| 3 |
|
Items affecting the mports and packages system can be found in |
| 4 |
|
/usr/mports/UPDATING. |
| 5 |
|
|
| 6 |
+ |
20090610: |
| 7 |
+ |
MidnightBSD 0.2.1-RELEASE-p10 |
| 8 |
+ |
|
| 9 |
+ |
This should be applied to all systems running 0.2.1. Users on |
| 10 |
+ |
p9 simply should update their kernels. No world update is required. |
| 11 |
+ |
|
| 12 |
+ |
ipv6: |
| 13 |
+ |
The SIOCSIFINFO_IN6 ioctl is missing a necessary permissions check. |
| 14 |
+ |
Don't let everyone on the planet (with local access) change the |
| 15 |
+ |
properties on the ipv6 interfaces. |
| 16 |
+ |
|
| 17 |
+ |
anonymous pipes: |
| 18 |
+ |
Stop unprivileged processes from reading pages of memory belonging |
| 19 |
+ |
to other processes with anonymous pipes. |
| 20 |
+ |
|
| 21 |
+ |
20090521: |
| 22 |
+ |
MidnightBSD 0.2.1-RELEASE-p9 |
| 23 |
+ |
|
| 24 |
+ |
This fix is only in configuration files for ssh and sshd. Users on |
| 25 |
+ |
p8 should simply add |
| 26 |
+ |
|
| 27 |
+ |
Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc |
| 28 |
+ |
|
| 29 |
+ |
to their configuration files for sshd_config and ssh_config in etc/ssh |
| 30 |
+ |
|
| 31 |
+ |
20090422: |
| 32 |
+ |
MindightBSD 0.2.1-RELEASE-p8 |
| 33 |
+ |
|
| 34 |
+ |
The function ASN1_STRING_print_ex does not properly validate the lengths |
| 35 |
+ |
of BMPString or UniversalString objects before attempting to print them. |
| 36 |
+ |
|
| 37 |
+ |
20090326: |
| 38 |
+ |
MidnightBSD 0.2.1-RELEASE-p7 |
| 39 |
+ |
|
| 40 |
+ |
Fix several security problems with sudo. It is now 1.6.9-p20 |
| 41 |
+ |
|
| 42 |
+ |
20090115: |
| 43 |
+ |
MidnightBSD 0.2.1-RELEASE-p6 |
| 44 |
+ |
|
| 45 |
+ |
Correct an issue with BIND that allows for DNSSEC spoofing |
| 46 |
+ |
attacks. |
| 47 |
+ |
|
| 48 |
+ |
20090110: |
| 49 |
+ |
MidnightBSD 0.2.1-RELEASE-p5 |
| 50 |
+ |
|
| 51 |
+ |
For applications using OpenSSL for SSL connections, an invalid SSL |
| 52 |
+ |
certificate may be interpreted as valid. This could for example be |
| 53 |
+ |
used by an attacker to perform a man-in-the-middle attack. |
| 54 |
+ |
|
| 55 |
+ |
Other applications which use the OpenSSL EVP API may similarly be |
| 56 |
+ |
affected. |
| 57 |
+ |
|
| 58 |
+ |
Stop cross site request forgery attacks in lukemftpd |
| 59 |
+ |
|
| 60 |
+ |
20081231: |
| 61 |
+ |
MidnightBSD 0.2.1-RELEASE-p4 |
| 62 |
+ |
|
| 63 |
+ |
Correct a problem where function pointers for netgraph |
| 64 |
+ |
and bluetooth sockets are not initialized properly. |
| 65 |
+ |
|
| 66 |
|
20081124: |
| 67 |
|
MidnightBSD 0.2.1-RELEASE-p3 |
| 68 |
|
|
| 693 |
|
this document. |
| 694 |
|
|
| 695 |
|
$FreeBSD: src/UPDATING,v 1.416.2.18 2006/02/22 11:51:57 yar Exp $ |
| 696 |
< |
$MidnightBSD: src/UPDATING,v 1.38.2.10 2008/10/02 22:31:37 laffer1 Exp $ |
| 696 |
> |
$MidnightBSD: src/UPDATING,v 1.38.2.18 2009/05/21 23:11:43 laffer1 Exp $ |
