! 033: SECURITY FIX: April 28, 2005All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
cvs(1)
--- 85,91 ----
! 033: SECURITY FIX: April 28, 2005All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
cvs(1)
***************
*** 100,106 ****
! 032: RELIABILITY FIX: April 4, 2005All architectures
Handle an edge condition in
tcp(4)
--- 98,104 ----
! 032: RELIABILITY FIX: April 4, 2005All architectures
Handle an edge condition in
tcp(4)
***************
*** 111,117 ****
! 031: SECURITY FIX: March 30, 2005All architectures
Due to buffer overflows in
telnet(1)
--- 109,115 ----
! 031: SECURITY FIX: March 30, 2005All architectures
Due to buffer overflows in
telnet(1)
***************
*** 125,131 ****
! 030: RELIABILITY FIX: March 30, 2005All architectures
Bugs in the
tcp(4)
--- 123,129 ----
! 030: RELIABILITY FIX: March 30, 2005All architectures
Bugs in the
tcp(4)
***************
*** 137,143 ****
! 029: SECURITY FIX: March 16, 2005amd64 only
More stringent checking should be done in the
copy(9)
--- 135,141 ----
! 029: SECURITY FIX: March 16, 2005amd64 only
More stringent checking should be done in the
copy(9)
***************
*** 148,154 ****
! 028: SECURITY FIX: February 28, 2005i386 only
More stringent checking should be done in the
copy(9)
--- 146,152 ----
! 028: SECURITY FIX: February 28, 2005i386 only
More stringent checking should be done in the
copy(9)
***************
*** 159,165 ****
! 027: RELIABILITY FIX: January 11, 2005All architectures
A bug in the
tcp(4)
--- 157,163 ----
! 027: RELIABILITY FIX: January 11, 2005All architectures
A bug in the
tcp(4)
***************
*** 172,178 ****
! 026: SECURITY FIX: January 12, 2005All architectures httpd(8)
's mod_include module fails to properly validate the length of
--- 170,176 ----
! 026: SECURITY FIX: January 12, 2005All architectures httpd(8)
's mod_include module fails to properly validate the length of
***************
*** 187,193 ****
! 025: RELIABILITY FIX: January 6, 2005All architectures
The
getcwd(3)
--- 185,191 ----
! 025: RELIABILITY FIX: January 6, 2005All architectures
The
getcwd(3)
***************
*** 199,205 ****
! 024: SECURITY FIX: December 14, 2004All architectures
On systems running
isakmpd(8)
--- 197,203 ----
! 024: SECURITY FIX: December 14, 2004All architectures
On systems running
isakmpd(8)
***************
*** 212,218 ****
A source code patch exists which remedies this problem.
! 023: RELIABILITY FIX: November 10, 2004All architectures
Due to a bug in
lynx(1)
--- 210,216 ----
A source code patch exists which remedies this problem.
! 023: RELIABILITY FIX: November 10, 2004All architectures
Due to a bug in
lynx(1)
***************
*** 226,232 ****
A source code patch exists which remedies this problem.
! 022: RELIABILITY FIX: November 10, 2004All architectures pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
--- 224,230 ----
A source code patch exists which remedies this problem.
! 022: RELIABILITY FIX: November 10, 2004All architectures pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
***************
*** 236,242 ****
A source code patch exists which remedies this problem.
! 021: RELIABILITY FIX: November 10, 2004All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
--- 234,240 ----
A source code patch exists which remedies this problem.
! 021: RELIABILITY FIX: November 10, 2004All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
***************
*** 246,252 ****
A source code patch exists which remedies this problem.
! 020: SECURITY FIX: September 20, 2004All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
--- 244,250 ----
A source code patch exists which remedies this problem.
! 020: SECURITY FIX: September 20, 2004All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
***************
*** 258,264 ****
A source code patch exists which remedies this problem.
! 019: SECURITY FIX: September 16, 2004All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
--- 256,262 ----
A source code patch exists which remedies this problem.
! 019: SECURITY FIX: September 16, 2004All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
***************
*** 272,278 ****
A source code patch exists which remedies this problem.
! 018: SECURITY FIX: September 10, 2004All architectures httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
--- 270,276 ----
A source code patch exists which remedies this problem.
! 018: SECURITY FIX: September 10, 2004All architectures httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
***************
*** 284,290 ****
A source code patch exists which remedies this problem.
! 017: RELIABILITY FIX: August 29, 2004All architectures
Due to incorrect error handling in zlib an attacker could potentially cause a Denial
of Service attack.
--- 282,288 ----
A source code patch exists which remedies this problem.
