src-test2, branch releng/5.3

src-test2, branch releng/5.3 FreeBSD source tree https://cgit-dev.freebsd.org/src-test2/atom?h=releng%2F5.3 2006-09-30T19:58:07Z Correct multiple vulnerabilities in OpenSSH. 2006-09-30T19:58:07Z Simon L. B. Nielsen simon@FreeBSD.org 2006-09-30T19:58:07Z urn:sha1:8723db212b448269de3734dd4055242155f0129b Security: FreeBSD-SA-06:22.openssh Approved by: so (simon) Correct problem in the 2006-09-28 patch concerning the handling of 2006-09-29T13:46:41Z Colin Percival cperciva@FreeBSD.org 2006-09-29T13:46:41Z urn:sha1:eae9de64eb36b90772270b9c05d68d06bdb2efbe excessively large DH moduli. Reported by: Steve Kiernan (Juniper SIRT) Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Correct multiple vulnerabilities in crypto(3). 2006-09-28T13:06:23Z Colin Percival cperciva@FreeBSD.org 2006-09-28T13:06:23Z urn:sha1:3ad23639492e3bd95d01e73c18a63a6b49153d08 Limit the size of public keys used in order to protect applications from a denial of service via insane key sizes. Security: FreeBSD-SA-06:23.openssl Approved by: so (cperciva) Correct multiple vulnerabilities in gzip(1). 2006-09-19T14:13:53Z Simon L. B. Nielsen simon@FreeBSD.org 2006-09-19T14:13:53Z urn:sha1:5bd46f35d7ddbb1d4e1482796a18bd80452ec62f Security: FreeBSD-SA-06:21.gzip Approved by: so (simon) Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). [1] 2006-09-06T21:23:16Z Simon L. B. Nielsen simon@FreeBSD.org 2006-09-06T21:23:16Z urn:sha1:518f8407ec5b300f1aa94ba045e454fb614bcf6f Correct multiple denial-of-service vulnerabilities in BIND related to SIG Query Processing and Excessive Recursive Queries. [2] Security: FreeBSD-SA-06:19.openssl [1] Security: FreeBSD-SA-06:20.bind [2] Approved by: so (simon) Correct buffer overflow in the handling of LCP options in ppp(4) 2006-08-23T22:06:40Z Colin Percival cperciva@FreeBSD.org 2006-08-23T22:06:40Z urn:sha1:86fcd2acb8b81dcfce7e0876c0c7e603e1e50886 Security: FreeBSD-SA-06:18.ppp Approved by: so (cperciva) Correct a bug in the handling of multipart messages by sendmail(8) 2006-06-14T16:01:20Z Colin Percival cperciva@FreeBSD.org 2006-06-14T16:01:20Z urn:sha1:6c2f24c880a628276b5956bb4d118e98799c4904 which can allow a malformed message to crash a sendmail queue processing process. Security: FreeBSD-SA-06:17.sendmail Approved by: so (cperciva) Enable inadvertantly disabled "securenet" access controls in ypserv. [1] 2006-05-31T22:33:41Z Colin Percival cperciva@FreeBSD.org 2006-05-31T22:33:41Z urn:sha1:9d247711afb50b05397ca68531d19248b446ba46 Correct a bug in the handling of backslash characters in smbfs which can allow an attacker to escape from a chroot(2). [2] Approved by: so (cperciva) Security: FreeBSD-SA-06:15.ypserv [1] Security: FreeBSD-SA-06:16.smbfs [2] MFC: Correct a local information leakage bug affecting AMD FPUs. 2006-04-19T07:03:14Z Colin Percival cperciva@FreeBSD.org 2006-04-19T07:03:14Z urn:sha1:69e48a4731721e86c9bbd2cef46d484ebe906c30 Security: FreeBSD-SA-06:14.fpu Approved by: so (cperciva) Add missing code needed for the detection of IPSec packet replays. [1] 2006-03-22T16:03:25Z Colin Percival cperciva@FreeBSD.org 2006-03-22T16:03:25Z urn:sha1:2c82120cef588b7d97bb551b50df5d287aad93e9 Correctly identify the user running opiepasswd(1) when the login name differs from the account name. [2] Modify timeout handling logic in sendmail(8) to correct a reported signal handling race condition. [3] Approved by: so (cperciva) Security: FreeBSD-SA-06:11.ipsec [1] Security: FreeBSD-SA-06:12.opie [2] Security: FreeBSD-SA-06:13.sendmail [3]