src-test, branch releng/9.2

src-test, branch releng/9.2 FreeBSD source tree https://cgit-dev.freebsd.org/src-test/atom?h=releng%2F9.2 2014-12-23T22:53:44Z [SA-14:31] Fix multiple vulnerabilities in NTP suite. 2014-12-23T22:53:44Z Dag-Erling Smørgrav des@FreeBSD.org 2014-12-23T22:53:44Z urn:sha1:d43c54ae9f1bc8002297ec035de83fb14d0accb8 [EN-14:13] Fix directory deletion issue in freebsd-update. Approved by: so Fix multiple vulnerabilities in file(1) and libmagic(3). 2014-12-10T08:36:40Z Xin LI delphij@FreeBSD.org 2014-12-10T08:36:40Z urn:sha1:88fb734f8bb9945dbfb5d547c60ba45597bc9aa2 Security: FreeBSD-SA-14:28.file Security: CVE-2014-3710, CVE-2014-8116, CVE-2014-8117 Fix BIND remote denial of service vulnerability. Security: FreeBSD-SA-14:29.bind Security: CVE-2014-8500 Approved by: so [SA-14:24] Fix denial of service attack against sshd(8). 2014-11-04T23:33:17Z Dag-Erling Smørgrav des@FreeBSD.org 2014-11-04T23:33:17Z urn:sha1:2a56e89a9f6d7a01ac8e9169a938e74babf627a4 [SA-14:25] Fix kernel stack disclosure in setlogin(2) / getlogin(2). [SA-14:26] Fix remote command execution in ftp(1). [EN-14:12] Fix NFSv4 and ZFS cache consistency issue. Approved by: so (des) Time zone data file update. [EN-14:10] 2014-10-21T23:52:25Z Xin LI delphij@FreeBSD.org 2014-10-21T23:52:25Z urn:sha1:bc81f300cfd127548201eb5265513f1f41933e3b Approved by: so Fix rtsold(8) remote buffer overflow vulnerability. [SA-14:20] 2014-10-21T20:21:10Z Xin LI delphij@FreeBSD.org 2014-10-21T20:21:10Z urn:sha1:43acc7feb91f2d86bd78c240ece24094d8a3500c Fix routed(8) remote denial of service vulnerability. [SA-14:21] Fix memory leak in sandboxed namei lookup. [SA-14:22] Fix OpenSSL multiple vulnerabilities. [SA-14:23] Approved by: so Fix Denial of Service in TCP packet processing. 2014-09-16T09:50:19Z Xin LI delphij@FreeBSD.org 2014-09-16T09:50:19Z urn:sha1:9222825f71785369222cbd63998896bdbac89a2d Security: FreeBSD-SA-14:19.tcp Approved by: so Fix multiple OpenSSL vulnerabilities: 2014-09-09T10:13:46Z Xin LI delphij@FreeBSD.org 2014-09-09T10:13:46Z urn:sha1:f9a8794cd7bad3e808e309694ecbd6c8c74d2227 The receipt of a specifically crafted DTLS handshake message may cause OpenSSL to consume large amounts of memory. [CVE-2014-3506] The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak memory. [CVE-2014-3507] A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508] OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. [CVE-2014-3510] Security: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510 Security: FreeBSD-SA-14:18.openssl Approved by: so Fix kernel memory disclosure in control message and SCTP notifications. 2014-07-08T21:55:27Z Xin LI delphij@FreeBSD.org 2014-07-08T21:55:27Z urn:sha1:62207e13d2d750df8d6a42ff9a3b3c12a49b8a42 Security: FreeBSD-SA-14:17.kmem Security: CVE-2014-3952, CVE-2014-3953 Approved by: so Fix multiple vulnerabilities in file(1) and libmagic(3). 2014-06-24T19:05:36Z Xin LI delphij@FreeBSD.org 2014-06-24T19:05:36Z urn:sha1:6c6b6a81faf589d1f5f6e20e1bd55e425eca8b59 [SA-14:16] Fix gss_pseudo_random interoperability issue. [EN-14:08] Security: CVE-2013-7345, CVE-2014-1943, CVE-2014-2270 Security: FreeBSD-SA-14:16.file Approved by: so Fix OpenSSL multiple vulnerabilities. 2014-06-05T12:33:23Z Xin LI delphij@FreeBSD.org 2014-06-05T12:33:23Z urn:sha1:c32dc90b68621c96748cda813f4c97374c8bf998 Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 Security: SA-14:14.openssl Approved by: so