| 1 |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" |
| 2 |
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> |
| 3 |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> |
| 4 |
<head> |
| 5 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
| 6 |
<title>MidnightBSD Security Updates</title> |
| 7 |
<link rel="shortcut icon" href="/favicon.ico" /> |
| 8 |
<!--[if IE 5]><link rel="stylesheet" type="text/css" href="../css/ihateie5.css" /><![endif]--> |
| 9 |
<!--[if IE 6]><link rel="stylesheet" type="text/css" href="../css/ihateie6.css" /><![endif]--> |
| 10 |
<style type="text/css" media="all"> |
| 11 |
@import url("../css/essence.css"); |
| 12 |
</style> |
| 13 |
</head> |
| 14 |
|
| 15 |
<body> |
| 16 |
<div id="globe"> |
| 17 |
<div id="header"><h1 title="MidnightBSD Home"><a href="../" title="MidnightBSD Home">MidnightBSD: The BSD For Everyone</a></h1></div> |
| 18 |
<!--#include virtual="/menu.html"--> |
| 19 |
<div class="clear"></div> |
| 20 |
<div id="text"> |
| 21 |
<h2><img src="../images/oxygen/security32.png" alt="" /> Security Updates</h2> |
| 22 |
<blockquote class="bluebox" id="a20090610"> |
| 23 |
<h3>June 10, 2009</h3> |
| 24 |
<p>This should be applied to all systems running 0.2.1. Users on p9 simply should update their kernels. No world update is required.</p> |
| 25 |
<p>ipv6:<br /> |
| 26 |
The SIOCSIFINFO_IN6 ioctl is missing a necessary permissions check. |
| 27 |
Don't let everyone on the planet (with local access) change the |
| 28 |
properties on the ipv6 interfaces.</p> |
| 29 |
|
| 30 |
<p>anonymous pipes:<br /> |
| 31 |
Stop unprivileged processes from reading pages of memory belonging |
| 32 |
to other processes with anonymous pipes.</p> |
| 33 |
<p>0.3-Current users can verify they have the patch by checking sysctl kern.osreldate. If the value is 3005 or better, you have the patch.</p> |
| 34 |
</blockquote> |
| 35 |
<blockquote class="bluebox" id="a20090521"> |
| 36 |
<h3>May 21, 2009</h3> |
| 37 |
<p>This fix is only in configuration files for ssh and sshd. Users on p8 should simply add |
| 38 |
<pre>Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc</pre> |
| 39 |
to their configuration files for sshd_config and ssh_config in etc/ssh</p> |
| 40 |
</blockquote> |
| 41 |
<blockquote class="bluebox" id="a20090422"> |
| 42 |
<h3>April 22, 2009</h3> |
| 43 |
<p> The function ASN1_STRING_print_ex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. |
| 44 |
MidnightBSD 0.2.1-RELEASE-p8 and 0.3-CURRENT include this fix.</p> |
| 45 |
</blockquote> |
| 46 |
<blockquote class="bluebox" id="a20090326"> |
| 47 |
<h3>March 26, 2009</h3> |
| 48 |
<p>Update for sudo that corrects several outstanding security advisories. This was corrected in 0.2.1-RELEASE-p7 and 0.3-CURRENT. |
| 49 |
0.1.x is no longer receiving security patches. It is recommended that you upgrade to 0.2.1-RELEASE-p7 when possible.</p> |
| 50 |
</blockquote> |
| 51 |
<blockquote class="bluebox" id="a20090115"> |
| 52 |
<h3>January 15, 2009</h3> |
| 53 |
<p>Prevent a DNSSEC attack with BIND. This was corrected in 0.2.1 and 0.3-CURRENT. 0.1.x is no longer receiving security patches. It |
| 54 |
is recommended that you upgrade to 0.2.1-RELEASE when possible.</p> |
| 55 |
</blockquote> |
| 56 |
<blockquote class="bluebox" id="a20090110"> |
| 57 |
<h3>January 10, 2009</h3> |
| 58 |
<p>Fix two issues with MidnightBSD 0.2.1 and 0.3-CURRENT. The first is in OpenSSL and would allow applications that use OpenSSL to interpret an |
| 59 |
invalid certificate as valid. The second is in lukemftpd(8) |
| 60 |
that could allow long commands to be split into multiple commands.</p> |
| 61 |
</blockquote> |
| 62 |
<blockquote class="bluebox" id="a20081231"> |
| 63 |
<h3>December 31, 2008</h3> |
| 64 |
<p>Correct a problem where bluetooth and netgraph sockets were not initialized properly. This is available in RELENG_0_2, RELENG_0_1, and current.</p> |
| 65 |
</blockquote> |
| 66 |
<blockquote class="bluebox" id="a20081124"> |
| 67 |
<h3>November 24, 2008</h3> |
| 68 |
<p>Correct a problem in arc4random which causes the device not to get enough entropy for system services. Geom classes initialized at startup will still |
| 69 |
have problems. Update your system to RELENG_0_2 (MidnightBSD 0.2.1-p3)</p> |
| 70 |
</blockquote> |
| 71 |
<blockquote class="bluebox" id="a20080929"> |
| 72 |
<h3>September 29, 2008</h3> |
| 73 |
<p>A vulnerability in ftpd could allow unauthorized access. This is network exploitable and affects all versions of MidnightBSD. |
| 74 |
<br />CVE-2008-4247<br /> |
| 75 |
Update your system using cvs to RELENG_0_2 or apply the patch on the ftp server in pub/MidnightBSD/patches/0.2.1/patch-ftpd and |
| 76 |
rebuild ftpd. |
| 77 |
</p> |
| 78 |
</blockquote> |
| 79 |
<blockquote class="bluebox" id="a20080904a"> |
