!
! 001: RELIABILITY FIX: August 2, 2016All architectures
Missing overflow checks in uvm may result in panics.
--- 87,93 ----
! 001: RELIABILITY FIX: August 2, 2016All architectures
Missing overflow checks in uvm may result in panics.
***************
*** 100,107 ****
!
! 002: RELIABILITY FIX: August 6, 2016All architectures
Fixes IO::Socket::IP complaining about non-numeric version numbers.
--- 97,103 ----
! 002: RELIABILITY FIX: August 6, 2016All architectures
Fixes IO::Socket::IP complaining about non-numeric version numbers.
***************
*** 111,118 ****
!
! 003: RELIABILITY FIX: August 6, 2016All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
--- 107,113 ----
! 003: RELIABILITY FIX: August 6, 2016All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
***************
*** 123,130 ****
!
! 004: RELIABILITY FIX: August 23, 2016All architectures
A missing initialization can prevent mail headers from being altered as
--- 118,124 ----
! 004: RELIABILITY FIX: August 23, 2016All architectures
A missing initialization can prevent mail headers from being altered as
***************
*** 135,142 ****
!
! 005: RELIABILITY FIX: September 17, 2016All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
--- 129,135 ----
! 005: RELIABILITY FIX: September 17, 2016All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
***************
*** 146,153 ****
!
! 006: RELIABILITY FIX: September 17, 2016All architectures
During parsing of the iked(8) configuration, a variable is set to 0
--- 139,145 ----
! 006: RELIABILITY FIX: September 17, 2016All architectures
During parsing of the iked(8) configuration, a variable is set to 0
***************
*** 158,165 ****
!
! 007: RELIABILITY FIX: September 22, 2016All architectures
Revert change that cleans up the EVP cipher context in EVP_EncryptFinal()
--- 150,156 ----
! 007: RELIABILITY FIX: September 22, 2016All architectures
Revert change that cleans up the EVP cipher context in EVP_EncryptFinal()
***************
*** 170,177 ****
!
! 008: RELIABILITY FIX: September 22, 2016All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
--- 161,167 ----
! 008: RELIABILITY FIX: September 22, 2016All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
***************
*** 182,189 ****
!
! 009: SECURITY FIX: September 22, 2016All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
--- 172,178 ----
! 009: SECURITY FIX: September 22, 2016All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
***************
*** 193,200 ****
!
! 010: RELIABILITY FIX: October 3, 2016All architectures
A bug in the smtp session logic can lead to a server crash.
--- 182,188 ----
! 010: RELIABILITY FIX: October 3, 2016All architectures
A bug in the smtp session logic can lead to a server crash.
***************
*** 204,211 ****
!
! 011: SECURITY FIX: October 4, 2016All architectures
Fix a number of issues in the way various X client libraries handle
--- 192,198 ----
! 011: SECURITY FIX: October 4, 2016All architectures
Fix a number of issues in the way various X client libraries handle
***************
*** 216,223 ****
!
! 012: RELIABILITY FIX: October 8, 2016All architectures
Allocation of an amap with at least 131072 slots causes an integer overflow
--- 203,209 ----
! 012: RELIABILITY FIX: October 8, 2016All architectures
Allocation of an amap with at least 131072 slots causes an integer overflow
***************
*** 228,235 ****
!
! 013: RELIABILITY FIX: October 10, 2016All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory
--- 214,220 ----
! 013: RELIABILITY FIX: October 10, 2016All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory
***************
*** 240,247 ****
!
! 014: RELIABILITY FIX: October 13, 2016All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
--- 225,231 ----
! 014: RELIABILITY FIX: October 13, 2016All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
***************
*** 251,258 ****
!
! 015: RELIABILITY FIX: November 5, 2016All architectures
Avoid continual processing of an unlimited number of TLS records.
--- 235,241 ----
! 015: RELIABILITY FIX: November 5, 2016All architectures
Avoid continual processing of an unlimited number of TLS records.
***************
*** 262,269 ****
!
! 016: SECURITY FIX: January 5, 2017All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
--- 245,251 ----
! 016: SECURITY FIX: January 5, 2017All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
***************
*** 273,280 ****
!
! 017: RELIABILITY FIX: January 31, 2017All architectures
A bug in the processing of range headers in httpd can lead to memory
--- 255,261 ----
! 017: RELIABILITY FIX: January 31, 2017All architectures
A bug in the processing of range headers in httpd can lead to memory
***************
*** 286,293 ****
!
! 018: SECURITY FIX: March 1, 2017All architectures
WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack
--- 267,273 ----
! 018: SECURITY FIX: March 1, 2017All architectures
WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack
***************
*** 298,305 ****
!
! 019: RELIABILITY FIX: March 9, 2017All architectures
Prevent integer overflow in PF when calculating the adaptive timeout,
--- 278,284 ----
! 019: RELIABILITY FIX: March 9, 2017All architectures
Prevent integer overflow in PF when calculating the adaptive timeout,
***************
*** 310,317 ****
!
! 021: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
--- 299,305 ----
! 021: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
***************
*** 333,340 ****
!
! 022: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
--- 310,316 ----
! 022: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
***************
*** 344,351 ****
!
! 023: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
--- 320,326 ----
! 023: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
***************
*** 355,362 ****
!
! 024: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
--- 330,336 ----
! 024: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
***************
*** 367,374 ****
!
! 025: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
--- 341,347 ----
! 025: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
***************
*** 379,386 ****
!
! 026: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
--- 352,358 ----
! 026: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
***************
*** 390,397 ****
!
! 027: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
--- 362,368 ----
! 027: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
***************
*** 401,408 ****
!
! 028: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
--- 372,378 ----
! 028: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
***************
*** 412,419 ****
!
! 029: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
--- 382,388 ----
! 029: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
***************
*** 423,430 ****
!
! 030: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
--- 392,398 ----
! 030: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
***************
*** 434,441 ****
!
! 031: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
--- 402,408 ----
! 031: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
***************
*** 446,453 ****
!
! 032: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
--- 413,419 ----
! 032: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
***************
*** 457,464 ****
!
! 033: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
--- 423,429 ----
! 033: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
***************
*** 468,475 ****
!
! 034: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
--- 433,439 ----
! 034: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
***************
*** 479,486 ****
!
! 035: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
--- 443,449 ----
! 035: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
***************
*** 490,497 ****
!
! 036: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
--- 453,459 ----
! 036: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
***************
*** 501,508 ****
!
! 037: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
--- 463,469 ----
! 037: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
***************
*** 513,520 ****
!
! 038: SECURITY FIX: August 3, 2017All architectures
A race condition may result in a kernel memory leak.
--- 474,480 ----
! 038: SECURITY FIX: August 3, 2017All architectures
A race condition may result in a kernel memory leak.
***************
*** 524,531 ****
!
! 039: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
--- 484,490 ----
! 039: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
***************
*** 537,544 ****
!
! 040: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
--- 496,502 ----
! 040: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
***************
*** 548,555 ****
!
! 041: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
--- 506,512 ----
! 041: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
***************
*** 559,566 ****
!
! 042: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
--- 516,522 ----
! 042: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
***************
*** 571,578 ****
!
! 043: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
--- 527,533 ----
! 043: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
***************
*** 582,589 ****
!
! 044: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
--- 537,543 ----
! 044: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
***************
*** 593,600 ****
!
! 045: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
--- 547,553 ----
! 045: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
***************
*** 606,611 ****