NOTICE:
This server provides access to the official patches for BSD/OS.
All patches are Copyright 1997 Berkeley Software Design, Inc.,
all rights reserved. Other copyrights may apply to some patches.
Access to some of these patches is restricted to Macnica BSD/OS
customers with valid update or support contracts.
If you are reading this after obtaining it from the
patches@bsdi.macnica.co.jp mail-back server, you have already
been authenticated. You can request any of these files directly
through the email server.
If you wish to access the protected files via ftp, you must first
obtain a group-id/password pair from the patches@bsdi.macnica.co.jp
mail-back server and then enter the appropriate `site group' and
`site gpass' commands before requesting the files from the ftp
server. See the help message from the patches@bsdi.macnica.co.jp
mail-back server for more information. Send an "cust xxxxxxxx"
message to the address patches@bsdi.macnica.co.jp and the server
will respond with the help message.
This directory contains patches for BSD/OS.
In general, all top-level mods will now be named MXXX-YYY where
XXX is the release number against which the mod is meant to be
applied (e.g., 400 for the 4.0 release), and YYY is the mod number
(a monotonically increasing value). If the mod has sub-mods, those
submods are named with the same name as the top level mod that
contains them plus an extension. The usual extensions will be:
.kobj (kernel object patch)
.ksrc (kernel source patch)
.k (kernel patch -- source, even on binary-only systems)
.uobj (utilities object patch)
.csrc (contrib source patch)
.usrc (utilities source patch)
.man (manual page patch)
There may be other extensions defined in the future. The sub-mods
will always be listed as part of the README entries. Thus, M400-001
would be the top-level mod name, and might contain the sub-mods:
M400-001.ksrc M400-001.k M400-001.csrc M400-001.man M400-001.usrc
M400-001.kobj M400-001.uobj.
ost mods can be applied while the system is running multi-user,
but it is always best to make changes on a quiet, fully backed up
system. Don't forget that kernel mods require a rebuild followed
by rebooting with the new kernel.
Please contact support@bsdi.macnica.co.jp if you have any questions regarding
the patches in this directory.
===========================================================================
Mod : M400-001
Submods: M400-001.ksrc M400-001.k M400-001.csrc M400-001.man M400-001.usrc M400-001.kobj M400-001.uobj
==========================================================
The following operations are available:
perl5 M400-001 - Print mod description
perl5 M400-001 show summary - Display changed file summary
perl5 M400-001 apply [submod] - Unpack and apply mod
perl5 M400-001 list - List all files in mod
perl5 M400-001 get filename - Extract a single file from the mod
perl5 M400-001 unpack - Unpack (but do not apply) mod
==========================================================
This mod contains a number of last minute fixes to BSD/OS 4.0
that didn't make it onto the CD-ROM.
4.0 user command fixes:
pine
Update pine mail reader from version 3.96 to 4.02A to correct
a possible buffer overflow related to MIME attachments.
The complete source for pine 4.02A is available in mod M400-002
perl4
The rand() function did not work correctly.
route
don't check for the zero host on a classful subnet if -host is
specified.
ifconfig
-m iface option might not show media options.
exmh
URL scanning code can take a *very* long time to process a long,
unbroken character string.
4.0 kernel fixes:
- Possible panic due to incorrect interrupt masking for PPP.
- Multprocessor race condition fix.
- df network driver fixes.
- IPsec Authentication header code would not correctly verify.
- TCP Dynamic Path MTU can ignore valid ICMP Unreachable, Fragmentation
Needed messages, causing it to retransmit with too large a packets.
- Use correct MTU in ICMP Unreachable, Fragmentation Needed message.
- Stallion driver probe fix.
After applying this mod it is necessary to build, install and
boot a new kernel.
Md5 checksum: 81b1238065eb6d61ac4dc218dde95ed3 M400-001
===========================================================================
Mod : M400-002
Submods: M400-002.csrc
==========================================================
The following operations are available:
perl5 M400-002 - Print mod description
perl5 M400-002 show summary - Display changed file summary
perl5 M400-002 apply [submod] - Unpack and apply mod
perl5 M400-002 list - List all files in mod
perl5 M400-002 get filename - Extract a single file from the mod
perl5 M400-002 unpack - Unpack (but do not apply) mod
==========================================================
Update pine mail reader source from version 3.96 to 4.02A.
