Posts in category deadsimple BSD Security Advisories and Announcements
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-17:05.heimdal Security Advisory
The FreeBSD Project
Topic: heimdal KDC-REP service name validation vuln [...]
OpenBSD Errata: June 27th, 2017 (icmp...
An errata patch for icmp6_linklocal has been released for OpenBSD 6.1.
When pinging an IPv6 link-local address, the reflected packet had ::1
as source address. The echo reply was ignored as it must be from the
link-local address.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. A source code patch can [...]
OpenBSD Errata: June 12th, 2017 (wsmu...
Errata patches for wsmux have been released for OpenBSD 6.1 and 6.0.
An unprivileged console user can cause a kernel crash.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata60.html
https://www.openbsd.or [...]
OpenBSD Errata: June 12th, 2017 (sti)
Errata patches for sti have been released for OpenBSD 6.1 and 6.0.
An integer overflow exists in two range checks.
Source code patches can be found on the respective errata pages:
https://www.openbsd.org/errata60.html
https://www.openbsd.org/errata61.html
As this affects the kernel, a reboot will be needed after patching.
The fix is o [...]
NetBSD 8.0 release process underway
If you\'ve been reading source-changes@, you likely noticed the recent
creation of the netbsd-8 branch. If you haven\'t been reading
source-changes@, here\'s some news: the netbsd-8 branch has been created,
signaling the beginning of the release process for NetBSD 8.0.
We don\'t have a strict timeline for the 8.0 release, but things are
loo [...]
OpenBSD Errata: June 4th, 2017 (perl)
Errata patches for perl have been released for OpenBSD 6.0 and 6.1.
A race condition exists in the File::Path module.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata60.html
https://www.openbsd.org/erra [...]
OpenBSD Errata: May 22nd, 2017 (icmp_...
Errata patches for icmp_opts have been released for OpenBSD 6.1 and 6.0.
The kernel could leak memory when processing ICMP packets with IP options.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata60.html
[...]
OpenBSD Errata: May 19th, 2017 (exec_...
Errata patches for exec_subr have been released for OpenBSD 6.1 and 6.0.
An additional mitigation is added by placing a gap of 1 MB between the
stack and mmap spaces.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd [...]
[FreeBSD-Announce] FreeBSD Quarterly ...
FreeBSD Project Quarterly Status Report - 1st Quarter 2017
While a few of these projects indicate they are a \"plan B\" or an
\"attempt III\", many are still hewing to their original plans, and all
have produced impressive results. Please enjoy this vibrant collection
of reports, covering the first quarter of 2017.
--Benjamin [...]
OpenBSD Errata: May 13th, 2017 (freet...
Errata patches for freetype have been released for OpenBSD 6.1 and 6.0.
Heap-based buffer overflows can result in out-of-bounds writes.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata60.html
https://ww [...]
OpenBSD Errata: May 8th, 2017 (libssl...
Errata patches for libssl have been released for OpenBSD 6.1 and 6.0.
Incorrect DTLS cookie handling can result in a NULL pointer dereference.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata60.html
htt [...]
OpenBSD Errata: May 6th, 2017
An errata patch for pf has been released for OpenBSD 6.1 today.
Details can be found on this page: https://www.openbsd.org/errata61.html
Binary updates for the amd64 and i386 platforms are also available via
the syspatch utility. Note that syspatch uses the mirror configured in
/etc/installurl, so all mirrors may not have the files yet.
Op [...]
Announcing NetBSD and the Google Summ...
We are very happy to announce that the selection process in this year\'s
Summer of Code with its bargaining of slots and what student gets assigned
to which project is over. As a result, the following students will take on
their projects:
* Leonardo Taccari will work add multi-packages support to pkgsrc.
* Maya Rashish will work on th [...]
[Security-announce] pfSense-SA-17_04....
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=============================================================================
pfSense-SA-17_04.webgui Security Advisory
pfSense
Topic: DHCP Lease XSS vulnerability in the WebGUI
[...]
OpenBSD Errata: May 2nd, 2017
Errata patches for dhcpd, vmm, LibreSSL and softraid have been released
for OpenBSD 6.1 today.
Details can be found on this page: https://www.openbsd.org/errata61.html
Binary updates for the amd64 and i386 platforms are also available via
the syspatch utility. Note that syspatch uses the mirror configured in
/etc/installurl, so all mirrors [...]
LibreSSL 2.5.4 Released
We have released LibreSSL 2.5.4, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. It includes the
following changes:
* Reverted a previous change that forced consistency between return
value and error code when specifing a certificate verification
callback, since this breaks the documented API. Wh [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-17:04.ipfilter Security Advisory
The FreeBSD Project
Topic: ipfilter(4) fragment handling panic
Categor [...]
Reminder: mailing list server downtim...
The machine room that lists.openbsd.org is in will be undergoing
maintenance Saturday April 15th. As a result, the list server will
be taken down at 5:30am MDT. It will be back up by 6pm MDT at the
latest but hopefully earlier, in the early afternoon if possible.
This also affects ftp.usa.openbsd.org and anoncvs3.usa.openbsd.org
which are [...]
[FreeBSD-Announce] FreeBSD Security A...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-17:03.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: [...]
