version 1.13, 2015/05/11 11:18:29 |
version 1.14, 2015/06/11 18:10:53 |
|
|
<li>tar without -P would permit extraction of paths with ".." components |
<li>tar without -P would permit extraction of paths with ".." components |
<li>there was a buffer overflow in the handling of pax extension headers |
<li>there was a buffer overflow in the handling of pax extension headers |
</ul> |
</ul> |
<br> |
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/007_tar.patch.sig"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/007_tar.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="008_smtpd"> |
|
<font color="#009000"><strong>008: RELIABILITY FIX: June 11, 2015</strong></font> |
|
<i>All architectures</i><br> |
|
Fix multiple reliability issues in smtpd: |
|
<ul> |
|
<li>a local user can cause smtpd to fail by writing an invalid imsg to control socket. |
|
<li>a local user can prevent smtpd from serving new requests by exhausting descriptors. |
|
</ul> |
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/008_smtpd.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="009_openssl"> |
|
<font color="#009000"><strong>009: SECURITY FIX: June 11, 2015</strong></font> |
|
<i>All architectures</i><br> |
|
Fix several defects from OpenSSL: |
|
<ul> |
|
<li>CVE-2015-1788 - Malformed ECParameters causes infinite loop |
|
<li>CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time |
|
<li>CVE-2015-1792 - CMS verify infinite loop with unknown hash function |
|
</ul> |
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/009_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|