! 012: RELIABILITY FIX: May 14, 2010All architectures
Insufficient protection of the trunk interface queues may cause
LACP trunks to fail under load.
--- 85,91 ----
! 012: RELIABILITY FIX: May 14, 2010All architectures
Insufficient protection of the trunk interface queues may cause
LACP trunks to fail under load.
***************
*** 97,103 ****
! 011: RELIABILITY FIX: May 14, 2010All architectures
Incorrectly initialized state updates can cause pfsync update storms.
--- 95,101 ----
! 011: RELIABILITY FIX: May 14, 2010All architectures
Incorrectly initialized state updates can cause pfsync update storms.
***************
*** 106,112 ****
! 010: SECURITY FIX: April 14, 2010All architectures
In TLS connections, certain incorrectly formatted records can cause
an OpenSSL client or server to crash due to a read attempt at NULL.
--- 104,110 ----
! 010: SECURITY FIX: April 14, 2010All architectures
In TLS connections, certain incorrectly formatted records can cause
an OpenSSL client or server to crash due to a read attempt at NULL.
***************
*** 116,122 ****
! 009: RELIABILITY FIX: April 4, 2010All architectures
When updating sensors showing the state of RAID volumes
mpi(4)
--- 114,120 ----
! 009: RELIABILITY FIX: April 4, 2010All architectures
When updating sensors showing the state of RAID volumes
mpi(4)
***************
*** 131,137 ****
! 008: RELIABILITY FIX: March 31, 2010All architectures
When decrypting packets, the internal decryption functions were not
paranoid enough in checking for underruns, which could potentially
--- 129,135 ----
! 008: RELIABILITY FIX: March 31, 2010All architectures
When decrypting packets, the internal decryption functions were not
paranoid enough in checking for underruns, which could potentially
***************
*** 142,148 ****
! 007: RELIABILITY FIX: March 12, 2010All architectures
Due to a null pointer dereference, it would be possible to crash ftpd when
handling glob(3)'ing requests. This is non-exploitable.
--- 140,146 ----
! 007: RELIABILITY FIX: March 12, 2010All architectures
Due to a null pointer dereference, it would be possible to crash ftpd when
handling glob(3)'ing requests. This is non-exploitable.
***************
*** 152,158 ****
! 006: SECURITY FIX: March 12, 2010All architectures
OpenSSL is susceptible to a buffer overflow due to a failure
to check for NULL returns from bn_wexpand function calls.
--- 150,156 ----
! 006: SECURITY FIX: March 12, 2010All architectures
OpenSSL is susceptible to a buffer overflow due to a failure
to check for NULL returns from bn_wexpand function calls.
***************
*** 162,168 ****
! 005: RELIABILITY FIX: January 29, 2010All architectures
By using ptrace(2) on an ancestor process, a loop in the process tree
could be created, violating assumptions in other parts of the kernel
--- 160,166 ----
! 005: RELIABILITY FIX: January 29, 2010All architectures
By using ptrace(2) on an ancestor process, a loop in the process tree
could be created, violating assumptions in other parts of the kernel
***************
*** 173,179 ****
! 004: SECURITY FIX: November 26, 2009All architectures
The SSL/TLS protocol is subject to man-in-the-middle attacks related to
renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00).
--- 171,177 ----
! 004: SECURITY FIX: November 26, 2009All architectures
The SSL/TLS protocol is subject to man-in-the-middle attacks related to
renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00).
***************
*** 185,191 ****
! 003: RELIABILITY FIX: October 28, 2009All architectures
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
--- 183,189 ----
! 003: RELIABILITY FIX: October 28, 2009All architectures
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
***************
*** 195,201 ****
! 002: RELIABILITY FIX: October 05, 2009i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
--- 193,199 ----
! 002: RELIABILITY FIX: October 05, 2009i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
***************
*** 204,210 ****
! 001: RELIABILITY FIX: July 29, 2009All architectures
A vulnerability has been found in BIND's named server
(CVE-2009-0696).
--- 202,208 ----
! 001: RELIABILITY FIX: July 29, 2009All architectures
A vulnerability has been found in BIND's named server
(CVE-2009-0696).
***************
*** 218,223 ****