| Age | Commit message (Collapse) | Author |
|---|
|
OK millert.
|
|
OK otto, millert, beck, mbalmer, deraadt.
|
|
ok hshoexer, henning, mcbridge (some time ago)
|
|
|
|
one. Luckily it seems that only show is affected. OK henning@
|
|
of open filedescriptors (like RLimitNPROC for the number of processes).
ok ckuethe, "no objection" henning
|
|
not a basic listing repository issue.
|
|
|
|
priority.
ok gwk, mbalmer, weingart
"explicit non-ok from" henning
|
|
uses were eliminated five years ago. Spotted by Diego Casati.
ok deraadt@ hshoexer@
|
|
immediately after the client sends the PORT command. The "normal"
behaviour is to wait for the client to actually request a transfer.
Make ftp-proxy add the active mode rules immediately too, so that
both scenario's work.
ok david pyr
Tested by Frank Denis, Stephan A. Rickauer, Ingo Schwarze, Stuart
Henderson. Thanks.
|
|
``-v -y IEEE802_11'', and ``-v -y IEEE802_11_RADIO''. The snaplen
was passed instead of the real packet size at some point, which caused
tcpdump todo tcp checksum verifications on packets where it shouldn't.
Diff from canacar@ and me, tested by canacar@, reyk@, and me.
OK canacar@ reyk@
|
|
document how values are parsed in sensorsd.conf(5).
ok deraadt@; man-page ok/help jmc@
|
|
the impression that alerts are only issued when things go wrong, not when they
come back to specification -- but this was never the case with sensorsd.
Whilst here, also zip some useless examples, as we now have so many.
Discussed with jmc@
|
|
ok stevesk@
|
|
mechanism; ok jmc@ henning@
|
|
even if it is present in certain dictionaries (it is). Also, it doesn't add
that much to .Nd anyhow. Requested by jmc@
|
|
fix description of when the command is executed (it was wrong from the start);
say a few more words about automatic monitoring of all sensors that keep state.
ok henning@
|
|
* add myself to the copyright; remove unneeded synopsis
* invalid sensors can now be monitored as such (since c2k7)
* manual boundaries for smart sensors are no longer ignored (since c2k7)
* populate history with 4.1 and 4.2 additions
* add caveats section documenting a long-standing misconception and a workaround
some help jmc@; ok jmc@
|
|
The Apache HTTP server did not verify that a process was an Apache child
process before sending it signals. A local attacker with the ability to
run scripts on the HTTP server could manipulate the scoreboard and cause
arbitrary processes to be terminated which could lead to a denial of
service.
ok miod@ (who also noticed to protect reclaim_child_processes); henning@;
djm@
|
|
A flaw was found in the mod_status module. On sites where the
server-status page is publicly accessible and ExtendedStatus is enabled
this could lead to a cross-site scripting attack. Note that the
server-status page is not enabled by default and it is best practice to
not make this publicly available.
ok miod@, henning@
|
|
and synopsis of commands
lots of good ideas by jmc@
ok jmc@
|
|
return from the inner loop if the outer loop is not finished -- just break
the inner loop and continue the outside one. In rt_update() nexthops should
not be cleared and freed if the new route is better. This resulted in reset
RIB timers after any calculation run. Instead just mark the nexthop invalid
and go on. Tested and OK pyr@
|
|
a crash triggered by specific malloc.conf settings.
with help and ok millert@
|
|
sensors is requested, but no sensors are found.
ok henning
|
|
ok claudio@
|
|
fixes is from pr 5554. ok millert, ray
|
|
|
|
|
|
|
|
- use .Bk/.Ek
|
|
clever, nice and easy diff from bsd@openbsd.rutgers.edu, ok pyr reyk
|
|
|
|
|
|
ok reyk@
|
|
turned off. This is consistent with historic UNIX behavior.
|
|
and hides the real cause of the termination.
OK norby@, reyk@, pyr@
|
|
|
|
this does not change imsg_compose's behavior but allows the message's
buffer to grow and will avoid sending a ton of small messages when
unrolling lists between two processes.
this is needed for sending multiple routes at once when updating the
fib with multipath routes.
discussed and ok claudio@
|
|
|
|
this does not change imsg_compose's behavior but allows the message's
buffer to grow and will avoid sending a ton of small messages when
unrolling lists between two processes.
discussed with claudio (and coming to ospfd soon).
|
|
PR5549, From: veins@evilkittens.org
|
|
ok claudio@
|
|
|
|
also, ETHERTYPE_PAE is the name used in the 802.1X standard.
pointed out by jsg@
|
|
ok ckuethe, sturm
|
|
fc-cache for @fontdir
ok kili@ espie@
|
|
also found by Kevin Steves
|
|
found by Kevin Steves <stevesk (at) pobox dot com>
|
|
mkfontscale too (and remove fonts.scale on package removal)
discussed with matthieu@ and espie@ weeks ago
"seems fine" pyr@, ok espie@
|
