--
-013: SECURITY FIX: February 16, 2011
- Little-endian architectures
-PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
-not correctly handled on little-endian systems (alpha, amd64, arm, i386,
-mips64el, vax). Other address types (bare addresses "10.1.1.1" and
-prefixes "10.1.1.1/30") are not affected.
+
+ -
+001: RELIABILITY FIX: March 31, 2010
+ All architectures
+When decrypting packets, the internal decryption functions were not
+paranoid enough in checking for underruns, which could potentially
+lead to crashes.
-
+
A source code patch exists which remedies this problem.
-
-
-012: SECURITY FIX: February 11, 2011
+
-
+002: RELIABILITY FIX: April 4, 2010
All architectures
-An incorrectly formatted ClientHello handshake message could cause
-OpenSSL to parse past the end of the message. An attacker could use this flaw
-to trigger an invalid memory access, causing a crash of an application linked
-to OpenSSL. As well, certain applications may expose the contents of parsed
-OCSP extensions, specifically the OCSP nonce extension.
-
-Applications are only affected if they act as a server and call
-SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed
-that nothing in the base OS uses this. Apache httpd started using this
-in v2.3.3; this is newer than the version in ports.
+When updating sensors showing the state of RAID volumes
+mpi(4)
+allocates temporary memory and then returns it to the kernel as
+device memory.
+This causes kernel memory usage to be misrepresented, eventually
+leading to a denial of service when a resource limit is apparently
+reached.
-
+
A source code patch exists which remedies this problem.
-
-
-011: RELIABILITY FIX: January 13, 2011
+
-
+003: SECURITY FIX: April 14, 2010
All architectures
-sp_protocol in RTM_DELETE messages could contain garbage values
-leading to routing socket users that restrict the AF (such as ospfd)
-not seeing any of the RTM_DELETE messages.
+In TLS connections, certain incorrectly formatted records can cause
+an OpenSSL client or server to crash due to a read attempt at NULL.
-
+
A source code patch exists which remedies this problem.
-
-
-010: RELIABILITY FIX: December 20, 2010
+
-
+004: SECURITY FIX: April 23, 2010
All architectures
-Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
-This fixes aes-ni, via xcrypt and various drivers
-(glxsb(4),
-hifn(4),
-safe(4)
-and
-ubsec(4)).
-
-
-
+The combination of pfsync and IPSEC may crash the kernel.
+
A source code patch exists which remedies this problem.
-
-
-
-009: SECURITY FIX: December 17, 2010
+
-
+005: RELIABILITY FIX: May 14, 2010
All architectures
-Insufficent initialization of the pf rule structure in the ioctl
-handler may allow userland to modify kernel memory. By default root
-privileges are needed to add or modify pf rules.
+Incorrectly initialized state updates can cause pfsync update storms.
-
+
A source code patch exists which remedies this problem.
-
-
-008: RELIABILITY FIX: November 17, 2010
+
-
+006: RELIABILITY FIX: July 8, 2010
All architectures
-Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
-a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded
-and use OpenSSL's internal caching mechanism. Servers that are multi-process
-and/or disable internal session caching are not affected.
+Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives.
-
+
A source code patch exists which remedies this problem.
@@ -175,65 +157,82 @@
A source code patch exists which remedies this problem.
-
-
-006: RELIABILITY FIX: July 8, 2010
+
-
+008: RELIABILITY FIX: November 17, 2010
All architectures
-Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives.
+Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
+a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded
+and use OpenSSL's internal caching mechanism. Servers that are multi-process
+and/or disable internal session caching are not affected.
-
+
A source code patch exists which remedies this problem.
-
-
-005: RELIABILITY FIX: May 14, 2010
+
-
+009: SECURITY FIX: December 17, 2010
All architectures
-Incorrectly initialized state updates can cause pfsync update storms.
+Insufficent initialization of the pf rule structure in the ioctl
+handler may allow userland to modify kernel memory. By default root
+privileges are needed to add or modify pf rules.
-
+
A source code patch exists which remedies this problem.
-
-
-004: SECURITY FIX: April 23, 2010
+
-
+010: RELIABILITY FIX: December 20, 2010
All architectures
-The combination of pfsync and IPSEC may crash the kernel.
-
+Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
+This fixes aes-ni, via xcrypt and various drivers
+(glxsb(4),
+hifn(4),
+safe(4)
+and
+ubsec(4)).
+
+
A source code patch exists which remedies this problem.
-
-
-003: SECURITY FIX: April 14, 2010
+
-
+011: RELIABILITY FIX: January 13, 2011
All architectures
-In TLS connections, certain incorrectly formatted records can cause
-an OpenSSL client or server to crash due to a read attempt at NULL.
+sp_protocol in RTM_DELETE messages could contain garbage values
+leading to routing socket users that restrict the AF (such as ospfd)
+not seeing any of the RTM_DELETE messages.
-
+
A source code patch exists which remedies this problem.
-
-
-002: RELIABILITY FIX: April 4, 2010
+
-
+012: SECURITY FIX: February 11, 2011
All architectures
-When updating sensors showing the state of RAID volumes
-mpi(4)
-allocates temporary memory and then returns it to the kernel as
-device memory.
-This causes kernel memory usage to be misrepresented, eventually
-leading to a denial of service when a resource limit is apparently
-reached.
+An incorrectly formatted ClientHello handshake message could cause
+OpenSSL to parse past the end of the message. An attacker could use this flaw
+to trigger an invalid memory access, causing a crash of an application linked
+to OpenSSL. As well, certain applications may expose the contents of parsed
+OCSP extensions, specifically the OCSP nonce extension.
+
+Applications are only affected if they act as a server and call
+SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed
+that nothing in the base OS uses this. Apache httpd started using this
+in v2.3.3; this is newer than the version in ports.
-
+
A source code patch exists which remedies this problem.
-
-
-001: RELIABILITY FIX: March 31, 2010
- All architectures
-When decrypting packets, the internal decryption functions were not
-paranoid enough in checking for underruns, which could potentially
-lead to crashes.
+ -
+013: SECURITY FIX: February 16, 2011
+ Little-endian architectures
+PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
+not correctly handled on little-endian systems (alpha, amd64, arm, i386,
+mips64el, vax). Other address types (bare addresses "10.1.1.1" and
+prefixes "10.1.1.1/30") are not affected.
-
+
A source code patch exists which remedies this problem.