| 80 |
<h3>Septmeber 4, 2008</h3> |
| 81 |
<p>ICMPv6 code does not properly check the proposed MTU in the case of a "Packet Too Big Message" |
| 82 |
Systems without IPV6 support are safe. You may update your systems or block the ICMP traffic from a firewall or |
| 83 |
router. (CURRENT/RELENG_0_2) |
| 84 |
</p> |
| 85 |
</blockquote> |
| 86 |
<blockquote class="bluebox" id="a20080904"> |
| 87 |
<h3>Septmeber 4, 2008</h3> |
| 88 |
<p>An issue has been reported on systems running MidnightBSD for amd64/emt64 processors. (in 64bit os) This patch was released AFTER |
| 89 |
0.2.1-RELEASE. Update systems to RELENG_0_2 or CURRENT to get the fix. |
| 90 |
From the FreeBSD advisory on the same issue: If a General Protection Fault happens on a FreeBSD/amd64 system while |
| 91 |
it is returning from an interrupt, trap or system call, the swapgs CPU |
| 92 |
instruction may be called one extra time when it should not resulting |
| 93 |
in userland and kernel state being mixed. |
| 94 |
</p> |
| 95 |
</blockquote> |
| 96 |
<blockquote class="bluebox" id="a20080610"> |
| 97 |
<h3>July 11, 2008</h3> |
| 98 |
<p>Update to bind 9.4.1 p1 to fix the recently reported vulnerability in most dns software. Users |
| 99 |
of BIND are recommended to update to the latest version in src on RELENG_0_2 or CURRENT, or |
| 100 |
to obtain a newer version from mports.</p> |
| 101 |
</blockquote> |
| 102 |
<blockquote class="bluebox" id="a20080516"> |
| 103 |
<h3>May 16, 2008</h3> |
| 104 |
<p>The Debian project made a patch to openssl causing a defect in the generation of ssh keys. A new |
| 105 |
utility was added to midnightbsd to detect these keys and deny them. This was applied to RELENG_0_2 and |
| 106 |
CURRENT. The utility was obtained from Ubuntu.</p> |
| 107 |
</blockquote> |
| 108 |
<blockquote class="bluebox" id="a20080417a"> |
| 109 |
<h3>April 17, 2008</h3> |
| 110 |
<p> |
| 111 |
OpenSSH was updated to 5.0p1 in CURRENT to correct an issue with X11 forwarding. A patch for |
| 112 |
this issue was committed to RELENG_0_1 as well as a fix for a config file issue. |
| 113 |
</p> |
| 114 |
</blockquote> |
| 115 |
<blockquote class="bluebox" id="a20080417"> |
| 116 |
<h3>April 17, 2008</h3> |
| 117 |
<p> |
| 118 |
A <a href="http://secunia.com/advisories/29803/">security issue</a> was found in mksh. This |
| 119 |
only affected CURRENT users. The software was updated to r33d</p> |
| 120 |
</blockquote> |
| 121 |
<blockquote class="bluebox" id="a20080406"> |
| 122 |
<h3>April 6, 2008</h3> |
| 123 |
<p> |
| 124 |
bzip2 was updated to 1.05 in CURRENT to correct a security issue. |
| 125 |
</p> |
| 126 |
</blockquote> |
| 127 |
<blockquote class="bluebox" id="a20080403"> |
| 128 |
<h3>April 3, 2008</h3> |
| 129 |
<p>A security issue was found with strfmon in libc. |
| 130 |
<a href="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1391">CVE-2008-1391</a> Integer Overflow. |
| 131 |
This was fixed in CURRENT.</p> |
| 132 |
</blockquote> |
| 133 |
<blockquote class="bluebox" id="a20080215"> |
| 134 |
<h3>February 15, 2008</h3> |
| 135 |
<p> |
| 136 |
CURRENT now has a patch to correct a potential security issue with sendfile. Files were not checked prior to serving which would allow a file that was write only to be served. While this scenario is rare, we decided to fix it anyway. |
| 137 |
<br /> |
| 138 |
sendfile is used by many daemons including Apache httpd. |
| 139 |
</p> |
| 140 |
</blockquote> |
| 141 |
<blockquote class="bluebox" id="a20070801"> |
| 142 |
<h3>August 1, 2007</h3> |
| 143 |
<p>BIND and Tcpdump were patched in 0.2 and 0.1 for recent security issues. BIND is now equivalent to 9.3.4p1.</p> |
| 144 |
</blockquote> |
| 145 |
<blockquote class="bluebox" id="a20070502"> |
| 146 |
<h3>May 2, 2007</h3> |
| 147 |
<p>CURRENT and STABLE both have the patch for ipv6 type 0 routing headers. The problem is that ipv6 routing headers could be run over the same link multiple times.</p> |
| 148 |
</blockquote> |
| 149 |
<blockquote class="bluebox" id="a20070310"> |
| 150 |
<h3>March 10, 2007</h3> |
| 151 |
<p>While many of the DST changes were imported last year, we decided to cover all cases and import the latest tzdata2007c. Users concerned about DST changes should update their sources and rebuild. The java ports may not have DST changes in place. We will review that issue.</p> |
| 152 |
</blockquote> |
| 153 |
<blockquote class="bluebox" id="a20070132"> |
| 154 |
<h3>January 23, 2007</h3> |
| 155 |
<p>A "symlink" exploit was found in the MidnightBSD jail system. A fix was made available. Please update your /etc/rc.d/jail file from cvs. Patches will not be created until our first release.</p> |
| 156 |
</blockquote> |
| 157 |
</div> |
| 158 |
<!--#include virtual="/footer.html"--> |
| 159 |
</body> |
| 160 |
</html> |
