1 <?xml version="1.0" encoding="iso-8859-1"?>
3 The FreeBSD Documentation Project
7 <informaltable frame="none" pgwide="1">
9 <colspec colwidth="40%"/>
10 <colspec colwidth="30%"/>
11 <colspec colwidth="30%"/>
14 <entry>Advisory</entry>
22 <entry><link xlink:href="&security.url;/FreeBSD-SA-13:07.bind.asc">FreeBSD-SA-13:07.bind</link></entry>
23 <entry>26 July 2013</entry>
24 <entry><para>Denial of Service vulnerability in
25 &man.named.8;</para></entry>
29 <entry><link xlink:href="&security.url;/FreeBSD-SA-13:09.ip_multicast.asc">FreeBSD-SA-13:09.ip_multicast</link></entry>
30 <entry>21 August 2013</entry>
31 <entry><para>Integer overflow in computing the size of
32 a temporary buffer can result in a buffer which is too
33 small for the requested operation</para></entry>
37 <entry><link xlink:href="&security.url;/FreeBSD-SA-13:10.sctp.asc">FreeBSD-SA-13:10.sctp</link></entry>
38 <entry>21 August 2013</entry>
39 <entry><para>Fix a bug that could lead to kernel memory
40 disclosure with SCTP state cookie</para></entry>
44 <entry><link xlink:href="&security.url;/FreeBSD-SA-13:12.ifioctl.asc">FreeBSD-SA-13:12.ifioctl</link></entry>
45 <entry>10 September 2013</entry>
46 <entry><para>In IPv6 and NetATM, stop
47 <literal>SIOCSIFADDR</literal>,
48 <literal>SIOCSIFBRDADDR</literal>,
49 <literal>SIOCSIFDSTADDR</literal> and
50 <literal>SIOCSIFNETMASK</literal> at the socket layer
51 rather than pass them on to the link layer without
52 validation or credential checks</para></entry>
56 <entry><link xlink:href="&security.url;/FreeBSD-SA-13:13.nullfs.asc">FreeBSD-SA-13:13.nullfs</link></entry>
57 <entry>10 September 2013</entry>
58 <entry><para>Prevent cross-mount hardlinks between different
59 nullfs mounts of the same underlying
60 filesystem</para></entry>
64 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:01.bsnmpd.asc">FreeBSD-SA-14:01.bsnmpd</link></entry>
65 <entry>14 January 2014</entry>
66 <entry><para>bsnmpd remote denial of service
67 vulnerability</para></entry>
71 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:02.ntpd.asc">FreeBSD-SA-14:02.ntpd</link></entry>
72 <entry>14 January 2014</entry>
73 <entry><para>ntpd distributed reflection Denial of Service
74 vulnerability</para></entry>
78 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:04.bind.asc">FreeBSD-SA-14:04.bind</link></entry>
79 <entry>14 January 2014</entry>
80 <entry><para>BIND remote denial of service
81 vulnerability</para></entry>
85 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:05.nfsserver.asc">FreeBSD-SA-14:05.nfsserver</link></entry>
86 <entry>8 April 2014</entry>
87 <entry><para>NFS deadlock vulnerability</para></entry>
91 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:06.openssl.asc">FreeBSD-SA-14:06.openssl</link></entry>
92 <entry>8 April 2014</entry>
93 <entry><para>ECDSA Cache Side-channel Attack in
94 OpenSSL</para></entry>
98 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:08.tcp.asc">FreeBSD-SA-14:08.tcp</link></entry>
99 <entry>30 April 2014</entry>
100 <entry><para>TCP reassembly vulnerability</para></entry>
104 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:11.sendmail.asc">FreeBSD-SA-14:11.sendmail</link></entry>
105 <entry>5 June 2014</entry>
106 <entry><para>sendmail improper close-on-exec flag
107 handling</para></entry>
111 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:12.ktrace.asc">FreeBSD-SA-14:12.ktrace</link></entry>
112 <entry>5 June 2014</entry>
113 <entry><para>ktrace memory disclosure</para></entry>
117 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:14.openssl.asc">FreeBSD-SA-14:14.openssl</link></entry>
118 <entry>5 June 2014</entry>
119 <entry><para>OpenSSL multiple vulnerabilities</para></entry>
123 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:16.file.asc">FreeBSD-SA-14:16.file</link></entry>
124 <entry>5 June 2014</entry>
125 <entry><para>Multiple vulnerabilities in &man.file.1; and
126 &man.libmagic.3;</para></entry>
