-
-001: RELIABILITY FIX: August 2, 2016
+001: RELIABILITY FIX: August 2, 2016All architectures
Missing overflow checks in uvm may result in panics.
@@ -100,8 +97,7 @@
-
-002: RELIABILITY FIX: August 6, 2016
+002: RELIABILITY FIX: August 6, 2016All architectures
Fixes IO::Socket::IP complaining about non-numeric version numbers.
@@ -111,8 +107,7 @@
-
-003: RELIABILITY FIX: August 6, 2016
+003: RELIABILITY FIX: August 6, 2016All architectures
Improve relayd's parsing of the Host-header by following RFC 7230
@@ -123,8 +118,7 @@
-
-004: RELIABILITY FIX: August 23, 2016
+004: RELIABILITY FIX: August 23, 2016All architectures
A missing initialization can prevent mail headers from being altered as
@@ -135,8 +129,7 @@
-
-005: RELIABILITY FIX: September 17, 2016
+005: RELIABILITY FIX: September 17, 2016All architectures
Limit the number of wscons fonts that can be loaded into the kernel.
@@ -146,8 +139,7 @@
-
-006: RELIABILITY FIX: September 17, 2016
+006: RELIABILITY FIX: September 17, 2016All architectures
During parsing of the iked(8) configuration, a variable is set to 0
@@ -158,8 +150,7 @@
-
-007: RELIABILITY FIX: September 22, 2016
+007: RELIABILITY FIX: September 22, 2016All architectures
Revert change that cleans up the EVP cipher context in EVP_EncryptFinal()
@@ -170,8 +161,7 @@
-
-008: RELIABILITY FIX: September 22, 2016
+008: RELIABILITY FIX: September 22, 2016All architectures
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
@@ -182,8 +172,7 @@
-
-009: SECURITY FIX: September 22, 2016
+009: SECURITY FIX: September 22, 2016All architectures
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
@@ -193,8 +182,7 @@
-
-010: RELIABILITY FIX: October 3, 2016
+010: RELIABILITY FIX: October 3, 2016All architectures
A bug in the smtp session logic can lead to a server crash.
@@ -204,8 +192,7 @@
-
-011: SECURITY FIX: October 4, 2016
+011: SECURITY FIX: October 4, 2016All architectures
Fix a number of issues in the way various X client libraries handle
@@ -216,8 +203,7 @@
-
-012: RELIABILITY FIX: October 8, 2016
+012: RELIABILITY FIX: October 8, 2016All architectures
Allocation of an amap with at least 131072 slots causes an integer overflow
@@ -228,8 +214,7 @@
-
-013: RELIABILITY FIX: October 10, 2016
+013: RELIABILITY FIX: October 10, 2016All architectures
A protocol parsing bug in sshd can lead to unauthenticated memory
@@ -240,8 +225,7 @@
-
-014: RELIABILITY FIX: October 13, 2016
+014: RELIABILITY FIX: October 13, 2016All architectures
A logic issue in smtpd's header parsing can cause SMTP sessions to hang.
@@ -251,8 +235,7 @@
-
-015: RELIABILITY FIX: November 5, 2016
+015: RELIABILITY FIX: November 5, 2016All architectures
Avoid continual processing of an unlimited number of TLS records.
@@ -262,8 +245,7 @@
-
-016: SECURITY FIX: January 5, 2017
+016: SECURITY FIX: January 5, 2017All architectures
Avoid possible side-channel leak of ECDSA private keys when signing.
@@ -273,8 +255,7 @@
-
-017: RELIABILITY FIX: January 31, 2017
+017: RELIABILITY FIX: January 31, 2017All architectures
A bug in the processing of range headers in httpd can lead to memory
@@ -286,8 +267,7 @@
-
-018: SECURITY FIX: March 1, 2017
+018: SECURITY FIX: March 1, 2017All architectures
WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack
@@ -298,8 +278,7 @@
-
-019: RELIABILITY FIX: March 9, 2017
+019: RELIABILITY FIX: March 9, 2017All architectures
Prevent integer overflow in PF when calculating the adaptive timeout,
@@ -310,8 +289,7 @@
-
-020: SECURITY FIX: March 20, 2017
+020: SECURITY FIX: March 20, 2017All architectures
ELF auxiliary vector storage leaks piece of kernel stack.
@@ -321,8 +299,7 @@
-
-021: RELIABILITY FIX: May 2, 2017
+021: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
@@ -333,8 +310,7 @@
-
-022: RELIABILITY FIX: May 8, 2017
+022: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
@@ -344,8 +320,7 @@
-
-023: SECURITY FIX: May 13, 2017
+023: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
@@ -355,8 +330,7 @@
-
-024: SECURITY FIX: May 19, 2017
+024: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
@@ -367,8 +341,7 @@
-
-025: RELIABILITY FIX: May 22, 2017
+025: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
@@ -379,8 +352,7 @@
-
-026: SECURITY FIX: June 4, 2017
+026: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
@@ -390,8 +362,7 @@
-
-027: SECURITY FIX: June 12, 2017
+027: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
@@ -401,8 +372,7 @@
-
-028: RELIABILITY FIX: June 12, 2017
+028: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
@@ -412,8 +382,7 @@
-
-029: RELIABILITY FIX: August 3, 2017
+029: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
@@ -423,8 +392,7 @@
-
-030: RELIABILITY FIX: August 3, 2017
+030: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
@@ -434,8 +402,7 @@
-
-031: SECURITY FIX: August 3, 2017
+031: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
@@ -446,8 +413,7 @@
-
-032: SECURITY FIX: August 3, 2017
+032: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
@@ -457,8 +423,7 @@
-
-033: SECURITY FIX: August 3, 2017
+033: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
@@ -468,8 +433,7 @@
-
-034: SECURITY FIX: August 3, 2017
+034: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
@@ -479,8 +443,7 @@
-
-035: SECURITY FIX: August 3, 2017
+035: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
@@ -490,8 +453,7 @@
-
-036: SECURITY FIX: August 3, 2017
+036: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
@@ -501,8 +463,7 @@
-
-037: RELIABILITY FIX: August 3, 2017
+037: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
@@ -513,8 +474,7 @@
-
-038: SECURITY FIX: August 3, 2017
+038: SECURITY FIX: August 3, 2017All architectures
A race condition may result in a kernel memory leak.
@@ -524,8 +484,7 @@
-
-039: SECURITY FIX: August 3, 2017
+039: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
@@ -537,8 +496,7 @@
-
-040: SECURITY FIX: August 26, 2017
+040: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
@@ -548,8 +506,7 @@
-
-041: SECURITY FIX: August 30, 2017
+041: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
@@ -559,8 +516,7 @@
-
-042: SECURITY FIX: September 22, 2017
+042: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
@@ -571,8 +527,7 @@
-
-043: RELIABILITY FIX: September 27, 2017
+043: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
@@ -582,8 +537,7 @@
-
-044: RELIABILITY FIX: October 4, 2017
+044: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
@@ -593,8 +547,7 @@
-
-045: SECURITY FIX: October 4, 2017
+045: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
@@ -606,6 +559,3 @@