-020: SECURITY FIX: October 12, 2006
+020: SECURITY FIX: October 12, 2006All architectures
Fix 2 security bugs found in OpenSSH. A pre-authentication denial of service (found
by Tavis Ormandy) that would cause
@@ -104,7 +102,7 @@
-019: SECURITY FIX: October 7, 2006
+019: SECURITY FIX: October 7, 2006All architectures
Fix for an integer overflow in
systrace(4)'s
@@ -117,7 +115,7 @@
-018: SECURITY FIX: October 7, 2006
+018: SECURITY FIX: October 7, 2006All architectures
Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
structures an error condition is mishandled, possibly resulting in an infinite
@@ -135,7 +133,7 @@
-017: SECURITY FIX: October 7, 2006
+017: SECURITY FIX: October 7, 2006All architectures httpd(8)
does not sanitize the Expect header from an HTTP request when it is
@@ -148,7 +146,7 @@
-016: SECURITY FIX: September 8, 2006
+016: SECURITY FIX: September 8, 2006All architectures
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for
an attacker to construct an invalid signature which OpenSSL would accept as a
@@ -160,7 +158,7 @@
-015: SECURITY FIX: September 8, 2006
+015: SECURITY FIX: September 8, 2006All architectures
Two Denial of Service issues have been found with BIND.
An attacker who can perform recursive lookups on a DNS server and is able
@@ -177,7 +175,7 @@
-014: SECURITY FIX: September 2, 2006
+014: SECURITY FIX: September 2, 2006All architectures
Due to the failure to correctly validate LCP configuration option lengths,
it is possible for an attacker to send LCP packets via an
@@ -190,7 +188,7 @@
-013: SECURITY FIX: August 25, 2006
+013: SECURITY FIX: August 25, 2006All architectures
A problem in
isakmpd(8)
@@ -205,7 +203,7 @@
-012: SECURITY FIX: August 25, 2006
+012: SECURITY FIX: August 25, 2006All architectures
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
@@ -215,7 +213,7 @@
-011: SECURITY FIX: August 25, 2006
+011: SECURITY FIX: August 25, 2006All architectures
Due to an off-by-one error in
dhcpd(8),
@@ -229,7 +227,7 @@
-010: SECURITY FIX: August 25, 2006
+010: SECURITY FIX: August 25, 2006All architectures
A potential denial of service problem has been found in sendmail. A message
with really long header lines could trigger a use-after-free bug causing
@@ -240,7 +238,7 @@
-009: SECURITY FIX: July 30, 2006
+009: SECURITY FIX: July 30, 2006All architectures httpd(8)'s
mod_rewrite has a potentially exploitable off-by-one buffer overflow.
@@ -254,7 +252,7 @@
-008: SECURITY FIX: June 15, 2006
+008: SECURITY FIX: June 15, 2006All architectures
A potential denial of service problem has been found in sendmail. A malformed MIME
message could trigger excessive recursion which will lead to stack exhaustion.
@@ -268,7 +266,7 @@
-007: SECURITY FIX: May 2, 2006
+007: SECURITY FIX: May 2, 2006All architectures
A security vulnerability has been found in the X.Org server --
CVE-2006-1526.
@@ -280,7 +278,7 @@
-006: SECURITY FIX: March 25, 2006
+006: SECURITY FIX: March 25, 2006All architectures
A race condition has been reported to exist in the handling by sendmail of
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
@@ -291,7 +289,7 @@
-005: SECURITY FIX: February 12, 2006
+005: SECURITY FIX: February 12, 2006All architectures
Josh Bressers has reported a weakness in OpenSSH caused due to the insecure use of the
system(3)
@@ -306,7 +304,7 @@
-004: RELIABILITY FIX: January 13, 2006
+004: RELIABILITY FIX: January 13, 2006i386 architecture
Constrain
i386_set_ioperm(2)
@@ -318,7 +316,7 @@
-003: RELIABILITY FIX: January 13, 2006
+003: RELIABILITY FIX: January 13, 2006i386 architecture
Change the implementation of i386 W^X so that the "execute line" can move around.
Before it was limited to being either at 512MB (below which all code normally
@@ -334,7 +332,7 @@
-002: SECURITY FIX: January 5, 2006
+002: SECURITY FIX: January 5, 2006All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
@@ -343,7 +341,7 @@
-001: SECURITY FIX: January 5, 2006
+001: SECURITY FIX: January 5, 2006All architectures
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
@@ -355,6 +353,3 @@