version 1.15, 2015/01/13 19:47:25 |
version 1.16, 2015/02/14 04:36:51 |
|
|
|
|
<ul> |
<ul> |
|
|
<li><a name="001_rxr"></a> |
<li id="001_rxr"> |
<font color="#009000"><strong>001: RELIABILITY FIX: September 5, 2014</strong></font> |
<font color="#009000"><strong>001: RELIABILITY FIX: September 5, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4). |
Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4). |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="002_nd6"></a> |
<li id="002_nd6"> |
<font color="#009000"><strong>002: RELIABILITY FIX: October 1, 2014</strong></font> |
<font color="#009000"><strong>002: RELIABILITY FIX: October 1, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
If IPv6 autoconf is active on an interface and the autoconfprivacy extension is used, |
If IPv6 autoconf is active on an interface and the autoconfprivacy extension is used, |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="003_nginx"></a> |
<li id="003_nginx"> |
<font color="#009000"><strong>003: SECURITY FIX: October 1, 2014</strong></font> |
<font color="#009000"><strong>003: SECURITY FIX: October 1, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="004_kernexec"></a> |
<li id="004_kernexec"> |
<font color="#009000"><strong>004: RELIABILITY FIX: October 20, 2014</strong></font> |
<font color="#009000"><strong>004: RELIABILITY FIX: October 20, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Executable headers with an unaligned address will trigger a kernel panic. |
Executable headers with an unaligned address will trigger a kernel panic. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="005_nosslv3"></a> |
<li id="005_nosslv3"> |
<font color="#009000"><strong>005: SECURITY FIX: October 20, 2014</strong></font> |
<font color="#009000"><strong>005: SECURITY FIX: October 20, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
This patch disables the SSLv3 protocol by default. |
This patch disables the SSLv3 protocol by default. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="006_relayd"></a> |
<li id="006_relayd"> |
<font color="#009000"><strong>006: RELIABILITY FIX: November 17, 2014</strong></font> |
<font color="#009000"><strong>006: RELIABILITY FIX: November 17, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Certain http requests can crash relayd. |
Certain http requests can crash relayd. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="007_pfctl"></a> |
<li id="007_pfctl"> |
<font color="#009000"><strong>007: RELIABILITY FIX: November 17, 2014</strong></font> |
<font color="#009000"><strong>007: RELIABILITY FIX: November 17, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A PF rule using an IPv4 address |
A PF rule using an IPv4 address |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="008_asr"></a> |
<li id="008_asr"> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2014</strong></font> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref. |
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref. |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="009_httpd"></a> |
<li id="009_httpd"> |
<font color="#009000"><strong>009: RELIABILITY FIX: November 18, 2014</strong></font> |
<font color="#009000"><strong>009: RELIABILITY FIX: November 18, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
httpd was developed very rapidly in the weeks before 5.6 release, and |
httpd was developed very rapidly in the weeks before 5.6 release, and |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="010_pipex"></a> |
<li id="010_pipex"> |
<font color="#009000"><strong>010: RELIABILITY FIX: December 5, 2014</strong></font> |
<font color="#009000"><strong>010: RELIABILITY FIX: December 5, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Several bugs were fixed that allowed a crash from remote when an active pipex |
Several bugs were fixed that allowed a crash from remote when an active pipex |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="011_pppoe"></a> |
<li id="011_pppoe"> |
<font color="#009000"><strong>011: RELIABILITY FIX: December 5, 2014</strong></font> |
<font color="#009000"><strong>011: RELIABILITY FIX: December 5, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
An incorrect memcpy call would result in corrupted MAC addresses when |
An incorrect memcpy call would result in corrupted MAC addresses when |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="012_unbound"></a> |
<li id="012_unbound"> |
<font color="#009000"><strong>012: RELIABILITY FIX: December 9, 2014</strong></font> |
<font color="#009000"><strong>012: RELIABILITY FIX: December 9, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix a denial of service where a malicious authority could make the resolver chase an |
Fix a denial of service where a malicious authority could make the resolver chase an |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="013_virtio"></a> |
<li id="013_virtio"> |
<font color="#009000"><strong>013: RELIABILITY FIX: December 9, 2014</strong></font> |
<font color="#009000"><strong>013: RELIABILITY FIX: December 9, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Missing memory barriers in virtio(4) can lead to hangs with virtio devices, |
Missing memory barriers in virtio(4) can lead to hangs with virtio devices, |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="014_xserver"></a> |
<li id="014_xserver"> |
<font color="#009000"><strong>014: SECURITY FIX: December 9, 2014</strong></font> |
<font color="#009000"><strong>014: SECURITY FIX: December 9, 2014</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
One year after Ilja van Sprundel discovered and reported a large number |
One year after Ilja van Sprundel discovered and reported a large number |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
<li><a name="015_libevent"></a> |
<li id="015_libevent"> |
<font color="#009000"><strong>015: SECURITY FIX: January 13, 2015</strong></font> |
<font color="#009000"><strong>015: SECURITY FIX: January 13, 2015</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD |
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD |