ViewVC Help
View Directory | Revision Log | View Changeset | Root Listing
root/src
r6886
File Last Change
branches/ 6420 (10 years ago) by laffer1: branch moved
release/ 6855 (9 years ago) by laffer1: MidnightBSD 0.5.2-RELEASE
stable/ 6881 (9 years ago) by laffer1: 0.5.3 RELEASE Fix several security vulnerabilities in OpenSSL, routed, rtsold, and namei with respect to Capsicum sandboxes looking up nonexistent path names and leaking memory. OpenSSL update adds some workarounds for the recent poodle vulnerability reported by Google. The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network. Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold(8).
svnadmin/ 6424 (10 years ago) by laffer1: set props
trunk/ 6886 (9 years ago) by laffer1: Mention security patches. Note this list is not the same as 0.5 because of the different OpenSSL version in progress.
vendor/ 6860 (9 years ago) by laffer1: xz 5.0.7 (trimmed)
vendor-crypto/ 6869 (9 years ago) by laffer1: tag OpenSSL 0.9.8zb
7 directories and 0 files shown