| version 1.16, 2014/03/31 03:12:47 |
version 1.17, 2014/03/31 16:02:48 |
|
|
| |
|
| <ul> |
<ul> |
| <li><a name="001_pflow"></a> |
<li><a name="001_pflow"></a> |
| <font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> |
| |
<i>All architectures</i><br> |
| A crash can happen on pflow(4) interface destruction. |
A crash can happen on pflow(4) interface destruction. |
| |
|
| <br> |
<br> |
|
|
| <p> |
<p> |
| |
|
| <li><a name="002_sshgcm"></a> |
<li><a name="002_sshgcm"></a> |
| <font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> |
| |
<i>All architectures</i><br> |
| A memory corruption vulnerability exists in the post-authentication sshd process |
A memory corruption vulnerability exists in the post-authentication sshd process |
| when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
| selected during kex exchange. |
selected during kex exchange. |
|
|
| <p> |
<p> |
| |
|
| <li><a name="003_vnode"></a> |
<li><a name="003_vnode"></a> |
| <font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> |
| |
<i>All architectures</i><br> |
| An unprivileged user may hang the system. |
An unprivileged user may hang the system. |
| |
|
| <br> |
<br> |
|
|
| <p> |
<p> |
| |
|
| <li><a name="004_nginx"></a> |
<li><a name="004_nginx"></a> |
| <font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> |
| |
<i>All architectures</i><br> |
| A problem exists in |
A problem exists in |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a> |
| which might allow an attacker to bypass security restrictions in certain |
which might allow an attacker to bypass security restrictions in certain |
|
|
| <p> |
<p> |
| |
|
| <li><a name="005_sha512"></a> |
<li><a name="005_sha512"></a> |
| <font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> <i>Strict alignment architectures</i><br> |
<font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> |
| |
<i>Strict alignment architectures</i><br> |
| In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
| the application. The i386, amd64, vax and m68k platforms aren't |
the application. The i386, amd64, vax and m68k platforms aren't |
| affected. |
affected. |
|
|
| <p> |
<p> |
| |
|
| <li><a name="006_libXfont"></a> |
<li><a name="006_libXfont"></a> |
| <font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> |
| |
<i>All architectures</i><br> |
| A BDF font file containing a longer than expected string could overflow |
A BDF font file containing a longer than expected string could overflow |
| a buffer on the stack in the X server. |
a buffer on the stack in the X server. |
| This issue was assigned CVE-2013-6462. |
This issue was assigned CVE-2013-6462. |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata54.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www