-033: SECURITY FIX: April 28, 2005
+033: SECURITY FIX: April 28, 2005All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
cvs(1)
@@ -100,7 +98,7 @@
-032: RELIABILITY FIX: April 4, 2005
+032: RELIABILITY FIX: April 4, 2005All architectures
Handle an edge condition in
tcp(4)
@@ -111,7 +109,7 @@
-031: SECURITY FIX: March 30, 2005
+031: SECURITY FIX: March 30, 2005All architectures
Due to buffer overflows in
telnet(1)
@@ -125,7 +123,7 @@
-030: RELIABILITY FIX: March 30, 2005
+030: RELIABILITY FIX: March 30, 2005All architectures
Bugs in the
tcp(4)
@@ -137,7 +135,7 @@
-029: SECURITY FIX: March 16, 2005
+029: SECURITY FIX: March 16, 2005amd64 only
More stringent checking should be done in the
copy(9)
@@ -148,7 +146,7 @@
-028: SECURITY FIX: February 28, 2005
+028: SECURITY FIX: February 28, 2005i386 only
More stringent checking should be done in the
copy(9)
@@ -159,7 +157,7 @@
-027: RELIABILITY FIX: January 11, 2005
+027: RELIABILITY FIX: January 11, 2005All architectures
A bug in the
tcp(4)
@@ -172,7 +170,7 @@
-026: SECURITY FIX: January 12, 2005
+026: SECURITY FIX: January 12, 2005All architectures httpd(8)
's mod_include module fails to properly validate the length of
@@ -187,7 +185,7 @@
-025: RELIABILITY FIX: January 6, 2005
+025: RELIABILITY FIX: January 6, 2005All architectures
The
getcwd(3)
@@ -199,7 +197,7 @@
-024: SECURITY FIX: December 14, 2004
+024: SECURITY FIX: December 14, 2004All architectures
On systems running
isakmpd(8)
@@ -212,7 +210,7 @@
A source code patch exists which remedies this problem.
-023: RELIABILITY FIX: November 10, 2004
+023: RELIABILITY FIX: November 10, 2004All architectures
Due to a bug in
lynx(1)
@@ -226,7 +224,7 @@
A source code patch exists which remedies this problem.
-022: RELIABILITY FIX: November 10, 2004
+022: RELIABILITY FIX: November 10, 2004All architectures pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
@@ -236,7 +234,7 @@
A source code patch exists which remedies this problem.
-021: RELIABILITY FIX: November 10, 2004
+021: RELIABILITY FIX: November 10, 2004All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
@@ -246,7 +244,7 @@
A source code patch exists which remedies this problem.
-020: SECURITY FIX: September 20, 2004
+020: SECURITY FIX: September 20, 2004All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
@@ -258,7 +256,7 @@
A source code patch exists which remedies this problem.
-019: SECURITY FIX: September 16, 2004
+019: SECURITY FIX: September 16, 2004All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
@@ -272,7 +270,7 @@
A source code patch exists which remedies this problem.
-018: SECURITY FIX: September 10, 2004
+018: SECURITY FIX: September 10, 2004All architectures httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
@@ -284,7 +282,7 @@
A source code patch exists which remedies this problem.
-017: RELIABILITY FIX: August 29, 2004
+017: RELIABILITY FIX: August 29, 2004All architectures
Due to incorrect error handling in zlib an attacker could potentially cause a Denial
of Service attack.
@@ -295,7 +293,7 @@
A source code patch exists which remedies this problem.
-016: RELIABILITY FIX: August 26, 2004
+016: RELIABILITY FIX: August 26, 2004All architectures
As
reported
@@ -307,7 +305,7 @@
A source code patch exists which remedies this problem.
-015: RELIABILITY FIX: August 25, 2004
+015: RELIABILITY FIX: August 25, 2004All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
@@ -318,7 +316,7 @@
A source code patch exists which remedies this problem.
-014: RELIABILITY FIX: July 25, 2004
+014: RELIABILITY FIX: July 25, 2004All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
@@ -328,7 +326,7 @@
A source code patch exists which remedies this problem.
-013: SECURITY FIX: June 12, 2004
+013: SECURITY FIX: June 12, 2004All architectures
Multiple vulnerabilities have been found in
httpd(8)
@@ -342,7 +340,7 @@
A source code patch exists which remedies this problem.
-012: SECURITY FIX: June 10, 2004
+012: SECURITY FIX: June 10, 2004All architectures
As
disclosed
@@ -355,7 +353,7 @@
A source code patch exists which remedies this problem.
-011: SECURITY FIX: June 9, 2004
+011: SECURITY FIX: June 9, 2004All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
@@ -366,7 +364,7 @@
A source code patch exists which remedies this problem.
-010: RELIABILITY FIX: June 9, 2004
+010: RELIABILITY FIX: June 9, 2004All architectures
A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
non-blocking mode for writing when there are no processes reading the FIFO.
@@ -377,7 +375,7 @@
A source code patch exists which remedies this problem.
-009: SECURITY FIX: May 30, 2004
+009: SECURITY FIX: May 30, 2004All architectures
A flaw in the Kerberos V
kdc(8)
@@ -392,7 +390,7 @@
A source code patch exists which remedies this problem.
-008: SECURITY FIX: May 26, 2004
+008: SECURITY FIX: May 26, 2004All architectures
With the introduction of IPv6 code in
xdm(1),
@@ -406,7 +404,7 @@
A source code patch exists which remedies this problem.
-007: SECURITY FIX: May 20, 2004
+007: SECURITY FIX: May 20, 2004All architectures
A heap overflow in the
cvs(1)
@@ -418,7 +416,7 @@
A source code patch exists which remedies this problem.
-006: SECURITY FIX: May 13, 2004
+006: SECURITY FIX: May 13, 2004All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
@@ -426,7 +424,7 @@
A source code patch exists which remedies this problem.
-005: RELIABILITY FIX: May 6, 2004
+005: RELIABILITY FIX: May 6, 2004All architectures
Reply to in-window SYN with a rate-limited ACK.
@@ -434,7 +432,7 @@
A source code patch exists which remedies this problem.
-004: RELIABILITY FIX: May 5, 2004
+004: RELIABILITY FIX: May 5, 2004All architectures
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
siop(4),
@@ -446,7 +444,7 @@
A source code patch exists which remedies this problem.
-003: RELIABILITY FIX: May 5, 2004
+003: RELIABILITY FIX: May 5, 2004All architectures
Under load "recent model"
gdt(4)
@@ -456,7 +454,7 @@
A source code patch exists which remedies this problem.
-002: SECURITY FIX: May 5, 2004
+002: SECURITY FIX: May 5, 2004All architectures
Pathname validation problems have been found in
cvs(1),
@@ -469,7 +467,7 @@
A source code patch exists which remedies this problem.
-001: BROKEN PACKAGE ON CD: May 4, 2004macppc only
+001: BROKEN PACKAGE ON CD: May 4, 2004macppc only
The powerpc autobook-1.3.tgz package found on CD2 has been found to be corrupt,
and will not extract.
A replacement package can be found on the ftp sites.
@@ -478,6 +476,3 @@