version 1.15, 2014/03/31 03:12:47 |
version 1.16, 2014/03/31 16:02:48 |
|
|
|
|
<ul> |
<ul> |
<li><a name="001_bgpd"></a> |
<li><a name="001_bgpd"></a> |
<font color="#009000"><strong>001: RELIABILITY FIX: November 29, 2012</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>001: RELIABILITY FIX: November 29, 2012</strong></font> |
|
<i>All architectures</i><br> |
Some other systems have started sending incorrect flags which |
Some other systems have started sending incorrect flags which |
cause session failures in OpenBSD's bgpd, and cause it |
cause session failures in OpenBSD's bgpd, and cause it |
to propagate incorrect updates. |
to propagate incorrect updates. |
|
|
<p> |
<p> |
|
|
<li><a name="002_bgpd"></a> |
<li><a name="002_bgpd"></a> |
<font color="#009000"><strong>002: RELIABILITY FIX: March 15, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>002: RELIABILITY FIX: March 15, 2013</strong></font> |
|
<i>All architectures</i><br> |
A rare condition during session startup may cause bgpd to replace |
A rare condition during session startup may cause bgpd to replace |
an active session leading to unknown consequences. Bug found by |
an active session leading to unknown consequences. Bug found by |
inspection (we do not know how to reproduce it, consider that a challenge). |
inspection (we do not know how to reproduce it, consider that a challenge). |
|
|
<p> |
<p> |
|
|
<li><a name="003_tftpd"></a> |
<li><a name="003_tftpd"></a> |
<font color="#009000"><strong>003: RELIABILITY FIX: March 21, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>003: RELIABILITY FIX: March 21, 2013</strong></font> |
|
<i>All architectures</i><br> |
A denial of services was discovered where certain combinations of |
A denial of services was discovered where certain combinations of |
TFTP options could cause OACK generation to fail, which in turn |
TFTP options could cause OACK generation to fail, which in turn |
caused a double free in tftpd. |
caused a double free in tftpd. |
|
|
<p> |
<p> |
|
|
<li><a name="004_nginx"></a> |
<li><a name="004_nginx"></a> |
<font color="#009000"><strong>004: RELIABILITY FIX: May 17, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>004: RELIABILITY FIX: May 17, 2013</strong></font> |
|
<i>All architectures</i><br> |
A problem exists in |
A problem exists in |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a> |
if proxy_pass is used with untrusted HTTP backend servers. |
if proxy_pass is used with untrusted HTTP backend servers. |
|
|
<p> |
<p> |
|
|
<li><a name="005_in6"></a> |
<li><a name="005_in6"></a> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 31, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 31, 2013</strong></font> |
|
<i>All architectures</i><br> |
A local denial of service is possible by an unprivileged user if the |
A local denial of service is possible by an unprivileged user if the |
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially |
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially |
crafted parameter. |
crafted parameter. |