 ../
|
apache/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
bin/
|
6852
(9 years ago)
by laffer1:
0.5.2 - fix a regression with the mksh hotfix
|
|
cddl/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
contrib/
|
6909
(9 years ago)
by laffer1:
0.5.5 RELEASE fixes an issue with tnftp by updating to the latest release 20141031. See CVE-2014-8517 for details
|
|
crypto/
|
6877
(9 years ago)
by laffer1:
A flaw in the DTLS SRTP extension parsing code allows an attacker, who
sends a carefully crafted handshake message, to cause OpenSSL to fail
to free up to 64k of memory causing a memory leak. [CVE-2014-3513].
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
integrity of that ticket is first verified. In the event of a session
ticket integrity check failing, OpenSSL will fail to free memory
causing a memory leak. [CVE-2014-3567].
The SSL protocol 3.0, as supported in OpenSSL and other products, supports
CBC mode encryption where it could not adequately check the integrity of
padding, because of the use of non-deterministic CBC padding. This
protocol weakness makes it possible for an attacker to obtain clear text
data through a padding-oracle attack.
Some client applications (such as browsers) will reconnect using a
downgraded protocol to work around interoperability bugs in older
servers. This could be exploited by an active man-in-the-middle to
downgrade connections to SSL 3.0 even if both sides of the connection
support higher protocols. SSL 3.0 contains a number of weaknesses
including POODLE [CVE-2014-3566].
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol downgrade.
When OpenSSL is configured with "no-ssl3" as a build option, servers
could accept and complete a SSL 3.0 handshake, and clients could be
configured to send them. [CVE-2014-3568].
Obtained from: OpenSSL, FreeBSD
|
|
etc/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
games/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
gnu/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
include/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
kerberos5/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
lib/
|
6889
(9 years ago)
by laffer1:
only do major version for mport tool
|
|
libexec/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
nrelease/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
release/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
rescue/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
sbin/
|
6879
(9 years ago)
by laffer1:
The input path in routed(8) will accept queries from any source and
attempt to answer them. However, the output path assumes that the
destination address for the response is on a directly connected
network.
Obtained from: FreeBSD
|
|
secure/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
share/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
sys/
|
6909
(9 years ago)
by laffer1:
0.5.5 RELEASE fixes an issue with tnftp by updating to the latest release 20141031. See CVE-2014-8517 for details
|
|
tools/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
usr.bin/
|
6914
(9 years ago)
by laffer1:
false
|
|
usr.sbin/
|
6878
(9 years ago)
by laffer1:
Due to a missing length check in the code that handles DNS parameters,
a malformed router advertisement message can result in a stack buffer
overflow in rtsold(8).
Obtained from: FreeBSD
|
COPYRIGHT
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
Makefile
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
Makefile.inc1
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
ObsoleteFiles.inc
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
README
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
UPDATING
|
6909
(9 years ago)
by laffer1:
0.5.5 RELEASE fixes an issue with tnftp by updating to the latest release 20141031. See CVE-2014-8517 for details
|
