[Midnightbsd-users] MidnightBSD 0.5.9-RELEASE
Lucas Holt
luke at foolishgames.com
Wed Feb 25 09:46:13 EST 2015
0.5.9 RELEASE
Fix two security vulnerabilities.
1. BIND servers which are configured to perform DNSSEC validation and which
are using managed keys (which occurs implicitly when using
"dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit
unpredictable behavior due to the use of an improperly initialized
variable.
CVE-2015-1349
2. An integer overflow in computing the size of IGMPv3 data buffer can result
in a buffer which is too small for the requested operation.
This can result in a DOS attack.
Lucas Holt
Luke at FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
More information about the Midnightbsd-users
mailing list