!
! 001: INTEROPERABILITY FIX: May 2, 2017All architectures
dhcpd unconditionally echoed the client identifier, preventing some devices
--- 92,98 ----
! 001: INTEROPERABILITY FIX: May 2, 2017All architectures
dhcpd unconditionally echoed the client identifier, preventing some devices
***************
*** 106,113 ****
!
! 002: SECURITY FIX: May 2, 2017amd64
vmm mismanaged floating point contexts.
--- 103,109 ----
! 002: SECURITY FIX: May 2, 2017amd64
vmm mismanaged floating point contexts.
***************
*** 117,124 ****
!
! 003: SECURITY FIX: May 2, 2017All architectures
A consistency check error could cause programs to incorrectly verify
--- 113,119 ----
! 003: SECURITY FIX: May 2, 2017All architectures
A consistency check error could cause programs to incorrectly verify
***************
*** 129,136 ****
!
! 004: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
--- 124,130 ----
! 004: RELIABILITY FIX: May 2, 2017All architectures
softraid was unable to create usable concat volumes because
***************
*** 141,148 ****
!
! 005: RELIABILITY FIX: May 6, 2017All architectures
Expired pf source tracking entries never got removed, leading to
--- 135,141 ----
! 005: RELIABILITY FIX: May 6, 2017All architectures
Expired pf source tracking entries never got removed, leading to
***************
*** 153,160 ****
!
! 006: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
--- 146,152 ----
! 006: RELIABILITY FIX: May 8, 2017All architectures
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
***************
*** 164,171 ****
!
! 007: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
--- 156,162 ----
! 007: SECURITY FIX: May 13, 2017All architectures
Heap-based buffer overflows in freetype can result in out-of-bounds writes.
***************
*** 175,182 ****
!
! 008: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
--- 166,172 ----
! 008: SECURITY FIX: May 19, 2017All architectures
An additional mitigation is added by placing a gap of 1 MB between the
***************
*** 187,194 ****
!
! 009: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
--- 177,183 ----
! 009: RELIABILITY FIX: May 22, 2017All architectures
The kernel could leak memory when processing ICMP packets with IP options.
***************
*** 199,206 ****
!
! 010: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
--- 188,194 ----
! 010: SECURITY FIX: June 4, 2017All architectures
A race condition exists in the File::Path perl module.
***************
*** 210,217 ****
!
! 011: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
--- 198,204 ----
! 011: SECURITY FIX: June 12, 2017hppa
An integer overflow exists in two range checks of the sti(4) display driver.
***************
*** 221,228 ****
!
! 012: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
--- 208,214 ----
! 012: RELIABILITY FIX: June 12, 2017All architectures
An unprivileged user can cause a kernel crash.
***************
*** 232,239 ****
!
! 013: RELIABILITY FIX: June 27, 2017All architectures
When pinging an IPv6 link-local address, the reflected packet had
--- 218,224 ----
! 013: RELIABILITY FIX: June 27, 2017All architectures
When pinging an IPv6 link-local address, the reflected packet had
***************
*** 245,252 ****
!
! 014: RELIABILITY FIX: July 5, 2017All architectures
Self-issued certificates are improperly treated as self-signed certificates,
--- 230,236 ----
! 014: RELIABILITY FIX: July 5, 2017All architectures
Self-issued certificates are improperly treated as self-signed certificates,
***************
*** 257,264 ****
!
! 015: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
--- 241,247 ----
! 015: RELIABILITY FIX: August 3, 2017All architectures
A SIGIO-related use-after-free can occur in two drivers.
***************
*** 268,275 ****
!
! 016: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
--- 251,257 ----
! 016: RELIABILITY FIX: August 3, 2017All architectures
A missing length check in sendsyslog() may result in a kernel panic.
***************
*** 279,286 ****
!
! 017: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
--- 261,267 ----
! 017: SECURITY FIX: August 3, 2017All architectures
An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
***************
*** 291,298 ****
!
! 018: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
--- 272,278 ----
! 018: SECURITY FIX: August 3, 2017All architectures
An alignment issue in recv() may result in an info leak via ktrace().
***************
*** 302,309 ****
!
! 019: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
--- 282,288 ----
! 019: SECURITY FIX: August 3, 2017All architectures
With an invalid address family, tcp_usrreq() may take an unintended code path.
***************
*** 313,320 ****
!
! 020: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
--- 292,298 ----
! 020: SECURITY FIX: August 3, 2017All architectures
Missing socket address validation from userland may result in an info leak.
***************
*** 324,331 ****
!
! 021: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
--- 302,308 ----
! 021: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in ptrace() may result in an info leak.
