! 035: SECURITY FIX: December 13, 2004All architectures
On systems running
isakmpd(8)
--- 84,90 ----
! 035: SECURITY FIX: December 13, 2004All architectures
On systems running
isakmpd(8)
***************
*** 98,104 ****
A source code patch exists which remedies this problem.
! 034: RELIABILITY FIX: November 10, 2004All architectures
Due to a bug in
lynx(1)
--- 97,103 ----
A source code patch exists which remedies this problem.
! 034: RELIABILITY FIX: November 10, 2004All architectures
Due to a bug in
lynx(1)
***************
*** 112,118 ****
A source code patch exists which remedies this problem.
! 033: RELIABILITY FIX: November 10, 2004All architectures pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
--- 111,117 ----
A source code patch exists which remedies this problem.
! 033: RELIABILITY FIX: November 10, 2004All architectures pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
***************
*** 122,128 ****
A source code patch exists which remedies this problem.
! 032: RELIABILITY FIX: November 10, 2004All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
--- 121,127 ----
A source code patch exists which remedies this problem.
! 032: RELIABILITY FIX: November 10, 2004All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
***************
*** 132,138 ****
A source code patch exists which remedies this problem.
! 031: SECURITY FIX: September 20, 2004All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
--- 131,137 ----
A source code patch exists which remedies this problem.
! 031: SECURITY FIX: September 20, 2004All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
***************
*** 144,150 ****
A source code patch exists which remedies this problem.
! 030: SECURITY FIX: September 16, 2004All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
--- 143,149 ----
A source code patch exists which remedies this problem.
! 030: SECURITY FIX: September 16, 2004All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
***************
*** 158,164 ****
A source code patch exists which remedies this problem.
! 029: SECURITY FIX: September 10, 2004All architectures httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
--- 157,163 ----
A source code patch exists which remedies this problem.
! 029: SECURITY FIX: September 10, 2004All architectures httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
***************
*** 171,177 ****
! 028: RELIABILITY FIX: August 26, 2004All architectures
As
reported
--- 170,176 ----
! 028: RELIABILITY FIX: August 26, 2004All architectures
As
reported
***************
*** 183,189 ****
A source code patch exists which remedies this problem.
! 027: RELIABILITY FIX: August 25, 2004All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
--- 182,188 ----
A source code patch exists which remedies this problem.
! 027: RELIABILITY FIX: August 25, 2004All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
***************
*** 194,200 ****
A source code patch exists which remedies this problem.
! 026: RELIABILITY FIX: Jul 25, 2004All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
--- 193,199 ----
A source code patch exists which remedies this problem.
! 026: RELIABILITY FIX: Jul 25, 2004All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
***************
*** 204,210 ****
A source code patch exists which remedies this problem.
! 025: SECURITY FIX: June 12, 2004All architectures
Multiple vulnerabilities have been found in
httpd(8)
--- 203,209 ----
A source code patch exists which remedies this problem.
! 025: SECURITY FIX: June 12, 2004All architectures
Multiple vulnerabilities have been found in
httpd(8)
***************
*** 218,224 ****
A source code patch exists which remedies this problem.
! 024: SECURITY FIX: June 10, 2004All architectures
As
disclosed
--- 217,223 ----
A source code patch exists which remedies this problem.
! 024: SECURITY FIX: June 10, 2004All architectures
As
disclosed
***************
*** 231,237 ****
A source code patch exists which remedies this problem.
! 023: SECURITY FIX: June 9, 2004All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
--- 230,236 ----
A source code patch exists which remedies this problem.
! 023: SECURITY FIX: June 9, 2004All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
***************
*** 242,248 ****
A source code patch exists which remedies this problem.
! 022: SECURITY FIX: May 30, 2004All architectures
A flaw in the Kerberos V
kdc(8)
--- 241,247 ----
A source code patch exists which remedies this problem.
! 022: SECURITY FIX: May 30, 2004All architectures
A flaw in the Kerberos V
kdc(8)
***************
*** 257,263 ****
A source code patch exists which remedies this problem.
! 021: SECURITY FIX: May 20, 2004All architectures
A heap overflow in the
cvs(1)
--- 256,262 ----
A source code patch exists which remedies this problem.
! 021: SECURITY FIX: May 20, 2004All architectures
A heap overflow in the
cvs(1)
***************
*** 269,275 ****
A source code patch exists which remedies this problem.
! 020: SECURITY FIX: May 13, 2004All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
--- 268,274 ----
A source code patch exists which remedies this problem.
! 020: SECURITY FIX: May 13, 2004All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
***************
*** 277,283 ****
A source code patch exists which remedies this problem.
! 019: RELIABILITY FIX: May 6, 2004All architectures
Reply to in-window SYN with a rate-limited ACK.
--- 276,282 ----
A source code patch exists which remedies this problem.
! 019: RELIABILITY FIX: May 6, 2004All architectures
Reply to in-window SYN with a rate-limited ACK.
***************
*** 285,291 ****
A source code patch exists which remedies this problem.
! 018: RELIABILITY FIX: May 5, 2004All architectures
Under load "recent model"
gdt(4)
--- 284,290 ----
A source code patch exists which remedies this problem.