This is the source to the binaries installed by M400-001.
From University of Washington:
Pursuant to recent reports of vulnerability to mal-formed or malicious
MIME attachments, the UW Pine Team has corrected a few cases of
potential buffer overrun in the latest Pine Message System release,
version 4.02, that might cause Pine to crash when inordinately long
MIME-header information is encountered...
Md5 checksum: 2027d142330eaeb51503d4d2a7008c1a M400-002
===========================================================================
*** NOTE ***
M400-003 was missing some files. A replacement mod, M400-003a,
should be applied instead. If you have not yet applied M400-003,
then apply M400-003a and discard the M400-003 file.
If you HAVE applied M400-003, but not yet commited it, then 'undo'
M400-003 *BEFORE* applying M400-003a.
If you have committed M400-003, then just apply M400-003a.
*** NOTE ***
Mod : M400-003a
Submods: M400-003a.usrc M400-003a.uobj
This mod updates libc:
Many threads fixes.
Allow slashes in RFC2317-style classless reverse lookups.
** WARNING **
This mod updates shared libraries. It should only be applied
when the system is in single user mode.
The shutdown(8) command can be used to take the system down
while leaving all needed filesystems still mounted.
Md5 checksum: b84210ac4a6b232aa13849fa818d2d3c M400-003a
===========================================================================
Mod : M400-004
Submods: M400-004.uobj M400-004.ksrc M400-004.usrc M400-004.kobj
Fix a couple problems with IPv4 interface addresses.
The kernel could go into an infinite loop when changing an
interface address (which could happen when a PPP session comes
up or goes down). The kernel could reject an ifconfig that
only specified a netmask. The kernel would reject an ifconfig
that explicitly specified a broadcast address, even though the
broadcast address was valid.
Fix an incorrect memory access in SCSI driver. The cdctl(1)
command could cause a panic.
The sh(1) test operator would sometimes cause sh to exit. This
could cause shell scripts to fail unexpectedly.
The gettyd(8) command could drop core when exiting.
Dialin PPP would not properly set the ARP table due to the new
output of netstat. The myether script was changed to use ifconfig
instead.
Remove the ircII.servers file since it contains incorrect info.
Use compiled in default which is correct.
Md5 checksum: 4e10ace1282a7ae3fd166d25e3962c5e M400-004
===========================================================================
Mod : M400-005
Submods: M400-005.uobj M400-005.ksrc M400-005.man M400-005.usrc M400-005.kobj
Some SCSI 2 tape drives use the SCSI disconnect option in a
manner which makes it impossible for the HBA to correctly
determine the residual byte count. The result of this
was that applications would report end of media whenever they
tried to write to the tape drive. Now, by default, only the
residual byte count returned from the target is used with SCSI
2. Therefore, using the default settings, a SCSI 2 tape drive
which does not return the residual byte count correctly will
not operate correctly. It is also conceivable, but highly
unlikely, that SCSI 1/CCS drives exist that will have problems
using the default settings.
Once this mod is installed boot(8) can be used to force
the old behavior for SCSI 2 tape drives. It is also
possible to force SCSI 1/CCS drives to ignore the residual
count returned from the HBA.
Md5 checksum: b3fe4c164dfb4b1420a92542d7d7fd8d M400-005
===========================================================================
Mod : M400-006
Submods: M400-006.uobj M400-006.man
Update the bash shell to version 2.02.1
Primary reason for upgrade is to fix a possible security problem
due to buffer overflow.
M400-004 installed gettyd(8) incorrectly - do it right this time.
The gettyd(8) command could drop core when exiting.
Md5 checksum: 5a5bfa0ad9c9a13b0ee944baacb5b354 M400-006
===========================================================================
Mod : M400-007
Submods: M400-007.usrc M400-007.kobj M400-007.uobj M400-007.ksrc
A Race when running SMP would cause various kernel panics and
system hangs. This does not affect systems running with a single
processor.