130 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:17.kmem.asc">FreeBSD-SA-14:17.kmem</link></entry>
131 <entry>8 July 2014</entry>
132 <entry><para>kernel memory disclosure in control message and
133 SCTP notifications</para></entry>
137 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:18.openssl.asc">FreeBSD-SA-14:18.openssl</link></entry>
138 <entry>9 September 2014</entry>
139 <entry><para>Multiple vulnerabilities in
140 OpenSSL</para></entry>
144 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:19.tcp.asc">FreeBSD-SA-14:19.tcp</link></entry>
145 <entry>16 September 2014</entry>
146 <entry><para>Denial of Service in TCP packet
147 processing</para></entry>
151 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:21.routed.asc">FreeBSD-SA-14:21.routed</link></entry>
152 <entry>21 October 2014</entry>
153 <entry><para>&man.routed.8; denial of service
154 vulnerability</para></entry>
158 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:23.openssl.asc">FreeBSD-SA-14:23.openssl</link></entry>
159 <entry>21 October 2014</entry>
160 <entry><para>Multiple vulnerabilities in
161 OpenSSL</para></entry>
165 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:25.setlogin.asc">FreeBSD-SA-14:25.setlogin</link></entry>
166 <entry>4 November 2014</entry>
167 <entry><para>kernel stack disclosure in &man.setlogin.2; and
168 &man.getlogin.2;</para></entry>
172 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:26.ftp.asc">FreeBSD-SA-14:26.ftp</link></entry>
173 <entry>4 November 2014</entry>
174 <entry><para>Remote command execution in
175 &man.ftp.1;</para></entry>
179 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:28.file.asc">FreeBSD-SA-14:28.file</link></entry>
180 <entry>10 December 2014</entry>
181 <entry><para>Multiple vulnerabilities in &man.file.1; and
182 &man.libmagic.3;</para></entry>
186 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:29.bind.asc">FreeBSD-SA-14:29.bind</link></entry>
187 <entry>10 December 2014</entry>
188 <entry><para>BIND remote denial of service
189 vulnerability</para></entry>
193 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:31.ntp.asc">FreeBSD-SA-14:31.ntp</link></entry>
194 <entry>23 December 2014</entry>
195 <entry><para>Multiple vulnerabilities in NTP
200 <entry><link xlink:href="&security.url;/FreeBSD-SA-15:01.openssl.asc">FreeBSD-SA-15:01.ntp</link></entry>
201 <entry>14 January 2015</entry>
202 <entry><para>Multiple vulnerabilities in
203 OpenSSL</para></entry>
207 <entry><link xlink:href="&security.url;/FreeBSD-SA-15:02.kmem.asc">FreeBSD-SA-15:02.kmem</link></entry>
208 <entry>27 January 2015</entry>
209 <entry><para>Fix SCTP SCTP_SS_VALUE kernel memory corruption
210 and disclosure vulnerability</para></entry>
214 <entry><link xlink:href="&security.url;/FreeBSD-SA-15:03.sctp.asc">FreeBSD-SA-15:03.sctp</link></entry>
215 <entry>27 January 2015</entry>
216 <entry><para>Fix SCTP stream reset
217 vulnerability</para></entry>
222 xlink:href="&security.url;/FreeBSD-SA-15:04.igmp.asc">FreeBSD-SA-15:04.igmp</link></entry>
223 <entry>25 February 2015</entry>
224 <entry><para>Integer overflow in IGMP protocol</para></entry>
229 xlink:href="&security.url;/FreeBSD-SA-15:05.bind.asc">FreeBSD-SA-15:05.igmp</link></entry>
230 <entry>25 February 2015</entry>
231 <entry><para>Remote denial of service
232 vulnerability</para></entry>
237 xlink:href="&security.url;/FreeBSD-SA-15:06.openssl.asc">FreeBSD-SA-15:06.openssl</link></entry>
238 <entry>19 March 2015</entry>
239 <entry><para>Multiple vulnerabilities</para></entry>
244 xlink:href="&security.url;/FreeBSD-SA-15:07.ntp.asc">FreeBSD-SA-15:07.ntp</link></entry>
245 <entry>7 April 2015</entry>
246 <entry><para>Multiple vulnerabilities</para></entry>
251 xlink:href="&security.url;/FreeBSD-SA-15:09.ipv6.asc">FreeBSD-SA-15:09.ipv6</link></entry>
252 <entry>7 April 2015</entry>
253 <entry><para>Router advertisement Denial of
254 Service</para></entry>