dcb9c59cc2
Fix bsnmpd remote denial of service vulnerability. [SA-14:01] Fix ntpd distributed reflection Denial of Service vulnerability. [SA-14:02] Fix OpenSSL multiple vulnerabilities. [SA-14:03] Fix BIND remote denial of service vulnerability. [SA-14:04] Disable hardware RNGs by default. [EN-14:01] Fix incorrect coalescing of stack entry with mmap. [EN-14:02]
22 lines
588 B
Diff
22 lines
588 B
Diff
Index: sys/dev/random/probe.c
|
|
===================================================================
|
|
--- sys/dev/random/probe.c (revision 259661)
|
|
+++ sys/dev/random/probe.c (working copy)
|
|
@@ -73,7 +73,7 @@
|
|
if (via_feature_rng & VIA_HAS_RNG) {
|
|
int enable;
|
|
|
|
- enable = 1;
|
|
+ enable = 0;
|
|
TUNABLE_INT_FETCH("hw.nehemiah_rng_enable", &enable);
|
|
if (enable)
|
|
*systat = random_nehemiah;
|
|
@@ -83,7 +83,7 @@
|
|
if (cpu_feature2 & CPUID2_RDRAND) {
|
|
int enable;
|
|
|
|
- enable = 1;
|
|
+ enable = 0;
|
|
TUNABLE_INT_FETCH("hw.ivy_rng_enable", &enable);
|
|
if (enable)
|
|
*systat = random_ivy;
|