Update /etc/pccard.conf to recognize a few more cards.
MaxIM was not finding PPP interfaces correctly.
The digisetup(8) -a option was always asserted.
The netcbrand(8) command would dump core if an IPX interface
is not configured.
Md5 checksum: f026d3f92f5eea21f28bcb542e674005 M400-007
===========================================================================
Mod : M400-008
Submods: M400-008.csrc
Update the bash shell contrib sources to version 2.02.1.
This mod is only needed if rebuilding contrib binaries from
source.
Md5 checksum: e13148be2693c29efeaf519f8201f697 M400-008
==========================================================================
Mod : M400-009
Submods: M400-009.man M400-009.uobj
Update pine mail reader to version 4.05.
This fixes a security problem, surpresses the lock warning
messages and fixes a variety of other problems.
Md5 checksum: 500e0e7fa5c9842ba59625d595af852b M400-009
===========================================================================
Mod : M400-010
Submods: M400-010.csrc
Update pine mail reader contributed source to version 4.05
This mod is only needed if rebuilding contrib binaries from
source.
Md5 checksum: 22d5b80829f5dd1b55a80757a39bb0e4 M400-010
===========================================================================
Mod : M400-011
Submods: M400-011.csrc M400-011.uobj
Fix several buffer overflow problems in the mh(1) mail programs
inc(1) and msgchk(1). An exploit of this condition could give
a malicious user root access.
Although other commands are also affected, they pose no security
risk, so binaries for these are not provided. Customers wishing
to upgrade all mh commands may do so by installing the source
portion of this mod and rebuilding mh.
Md5 checksum: 3f8554071d4500d813b9cf9bfe76068f M400-011
===========================================================================
Mod : M400-012
Submods: M400-012.man M400-012.usrc M400-012.uobj
ftpd(8) fixes:
When checking a groups file, check the users login group (pw_gid)
as well as the users entries in /etc/group. Fix parsing bug.
Add the :ftp-dir=path: login.conf entry to allow overriding of
a users login directory. (For instance, give a group of folks
access to /home, but not /).
Md5 checksum: 016a38dba103faafbdc37803845ec220 M400-012
===========================================================================
Mod : M400-013
Submods: M400-013.uobj M400-013.ksrc M400-013.man M400-013.usrc M400-013.kobj
Several kernel fixes:
File system - resolve several obscure bugs and possible panics.
Token ring - resolve several problems, add multicast support.
NFS - When creating a file with O_CREAT and O_TRUNC and mode
444 to an NFS partition, some NFS servers return Permission
Denied. This can occur when restoring files from a tar archive
that had a mode of 444.
Add support for Cyclades Cyclom-8YoP board (PCI, 8 ports,
non-expandable).
...and fix strings(1) to correctly classify all input files.
Md5 checksum: af43ccc93131f4762140b23d9cfe8e91 M400-013
===========================================================================
Mod : M400-014
Submods: M400-014.uobj M400-014.ksrc M400-014.man M400-014.kobj
Fix a race condition which can cause lost interrupts
Improve receive interrupt handling for 3C509
Fix 'ef0: expected int xx missing' on laptops
Prevent a possible panic: vm_pager_unmap_pages: page not owned
Prevent a possible panic: nonempty buffer list
Correctly install ftpd man page
IMPORTANT: after installing this mod, please do a 'make clean'
before rebuilding the kernel!
Md5 checksum: d7e084b673268e7d5c6b648f1d68c801 M400-014
===========================================================================
Mod : M400-015
Submods: M400-015.uobj M400-015.usrc
Update X11 with XFree86 3.3.2 patch 3. Among other things
this mod addresses some potential security vulnerabilities.
Due to their size, the XF86 binaries (/usr/X11R6/bin/XF86*)
are not included in this mod, but they are removed to prevent
problems due to library changes. Please apply M400-016 if you
are running the XF86 server and need these binaries.
Md5 checksum: 8582522621e64c35a878e25f2b1e6b91 M400-015
===========================================================================
Mod : M400-016
Submods: M400-016.uobj
Part 2.
Update X11 with XFree86 3.3.2 patch 3. Among other things
this mod addresses some potential security vulnerabilities.
