FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F7.4 2013-02-19T13:27:20Z 2013-02-19T13:27:20Z Bjoern A. Zeeb bz@FreeBSD.org 2013-02-19T13:27:20Z urn:sha1:1c7fe7463d0204f08806b9da6d5d50fb7f75c5ad Fix Denial of Service vulnerability in libc's glob(3) functionality. [13:02] Security: CVE-2012-5688 Security: FreeBSD-SA-13:01.bind Security: CVE-2010-2632 Security: FreeBSD-SA-13:02.libc Approved by: so (simon, bz) 2012-11-22T22:52:15Z Simon L. B. Nielsen simon@FreeBSD.org 2012-11-22T22:52:15Z urn:sha1:97a8436b12801792594457d69cbb5a6e131755d9 Fix insufficient message length validation for EAP-TLS messages. Fix Linux compatibility layer input validation error. Security: FreeBSD-SA-12:06.bind Security: FreeBSD-SA-12:07.hostapd Security: FreeBSD-SA-12:08.linux Security: CVE-2012-4244, CVE-2012-5166, CVE-2012-4445, CVE-2012-4576 Approved by: re Approved by: security-officer 2012-08-06T21:33:11Z Simon L. B. Nielsen simon@FreeBSD.org 2012-08-06T21:33:11Z urn:sha1:12a852643998f690b2610d9e0c78d562a1f0a5b8 Security: FreeBSD-SA-12:05.bind Security: CVE-2012-3817 Obtained from: ISC Approved by: so (simon) 2012-06-12T12:10:10Z Bjoern A. Zeeb bz@FreeBSD.org 2012-06-12T12:10:10Z urn:sha1:91843b976ed9c9cea085e348edfb4c94d842f45e [12:03] Correct a privilege escalation when returning from kernel if running FreeBSD/amd64 on non-AMD processors. [12:04] Fix reference count errors in IPv6 code. [EN-12:02] Security: CVE-2012-1667 Security: FreeBSD-SA-12:03.bind Security: CVE-2012-0217 Security: FreeBSD-SA-12:04.sysret Security: FreeBSD-EN-12:02.ipv6refcount Approved by: so (simon, bz) 2012-05-30T12:01:28Z Bjoern A. Zeeb bz@FreeBSD.org 2012-05-30T12:01:28Z urn:sha1:84504887fad2b1edb392c2ff2dcaa5bd23ab20ea Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon) 2012-05-03T15:25:11Z Bjoern A. Zeeb bz@FreeBSD.org 2012-05-03T15:25:11Z urn:sha1:8b21581b6026fab3c4dc9312e0788064f9fb510c Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109 Security: CVE-2012-0884, CVE-2012-2110 Security: FreeBSD-SA-12:01.openssl Approved by: so (bz,simon) 2012-01-04T23:47:20Z Colin Percival cperciva@FreeBSD.org 2012-01-04T23:47:20Z urn:sha1:a1e8e5c787547fcce016300478b009c4502dd602 names in order to allow upgrades to FreeBSD 9.0-RELEASE. Approved by: so (cperciva) Errata Notice: FreeBSD-EN-12:01.freebsd-update 2011-12-23T15:00:37Z Colin Percival cperciva@FreeBSD.org 2011-12-23T15:00:37Z urn:sha1:60183881171350323c0540e0a78442f67fbb8797 Add an API for alerting internal libc routines to the presence of "unsafe" paths post-chroot, and use it in ftpd. [11:07] Fix a buffer overflow in telnetd. [11:08] Make pam_ssh ignore unpassphrased keys unless the "nullok" option is specified. [11:09] Add sanity checking of service names in pam_start. [11:10] Approved by: so (cperciva) Approved by: re (bz) Security: FreeBSD-SA-11:06.bind Security: FreeBSD-SA-11:07.chroot Security: FreeBSD-SA-11:08.telnetd Security: FreeBSD-SA-11:09.pam_ssh Security: FreeBSD-SA-11:10.pam 2011-10-04T19:07:38Z Colin Percival cperciva@FreeBSD.org 2011-10-04T19:07:38Z urn:sha1:59e424cac7f8b17e5af21681075344f5cfcdb78a exposed by the security fix in FreeBSD-SA-11:05.unix. Approved by: so (cperciva) Approved by: re (kib) Security: Related to FreeBSD-SA-11:05.unix, but not actually a security fix. 2011-09-28T08:47:17Z Bjoern A. Zeeb bz@FreeBSD.org 2011-09-28T08:47:17Z urn:sha1:261d4022db3351b55685fed4b18a98ed32aa203f Add missing length checks on unix socket addresses. [11:05] Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-11:04.compress Security: CVE-2011-2895 [11:04] Security: FreeBSD-SA-11:05.unix