version 1.33, 2014/10/02 14:34:45 |
version 1.34, 2015/02/14 04:36:51 |
|
|
<hr> |
<hr> |
|
|
<ul> |
<ul> |
<li><a name="013_pf"></a> |
<li id="013_pf"> |
<font color="#009000"><strong>013: SECURITY FIX: February 16, 2011</strong></font> |
<font color="#009000"><strong>013: SECURITY FIX: February 16, 2011</strong></font> |
<i>Little-endian architectures</i><br> |
<i>Little-endian architectures</i><br> |
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were |
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="012_openssl"></a> |
<li id="012_openssl"> |
<font color="#009000"><strong>012: SECURITY FIX: February 11, 2011</strong></font> |
<font color="#009000"><strong>012: SECURITY FIX: February 11, 2011</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
An incorrectly formatted ClientHello handshake message could cause |
An incorrectly formatted ClientHello handshake message could cause |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="011_rtsock"></a> |
<li id="011_rtsock"> |
<font color="#009000"><strong>011: RELIABILITY FIX: January 13, 2011</strong></font> |
<font color="#009000"><strong>011: RELIABILITY FIX: January 13, 2011</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
sp_protocol in RTM_DELETE messages could contain garbage values |
sp_protocol in RTM_DELETE messages could contain garbage values |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="010_cbc"></a> |
<li id="010_cbc"> |
<font color="#009000"><strong>010: RELIABILITY FIX: December 20, 2010</strong></font> |
<font color="#009000"><strong>010: RELIABILITY FIX: December 20, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. |
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. |
|
|
<p> |
<p> |
|
|
|
|
<li><a name="009_pf"></a> |
<li id="009_pf"> |
<font color="#009000"><strong>009: SECURITY FIX: December 17, 2010</strong></font> |
<font color="#009000"><strong>009: SECURITY FIX: December 17, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Insufficent initialization of the pf rule structure in the ioctl |
Insufficent initialization of the pf rule structure in the ioctl |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="008_openssl"></a> |
<li id="008_openssl"> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2010</strong></font> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="007_scsi"></a> |
<li id="007_scsi"> |
<font color="#009000"><strong>007: RELIABILITY FIX: September 14, 2010</strong></font> |
<font color="#009000"><strong>007: RELIABILITY FIX: September 14, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.<br> |
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.<br> |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="006_scsi"></a> |
<li id="006_scsi"> |
<font color="#009000"><strong>006: RELIABILITY FIX: July 8, 2010</strong></font> |
<font color="#009000"><strong>006: RELIABILITY FIX: July 8, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives. |
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="005_pfsync"></a> |
<li id="005_pfsync"> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 14, 2010</strong></font> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 14, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Incorrectly initialized state updates can cause pfsync update storms. |
Incorrectly initialized state updates can cause pfsync update storms. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="004_pfsync"></a> |
<li id="004_pfsync"> |
<font color="#009000"><strong>004: SECURITY FIX: April 23, 2010</strong></font> |
<font color="#009000"><strong>004: SECURITY FIX: April 23, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
The combination of pfsync and IPSEC may crash the kernel.<br> |
The combination of pfsync and IPSEC may crash the kernel.<br> |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="003_openssl"></a> |
<li id="003_openssl"> |
<font color="#009000"><strong>003: SECURITY FIX: April 14, 2010</strong></font> |
<font color="#009000"><strong>003: SECURITY FIX: April 14, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
In TLS connections, certain incorrectly formatted records can cause |
In TLS connections, certain incorrectly formatted records can cause |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="002_mpi"></a> |
<li id="002_mpi"> |
<font color="#009000"><strong>002: RELIABILITY FIX: April 4, 2010</strong></font> |
<font color="#009000"><strong>002: RELIABILITY FIX: April 4, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
When updating sensors showing the state of RAID volumes |
When updating sensors showing the state of RAID volumes |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="001_kerberos"></a> |
<li id="001_kerberos"> |
<font color="#009000"><strong>001: RELIABILITY FIX: March 31, 2010</strong></font> |
<font color="#009000"><strong>001: RELIABILITY FIX: March 31, 2010</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
When decrypting packets, the internal decryption functions were not |
When decrypting packets, the internal decryption functions were not |