| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
#398 #404 #405 and other changes #354 #355 #412.
OK deraadt@
|
| |
|
|
|
|
| |
in our tree. Relevant is only bug fix #240. Most of the upstream
diff is automated source format change.
OK deraadt@
|
| |
|
|
| |
OK deraadt@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- CVE-2017-9233 CVE-2016-9063 CVE-2016-5300 CVE-2016-4472 CVE-2016-0718
CVE-2015-2716 CVE-2015-1283 CVE-2012-6702 CVE-2012-0876 have been
addressed. Not all of them affect OpenBSD as we had fixes before.
- Upstream uses arc4random_buf(3) now. Delete all code for other
entropy sources to make sure to compile the correct one. Our
library already used arc4random(3) before.
- The overflow fixes in rev 1.11 and 1.12 of lib/xmlparse.c
have been commited upstream in a different way. Use the upstream
code to make maintenance easier.
- Although it should be ABI compatible, there is a new global
symbol align_limit_to_full_utf8_characters. As it is in
lib/internal.h, add a Symbols.map to restrict the export. Do not
bump the shared library version.
- Use the internal expat's siphash.h.
ports build ajacoutot@; move ahead deraadt@
|
| |
|
|
| |
ok deraadt@ (thanks to sebastian[@]pipping[.]org for information).
|
| |
|
|
|
|
| |
"the" with the obviously intended word.
Started with a "the the" spotted by Mihal Mazurek.
|
| |
|
|
|
|
| |
use arc4random instead of rand/srand in generate_hash_secret_salt,
spotted by nicm@ and deraadt@.
ok nicm@ deraadt@.
|
| |
|
|
| |
ok deraadt nicm
|
| | |
|
| |
|
|
| |
ok espie@, djm@
|
| | |
|
| |
|
bluhm
rpointel
krw
eric
matthieu
alek
espie