| version 1.332, 2006/10/12 07:05:21 |
version 1.333, 2006/10/30 21:11:21 |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| <li><a href="errata.html#ssh">Oct 12, 2006: |
<li><a href="errata39.html#ssh">Oct 12, 2006: |
| Fix 2 security bugs found in OpenSSH.</a> |
Fix 2 security bugs found in OpenSSH.</a> |
| <li><a href="errata.html#systrace">Oct 7, 2006: |
<li><a href="errata39.html#systrace">Oct 7, 2006: |
| Fix for an integer overflow in systrace(4)'s STRIOCREPLACE support, |
Fix for an integer overflow in systrace(4)'s STRIOCREPLACE support, |
| found by Chris Evans.</a> |
found by Chris Evans.</a> |
| <li><a href="errata.html#openssl2">Oct 7, 2006: |
<li><a href="errata39.html#openssl2">Oct 7, 2006: |
| Several problems have been found in OpenSSL.</a> |
Several problems have been found in OpenSSL.</a> |
| <li><a href="errata.html#httpd2">Oct 7, 2006: |
<li><a href="errata39.html#httpd2">Oct 7, 2006: |
| httpd(8) does not sanitize the Expect header from an HTTP request |
httpd(8) does not sanitize the Expect header from an HTTP request |
| when it is reflected back in an error message, which might allow |
when it is reflected back in an error message, which might allow |
| cross-site scripting (XSS) style attacks.</a> |
cross-site scripting (XSS) style attacks.</a> |
| <li><a href="errata.html#openssl">Sep 8, 2006: |
<li><a href="errata39.html#openssl">Sep 8, 2006: |
| Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is |
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is |
| possible for an attacker to construct an invalid signature which |
possible for an attacker to construct an invalid signature which |
| OpenSSL would accept as a valid PKCS#1 v1.5 signature.</a> |
OpenSSL would accept as a valid PKCS#1 v1.5 signature.</a> |
| <li><a href="errata.html#bind">Sep 8, 2006: |
<li><a href="errata39.html#bind">Sep 8, 2006: |
| Two Denial of Service issues have been found with BIND.</a> |
Two Denial of Service issues have been found with BIND.</a> |
| <li><a href="errata.html#sppp">Sep 2, 2006: |
<li><a href="errata39.html#sppp">Sep 2, 2006: |
| Due to the failure to correctly validate LCP configuration option |
Due to the failure to correctly validate LCP configuration option |
| lengths, it is possible for an attacker to send LCP packets via an |
lengths, it is possible for an attacker to send LCP packets via an |
| sppp(4) connection causing the kernel to panic.</a> |
sppp(4) connection causing the kernel to panic.</a> |
| <li><a href="errata.html#isakmpd">Aug 25, 2006: |
<li><a href="errata39.html#isakmpd">Aug 25, 2006: |
| A problem in isakmpd(8) caused IPsec to run partly without replay |
A problem in isakmpd(8) caused IPsec to run partly without replay |
| protection.</a> |
protection.</a> |
| <li><a href="errata.html#sem">Aug 25, 2006: |
<li><a href="errata39.html#sem">Aug 25, 2006: |
| It is possible to cause the kernel to panic when more than the default |
It is possible to cause the kernel to panic when more than the default |
| number of sempahores have been allocated.</a> |
number of sempahores have been allocated.</a> |
| <li><a href="errata.html#dhcpd">Aug 25, 2006: |
<li><a href="errata39.html#dhcpd">Aug 25, 2006: |
| Due to an off-by-one error in dhcpd(8) it is possible to cause dhcpd(8) |
Due to an off-by-one error in dhcpd(8) it is possible to cause dhcpd(8) |
| to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier |
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier |
| option.</a> |
option.</a> |
| <li><a href="errata.html#sendmail3">Aug 25, 2006: |
<li><a href="errata39.html#sendmail3">Aug 25, 2006: |
| A potential denial of service problem has been found in sendmail.</a> |
A potential denial of service problem has been found in sendmail.</a> |
| <li><a href="errata.html#httpd">Jul 30, 2006: |
<li><a href="errata39.html#httpd">Jul 30, 2006: |
| httpd(8)'s mod_rewrite has a potentially exploitable off-by-one buffer |
httpd(8)'s mod_rewrite has a potentially exploitable off-by-one buffer |
| overflow.</a> |
overflow.</a> |
| <li><a href="errata.html#sendmail2">Jun 15, 2006: |
<li><a href="errata39.html#sendmail2">Jun 15, 2006: |
| A potential denial of service problem has been found in sendmail.</a> |
A potential denial of service problem has been found in sendmail.</a> |
| <li><a href="errata.html#xorg">May 2, 2006: |
<li><a href="errata39.html#xorg">May 2, 2006: |
| A buffer overflow exists in the Render extension of the X server.</a> |
A buffer overflow exists in the Render extension of the X server.</a> |
| <li><a href="errata.html#sendmail">Mar 25, 2006: |
<li><a href="errata39.html#sendmail">Mar 25, 2006: |
| A race condition has been reported to exist in the handling by sendmail |
A race condition has been reported to exist in the handling by sendmail |
| of asynchronous signals.</a> |
of asynchronous signals.</a> |
| </ul> |
</ul> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www