Day: July 28, 2015

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:17.bind

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-15:17.bind Security Advisory
The FreeBSD Project

Topic: BIND remote denial of service vulnerability

Category: contrib
Module: bind
Announced: 2015-07-28
Credits: ISC
Affects: FreeBSD 8.x and FreeBSD 9.x.
Corrected: 2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)
2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)
2015-07-28 19:58:54 UTC (stable/8, 8.4-STABLE)
2015-07-28 19:59:22 UTC (releng/8.4, 8.4-RELEASE-p35)
CVE Name: CVE-2015-5477

For general

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:15.tcp

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-15:15.tcp Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in TCP reassembly

Category: core
Module: inet
Announced: 2015-07-28
Credits: Patrick Kelsey (Norse Corporation)
Affects: All supported versions of FreeBSD.
Corrected: 2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
2015-07-28 19:58:54 UTC

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:15.tcp

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-15:15.tcp Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in TCP reassembly

Category: core
Module: inet
Announced: 2015-07-28
Credits: Patrick Kelsey (Norse Corporation)
Affects: All supported versions of FreeBSD.
Corrected: 2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
2015-07-28 19:58:54 UTC

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:16.openssh

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-15:16.openssh Security Advisory
The FreeBSD Project

Topic: OpenSSH multiple vulnerabilities

Category: contrib
Module: openssh
Announced: 2015-07-28
Affects: All supported versions of FreeBSD.
Corrected: 2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
2015-07-28 19:58:54 UTC (stable/9, 9.3-STABLE)
2015-07-28 19:59:22 UTC (releng/9.3, 9.3-RELEASE-p21)

(Read more...)

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-15:14.bsdpatch Security Advisory
The FreeBSD Project

Topic: shell injection vulnerability in patch(1)

Category: contrib
Module: patch
Announced: 2015-07-28
Credits: Martin Natano
Affects: FreeBSD 10.x.
Corrected: 2015-07-28 19:58:44 UTC (stable/10, 10.2-PRERELEASE)
2015-07-28 19:58:44 UTC (stable/10, 10.2-BETA2-p2)
2015-07-28 19:59:04 UTC (releng/10.2, 10.2-RC1-p1)
2015-07-28 19:59:11 UTC (releng/10.1, 10.1-RELEASE-p16)
CVE Name: CVE-2015-1416

For general information regarding FreeBSD

(Read more...)

NetBSD 7.0_RC2

On behalf of the NetBSD project, it is my pleasure to announce the second release candidate of NetBSD 7.0.

Some of the changes since 7.0_RC1 are:

OpenSSL updated to 1.0.1p
BIND updated to 9.10.2-P2
IPSEC support is now included by default in Xe…

Use wpa_supplicant only long enough to replace it

DragonFly ships with wpa_supplicant, for setting up WiFi.  However, there’s no guarantee it’s the latest version.  A solution exists: security/wpa_supplicant in dports.  However, this has a chicken-and-egg problem, where you need wpa_supplicant to get online and download the dports version of wpa_supplicant.  So, DragonFly still includes wpa_supplicant in the base system, but you should upgrade […]