not going to fix in order to stay compatible with legacy password data.
Nobody should use DES crypt anyway these days.
See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc
for details about this bug.
Discussed with deraadt and beck about half a year ago (I'm pruning Ms
from my tree).
unmapping of freed allocations without disabling chunk randomisation
like the "Freeguard" ('F') option does. Make security 'S' option
use 'U' and not 'F'.
Rationale: guarding with no chunk randomisation is great for debugging
use-after-free, but chunk randomisation offers better defence against
"heap feng shui" style attacks that depend on carefully constructing a
particular heap layout so we should leave this enabled when requesting
security options.
be included in source files that specify POSIX source. libutil isn't
a standard POSIX library, but no need to be gratuitously incompatible.
Fixes x11/st.
ok tedu, guenther, kettenis
variants) for URLs, allowing mandoc -Thtml to properly generate links;
(sendmail.8 changes are simply using Lk, which i somehow missed in previous)
ingo reminded me to verify that gnu groff recognises %U: 1.20.1 does not,
but 1.21 does;
``-upper_bound % upper_bound''. Simplifies the code and makes it the
same on both ILP32 and LP64 architectures, and also slightly faster on
LP64 architectures by using a 32-bit remainder instead of a 64-bit
remainder.
Pointed out by Jorden Verwer on tech@
ok deraadt; no objections from djm or otto
clear out the entire requested area, not just a perfect fit. second,
use mquery to check for room to avoid getting an address we don't like
and having to send it back.
on descriptors, this can be achieved thanks to the new getdtablecount()
system call. application may provide a reserve count to ensure that the
recvmsg() call is not called when they don't have enough descriptors to
work properly.
change the API so that transient errors that can be retried immediately
are retried within the function right away, whereas transient errors for
which the application may want to take action will set errno to EAGAIN.
ok deraadt@ and henning@