[oi-dev] OI updates

Jon Tibble meths at btinternet.com
Mon May 4 13:55:53 UTC 2015


I've just pushed a collection of illumos-gate CVE fixes for a9.
This covers:
- 5378 CVE-2014-3158 ppp: integer overflow in option parsing
- 5480 CVE-2012-3165 mailx(1) buffer overflow vulnerability
- 5481 CVE-2012-1750 mailx(1) tilde expansion vulnerability
- 5853 pfexec_call() error handling could be improved
   5854 pfexecd should initialize pfexec response buffers
   (Not sure what CVE this actually was assigned.)

I've also pushed the NVIDIA driver update to 304.125 and the missing 
pieces of the Delphix vmxnet3s driver patchset.

The new packages are:
SUNWcs at 0.5.11,5.11-0.151.1.9:20150504T114725Z
system/network/ppp at 0.5.11,5.11-0.151.1.9:20150504T120317Z
consolidation/nvidia/nvidia-incorporation at 0.5.11,5.11-0.151.1.9:20150504T113748Z
driver/graphics/nvidia at 0.304.125,5.11-0.151.1.9:20150504T113958Z
driver/network/vmxnet3s at 0.5.11,5.11-0.151.1.9:20150504T114139Z

For those interested in an up to date OI branded illumos-gate, I've 
finished getting the OI patches done so anyone wishing to work with that 
can grab it here: https://github.com/OpenIndiana/illumos-gate

That should build fine with GCC on hipster.  If you build it with Studio 
on a9 you'll get a warning about clog 
(https://www.illumos.org/issues/5353) and warnings about pointers that 
can be fixed with 
https://paste.ec/paste/sDXMLQXR#DnPbnxkm9tFNmX0WxH1rWdV6CjIpGRmcKwfP2HOCgFE

I've deliberately left out any broadcom patches that we had as there 
seems to be a mishmash of patches around from various sources and it's 
better for everyone if people look and work against upstream illumos-gate.

Regards,
Jon




More information about the oi-dev mailing list