! 002: SECURITY FIX: March 16, 2016All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option
processing allow a local user to send UDP packets with a source
--- 100,106 ----
! 002: SECURITY FIX: March 16, 2016All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option
processing allow a local user to send UDP packets with a source
***************
*** 113,119 ****
! 003: RELIABILITY FIX: March 16, 2016All architectures
Incorrect path processing in pledge_namei() could result in unexpected
program termination of pledge(2)'d programs.
--- 111,117 ----
! 003: RELIABILITY FIX: March 16, 2016All architectures
Incorrect path processing in pledge_namei() could result in unexpected
program termination of pledge(2)'d programs.
***************
*** 123,129 ****
! 004: RELIABILITY FIX: April 30, 2016All architectures
A problem in m_dup_pkt() can result in kernel crashes with carp(4).
--- 121,127 ----
! 004: RELIABILITY FIX: April 30, 2016All architectures
A problem in m_dup_pkt() can result in kernel crashes with carp(4).
***************
*** 132,138 ****
! 005: SECURITY FIX: May 3, 2016All architectures
Fix issues in the libcrypto library.
Refer to the advisory.
--- 130,136 ----
! 005: SECURITY FIX: May 3, 2016All architectures
Fix issues in the libcrypto library.
Refer to the advisory.
***************
*** 148,154 ****
! 006: RELIABILITY FIX: May 16, 2016All architectures
Fix issues in smtpd.
--- 146,152 ----
! 006: RELIABILITY FIX: May 16, 2016All architectures
Fix issues in smtpd.
***************
*** 160,166 ****
! 007: SECURITY FIX: May 17, 2016All architectures
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
memory contents to a local user.
--- 158,164 ----
! 007: SECURITY FIX: May 17, 2016All architectures
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
memory contents to a local user.
***************
*** 170,176 ****
! 008: RELIABILITY FIX: May 18, 2016All architectures
Fix issue in the bnx(4) ethernet driver that could cause data corruption.
--- 168,174 ----
! 008: RELIABILITY FIX: May 18, 2016All architectures
Fix issue in the bnx(4) ethernet driver that could cause data corruption.
***************
*** 179,185 ****
! 009: RELIABILITY FIX: May 29, 2016All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
--- 177,183 ----
! 009: RELIABILITY FIX: May 29, 2016All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
***************
*** 188,194 ****
! 010: SECURITY FIX: June 2, 2016All architectures
Fix issues in the libexpat library to prevent multiple integer and
buffer overflows.
--- 186,192 ----
! 010: SECURITY FIX: June 2, 2016All architectures
Fix issues in the libexpat library to prevent multiple integer and
buffer overflows.
***************
*** 198,204 ****
! 011: SECURITY FIX: June 6, 2016All architectures
Correct a problem that prevents the DSA signing algorithm from running
in constant time even if the flag BN_FLG_CONSTTIME is set.
--- 196,202 ----
! 011: SECURITY FIX: June 6, 2016All architectures
Correct a problem that prevents the DSA signing algorithm from running
in constant time even if the flag BN_FLG_CONSTTIME is set.
***************
*** 208,214 ****
! 012: SECURITY FIX: June 27, 2016All architectures
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages.
--- 206,212 ----
! 012: SECURITY FIX: June 27, 2016All architectures
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages.
***************
*** 217,223 ****
! 013: RELIABILITY FIX: July 14, 2016All architectures
Splicing sockets in a loop could cause a kernel spin.
--- 215,221 ----
! 013: RELIABILITY FIX: July 14, 2016All architectures
Splicing sockets in a loop could cause a kernel spin.
***************
*** 226,232 ****
! 014: RELIABILITY FIX: July 14, 2016All architectures
Multiple processes exiting with a fd-passing control message on a
shared socket could crash the system.
--- 224,230 ----
! 014: RELIABILITY FIX: July 14, 2016All architectures
Multiple processes exiting with a fd-passing control message on a
shared socket could crash the system.
***************
*** 236,242 ****
! 015: RELIABILITY FIX: July 14, 2016All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
--- 234,240 ----
! 015: RELIABILITY FIX: July 14, 2016All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
***************
*** 245,251 ****
! 016: SECURITY FIX: July 14, 2016All architectures
The mmap extension __MAP_NOFAULT could overcommit resources and crash
the system.
--- 243,249 ----
! 016: SECURITY FIX: July 14, 2016All architectures
The mmap extension __MAP_NOFAULT could overcommit resources and crash
the system.
***************
*** 255,261 ****
! 017: RELIABILITY FIX: July 14, 2016All architectures
A race occuring in the unlocked ARP input path can lead to a kernel
NULL dereference.
--- 253,259 ----
! 017: RELIABILITY FIX: July 14, 2016All architectures
A race occuring in the unlocked ARP input path can lead to a kernel
NULL dereference.
