! 014: SECURITY FIX: March 30, 2005All architectures
! Due to buffer overflows in
! telnet(1),
! a malicious server or man-in-the-middle attack could allow execution of
! arbitrary code with the privileges of the user invoking
! telnet(1).
! Noone should use telnet anymore. Please use
! ssh(1).
!
!
! A source code patch exists which remedies this problem.
!
!
!
! 013: RELIABILITY FIX: March 30, 2005All architectures
! Bugs in the
! tcp(4)
! stack can lead to memory exhaustion or processing of TCP segments with
! invalid SACK options and cause a system crash.
!
!
! A source code patch exists which remedies this problem.
!
! 010: RELIABILITY FIX: January 11, 2005All architectures
! A bug in the
! tcp(4)
! stack allows an invalid argument to be used in calculating the TCP
! retransmit timeout. By sending packets with specific values in the TCP
! timestamp option, an attacker can cause a system panic.
!
!
! A source code patch exists which remedies this problem.
!
!
!
! 009: SECURITY FIX: January 12, 2005All architectures
! httpd(8)
! 's mod_include module fails to properly validate the length of
! user supplied tag strings prior to copying them to a local buffer,
! causing a buffer overflow.
!
! This would require enabling the XBitHack directive or server-side
! includes and making use of a malicious document.
!
!
! A source code patch exists which remedies this problem.
!
!
!
! 008: RELIABILITY FIX: January 6, 2005All architectures
! The
! getcwd(3)
! library function contains a memory management error, which causes failure
! to retrieve the current working directory if the path is very long.
!
!
! A source code patch exists which remedies this problem.
!
! 003: RELIABILITY FIX: November 10, 2004All architectures
! pppd(8)
! contains a bug that allows an attacker to crash his own connection, but it cannot
! be used to deny service to other users.
!
!
! A source code patch exists which remedies this problem.
!
!
!
! 002: RELIABILITY FIX: November 10, 2004All architectures
! BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
! cases where IPv6 connectivity is non-existent. This results in unneccessary timeouts and
! thus slow DNS queries.
!
!
! A source code patch exists which remedies this problem.
!