Posts in category deadsimple BSD Security Advisories and Announcements
OpenBSD Errata: May 8th, 2018 (libcry...
Errata patches for libcrypto have been released for OpenBSD 6.3.
Incorrect checks in libcrypto can prevent Diffie-Hellman Exchange operations
from working.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata page:
https://www.openbsd.org/errata63.h [...]
OpenBSD Errata: May 8th, 2018 (ipsecl...
Errata patches for IPsec have been released for OpenBSD 6.3 and 6.2.
Incorrect handling of fragmented IPsec packets could result in a system crash.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata [...]
NetBSD Security Advisory 2018-007: Se...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2018-007
=================================
Topic: Several vulnerabilities in IPsec
Version: NetBSD-current: source prior to Tue, May 1st 2018
NetBSD 7.1 - 7.1.2: affected
NetBSD 7.0 - 7.0.2: affected
NetBSD 6.1 - 6.1.5: affected
NetBSD 6.0 - 6.0.6: affect [...]
LibreSSL 2.7.3 Released
We have released LibreSSL 2.7.3, which will be arriving in the LibreSSL
directory of your local OpenBSD mirror soon. This is the first bugfix
release from the 2.7 series, which includes the following changes from 2.7.2:
* Removed incorrect NULL checks in DH_set0_key(). Reported by Ondrej Sury.
* Limited tls_config_clear_keys() to only cle [...]
NetBSD 8.0 Release Candidate 1 availa...
On behalf of the NetBSD project, it is my pleasure to announce the first
release candidate of NetBSD 8.0.
Many changes have been made since 7.0. Here are a few highlights:
- USB stack rework, USB3 support added
- In-kernel audio mixer
- Reproducible builds
- PaX MPROTECT (W^X) memory protection enforced by default on some
architect [...]
OpenBSD Errata: April 21st, 2018 (lib...
Errata patches for libtls have been released for OpenBSD 6.3.
Additional data is inadvertently removed when private keys are cleared from
TLS configuration, which can prevent OCSP from functioning correctly.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on th [...]
OpenBSD Errata: April 21st, 2018 (htt...
Errata patches for httpd have been released for OpenBSD 6.2 and 6.3.
httpd can leak file descriptors when servicing range requests.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https: [...]
OpenBSD Errata: April 21st, 2018 (gif...
Errata patches for the generic tunnel interface driver have been released
for OpenBSD 6.3.
In the gif(4) interface, use the specified protocol for IPv6, plug an mbuf
leak, and avoid a use after free.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata [...]
OpenBSD Errata: April 21st, 2018 (arp...
Errata patches for the kernel\'s Address Resolution Protocol implementation
have been released for OpenBSD 6.3.
ARP replies could be sent on the wrong member of a bridge(4) interface.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata page:
https: [...]
New core team member – Taylor C...
After nearly 13 years on the NetBSD core team, Yamamoto Takeshi has decided
to step down. yamt has been a regular contributor to NetBSD, and we would
all like to thank him for his work, helping guide the project to where it
is now. It is safe to say that NetBSD would not be the same without his
quiet and (Read more...)
OpenBSD Errata: April 14th, 2018 (per...
Errata patches for perl have been released for OpenBSD 6.1, 6.2, and 6.3.
Heap overflows exist in perl which can lead to segmentation faults,
crashes, and reading memory past the buffer.
Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata p [...]
Mailing list server downtime this Sat...
The machine room that lists.openbsd.org is in will be undergoing
maintenance Saturday April 14th. As a result, the list server will
be taken down at 6:00am MDT. It will be back up by 5pm MDT at the
latest.
This also affects ftp.usa.openbsd.org (aka anoncvs3.usa.openbsd.org)
which is located in the same machine room.
- todd
NetBSD Security Advisory 2018-006: Se...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2018-006
=================================
Topic: Several vulnerabilities in the network stack
Version: NetBSD-current: source prior to Fri, Feb 9th 2018
NetBSD 7.1.2: not affected
NetBSD 7.1 - 7.1.1: affected
NetBSD 7.0 - 7.0.2: affected
NetBSD 6.1 - 6. [...]
NetBSD Security Advisory 2018-005: Pr...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2018-005
=================================
Topic: Privilege separation bug in Xen-amd64
Version: NetBSD-current: source prior to Sun, Dec 31st 2017
NetBSD 7.1.2: not affected
NetBSD 7.1 - 7.1.1: affected
NetBSD 7.0 - 7.0.2: affected
NetBSD 6.1 - 6.1.5: a [...]
NetBSD Security Advisory 2018-004: Re...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2018-004
=================================
Topic: Remote Memory Corruption in IPv6
Version: NetBSD-current: source prior to Tue, Jan 30th 2018
NetBSD 7.1: affected
NetBSD 7.0 - 7.0.2: affected
NetBSD 6.1 - 6.1.4: affected
NetBSD 6.0 - 6.0.5: affected
Se [...]
NetBSD Security Advisory 2018-003: Re...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NetBSD Security Advisory 2018-003
=================================
Topic: Remote DoS in IPsec (IPv6)
Version: NetBSD-current: source prior to Wed, Jan 24th 2018
NetBSD 7.1: affected
NetBSD 7.0 - 7.0.2: affected
NetBSD 6.1 - 6.1.4: affected
NetBSD 6.0 - 6.0.5: affected
Severity [...]
[FreeBSD-Announce] FreeBSD Errata Not...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:04.mem Errata Notice
The FreeBSD Project
Topic: Multiple small kernel memory disclosures
Ca [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:05.ipsec Security Advisory
The FreeBSD Project
Topic: ipsec crash or denial of service
Category: [...]
[FreeBSD-Announce] FreeBSD Errata Not...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-18:03.tzdata Errata Notice
The FreeBSD Project
Topic: Timezone database information update
Catego [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-18:04.vt Security Advisory
The FreeBSD Project
Topic: vt console memory disclosure
Category: [...]