***************
*** 265,271 ****
! 018: RELIABILITY FIX: July 14, 2016All architectures
Tick counting overflows could cause a kernel crash.
--- 263,269 ----
! 018: RELIABILITY FIX: July 14, 2016All architectures
Tick counting overflows could cause a kernel crash.
***************
*** 274,280 ****
! 019: RELIABILITY FIX: July 14, 2016All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
--- 272,278 ----
! 019: RELIABILITY FIX: July 14, 2016All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
***************
*** 283,289 ****
! 020: RELIABILITY FIX: July 14, 2016All architectures
Unchecked parameters and integer overflows in the amap allocation routines
could cause malloc(9) to either not allocate enough memory, leading to memory
--- 281,287 ----
! 020: RELIABILITY FIX: July 14, 2016All architectures
Unchecked parameters and integer overflows in the amap allocation routines
could cause malloc(9) to either not allocate enough memory, leading to memory
***************
*** 294,300 ****
! 021: RELIABILITY FIX: July 25, 2016All architectures
When signaling an error to an HTTP relay client, the connection can be
terminated prematurely, leading to a crash.
--- 292,298 ----
! 021: RELIABILITY FIX: July 25, 2016All architectures
When signaling an error to an HTTP relay client, the connection can be
terminated prematurely, leading to a crash.
***************
*** 304,311 ****
!
! 022: RELIABILITY FIX: August 2, 2016All architectures
A missing NULL check in sysctl code results in a crash.
--- 302,308 ----
! 022: RELIABILITY FIX: August 2, 2016All architectures
A missing NULL check in sysctl code results in a crash.
***************
*** 315,322 ****
!
! 023: RELIABILITY FIX: August 2, 2016All architectures
Missing overflow checks in uvm may result in panics.
--- 312,318 ----
! 023: RELIABILITY FIX: August 2, 2016All architectures
Missing overflow checks in uvm may result in panics.
***************
*** 326,333 ****
!
! 024: SECURITY FIX: August 6, 2016All architectures
Don't look in the current working directory for perl modules to load.
--- 322,328 ----
! 024: SECURITY FIX: August 6, 2016All architectures
Don't look in the current working directory for perl modules to load.
***************
*** 339,346 ****
!
! 025: RELIABILITY FIX: August 6, 2016All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
--- 334,340 ----
! 025: RELIABILITY FIX: August 6, 2016All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
***************
*** 351,358 ****
!
! 026: RELIABILITY FIX: September 17, 2016All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
--- 345,351 ----
! 026: RELIABILITY FIX: September 17, 2016All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
***************
*** 362,369 ****
!
! 027: RELIABILITY FIX: September 22, 2016All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
--- 355,361 ----
! 027: RELIABILITY FIX: September 22, 2016All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
***************
*** 374,381 ****
!
! 028: SECURITY FIX: September 22, 2016All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
--- 366,372 ----
! 028: SECURITY FIX: September 22, 2016All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
***************
*** 385,392 ****
!
! 029: SECURITY FIX: October 4, 2016All architectures
Fix a number of issues in the way various X client libraries handle
--- 376,382 ----
! 029: SECURITY FIX: October 4, 2016All architectures
Fix a number of issues in the way various X client libraries handle
***************
*** 397,404 ****
!
! 030: RELIABILITY FIX: October 10, 2016All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory
--- 387,393 ----
! 030: RELIABILITY FIX: October 10, 2016All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory
***************
*** 409,416 ****
!
! 031: RELIABILITY FIX: October 13, 2016All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
--- 398,404 ----
! 031: RELIABILITY FIX: October 13, 2016All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
***************
*** 420,427 ****
!
! 032: RELIABILITY FIX: November 5, 2016All architectures
Avoid continual processing of an unlimited number of TLS records.
--- 408,414 ----
! 032: RELIABILITY FIX: November 5, 2016All architectures
Avoid continual processing of an unlimited number of TLS records.
***************
*** 431,438 ****
!
! 033: SECURITY FIX: January 5, 2017All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
--- 418,424 ----
! 033: SECURITY FIX: January 5, 2017All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
***************
*** 442,449 ****
!
! 034: RELIABILITY FIX: January 31, 2017All architectures
A bug in the processing of range heanders in httpd can lead to memory
--- 428,434 ----
! 034: RELIABILITY FIX: January 31, 2017All architectures
A bug in the processing of range heanders in httpd can lead to memory
***************
*** 455,462 ****
!
! 035: SECURITY FIX: March 1, 2017All architectures
WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack
--- 440,446 ----
! 035: SECURITY FIX: March 1, 2017All architectures
WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack
***************
*** 467,474 ****
!
! 036: RELIABILITY FIX: March 9, 2017All architectures
Prevent integer overflow in PF when calculating the adaptive timeout,
--- 451,457 ----
! 036: RELIABILITY FIX: March 9, 2017All architectures
Prevent integer overflow in PF when calculating the adaptive timeout,
***************
*** 479,486 ****