-001: RELIABILITY FIX: September 5, 2014
+001: RELIABILITY FIX: September 5, 2014All architectures
Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4).
@@ -99,7 +97,7 @@
-002: RELIABILITY FIX: October 1, 2014
+002: RELIABILITY FIX: October 1, 2014All architectures
If IPv6 autoconf is active on an interface and the autoconfprivacy extension is used,
redundant addresses are added whenever an autoconfprivacy address expires.
@@ -113,7 +111,7 @@
-003: SECURITY FIX: October 1, 2014
+003: SECURITY FIX: October 1, 2014All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
host confusion attacks in some configurations.
@@ -124,7 +122,7 @@
-004: RELIABILITY FIX: October 20, 2014
+004: RELIABILITY FIX: October 20, 2014All architectures
Executable headers with an unaligned address will trigger a kernel panic.
@@ -133,7 +131,7 @@
-005: SECURITY FIX: October 20, 2014
+005: SECURITY FIX: October 20, 2014All architectures
This patch disables the SSLv3 protocol by default.
@@ -150,7 +148,7 @@
-006: RELIABILITY FIX: November 17, 2014
+006: RELIABILITY FIX: November 17, 2014All architectures
Certain http requests can crash relayd.
@@ -159,7 +157,7 @@
-007: RELIABILITY FIX: November 17, 2014
+007: RELIABILITY FIX: November 17, 2014All architectures
A PF rule using an IPv4 address
followed by an IPv6 address and then a dynamic address, e.g. "pass
@@ -171,7 +169,7 @@
-008: RELIABILITY FIX: November 17, 2014
+008: RELIABILITY FIX: November 17, 2014All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
@@ -180,7 +178,7 @@
-009: RELIABILITY FIX: November 18, 2014
+009: RELIABILITY FIX: November 18, 2014All architectures
httpd was developed very rapidly in the weeks before 5.6 release, and
it has a few flaws. It would be nice to get these flaws fully
@@ -198,7 +196,7 @@
-010: RELIABILITY FIX: December 5, 2014
+010: RELIABILITY FIX: December 5, 2014All architectures
Several bugs were fixed that allowed a crash from remote when an active pipex
session exists.
@@ -208,7 +206,7 @@
-011: RELIABILITY FIX: December 5, 2014
+011: RELIABILITY FIX: December 5, 2014All architectures
An incorrect memcpy call would result in corrupted MAC addresses when
using PPPOE.
@@ -218,7 +216,7 @@
-012: RELIABILITY FIX: December 9, 2014
+012: RELIABILITY FIX: December 9, 2014All architectures
Fix a denial of service where a malicious authority could make the resolver chase an
endless series of delegations. (CVE-2014-8602)
@@ -228,7 +226,7 @@
-013: RELIABILITY FIX: December 9, 2014
+013: RELIABILITY FIX: December 9, 2014All architectures
Missing memory barriers in virtio(4) can lead to hangs with virtio devices,
like vio(4) and vioblk(4).
@@ -238,7 +236,7 @@
-014: SECURITY FIX: December 9, 2014
+014: SECURITY FIX: December 9, 2014All architectures
One year after Ilja van Sprundel discovered and reported a large number
of issues in the way the X server code base handles requests from X clients,
@@ -251,7 +249,7 @@
-015: SECURITY FIX: January 13, 2015
+015: SECURITY FIX: January 13, 2015All architectures
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD
base uses it for the programs: cu tmux ftp-proxy httpd ldapd relayd
@@ -264,7 +262,7 @@
-016: SECURITY FIX: March 3, 2015
+016: SECURITY FIX: March 3, 2015All architectures
Information leak in the XkbSetGeometry request of X servers.
@@ -276,7 +274,7 @@
-017: SECURITY FIX: March 13, 2015
+017: SECURITY FIX: March 13, 2015All architectures
Don't permit TLS client connections to be downgraded to weak keys.
@@ -285,7 +283,7 @@
-018: SECURITY FIX: March 13, 2015
+018: SECURITY FIX: March 13, 2015All architectures
Another fix for buffer overflows in malformed fonts.
@@ -294,7 +292,7 @@
-019: SECURITY FIX: March 18, 2015
+019: SECURITY FIX: March 18, 2015All architectures
Buffer overflows in libXfont
@@ -307,7 +305,7 @@
-020: SECURITY FIX: March 19, 2015
+020: SECURITY FIX: March 19, 2015All architectures
Fix several crash causing defects from OpenSSL.
These include:
@@ -326,7 +324,7 @@
-021: RELIABILITY FIX: April 17, 2015
+021: RELIABILITY FIX: April 17, 2015All architectures
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
@@ -336,7 +334,7 @@
-022: RELIABILITY FIX: April 30, 2015
+022: RELIABILITY FIX: April 30, 2015All architectures
A remote user can crash httpd by forcing the daemon to log to a file
before the logging system was initialized.
@@ -346,7 +344,7 @@
-023: SECURITY FIX: April 30, 2015
+023: SECURITY FIX: April 30, 2015All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
@@ -355,7 +353,7 @@
-024: SECURITY FIX: April 30, 2015
+024: SECURITY FIX: April 30, 2015All architectures
Multiple issues in tar/pax/cpio:
@@ -370,7 +368,7 @@
-025: RELIABILITY FIX: June 11, 2015
+025: RELIABILITY FIX: June 11, 2015All architectures
Fix multiple reliability issues in smtpd:
@@ -382,7 +380,7 @@
-026: SECURITY FIX: June 11, 2015
+026: SECURITY FIX: June 11, 2015All architectures
Fix several defects from OpenSSL:
@@ -400,7 +398,7 @@
-027: SECURITY FIX: July 14, 2015
+027: SECURITY FIX: July 14, 2015All architectures
A TCP socket can become confused and not properly cleanup resources.
@@ -409,7 +407,7 @@
-028: RELIABILITY FIX: July 26, 2015
+028: RELIABILITY FIX: July 26, 2015All architectures
A kernel memory leak could be triggered by an unprivileged user in
a failure case when using execve under systrace.
@@ -419,7 +417,7 @@
-029: SECURITY FIX: July 26, 2015
+029: SECURITY FIX: July 26, 2015All architectures
The patch utility could be made to invoke arbitrary commands via
the obsolete SCCS and RCS support when processing a crafted input file.
@@ -430,7 +428,7 @@
-030: SECURITY FIX: July 30, 2015
+030: SECURITY FIX: July 30, 2015All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
@@ -439,7 +437,7 @@
-031: SECURITY FIX: October 1, 2015
+031: SECURITY FIX: October 1, 2015All architectures
Fix multiple reliability and security issues in smtpd:
@@ -458,7 +456,7 @@
-032: RELIABILITY FIX: October 14, 2015
+032: RELIABILITY FIX: October 14, 2015All architectures
A problem with timer kevents could result in a kernel hang (local denial
of service).
@@ -467,7 +465,7 @@
-033: RELIABILITY FIX: October 15, 2015
+033: RELIABILITY FIX: October 15, 2015All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
and memory leak, as reported by Qualys Security.
@@ -478,6 +476,3 @@