cvsweb.netbsd.org is temporarily offline for now, due to some hardware related trouble. I expect it will be up within 24 hours, but not 100% sure. Please use one of the following mirrors for now: cvsweb.de.netbsd.org cvsweb2.jp.netbsd.org cvsweb.no.netbsd.org Sorry for the inconvenience. -- -- soda
Return-Path: <owner-netbsd-announce <at> netbsd.org> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on andgasm.beer.org X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.0 X-Spam-Level: X-Original-To: netbsd-announce <at> NetBSD.org Received: from stindustries.net (abe.stindustries.net [216.32.89.252]) by mail.netbsd.org (Postfix) with ESMTP id 66FAB63B260 for <netbsd-announce <at> NetBSD.org>; Thu, 30 Mar 2006 01:28:54 +0000 (UTC) Received: from homer.stindustries.net (localhost [127.0.0.1]) by stindustries.net (8.13.5/8.13.5) with ESMTP id k2U1SrlM006681 for <netbsd-announce <at> NetBSD.org>; Thu, 30 Mar 2006 02:28:53 +0100 (BST) Received: (from adrianp <at> localhost) by homer.stindustries.net (8.13.5/8.13.5/Submit) id k2U1Srfn016254 for netbsd-announce <at> NetBSD.org; Thu, 30 Mar 2006 02:28:53 +0100 (BST) Date: Thu, 30 Mar 2006 02:28:53 +0100 From: NetBSD Security-Officer <security-officer <at> NetBSD.org> To: netbsd-announce <at> NetBSD.org Subject: NetBSD Security Advisory 2006-003: Multiple denial of services issues with racoon Message-ID: <20060330012853.GA18638 <at> homer.stindustries.net> Reply-To: NetBSD Security Officer <security-officer <at> NetBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Organisation: The NetBSD Foundation, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1(Continue reading)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-004 ================================= Topic: Denial of services issues with pf Version: NetBSD-current: source prior to January 25, 2006 NetBSD 3.0: affected NetBSD 2.1: not affected NetBSD 2.0.*: not affected NetBSD 2.0: not affected NetBSD 1.6.*: not affected NetBSD 1.6: not affected Severity: Denial of service Fixed: NetBSD-current: January 25, 2006 NetBSD-3-0 branch: January 28, 2006 (3.0.1 will include the fix) NetBSD-3 branch: January 28, 2006 Abstract ======== There is a logical bug in pf's scrub fragment cache, which in certain configurations may lead to a remotely exploitable denial of service attack.(Continue reading)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-005 ================================= Topic: bridge memory disclosure Version: NetBSD-current: source prior to January 17, 2006 NetBSD 3.0: affected NetBSD 2.1: affected NetBSD 2.0.*: affected NetBSD 2.0: affected NetBSD 1.6.*: affected NetBSD 1.6: affected Severity: Kernel sensitive information can be disclosed Fixed: NetBSD-current: January 17, 2006 NetBSD-3-0 branch: February 12, 2006 (3.0.1 will include the fix) NetBSD-3 branch: February 12, 2006 NetBSD-2-1 branch: February 12, 2006 (2.1.1 will include the fix) NetBSD-2-0 branch: February 12, 2006 (2.0.4 will include the fix) NetBSD-2 branch: February 12, 2006 Abstract(Continue reading)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-007 ================================= Topic: mail(1) creates record file with insecure umask Version: NetBSD-current: source prior to March 03, 2006 NetBSD 3.0 affected NetBSD 2.1: affected NetBSD 2.0.*: affected NetBSD 2.0: affected NetBSD 1.6.