-016: RELIABILITY FIX: October 28, 2009
+016: RELIABILITY FIX: October 28, 2009All architectures
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
@@ -97,7 +95,7 @@
-015: RELIABILITY FIX: October 05, 2009
+015: RELIABILITY FIX: October 05, 2009i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
@@ -106,7 +104,7 @@
-014: RELIABILITY FIX: July 29, 2009
+014: RELIABILITY FIX: July 29, 2009All architectures
A vulnerability has been found in BIND's named server
(CVE-2009-0696).
@@ -118,7 +116,7 @@
-013: RELIABILITY FIX: April 11, 2009
+013: RELIABILITY FIX: April 11, 2009All architectures
When pf attempts to perform translation on a specially crafted IP datagram,
a null pointer dereference will occur, resulting in a kernel panic.
@@ -139,7 +137,7 @@
-012: RELIABILITY FIX: April 8, 2009
+012: RELIABILITY FIX: April 8, 2009All architectures
The OpenSSL ASN.1 handling code could be forced to perform invalid memory
accesses through the use of certain invalid strings
@@ -157,7 +155,7 @@
-011: SECURITY FIX: February 22, 2009
+011: SECURITY FIX: February 22, 2009All architectures
sudo(8) may allow a user listed in the sudoers file to run a command
as a different user than their access rule specifies when a Unix
@@ -170,7 +168,7 @@
-010: RELIABILITY FIX: February 18, 2009
+010: RELIABILITY FIX: February 18, 2009All architectures
bgpd(8) did not correctly prepend its own AS to very long AS paths, causing
the process to terminate because of the resulting corrupt path.
@@ -180,7 +178,7 @@
-009: RELIABILITY FIX: January 30, 2009
+009: RELIABILITY FIX: January 30, 2009All architectures
Upon reception of an invalid update with 4-byte AS attributes, bgpd -
adhering to the RFCs - closed the session to the neighbor.
@@ -193,7 +191,7 @@
-008: SECURITY FIX: January 14, 2009
+008: SECURITY FIX: January 14, 2009All architectures
named(8) did not correctly check the return value of a DSA verification
function, potentially allowing bypass of verification of DNSSEC DSA
@@ -205,7 +203,7 @@
-007: SECURITY FIX: January 9, 2009
+007: SECURITY FIX: January 9, 2009All architectures
The OpenSSL libraries did not correctly check the return value from
certain verification functions, allowing validation to be bypassed and
@@ -219,7 +217,7 @@
-006: RELIABILITY FIX: November 19, 2008
+006: RELIABILITY FIX: November 19, 2008All architectures
Due to changes in the options handling this caused problems with some
DHCP clients such as Solaris/OpenSolaris and some embedded routers not
@@ -230,7 +228,7 @@
-005: RELIABILITY FIX: November 7, 2008
+005: RELIABILITY FIX: November 7, 2008All architectures
A software bug could cause memory allocation to cause a kernel panic
accessing an array out of its bounds, when physical memory is exhausted.
@@ -240,7 +238,7 @@
-004: RELIABILITY FIX: November 6, 2008
+004: RELIABILITY FIX: November 6, 2008All architectures
Fix
httpd(8)'s
@@ -253,7 +251,7 @@
-003: RELIABILITY FIX: November 6, 2008
+003: RELIABILITY FIX: November 6, 2008All architectures
Fix the IPv4 TCP/IP stack's TIME_WAIT socket recycling. Due to the bug this
can result in TCP connections between two IPs being reset instead of accepted
@@ -264,7 +262,7 @@
-002: RELIABILITY FIX: November 2, 2008
+002: RELIABILITY FIX: November 2, 2008All architectures
Due to a bug in the vr(4) driver it is possible for a system using the vr(4)
driver to panic under heavy load if the RX path runs out of mbufs.
@@ -274,7 +272,7 @@
-001: SECURITY FIX: November 2, 2008
+001: SECURITY FIX: November 2, 2008All architectures
The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
solicitation requests maybe allowing a nearby attacker to intercept traffic.
@@ -289,6 +287,3 @@