***************
*** 335,342 ****
!
! 022: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
--- 312,318 ----
! 022: SECURITY FIX: August 3, 2017All architectures
An uninitialized variable in fcntl() may result in an info leak.
***************
*** 346,353 ****
!
! 023: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
--- 322,328 ----
! 023: RELIABILITY FIX: August 3, 2017All architectures
An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
***************
*** 358,365 ****
!
! 024: SECURITY FIX: August 3, 2017All architectures
A race condition in sosplice() may result in a kernel memory leak.
--- 333,339 ----
! 024: SECURITY FIX: August 3, 2017All architectures
A race condition in sosplice() may result in a kernel memory leak.
***************
*** 369,376 ****
!
! 025: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
--- 343,349 ----
! 025: SECURITY FIX: August 3, 2017All architectures
An out of bounds read could occur during processing of EAPOL frames in
***************
*** 382,389 ****
!
! 026: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
--- 355,361 ----
! 026: SECURITY FIX: August 26, 2017amd64 and i386
SMAP enforcement could be bypassed by userland code.
***************
*** 393,400 ****
!
! 027: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
--- 365,371 ----
! 027: SECURITY FIX: August 30, 2017All architectures
State transition errors could cause reinstallation of old WPA keys.
***************
*** 404,411 ****
!
! 028: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
--- 375,381 ----
! 028: SECURITY FIX: September 22, 2017All architectures
A buffer over-read and heap overflow in perl's regexp may result in
***************
*** 416,423 ****
!
! 029: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
--- 386,392 ----
! 029: RELIABILITY FIX: September 27, 2017amd64
Out of bounds TCB settings may result in a kernel panic.
***************
*** 427,434 ****
!
! 030: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
--- 396,402 ----
! 030: RELIABILITY FIX: October 4, 2017amd64
An unprivileged user can cause a kernel crash.
***************
*** 438,445 ****
!
! 031: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
--- 406,412 ----
! 031: SECURITY FIX: October 4, 2017amd64
A kernel executable address was leaked to userland.
***************
*** 449,456 ****
!
! 032: RELIABILITY FIX: October 13, 2017amd64
A local user could trigger a kernel panic by using an invalid TCB value.
--- 416,422 ----
! 032: RELIABILITY FIX: October 13, 2017amd64
A local user could trigger a kernel panic by using an invalid TCB value.
***************
*** 460,467 ****
!
! 033: RELIABILITY FIX: December 10, 2017
All architectures
A number of bugs were discovered in the MPLS stack that can be used to
--- 426,432 ----
! 033: RELIABILITY FIX: December 10, 2017
All architectures
A number of bugs were discovered in the MPLS stack that can be used to
***************
*** 472,479 ****
!
! 034: RELIABILITY FIX: February 2, 2018All architectures
Specially crafted IPsec AH packets with IP options or IPv6 extension
--- 437,443 ----
! 034: RELIABILITY FIX: February 2, 2018All architectures
Specially crafted IPsec AH packets with IP options or IPv6 extension
***************
*** 484,491 ****
!
! 035: RELIABILITY FIX: February 2, 2018All architectures
Processing IPv6 fragments could incorrectly access memory of an mbuf
--- 448,454 ----
! 035: RELIABILITY FIX: February 2, 2018All architectures
Processing IPv6 fragments could incorrectly access memory of an mbuf
***************
*** 496,503 ****
!
! 036: SECURITY FIX: February 2, 2018All architectures
If the EtherIP tunnel protocol was disabled, IPv6 packets were not
--- 459,465 ----
! 036: SECURITY FIX: February 2, 2018All architectures
If the EtherIP tunnel protocol was disabled, IPv6 packets were not
***************
*** 508,515 ****
!
! 037: SECURITY FIX: March 1, 2018amd64
Intel CPUs contain a speculative execution flaw called Meltdown which
--- 470,476 ----
! 037: SECURITY FIX: March 1, 2018amd64
Intel CPUs contain a speculative execution flaw called Meltdown which
***************
*** 520,527 ****
!
! 038: RELIABILITY FIX: March 20, 2018All architectures
The IPsec AH header could be longer than the network packet, resulting in
--- 481,487 ----
! 038: RELIABILITY FIX: March 20, 2018All architectures
The IPsec AH header could be longer than the network packet, resulting in
***************
*** 532,539 ****
!
! 039: SECURITY FIX: April 14, 2018All architectures
Heap overflows exist in perl which can lead to segmentation faults,
--- 492,498 ----
! 039: SECURITY FIX: April 14, 2018All architectures
Heap overflows exist in perl which can lead to segmentation faults,
***************
*** 546,551 ****