-
-001: SECURITY FIX: April 14, 2018
+001: SECURITY FIX: April 14, 2018All architectures
Heap overflows exist in perl which can lead to segmentation faults,
@@ -106,8 +103,7 @@
-
-002: RELIABILITY FIX: April 21, 2018
+002: RELIABILITY FIX: April 21, 2018All architectures
Additional data is inadvertently removed when private keys are cleared from
@@ -118,8 +114,7 @@
-
-003: RELIABILITY FIX: April 21, 2018
+003: RELIABILITY FIX: April 21, 2018All architectures
ARP replies could be sent on the wrong member of a bridge(4) interface.
@@ -129,8 +124,7 @@
-
-004: SECURITY FIX: April 21, 2018
+004: SECURITY FIX: April 21, 2018All architectures
In the gif(4) interface, use the specified protocol for IPv6, plug
@@ -141,8 +135,7 @@
-
-005: RELIABILITY FIX: April 21, 2018
+005: RELIABILITY FIX: April 21, 2018All architectures
httpd can leak file descriptors when servicing range requests.
@@ -152,8 +145,7 @@
-
-006: RELIABILITY FIX: May 8, 2018
+006: RELIABILITY FIX: May 8, 2018All architectures
Incorrect handling of fragmented IPsec packets could result in a system crash.
@@ -163,8 +155,7 @@
-
-007: RELIABILITY FIX: May 8, 2018
+007: RELIABILITY FIX: May 8, 2018All architectures
Incorrect checks in libcrypto can prevent Diffie-Hellman Exchange operations
@@ -175,8 +166,7 @@
-
-008: RELIABILITY FIX: May 17, 2018
+008: RELIABILITY FIX: May 17, 2018All architectures
A malicious packet can cause a kernel crash when using IPsec over IPv6.
@@ -186,8 +176,7 @@
-
-009: SECURITY FIX: June 14, 2018
+009: SECURITY FIX: June 14, 2018All architectures
DSA and ECDSA signature generation can potentially leak secret information
@@ -198,8 +187,7 @@
-
-010: SECURITY FIX: June 17, 2018
+010: SECURITY FIX: June 17, 2018amd64
Intel CPUs speculatively access FPU registers even when the FPU is disabled,
@@ -211,8 +199,7 @@
-
-011: SECURITY FIX: June 21, 2018
+011: SECURITY FIX: June 21, 2018All architectures
Perl's Archive::Tar module could be made to write files outside of
@@ -223,8 +210,7 @@
-
-012: RELIABILITY FIX: July 25, 2018
+012: RELIABILITY FIX: July 25, 2018All architectures
A regular user could trigger a kernel panic by executing an invalid
@@ -235,8 +221,7 @@
-
-013: RELIABILITY FIX: July 25, 2018
+013: RELIABILITY FIX: July 25, 2018All architectures
When an IPsec key expired, the kernel could panic due to unfinished
@@ -247,8 +232,7 @@
-
-014: SECURITY FIX: July 31, 2018
+014: SECURITY FIX: July 31, 2018amd64 and i386
On AMD CPUs, set a chicken bit which turns LFENCE into a serialization
@@ -259,8 +243,7 @@
-
-015: SECURITY FIX: July 31, 2018
+015: SECURITY FIX: July 31, 2018i386
IO port permissions were incorrectly restricted.
@@ -270,8 +253,7 @@
-
-016: RELIABILITY FIX: August 4, 2018
+016: RELIABILITY FIX: August 4, 2018amd64
Incorrect initialization of the FPU caused floating point exceptions
@@ -282,8 +264,7 @@
-
-017: SECURITY FIX: August 24, 2018
+017: SECURITY FIX: August 24, 2018amd64
State from the FPU of one userland process could be exposed to other processes.
@@ -293,8 +274,7 @@
-
-018: SECURITY FIX: August 24, 2018
+018: SECURITY FIX: August 24, 2018amd64
The Intel L1TF bug allows a vmm guest to read host memory.
@@ -305,8 +285,7 @@
-
-019: SECURITY FIX: September 21, 2018
+019: SECURITY FIX: September 21, 2018amd64
On AMD CPUs, LDTR must be managed crossing between VMs.
@@ -316,8 +295,7 @@
-
-020: SECURITY FIX: October 25, 2018
+020: SECURITY FIX: October 25, 2018All architectures
The Xorg X server incorrectly validates certain options, allowing arbitrary
@@ -330,8 +308,7 @@
-
-021: RELIABILITY FIX: November 2, 2018
+021: RELIABILITY FIX: November 2, 2018i386, amd64, arm64
The syspatch utility incorrectly handles symbolic links.
@@ -341,8 +318,7 @@
-
-022: SECURITY FIX: November 17, 2018
+022: SECURITY FIX: November 17, 2018All architectures
Timing side channels may leak information about DSA and ECDSA private keys.
@@ -352,8 +328,7 @@
-
-023: RELIABILITY FIX: November 17, 2018
+023: RELIABILITY FIX: November 17, 2018All architectures
A recent change to POSIX file locks could cause incorrect results
@@ -364,8 +339,7 @@
-
-024: SECURITY FIX: November 29, 2018
+024: SECURITY FIX: November 29, 2018All architectures
Various overflows exist in perl.
@@ -375,8 +349,7 @@
-
-025: RELIABILITY FIX: November 29, 2018
+025: RELIABILITY FIX: November 29, 2018All architectures
UNIX domain sockets leak kernel memory with MSG_PEEK on SCM_RIGHTS, or can
@@ -387,8 +360,7 @@
-
-026: RELIABILITY FIX: December 20, 2018
+026: RELIABILITY FIX: December 20, 2018All architectures
While recv(2) with the MSG_WAITALL flag was receiving control
@@ -399,8 +371,7 @@
-
-027: SECURITY FIX: December 22, 2018
+027: SECURITY FIX: December 22, 2018All architectures
The setsockopt(2) system call could overflow mbuf cluster kernel
@@ -411,8 +382,7 @@
-
-028: SECURITY FIX: February 5, 2019
+028: SECURITY FIX: February 5, 2019All architectures
The mincore() system call can be used to observe memory access patterns
@@ -423,8 +393,7 @@
-
-029: RELIABILITY FIX: February 5, 2019
+029: RELIABILITY FIX: February 5, 2019All architectures
Missing length checks in the NFS server and client can lead to crashes
@@ -435,8 +404,7 @@
-
-030: SECURITY FIX: March 1, 2019
+030: SECURITY FIX: March 1, 2019All architectures
Fragmented IPv6 packets may be erroneously passed by pf or lead to a crash.
@@ -446,8 +414,7 @@
-
-031: SECURITY FIX: March 22, 2019
+031: SECURITY FIX: March 22, 2019All architectures
A state in pf could pass ICMP packets to a destination IP address
@@ -458,8 +425,7 @@
-
-032: SECURITY FIX: March 27, 2019
+032: SECURITY FIX: March 27, 2019amd64 and i386
GDT and IDT limits were improperly restored during VMM context switches.
@@ -469,8 +435,7 @@
-
-033: RELIABILITY FIX: May 3, 2019
+033: RELIABILITY FIX: May 3, 2019All architectures
If a userland program sets the IPv6 checksum offset on a raw socket,
@@ -483,6 +448,3 @@