*: affected NetBSD 1.6: affected Severity: Information disclosure Fixed: NetBSD-current: March 03, 2006 NetBSD-3-0 branch: March 17, 2006 (3.0.1 will include the fix) NetBSD-3 branch: March 17, 2006 NetBSD-2-1 branch: March 17, 2006 (2.1.1 will include the fix) NetBSD-2-0 branch: March 17, 2006 (2.0.4 will include the fix) NetBSD-2 branch: March 17, 2006 Abstract(Continue reading)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-008 ================================= Topic: Malformed ELF interpreter causes system crash Version: NetBSD-current: source prior to March 17, 2006 NetBSD 3.0: affected NetBSD 2.1: affected NetBSD 2.0.*: affected NetBSD 2.0: affected Severity: Any local user can crash the system Fixed: NetBSD-current: March 17, 2006 NetBSD-3-0 branch: March 20, 2006 (3.0.1 will include the fix) NetBSD-3 branch: March 20, 2006 NetBSD-2-1 branch: March 20, 2006 (2.1.1 will include the fix) NetBSD-2-0 branch: March 20, 2006 (2.0.4 will include the fix) NetBSD-2 branch: March 20, 2006 Abstract ========(Continue reading)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2006-010 ================================= Topic: Sendmail race condition Version: NetBSD-current: source prior to March 24, 2006 NetBSD 3.0: affected NetBSD 2.1: affected NetBSD 2.0.*: affected NetBSD 2.0: affected NetBSD 1.6.*: affected NetBSD 1.6: affected pkgsrc: sendmail packages prior to sendmail-8.13.5nb2 sendmail packages prior to sendmail-8.12.11nb2 Severity: Remote code execution with sendmail privileges Fixed: NetBSD-current: March 24, 2006 NetBSD-3-0 branch: March 24, 2006 (3.0.1 will include the fix) NetBSD-3 branch: March 24, 2006 NetBSD-2-1 branch: March 24, 2006 (2.1.1 will include the fix) NetBSD-2-0 branch: March 24, 2006 (2.0.4 will include the fix) NetBSD-2 branch: March 24, 2006(Continue reading)
The pkgsrc-2006Q1 Branch ======================== The pkgsrc developers are very proud to announce the new pkgsrc-2006Q1 branch, which has support for more packages than previous branches. As well as updated versions of many packages, the infrastructure of pkgsrc itself has been improved for better platform and compiler support, and also for enhanced security. At the same time, the pkgsrc-2005Q4 branch has been deprecated, and continuing engineering starts on the pkgsrc-2006Q1 branch. Some highlights of the new pkgsrc-2006Q1 branch are: + many, many packages have been updated to newer versions, to take advantage of fixes and improved functionality. This includes + firefox-1.5.0.1 + gnome-2.12.2 + kde-3.5.1 + opera-8.52 + perl-5.8.7 + postgresql 8.1.3 + thunderbird-1.5 + X.org 6.9 + the addition of some pertinent bright, shiny packages such as apache-tomcat-5.5.14, cdrtools, nagios, qt4, strace, sunbird, and suse 10 packages better to support Linux emulation.(Continue reading)
RSS Feed2 | |
|---|---|
2 | |
4 | |
4 | |
2 | |
3 | |
2 | |
4 | |
1 | |
1 | |
3 | |
4 | |
1 | |
1 | |
4 | |
2 | |
1 | |
4 | |
1 | |
2 | |
1 | |
2 | |
4 | |
4 | |
1 | |
1 | |
4 | |
4 | |
4 | |
3 | |
1 | |
1 | |
1 | |
5 | |
1 | |
4 | |
2 | |
1 | |
4 | |
2 | |
9 | |
8 | |
2 | |
6 | |
2 | |
2 | |
3 | |
1 | |
9 | |
2 | |
2 | |
6 | |
2 | |
5 | |
8 | |
4 | |
5 | |
7 | |
5 | |
6 | |
7 | |
4 | |
1 | |
2 | |
2 | |
2 | |
10 | |
3 | |
3 | |
5 | |
9 | |
4 | |
9 | |
5 | |
4 | |
3 | |
3 | |
7 | |
9 | |
5 | |
1 | |
8 | |
18 | |
5 | |
4 | |
3 | |
3 | |
5 | |
6 | |
2 | |
3 | |
3 | |
6 | |
6 | |
2 | |
2 | |
1 | |
3 | |
3 | |
3 | |
6 | |
9 | |
10 | |
3 | |
3 | |
2 | |
7 | |
8 | |
2 | |
3 | |
1 | |
4 | |
8 | |
11 | |
3 | |
5 | |
2 | |
7 | |
12 | |
18 | |
9 | |
7 | |
4 | |
3 | |
3 | |
2 |