! 018: RELIABILITY FIX: May 5, 2004All architectures
Under load "recent model"
gdt(4)
***************
*** 295,301 ****
A source code patch exists which remedies this problem.
! 017: SECURITY FIX: May 5, 2004All architectures
Pathname validation problems have been found in
cvs(1),
--- 294,300 ----
A source code patch exists which remedies this problem.
! 017: SECURITY FIX: May 5, 2004All architectures
Pathname validation problems have been found in
cvs(1),
***************
*** 308,314 ****
A source code patch exists which remedies this problem.
! 016: RELIABILITY FIX: March 17, 2004All architectures
A missing check for a NULL-pointer dereference has been found in
ssl(3).
--- 307,313 ----
A source code patch exists which remedies this problem.
! 016: RELIABILITY FIX: March 17, 2004All architectures
A missing check for a NULL-pointer dereference has been found in
ssl(3).
***************
*** 319,325 ****
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: March 17, 2004All architectures
Defects in the payload validation and processing functions of
isakmpd(8)
--- 318,324 ----
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: March 17, 2004All architectures
Defects in the payload validation and processing functions of
isakmpd(8)
***************
*** 331,337 ****
A source code patch exists which remedies this problem.
! 014: SECURITY FIX: March 13, 2004All architectures
Due to a bug in the parsing of Allow/Deny rules for
httpd(8)'s
--- 330,336 ----
A source code patch exists which remedies this problem.
! 014: SECURITY FIX: March 13, 2004All architectures
Due to a bug in the parsing of Allow/Deny rules for
httpd(8)'s
***************
*** 342,348 ****
A source code patch exists which remedies this problem.
! 013: RELIABILITY FIX: March 8, 2004All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
TCP segments are queued in the system. An attacker could
--- 341,347 ----
A source code patch exists which remedies this problem.
! 013: RELIABILITY FIX: March 8, 2004All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
TCP segments are queued in the system. An attacker could
***************
*** 353,359 ****
A source code patch exists which remedies this problem.
! 012: RELIABILITY FIX: February 14, 2004All architectures
Several buffer overflows exist in the code parsing
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
--- 352,358 ----
A source code patch exists which remedies this problem.
! 012: RELIABILITY FIX: February 14, 2004All architectures
Several buffer overflows exist in the code parsing
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
***************
*** 363,369 ****
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: February 8, 2004All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
to cause a denial of service attack against hosts with reachable IPv6
--- 362,368 ----
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: February 8, 2004All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
to cause a denial of service attack against hosts with reachable IPv6
***************
*** 373,379 ****
A source code patch exists which remedies this problem.
! 010: SECURITY FIX: February 5, 2004All architectures
A reference counting bug exists in the
shmat(2)
--- 372,378 ----
A source code patch exists which remedies this problem.
! 010: SECURITY FIX: February 5, 2004All architectures
A reference counting bug exists in the
shmat(2)
***************
*** 384,390 ****
A source code patch exists which remedies this problem.
! 009: SECURITY FIX: January 13, 2004All architectures
Several message handling flaws in
isakmpd(8)
--- 383,389 ----
A source code patch exists which remedies this problem.
! 009: SECURITY FIX: January 13, 2004All architectures
Several message handling flaws in
isakmpd(8)
***************
*** 396,402 ****
A source code patch exists which remedies this problem.
! 008: RELIABILITY FIX: November 20, 2003All architectures
An improper bounds check makes it possible for a local user to cause a crash
by passing the
--- 395,401 ----
A source code patch exists which remedies this problem.
! 008: RELIABILITY FIX: November 20, 2003All architectures
An improper bounds check makes it possible for a local user to cause a crash
by passing the
***************
*** 408,414 ****
A source code patch exists which remedies this problem.
! 007: RELIABILITY FIX: November 20, 2003All architectures
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
--- 407,413 ----
A source code patch exists which remedies this problem.
! 007: RELIABILITY FIX: November 20, 2003All architectures
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
***************
*** 417,423 ****
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: November 17, 2003i386 only
It may be possible for a local user to overrun the stack in
compat_ibcs2(8).
--- 416,422 ----
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: November 17, 2003i386 only
It may be possible for a local user to overrun the stack in
compat_ibcs2(8).
***************
*** 430,436 ****
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: November 4, 2003All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
--- 429,435 ----
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: November 4, 2003All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
***************
*** 438,456 ****
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: November 1, 2003All architectures
! A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
! or potentially run arbitrary code as the user www (although it
is believed that ProPolice will prevent code execution).
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: November 1, 2003All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
--- 437,455 ----
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: November 1, 2003All architectures
! A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
! or potentially run arbitrary code as the user www (although it
is believed that ProPolice will prevent code execution).
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: November 1, 2003All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
***************
*** 458,464 ****
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: November 1, 2003All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
--- 457,463 ----
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: November 1, 2003All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
***************
*** 468,489 ****
A source code patch exists which remedies this problem.
! 001: DOCUMENTATION FIX: November 1, 2003All architectures
The CD insert documentation has an incorrect example for package installation.
Where it is written:
! The extra / at the end is important. We do not make
patch files available for things printed on paper.
-
-
-
--- 467,485 ----
A source code patch exists which remedies this problem.
! 001: DOCUMENTATION FIX: November 1, 2003All architectures
The CD insert documentation has an incorrect example for package installation.
Where it is written: