| version 1.31, 2014/10/02 14:34:45 |
version 1.32, 2015/02/14 04:36:51 |
|
|
| <hr> |
<hr> |
| |
|
| <ul> |
<ul> |
| <li><a name="001_bgpd"></a> |
<li id="001_bgpd"> |
| <font color="#009000"><strong>001: RELIABILITY FIX: March 15, 2013</strong></font> |
<font color="#009000"><strong>001: RELIABILITY FIX: March 15, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A rare condition during session startup may cause bgpd to replace |
A rare condition during session startup may cause bgpd to replace |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="002_vr"></a> |
<li id="002_vr"> |
| <font color="#009000"><strong>002: RELIABILITY FIX: May 5, 2013</strong></font> |
<font color="#009000"><strong>002: RELIABILITY FIX: May 5, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A flaw exists in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4" |
A flaw exists in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4" |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="003_nginx"></a> |
<li id="003_nginx"> |
| <font color="#009000"><strong>003: RELIABILITY FIX: May 17, 2013</strong></font> |
<font color="#009000"><strong>003: RELIABILITY FIX: May 17, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A problem exists in |
A problem exists in |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="004_route"></a> |
<li id="004_route"> |
| <font color="#009000"><strong>004: RELIABILITY FIX: May 17, 2013</strong></font> |
<font color="#009000"><strong>004: RELIABILITY FIX: May 17, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| As discovered by Peter Philipp, it is possible for an unprivileged user |
As discovered by Peter Philipp, it is possible for an unprivileged user |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="005_in6"></a> |
<li id="005_in6"> |
| <font color="#009000"><strong>005: RELIABILITY FIX: May 31, 2013</strong></font> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 31, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A local denial of service is possible by an unprivileged user if the |
A local denial of service is possible by an unprivileged user if the |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="006_tftpd"></a> |
<li id="006_tftpd"> |
| <font color="#009000"><strong>006: RELIABILITY FIX: June 12, 2013</strong></font> |
<font color="#009000"><strong>006: RELIABILITY FIX: June 12, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A denial of services was discovered where certain combinations of |
A denial of services was discovered where certain combinations of |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="007_vio"></a> |
<li id="007_vio"> |
| <font color="#009000"><strong>007: RELIABILITY FIX: June 12, 2013</strong></font> |
<font color="#009000"><strong>007: RELIABILITY FIX: June 12, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Two flaws in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vio&sektion=4">vio(4)</a> |
Two flaws in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vio&sektion=4">vio(4)</a> |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="008_pflow"></a> |
<li id="008_pflow"> |
| <font color="#009000"><strong>008: RELIABILITY FIX: Nov 7, 2013</strong></font> |
<font color="#009000"><strong>008: RELIABILITY FIX: Nov 7, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A crash can happen on |
A crash can happen on |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="009_sshgcm"></a> |
<li id="009_sshgcm"> |
| <font color="#009000"><strong>009: SECURITY FIX: Nov 7, 2013</strong></font> |
<font color="#009000"><strong>009: SECURITY FIX: Nov 7, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A memory corruption vulnerability exists in the post-authentication sshd process |
A memory corruption vulnerability exists in the post-authentication sshd process |
|
|
| <p> |
<p> |
| |
|
| |
|
| <li><a name="010_vnode"></a> |
<li id="010_vnode"> |
| <font color="#009000"><strong>010: RELIABILITY FIX: Nov 11, 2013</strong></font> |
<font color="#009000"><strong>010: RELIABILITY FIX: Nov 11, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| An unprivileged user may hang the system. |
An unprivileged user may hang the system. |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="011_nginx"></a> |
<li id="011_nginx"> |
| <font color="#009000"><strong>011: SECURITY FIX: Nov 21, 2013</strong></font> |
<font color="#009000"><strong>011: SECURITY FIX: Nov 21, 2013</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A problem exists in |
A problem exists in |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="012_sha512"></a> |
<li id="012_sha512"> |
| <font color="#009000"><strong>012: RELIABILITY FIX: Dec 19, 2013</strong></font> |
<font color="#009000"><strong>012: RELIABILITY FIX: Dec 19, 2013</strong></font> |
| <i>Strict alignment architectures</i><br> |
<i>Strict alignment architectures</i><br> |
| In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="013_libXfont"></a> |
<li id="013_libXfont"> |
| <font color="#009000"><strong>013: SECURITY FIX: Jan 10, 2014</strong></font> |
<font color="#009000"><strong>013: SECURITY FIX: Jan 10, 2014</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A BDF font file containing a longer than expected string could overflow |
A BDF font file containing a longer than expected string could overflow |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="014_openssl"></a> |
<li id="014_openssl"> |
| <font color="#009000"><strong>014: SECURITY FIX: April 8, 2014</strong></font> |
<font color="#009000"><strong>014: SECURITY FIX: April 8, 2014</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
|
|
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
| <li><a name="015_openssl"></a> |
<li id="015_openssl"> |
| <font color="#009000"><strong>015: SECURITY FIX: April 12, 2014</strong></font> |
<font color="#009000"><strong>015: SECURITY FIX: April 12, 2014</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata53.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www