This mod installs the XF86 binaries (/usr/X11R6/bin/XF86*).
REQUIRES M400-015
Md5 checksum: 458803c2abca08dc84ef206e72f29957 M400-016
===========================================================================
Mod : M400-017
Submods:
Update to Xmetro Release 4.3.1 from Metro-Link.
Md5 checksum: d23f0781ac8ac28beb70621d24cf6b65 M400-017
===========================================================================
Mod : M400-018
Submods: M400-018.csrc M400-018.uobj
Fix some possible security holes in lynx(1), xlock(1) and
login_auth(8)
Md5 checksum: f3bbe27a5e706a19aa6c25a9f4682f60 M400-018
===========================================================================
Mod : M400-019
Submods: M400-019.csrc M400-019.uobj
This mod updates squid to version 1.1.22, if you are currently
running squid all that you need to do after installing this
mod is to stop and restart squid:
# /usr/contrib/bin/squid -k shutdown
# /var/www/squid/bin/start-squid
If you are not currently running squid then it will be necessary,
in addition to the steps described in the 4.0 release notes to
initialize the squid cache directories:
# /usr/contrib/bin/squid -z
Md5 checksum: d1e892a10871be9251c8569045fe17cc M400-019
===========================================================================
Mod : M400-020
Submods: M400-020.ksrc M400-020.man M400-020.usrc M400-020.kobj M400-020.uobj
Intel exp driver:
- Explicitely enable PCI busmaster access to work around certain
BIOS bugs
- Fix memory corruption under low buffer memory conditions
Fix problem with lockd(8) and NFSv2.
ftpd(8) was not parsing arguments correctly (-a, -f).
bootpd(8) had a buffer overflow vulnerability.
Md5 checksum: eca46ec6ab02e6fd79055e367c9504ed M400-020
===========================================================================
Mod : M400-021
Submods: M400-021.ksrc M400-021.kobj
A bug in the kernel VM system could cause random processes to
mysteriously dump core.
Md5 checksum: b9e2e88b18fa7f9b5fd31b5c8a92891e M400-021
===========================================================================
Mod : M400-apache-001
Submods: M400-apache-001.man M400-apache-001.usrc M400-apache-001.uobj
Upgrade to apache 1.3.3
Change MaxIM configuration and startup scripts.
** NOTICE **
After applying this mod, the configuration files in /var/www/conf
will need to be modified using the *.default files as examples.
The httpd server has been built with Dynamic Shared Object support,
so appropriate modules will need to be specified in httpd.conf.
Also, some directive syntax has changed, so the auth.conf and srm.conf
files will probably also need to be changed.
See file:/var/www/docs/apache/index.html for more info, or go
to http://www.apache.org for online documentation.
The apache 1.3.3 sources are available in a followup mod.
Md5 checksum: 9a813471bd0bdcd20afb0f91a458bf2a M400-apache-001
===========================================================================
Mod : M400-apache-002
Submods: M400-apache-002.csrc
Upgrade contributed sources to apache 1.3.3
Md5 checksum: adfc02df14220d47354784865c4b234c M400-apache-002
===========================================================================
Mod : M400-022
Submods: M400-022.ksrc M400-022.kobj
Under some circumstances the IP reassmbly code could release memory
twice, resulting in a system panic.
Md5 checksum: d5813f5f75f9fe6e8fcfe59326e0f123 M400-022
===========================================================================
Mod : M400-023
Submods: M400-023.uobj M400-023.kernel M400-023.ksrc M400-023.kobj M400-023.kobjonly M400-023.k M400-023.man M400-023.info M400-023.usrc
Update utilities, libraries, kernel, boot code, and sources to 4.0.1
** THIS PATCH REQUIRES A VALID UPGRADE OR SUPPORT CONTRACT FOR DOWNLOAD **
Md5 checksum: 64426301f18d16cc4b45468abd25c9d5 M400-023
===========================================================================
Mod : M400-024
Submods: M400-024.uobj
Update netscape communicator to version 4.5
Md5 checksum: ebbbdba62fc113f465a97cb24b79243e M400-024
===========================================================================
ftpパッチサイトへ