[Midnightbsd-cvs] src [6928] stable/0.5/UPDATING: Document recent security updates, although they will be rolled up
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Nov 4 22:43:43 EST 2014
Revision: 6928
http://svnweb.midnightbsd.org/src/?rev=6928
Author: laffer1
Date: 2014-11-04 22:43:42 -0500 (Tue, 04 Nov 2014)
Log Message:
-----------
Document recent security updates, although they will be rolled up
Modified Paths:
--------------
stable/0.5/UPDATING
Modified: stable/0.5/UPDATING
===================================================================
--- stable/0.5/UPDATING 2014-11-05 03:42:01 UTC (rev 6927)
+++ stable/0.5/UPDATING 2014-11-05 03:43:42 UTC (rev 6928)
@@ -1,5 +1,13 @@
Updating Information for MidnightBSD users.
+20141104:
+ Fix two security issues:
+
+ 1. sshd may link libpthread in the wrong order, shadowing libc
+ functions and causing a possible DOS attack for connecting clients.
+ 2. getlogin may leak kernel memory via a buffer that is
+ copied without clearing.
+
20141031:
0.5.5 RELEASE
More information about the Midnightbsd-cvs
mailing list