version 1.52, 2017/03/28 04:04:52 |
version 1.53, 2017/03/28 06:41:18 |
|
|
|
|
<ul> |
<ul> |
|
|
<li id="001_pflow"> |
<li id="p001_pflow"> |
<font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> |
<font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A crash can happen on |
A crash can happen on |
<a href="http://man.openbsd.org/?query=pflow&manpath=OpenBSD+5.4&sektion=4">pflow(4)</a> |
<a href="http://man.openbsd.org/OpenBSD-5.4/pflow.4">pflow(4)</a> |
interface destruction. |
interface destruction. |
|
|
<br> |
<br> |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="002_sshgcm"> |
<li id="p002_sshgcm"> |
<font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> |
<font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A memory corruption vulnerability exists in the post-authentication sshd process |
A memory corruption vulnerability exists in the post-authentication sshd process |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="003_vnode"> |
<li id="p003_vnode"> |
<font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> |
<font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
An unprivileged user may hang the system. |
An unprivileged user may hang the system. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="004_nginx"> |
<li id="p004_nginx"> |
<font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> |
<font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A problem exists in |
A problem exists in |
<a href="http://man.openbsd.org/?query=nginx&sektion=8">nginx(8)</a> |
<a href="http://man.openbsd.org/OpenBSD-5.4/nginx.8">nginx(8)</a> |
which might allow an attacker to bypass security restrictions in certain |
which might allow an attacker to bypass security restrictions in certain |
configurations by using a specially crafted request. |
configurations by using a specially crafted request. |
This issue was assigned CVE-2013-4547. |
This issue was assigned CVE-2013-4547. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="005_sha512"> |
<li id="p005_sha512"> |
<font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> |
<font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> |
<i>Strict alignment architectures</i><br> |
<i>Strict alignment architectures</i><br> |
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="006_libXfont"> |
<li id="p006_libXfont"> |
<font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> |
<font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A BDF font file containing a longer than expected string could overflow |
A BDF font file containing a longer than expected string could overflow |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="007_openssl"> |
<li id="p007_openssl"> |
<font color="#009000"><strong>007: SECURITY FIX: April 8, 2014</strong></font> |
<font color="#009000"><strong>007: SECURITY FIX: April 8, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="008_openssl"> |
<li id="p008_openssl"> |
<font color="#009000"><strong>008: SECURITY FIX: April 12, 2014</strong></font> |
<font color="#009000"><strong>008: SECURITY FIX: April 12, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="009_openssl"> |
<li id="p009_openssl"> |
<font color="#009000"><strong>009: RELIABILITY FIX: May 1, 2014</strong></font> |
<font color="#009000"><strong>009: RELIABILITY FIX: May 1, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
An attacker can trigger generation of an SSL alert which could cause |
An attacker can trigger generation of an SSL alert which could cause |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="010_libXfont"> |
<li id="p010_libXfont"> |
<font color="#009000"><strong>010: SECURITY FIX: May 24, 2014</strong></font> |
<font color="#009000"><strong>010: SECURITY FIX: May 24, 2014</strong></font> |
<i>All architectures with X server</i><br> |
<i>All architectures with X server</i><br> |
X Font Service Protocol & Font metadata file handling issues in libXfont |
X Font Service Protocol & Font metadata file handling issues in libXfont |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="011_sendmail"> |
<li id="p011_sendmail"> |
<font color="#009000"><strong>011: SECURITY FIX: June 5, 2014</strong></font> |
<font color="#009000"><strong>011: SECURITY FIX: June 5, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Sendmail was not properly closing file descriptions before executing programs. |
Sendmail was not properly closing file descriptions before executing programs. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="012_openssl"> |
<li id="p012_openssl"> |
<font color="#009000"><strong>012: SECURITY FIX: June 6, 2014</strong></font> |
<font color="#009000"><strong>012: SECURITY FIX: June 6, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="013_dhcp"> |
<li id="p013_dhcp"> |
<font color="#009000"><strong>013: RELIABILITY FIX: July 30, 2014</strong></font> |
<font color="#009000"><strong>013: RELIABILITY FIX: July 30, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Packets with illegal DHCP options can lead to memory exhaustion of |
Packets with illegal DHCP options can lead to memory exhaustion of |
<a href="http://man.openbsd.org/?query=dhclient&sektion=8">dhclient(8)</a> |
<a href="http://man.openbsd.org/OpenBSD-5.4/dhclient.8">dhclient(8)</a> |
and |
and |
<a href="http://man.openbsd.org/?query=dhcpd&sektion=8">dhcpd(8)</a>. |
<a href="http://man.openbsd.org/OpenBSD-5.4/dhcpd.8">dhcpd(8)</a>. |
<br> |
<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/013_dhcp.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/013_dhcp.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="014_openssl"> |
<li id="p014_openssl"> |
<font color="#009000"><strong>014: SECURITY FIX: August 9, 2014</strong></font> |
<font color="#009000"><strong>014: SECURITY FIX: August 9, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="015_nginx"> |
<li id="p015_nginx"> |
<font color="#009000"><strong>015: SECURITY FIX: October 1, 2014</strong></font> |
<font color="#009000"><strong>015: SECURITY FIX: October 1, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="016_openssl"> |
<li id="p016_openssl"> |
<font color="#009000"><strong>016: RELIABILITY FIX: October 20, 2014</strong></font> |
<font color="#009000"><strong>016: RELIABILITY FIX: October 20, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li id="017_kernexec"> |
<li id="p017_kernexec"> |
<font color="#009000"><strong>017: RELIABILITY FIX: October 20, 2014</strong></font> |
<font color="#009000"><strong>017: RELIABILITY FIX: October 20, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Executable headers with an unaligned address will trigger a kernel panic. |
Executable headers with an unaligned address will trigger a kernel panic. |