svn commit: r354598 - in stable: 11/contrib/libc++/include 11/sys/sys 12/contrib/libc++/include 12/sys/sys

Antoine Brodin antoine at freebsd.org
Mon Nov 11 08:03:50 UTC 2019 

On Sun, Nov 10, 2019 at 7:41 PM Dimitry Andric <dim at freebsd.org> wrote:
>
> Author: dim
> Date: Sun Nov 10 18:41:13 2019
> New Revision: 354598
> URL: https://svnweb.freebsd.org/changeset/base/354598
>
> Log:
>   MFC r354460:
>
>   Merge commit e8316372b from llvm git (by Louis Dionne):
>
>     [libc++] Add `__truncating_cast` for safely casting float types to
>     integers
>
>     This is needed anytime we need to clamp an arbitrary floating point
>     value to an integer type.
>
>     Thanks to Eric Fiselier for the patch.
>
>     Differential Revision: https://reviews.llvm.org/D66836
>
>     llvm-svn: 370891
>
>   Merge commit b92deded8 from llvm git (by Louis Dionne):
>
>     [libc++] Move __clamp_to_integral to <cmath>, and harden against
>     min()/max() macros
>
>     llvm-svn: 370900
>
>   Merge commit 0ec6a4882 from llvm git (by Louis Dionne):
>
>     [libc++] Fix potential OOB in poisson_distribution
>
>     See details in the original Chromium bug report:
>         https://bugs.chromium.org/p/chromium/issues/detail?id=994957
>
>   Together, these fix a security issue in libc++'s implementation of
>   std::poisson_distribution, which can be exploited to read data which is
>   out of bounds.
>
>   Note there are no programs in the FreeBSD base system that use
>   std::poisson_distribution, so this is only a possible issue for ports
>   and external programs which have been built against libc++.  Therefore,
>   I am bumping __FreeBSD_version for the benefit of our port maintainers.
>
>   Requested by: emaste
>   Security:     potential OOB read
>
> Modified:
>   stable/11/contrib/libc++/include/cmath
>   stable/11/contrib/libc++/include/random
>   stable/11/sys/sys/param.h
> Directory Properties:
>   stable/11/   (props changed)
>
> Changes in other areas also in this revision:
> Modified:
>   stable/12/contrib/libc++/include/cmath
>   stable/12/contrib/libc++/include/random
>   stable/12/sys/sys/param.h
> Directory Properties:
>   stable/12/   (props changed)

Hi,

It seems that some recent changes to stable/11 are broken,  lots of
ports now fail to build on stable/11.

Antoine (with hat: portmgr)

More information about the svn-src-stable-11 mailing list