-024: SECURITY FIX: May 26, 2000
+024: SECURITY FIX: May 26, 2000All architectures
Kernel contained an undocumented system call used to lock semaphore operations
while they were being sampled by the ipcs(1) command. This locking could be
@@ -98,7 +96,7 @@
A source code patch exists which remedies this problem.
-023: SECURITY FIX: May 25, 2000
+023: SECURITY FIX: May 25, 2000All architectures
A misuse of ipf(8)
keep-state rules can result in firewall rules being
@@ -110,7 +108,7 @@
It updates ipf to version 3.3.16.
-022: SECURITY FIX: May 25, 2000
+022: SECURITY FIX: May 25, 2000All architectures
xlockmore has a localhost attack against it which allows recovery of the encrypted
hash of the root password. The damage to systems using DES passwords from this
@@ -126,7 +124,7 @@
This is the 2nd patch designed to solve this problem.
-021: RZSZ SNOOPING: Jan 31, 2000
+021: RZSZ SNOOPING: Jan 31, 2000All architectures
The rzsz port was removed from the ports collection, as it collects and
sends user information to a designated email address, effectively spying on
@@ -134,7 +132,7 @@
it.
-020: LIBRARY IMPROVEMENT: Jan 26, 2000
+020: LIBRARY IMPROVEMENT: Jan 26, 2000All architectures
syslog(3) would not try to reopen the socket, thus, nightly newsyslog(8)
would cause syslogd(8) to not see new messages.
@@ -142,7 +140,7 @@
A source code patch exists which remedies this problem.
-019: DRIVER IMPROVEMENT: Jan 20, 2000
+019: DRIVER IMPROVEMENT: Jan 20, 2000All architectures
Intel fxp cards with National Semiconductor PHYs (nsphy) have trouble
negotiating and maintaining 100Mb link integrity.
@@ -150,7 +148,7 @@
A source code patch exists which remedies this problem.
-018: SECURITY FIX: Jan 20, 2000
+018: SECURITY FIX: Jan 20, 2000All architectures
Systems running with procfs enabled and mounted are vulnerable
to having the stderr output of setuid processes directed onto
@@ -160,7 +158,7 @@
A source code patch exists which remedies this problem.
-017: FUNCTIONALITY ADDITION: Nov 14, 1999
+017: FUNCTIONALITY ADDITION: Nov 14, 1999All architectures
Fortran doesn't work right. The file /usr/include/g2c.h is missing in the
release.
@@ -171,15 +169,15 @@
the include file to your system.
-016: SECURITY FIX: Dec 2, 1999
+016: SECURITY FIX: Dec 2, 1999All architectures
A buffer overflow in the RSAREF code included in the
-USA version of the libssl package (called sslUSA, is
+USA version of the libssl package (called sslUSA, is
possibly exploitable in isakmpd if SSL/RSA features
are enabled or used. OpenSSH and httpd (with -DSSL) are not
vulnerable.
-NOTE: International users using the ssl26 package are not affected.
+NOTE: International users using the ssl26 package are not affected.
Non-commercial USA users who installed the ssl package before December 3
-should upgrade their sslUSA26 package using:
+should upgrade their sslUSA26 package using:
-Using the new sslUSA26.tar.gz files which have been placed
+Using the new sslUSA26.tar.gz files which have been placed
on the FTP mirrors. For more information, see the advisory.
-NOTE: this problem turned out to not be unexploitable in OpenSSH.
+NOTE: this problem turned out to not be unexploitable in OpenSSH.
-012: DRIVER IMPROVEMENT: Jan 3, 2000
+012: DRIVER IMPROVEMENT: Jan 3, 2000All architectures
The 3C900B-TPO fails to select the correct media type (it never sees or
sends packets).
@@ -229,21 +227,21 @@
A source code patch exists which remedies this problem.
-009: DRIVER IMPROVEMENTS: Dec 4, 1999
+009: DRIVER IMPROVEMENTS: Dec 4, 1999All architectures
Various improvements have been made to the IDE/ATAPI subsystem since
the 2.6 release shipped.
@@ -252,38 +250,38 @@
Revision 1 of this jumbo source code patch exists.
-005: FUNCTIONALITY ADDITION: Nov 11, 1999
+005: FUNCTIONALITY ADDITION: Nov 11, 1999All architectures
Various OpenSSH improvements have been made since the 2.6 release shipped.
To resolve the various (non-security related) features which users may want,
-we are making a jumbo patch available. This is now at VERSION FOUR.
+we are making a jumbo patch available. This is now at VERSION FOUR.
Revision 4 of this jumbo source code patch exists.
-NOTE: /etc/sshd_config and /etc/ssh_config may need changes.
+NOTE: /etc/sshd_config and /etc/ssh_config may need changes.
-001: RELIABILITY FIX: Nov 8, 1999
+001: RELIABILITY FIX: Nov 8, 1999All architectures
A race condition in newsyslog(8) can cause errors in log file rotation.
@@ -308,6 +306,3 @@