! 020: SECURITY FIX: October 12, 2006All architectures
Fix 2 security bugs found in OpenSSH. A pre-authentication denial of service (found
by Tavis Ormandy) that would cause
--- 86,92 ----
! 020: SECURITY FIX: October 12, 2006All architectures
Fix 2 security bugs found in OpenSSH. A pre-authentication denial of service (found
by Tavis Ormandy) that would cause
***************
*** 104,110 ****
! 019: SECURITY FIX: October 7, 2006All architectures
Fix for an integer overflow in
systrace(4)'s
--- 102,108 ----
! 019: SECURITY FIX: October 7, 2006All architectures
Fix for an integer overflow in
systrace(4)'s
***************
*** 117,123 ****
! 018: SECURITY FIX: October 7, 2006All architectures
Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
structures an error condition is mishandled, possibly resulting in an infinite
--- 115,121 ----
! 018: SECURITY FIX: October 7, 2006All architectures
Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
structures an error condition is mishandled, possibly resulting in an infinite
***************
*** 135,141 ****
! 017: SECURITY FIX: October 7, 2006All architectures httpd(8)
does not sanitize the Expect header from an HTTP request when it is
--- 133,139 ----
! 017: SECURITY FIX: October 7, 2006All architectures httpd(8)
does not sanitize the Expect header from an HTTP request when it is
***************
*** 148,154 ****
! 016: SECURITY FIX: September 8, 2006All architectures
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for
an attacker to construct an invalid signature which OpenSSL would accept as a
--- 146,152 ----
! 016: SECURITY FIX: September 8, 2006All architectures
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for
an attacker to construct an invalid signature which OpenSSL would accept as a
***************
*** 160,166 ****
! 015: SECURITY FIX: September 8, 2006All architectures
Two Denial of Service issues have been found with BIND.
An attacker who can perform recursive lookups on a DNS server and is able
--- 158,164 ----
! 015: SECURITY FIX: September 8, 2006All architectures
Two Denial of Service issues have been found with BIND.
An attacker who can perform recursive lookups on a DNS server and is able
***************
*** 177,183 ****
! 014: SECURITY FIX: September 2, 2006All architectures
Due to the failure to correctly validate LCP configuration option lengths,
it is possible for an attacker to send LCP packets via an
--- 175,181 ----
! 014: SECURITY FIX: September 2, 2006All architectures
Due to the failure to correctly validate LCP configuration option lengths,
it is possible for an attacker to send LCP packets via an
***************
*** 190,196 ****
! 013: SECURITY FIX: August 25, 2006All architectures
A problem in
isakmpd(8)
--- 188,194 ----
! 013: SECURITY FIX: August 25, 2006All architectures
A problem in
isakmpd(8)
***************
*** 205,211 ****
! 012: SECURITY FIX: August 25, 2006All architectures
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
--- 203,209 ----
! 012: SECURITY FIX: August 25, 2006All architectures
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
***************
*** 215,221 ****
! 011: SECURITY FIX: August 25, 2006All architectures
Due to an off-by-one error in
dhcpd(8),
--- 213,219 ----
! 011: SECURITY FIX: August 25, 2006All architectures
Due to an off-by-one error in
dhcpd(8),
***************
*** 229,235 ****
! 010: SECURITY FIX: August 25, 2006All architectures
A potential denial of service problem has been found in sendmail. A message
with really long header lines could trigger a use-after-free bug causing
--- 227,233 ----
! 010: SECURITY FIX: August 25, 2006All architectures
A potential denial of service problem has been found in sendmail. A message
with really long header lines could trigger a use-after-free bug causing
***************
*** 240,246 ****
! 009: SECURITY FIX: July 30, 2006All architectures httpd(8)'s
mod_rewrite has a potentially exploitable off-by-one buffer overflow.
--- 238,244 ----
! 009: SECURITY FIX: July 30, 2006All architectures httpd(8)'s
mod_rewrite has a potentially exploitable off-by-one buffer overflow.
***************
*** 254,260 ****
! 008: SECURITY FIX: June 15, 2006All architectures
A potential denial of service problem has been found in sendmail. A malformed MIME
message could trigger excessive recursion which will lead to stack exhaustion.
--- 252,258 ----
! 008: SECURITY FIX: June 15, 2006All architectures
A potential denial of service problem has been found in sendmail. A malformed MIME
message could trigger excessive recursion which will lead to stack exhaustion.
***************
*** 268,274 ****
! 007: SECURITY FIX: May 2, 2006All architectures
A security vulnerability has been found in the X.Org server --
CVE-2006-1526.
--- 266,272 ----
! 007: SECURITY FIX: May 2, 2006All architectures
A security vulnerability has been found in the X.Org server --
CVE-2006-1526.
***************
*** 280,286 ****
! 006: SECURITY FIX: March 25, 2006All architectures
A race condition has been reported to exist in the handling by sendmail of
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
--- 278,284 ----
! 006: SECURITY FIX: March 25, 2006All architectures
A race condition has been reported to exist in the handling by sendmail of
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
***************
*** 291,297 ****
! 005: SECURITY FIX: February 12, 2006All architectures
Josh Bressers has reported a weakness in OpenSSH caused due to the insecure use of the
system(3)
--- 289,295 ----
! 005: SECURITY FIX: February 12, 2006All architectures
Josh Bressers has reported a weakness in OpenSSH caused due to the insecure use of the
system(3)
***************
*** 306,312 ****
! 003: RELIABILITY FIX: January 13, 2006i386 architecture
Change the implementation of i386 W^X so that the "execute line" can move around.
Before it was limited to being either at 512MB (below which all code normally
--- 316,322 ----
! 003: RELIABILITY FIX: January 13, 2006i386 architecture
Change the implementation of i386 W^X so that the "execute line" can move around.
Before it was limited to being either at 512MB (below which all code normally
***************
*** 334,340 ****
! 002: SECURITY FIX: January 5, 2006All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
--- 332,338 ----
! 002: SECURITY FIX: January 5, 2006All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
***************
*** 343,349 ****
! 001: SECURITY FIX: January 5, 2006All architectures
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
--- 341,347 ----
! 001: SECURITY FIX: January 5, 2006All architectures
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
***************
*** 355,360 ****