! 017: RELIABILITY FIX: August 29, 2004All architectures
Due to incorrect error handling in zlib an attacker could potentially cause a Denial
of Service attack.
***************
*** 295,301 ****
A source code patch exists which remedies this problem.
! 016: RELIABILITY FIX: August 26, 2004All architectures
As
reported
--- 293,299 ----
A source code patch exists which remedies this problem.
! 016: RELIABILITY FIX: August 26, 2004All architectures
As
reported
***************
*** 307,313 ****
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: August 25, 2004All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
--- 305,311 ----
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: August 25, 2004All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
***************
*** 318,324 ****
A source code patch exists which remedies this problem.
! 014: RELIABILITY FIX: July 25, 2004All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
--- 316,322 ----
A source code patch exists which remedies this problem.
! 014: RELIABILITY FIX: July 25, 2004All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
***************
*** 328,334 ****
A source code patch exists which remedies this problem.
! 013: SECURITY FIX: June 12, 2004All architectures
Multiple vulnerabilities have been found in
httpd(8)
--- 326,332 ----
A source code patch exists which remedies this problem.
! 013: SECURITY FIX: June 12, 2004All architectures
Multiple vulnerabilities have been found in
httpd(8)
***************
*** 342,348 ****
A source code patch exists which remedies this problem.
! 012: SECURITY FIX: June 10, 2004All architectures
As
disclosed
--- 340,346 ----
A source code patch exists which remedies this problem.
! 012: SECURITY FIX: June 10, 2004All architectures
As
disclosed
***************
*** 355,361 ****
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: June 9, 2004All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
--- 353,359 ----
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: June 9, 2004All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
***************
*** 366,372 ****
A source code patch exists which remedies this problem.
! 010: RELIABILITY FIX: June 9, 2004All architectures
A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
non-blocking mode for writing when there are no processes reading the FIFO.
--- 364,370 ----
A source code patch exists which remedies this problem.
! 010: RELIABILITY FIX: June 9, 2004All architectures
A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
non-blocking mode for writing when there are no processes reading the FIFO.
***************
*** 377,383 ****
A source code patch exists which remedies this problem.
! 009: SECURITY FIX: May 30, 2004All architectures
A flaw in the Kerberos V
kdc(8)
--- 375,381 ----
A source code patch exists which remedies this problem.
! 009: SECURITY FIX: May 30, 2004All architectures
A flaw in the Kerberos V
kdc(8)
***************
*** 392,398 ****
A source code patch exists which remedies this problem.
! 008: SECURITY FIX: May 26, 2004All architectures
With the introduction of IPv6 code in
xdm(1),
--- 390,396 ----
A source code patch exists which remedies this problem.
! 008: SECURITY FIX: May 26, 2004All architectures
With the introduction of IPv6 code in
xdm(1),
***************
*** 406,412 ****
A source code patch exists which remedies this problem.
! 007: SECURITY FIX: May 20, 2004All architectures
A heap overflow in the
cvs(1)
--- 404,410 ----
A source code patch exists which remedies this problem.
! 007: SECURITY FIX: May 20, 2004All architectures
A heap overflow in the
cvs(1)
***************
*** 418,424 ****
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: May 13, 2004All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
--- 416,422 ----
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: May 13, 2004All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
***************
*** 426,432 ****
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: May 6, 2004All architectures
Reply to in-window SYN with a rate-limited ACK.
--- 424,430 ----
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: May 6, 2004All architectures
Reply to in-window SYN with a rate-limited ACK.
***************
*** 434,440 ****
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: May 5, 2004All architectures
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
siop(4),
--- 432,438 ----
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: May 5, 2004All architectures
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
siop(4),
***************
*** 446,452 ****
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: May 5, 2004All architectures
Under load "recent model"
gdt(4)
--- 444,450 ----
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: May 5, 2004All architectures
Under load "recent model"
gdt(4)
***************
*** 456,462 ****
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: May 5, 2004All architectures
Pathname validation problems have been found in
cvs(1),
--- 454,460 ----
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: May 5, 2004All architectures
Pathname validation problems have been found in
cvs(1),
***************
*** 469,475 ****
A source code patch exists which remedies this problem.
! 001: BROKEN PACKAGE ON CD: May 4, 2004macppc only
The powerpc autobook-1.3.tgz package found on CD2 has been found to be corrupt,
and will not extract.
A replacement package can be found on the ftp sites.
--- 467,473 ----
A source code patch exists which remedies this problem.
! 001: BROKEN PACKAGE ON CD: May 4, 2004macppc only
The powerpc autobook-1.3.tgz package found on CD2 has been found to be corrupt,
and will not extract.
A replacement package can be found on the ftp sites.
***************
*** 478,483 ****