[Midnightbsd-cvs] www [551] trunk/security/index.html: update some security issues

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Tue Sep 16 20:01:27 EDT 2014 

Revision: 551
          http://svnweb.midnightbsd.org/www/?rev=551
Author:   laffer1
Date:     2014-09-16 20:01:26 -0400 (Tue, 16 Sep 2014)
Log Message:
-----------
update some security issues

Modified Paths:
--------------
    trunk/security/index.html

Modified: trunk/security/index.html
===================================================================
--- trunk/security/index.html	2014-06-15 16:32:16 UTC (rev 550)
+++ trunk/security/index.html	2014-09-17 00:01:26 UTC (rev 551)
@@ -16,6 +16,48 @@
 			<div class="clear"></div>
 			<div id="text">
 				<h2><img src="../images/oxygen/security32.png" alt="" /> Security Updates</h2>
+
+				<blockquote class="bluebox" id="a20140430">
+					<h3>April 30, 2014</h3>
+					<p>0.4-RELEASE-p10</p>
+					<p>Fix a TCP reassembly bug that could result in a DOS attack
+				        of the system. It may be possible to obtain portions
+				        of kernel memory as well.</p>
+				</blockquote>	
+
+				<blockquote class="bluebox" id="a20140409">
+					<h3>April 9, 2014</h3>
+
+					<p>0.4-RELEASE-p9</p>
+					<p>Fix an issue allowing an attacker to deadlock the NFS Server from a trusted client.</p>
+					<p>0.4-RELEASE-p8</p>
+					<p>Fix a security issue in OpenSSL [CVE-2014-0076]</p>
+				</blockquote>	
+
+				<blockquote class="bluebox" id="a20140201">
+					<h3>February 1, 2014</h3>
+					<p>0.4-RELEASE-p7</p>
+					<p>Fix a minor annoyance with the default dot.profile and ssh-agent</p>
+				</blockquote>
+
+				<blockquote class="bluebox" id="a20140114">
+					<h3>January 14, 2014</h3>
+					<p>0.4-RELEASE-p6</p>
+					<p>Fix two security vulnerabilities.
+				        bsnmpd contains a stack overflow when sent certain queries.
+     					bind 9.8 when using NSEC3-signed zones zones, will crash with special
+        				crafted packets.		</p>
+				</blockquote>
+
+				<blockquote class="bluebox" id="a20131129">
+					<h3>November 29, 2013</h3>
+
+					<p>MidnightBSD 0.4-RELEASE-p5</p>
+
+					<p>libc's iconv support includes an optimization that is imcompatible with
+				        gettext's msgfmt command. By turning off this optimization, we
+				        gain compatiblity with several GNU packages.</p>
+				</blockquote>			
 				
 				<blockquote class="bluebox" id="a20130910">
 					<h3>September 10, 2013</h3>

More information about the Midnightbsd-cvs mailing list