1 |
|
Updating Information for MidnightBSD users. |
2 |
|
|
3 |
+ |
20150225: |
4 |
+ |
Fix two security vulnerabilities. |
5 |
+ |
|
6 |
+ |
1. BIND servers which are configured to perform DNSSEC validation and which |
7 |
+ |
are using managed keys (which occurs implicitly when using |
8 |
+ |
"dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit |
9 |
+ |
unpredictable behavior due to the use of an improperly initialized |
10 |
+ |
variable. |
11 |
+ |
|
12 |
+ |
CVE-2015-1349 |
13 |
+ |
|
14 |
+ |
2. An integer overflow in computing the size of IGMPv3 data buffer can result |
15 |
+ |
in a buffer which is too small for the requested operation. |
16 |
+ |
|
17 |
+ |
This can result in a DOS attack. |
18 |
+ |
|
19 |
|
20141211: |
20 |
|
Fix a security issue with file and libmagic that can allow |
21 |
|
an attacker to create a denial of service attack on any |