 ../
|
usr.sbin/
|
6878
(9 years ago)
by laffer1:
Due to a missing length check in the code that handles DNS parameters,
a malformed router advertisement message can result in a stack buffer
overflow in rtsold(8).
Obtained from: FreeBSD
|
|
usr.bin/
|
6939
(9 years ago)
by laffer1:
fix symlink on amd64
|
|
tools/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
sys/
|
6961
(9 years ago)
by laffer1:
0.5.8 RELEASE
Fix several security issues with OpenSSL.
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL
due to a NULL pointer dereference. [CVE-2014-3571]
A memory leak can occur in the dtls1_buffer_record function under certain
conditions. [CVE-2015-0206]
When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is
received the ssl method would be set to NULL which could later result in
a NULL pointer dereference. [CVE-2014-3569]
An OpenSSL client will accept a handshake using an ephemeral ECDH
ciphersuite using an ECDSA certificate if the server key exchange message
is omitted. [CVE-2014-3572]
An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. [CVE-2015-0204]
An OpenSSL server will accept a DH certificate for client authentication
without the certificate verify message. [CVE-2015-0205]
OpenSSL accepts several non-DER-variations of certificate signature
algorithm and signature encodings. OpenSSL also does not enforce a
match between the signature algorithm between the signed and unsigned
portions of the certificate. [CVE-2014-8275]
Bignum squaring (BN_sqr) may produce incorrect results on some
platforms, including x86_64. [CVE-2014-3570]
|
|
share/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
secure/
|
6927
(9 years ago)
by laffer1:
Fix two security issues:
1. sshd may link libpthread in the wrong order, shadowing libc functions and causing a possible DOS attack for connecting clients.
2. getlogin may leak kernel memory via a buffer that is copied without clearing.
|
|
sbin/
|
6879
(9 years ago)
by laffer1:
The input path in routed(8) will accept queries from any source and
attempt to answer them. However, the output path assumes that the
destination address for the response is on a directly connected
network.
Obtained from: FreeBSD
|
|
rescue/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
release/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
nrelease/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
libexec/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
lib/
|
6889
(9 years ago)
by laffer1:
only do major version for mport tool
|
|
kerberos5/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
include/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
gnu/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
games/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
etc/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
crypto/
|
6961
(9 years ago)
by laffer1:
0.5.8 RELEASE
Fix several security issues with OpenSSL.
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL
due to a NULL pointer dereference. [CVE-2014-3571]
A memory leak can occur in the dtls1_buffer_record function under certain
conditions. [CVE-2015-0206]
When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is
received the ssl method would be set to NULL which could later result in
a NULL pointer dereference. [CVE-2014-3569]
An OpenSSL client will accept a handshake using an ephemeral ECDH
ciphersuite using an ECDSA certificate if the server key exchange message
is omitted. [CVE-2014-3572]
An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. [CVE-2015-0204]
An OpenSSL server will accept a DH certificate for client authentication
without the certificate verify message. [CVE-2015-0205]
OpenSSL accepts several non-DER-variations of certificate signature
algorithm and signature encodings. OpenSSL also does not enforce a
match between the signature algorithm between the signed and unsigned
portions of the certificate. [CVE-2014-8275]
Bignum squaring (BN_sqr) may produce incorrect results on some
platforms, including x86_64. [CVE-2014-3570]
|
|
contrib/
|
6956
(9 years ago)
by laffer1:
0.5.7 RELEASE
Fix a security issue with file and libmagic that can allow
an attacker to create a denial of service attack on any
program that uses libmagic.
|
|
cddl/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
bin/
|
6852
(9 years ago)
by laffer1:
0.5.2 - fix a regression with the mksh hotfix
|
|
apache/
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
UPDATING
|
6961
(9 years ago)
by laffer1:
0.5.8 RELEASE
Fix several security issues with OpenSSL.
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL
due to a NULL pointer dereference. [CVE-2014-3571]
A memory leak can occur in the dtls1_buffer_record function under certain
conditions. [CVE-2015-0206]
When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is
received the ssl method would be set to NULL which could later result in
a NULL pointer dereference. [CVE-2014-3569]
An OpenSSL client will accept a handshake using an ephemeral ECDH
ciphersuite using an ECDSA certificate if the server key exchange message
is omitted. [CVE-2014-3572]
An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. [CVE-2015-0204]
An OpenSSL server will accept a DH certificate for client authentication
without the certificate verify message. [CVE-2015-0205]
OpenSSL accepts several non-DER-variations of certificate signature
algorithm and signature encodings. OpenSSL also does not enforce a
match between the signature algorithm between the signed and unsigned
portions of the certificate. [CVE-2014-8275]
Bignum squaring (BN_sqr) may produce incorrect results on some
platforms, including x86_64. [CVE-2014-3570]
|
|
README
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
ObsoleteFiles.inc
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
Makefile.inc1
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
Makefile
|
6736
(9 years ago)
by laffer1:
Create 0.5 stable branch for upcoming 0.5-RELEASE
|
|
COPYRIGHT
|
6961
(9 years ago)
by laffer1:
0.5.8 RELEASE
Fix several security issues with OpenSSL.
A carefully crafted DTLS message can cause a segmentation fault in OpenSSL
due to a NULL pointer dereference. [CVE-2014-3571]
A memory leak can occur in the dtls1_buffer_record function under certain
conditions. [CVE-2015-0206]
When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is
received the ssl method would be set to NULL which could later result in
a NULL pointer dereference. [CVE-2014-3569]
An OpenSSL client will accept a handshake using an ephemeral ECDH
ciphersuite using an ECDSA certificate if the server key exchange message
is omitted. [CVE-2014-3572]
An OpenSSL client will accept the use of an RSA temporary key in a non-export
RSA key exchange ciphersuite. [CVE-2015-0204]
An OpenSSL server will accept a DH certificate for client authentication
without the certificate verify message. [CVE-2015-0205]
OpenSSL accepts several non-DER-variations of certificate signature
algorithm and signature encodings. OpenSSL also does not enforce a
match between the signature algorithm between the signed and unsigned
portions of the certificate. [CVE-2014-8275]
Bignum squaring (BN_sqr) may produce incorrect results on some
platforms, including x86_64. [CVE-2014-3570]
|
