src-test/UPDATING, branch releng/8.2FreeBSD source treehttps://cgit-dev.freebsd.org/src-test/atom?h=releng%2F8.22012-08-06T21:33:11ZFix named(8) DNSSEC validation Denial of Service.2012-08-06T21:33:11ZSimon L. B. Nielsensimon@FreeBSD.org2012-08-06T21:33:11Zurn:sha1:83f072b6fd712ae3536923ec1c97dcf8a408686a
Security: FreeBSD-SA-12:05.bind
Security: CVE-2012-3817
Obtained from: ISC
Approved by: so (simon)
Fix a problem where zero-length RDATA fields can cause named(8) to crash.2012-06-12T12:10:10ZBjoern A. Zeebbz@FreeBSD.org2012-06-12T12:10:10Zurn:sha1:d961d92acefa29350d80a1016f64b9fd08db7159
[12:03]
Correct a privilege escalation when returning from kernel if
running FreeBSD/amd64 on non-AMD processors. [12:04]
Fix reference count errors in IPv6 code. [EN-12:02]
Security: CVE-2012-1667
Security: FreeBSD-SA-12:03.bind
Security: CVE-2012-0217
Security: FreeBSD-SA-12:04.sysret
Security: FreeBSD-EN-12:02.ipv6refcount
Approved by: so (simon, bz)
Update the previous openssl fix. [12:01]2012-05-30T12:01:28ZBjoern A. Zeebbz@FreeBSD.org2012-05-30T12:01:28Zurn:sha1:dec65a07df89e0c7c4a383355d0334a356cb4b8e
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
Fix multiple OpenSSL vulnerabilities.2012-05-03T15:25:11ZBjoern A. Zeebbz@FreeBSD.org2012-05-03T15:25:11Zurn:sha1:63a04068615babb32186381a888c4f92e3816b61
Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109
Security: CVE-2012-0884, CVE-2012-2110
Security: FreeBSD-SA-12:01.openssl
Approved by: so (bz,simon)
Extend the character set accepted by freebsd-update(8) in file2012-01-04T23:47:20ZColin Percivalcperciva@FreeBSD.org2012-01-04T23:47:20Zurn:sha1:671424eaab66629b985ba9ff4cc944464ca54838
names in order to allow upgrades to FreeBSD 9.0-RELEASE.
Approved by: so (cperciva)
Errata Notice: FreeBSD-EN-12:01.freebsd-update
Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]2011-12-23T15:00:37ZColin Percivalcperciva@FreeBSD.org2011-12-23T15:00:37Zurn:sha1:e53602e33589384582bfbfc0927a1b9a53dbe5c0
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
Fix a bug in UNIX socket handling in the linux emulator which was2011-10-04T19:07:38ZColin Percivalcperciva@FreeBSD.org2011-10-04T19:07:38Zurn:sha1:a98f18d120c273be346e41988d92ccb4f5a66385
exposed by the security fix in FreeBSD-SA-11:05.unix.
Approved by: so (cperciva)
Approved by: re (kib)
Security: Related to FreeBSD-SA-11:05.unix, but not actually
a security fix.
Fix handling of corrupt compress(1)ed data. [11:04]2011-09-28T08:47:17ZBjoern A. Zeebbz@FreeBSD.org2011-09-28T08:47:17Zurn:sha1:56aec6fd6a67f3771832e5be24f6ef601904a65d
Add missing length checks on unix socket addresses. [11:05]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-11:04.compress
Security: CVE-2011-2895 [11:04]
Security: FreeBSD-SA-11:05.unix
Fix an off by one which can result in a assertion failure in BIND2011-05-28T08:44:39ZSimon L. B. Nielsensimon@FreeBSD.org2011-05-28T08:44:39Zurn:sha1:3f8abb952417c288f56b40f28cb17d704e083b0b
related to large RRSIG RRsets and Negative Caching. This can cause
named to crash.
Security: FreeBSD-SA-11:02.bind
Security: CVE-2011-1910
Security: https://www.isc.org/software/bind/advisories/cve-2011-1910
Obtained from: ISC
Approved by: so (simon)
Fix CIDR parsing bug in mountd ACLs.2011-04-20T21:00:24ZColin Percivalcperciva@FreeBSD.org2011-04-20T21:00:24Zurn:sha1:c495e8ff6bde8e4a50623943857fe83047ffb9ab
Approved by: so (cperciva)
Security: FreeBSD-SA-11:01.mountd