fix OpenSSH multiple vulnerabilities. [SA-15:22]
Disabled ixgbe(4) flow-director support. [EN-15:14]
Fix insufficient check of unsupported pkg(7) signature methods.
[EN-15:15]
Approved by: so
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/pkg/pkg.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/usr.sbin/pkg/pkg.c b/usr.sbin/pkg/pkg.c index 182c739..49f60f0 100644 --- a/usr.sbin/pkg/pkg.c +++ b/usr.sbin/pkg/pkg.c @@ -774,7 +774,13 @@ bootstrap_pkg(bool force) goto fetchfail; if (signature_type != NULL && - strcasecmp(signature_type, "FINGERPRINTS") == 0) { + strcasecmp(signature_type, "NONE") != 0) { + if (strcasecmp(signature_type, "FINGERPRINTS") != 0) { + warnx("Signature type %s is not supported for " + "bootstrapping.", signature_type); + goto cleanup; + } + snprintf(tmpsig, MAXPATHLEN, "%s/pkg.txz.sig.XXXXXX", getenv("TMPDIR") ? getenv("TMPDIR") : _PATH_TMP); snprintf(url, MAXPATHLEN, "%s/Latest/pkg.txz.sig", @@ -854,7 +860,13 @@ bootstrap_pkg_local(const char *pkgpath, bool force) return (-1); } if (signature_type != NULL && - strcasecmp(signature_type, "FINGERPRINTS") == 0) { + strcasecmp(signature_type, "NONE") != 0) { + if (strcasecmp(signature_type, "FINGERPRINTS") != 0) { + warnx("Signature type %s is not supported for " + "bootstrapping.", signature_type); + goto cleanup; + } + snprintf(path, sizeof(path), "%s.sig", pkgpath); if ((fd_sig = open(path, O_RDONLY)) == -1) { |