1 <?xml version="1.0" encoding="iso-8859-1"?>
3 The FreeBSD Documentation Project
7 <informaltable frame="none" pgwide="1">
9 <colspec colwidth="40%"/>
10 <colspec colwidth="30%"/>
11 <colspec colwidth="30%"/>
14 <entry>Advisory</entry>
22 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:18.openssl.asc">FreeBSD-SA-14:18.openssl</link></entry>
23 <entry>9 September 2014</entry>
24 <entry><para>Multiple vulnerabilities</para></entry>
28 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:19.tcp.asc">FreeBSD-SA-14:19.tcp</link></entry>
29 <entry>16 September 2014</entry>
30 <entry><para>Denial of Service in TCP packet
31 processing.</para></entry>
35 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:20.rtsold.asc">FreeBSD-SA-14:20.rtsold</link></entry>
36 <entry>21 October 2014</entry>
37 <entry><para>Remote buffer overflow
38 vulnerability.</para></entry>
42 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:21.routed.asc">FreeBSD-SA-14:21.routed</link></entry>
43 <entry>21 October 2014</entry>
44 <entry><para>Remote denial of service
45 vulnerability.</para></entry>
49 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:22.namei.asc">FreeBSD-SA-14:22.namei</link></entry>
50 <entry>21 October 2014</entry>
51 <entry><para>Memory leak in sandboxed namei
52 lookup.</para></entry>
56 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:23.openssl.asc">FreeBSD-SA-14:23.openssl</link></entry>
57 <entry>21 October 2014</entry>
58 <entry><para>Multiple vulerabilities.</para></entry>
62 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:25.setlogin.asc">FreeBSD-SA-14:25.setlogin</link></entry>
63 <entry>04 November 2014</entry>
64 <entry><para>Kernel stack disclosure.</para></entry>
68 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:26.ftp.asc">FreeBSD-SA-14:26.ftp</link></entry>
69 <entry>04 November 2014</entry>
70 <entry><para>Remote code execution.</para></entry>
74 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:28.file.asc">FreeBSD-SA-14:28.file</link></entry>
75 <entry>10 December 2014</entry>
76 <entry><para>Multiple vulnerabilities in &man.file.1; and
77 &man.libmagic.3;</para></entry>
81 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:29.bind.asc">FreeBSD-SA-14:29.bind</link></entry>
82 <entry>10 December 2014</entry>
83 <entry><para>Remote denial of service
84 vulnerability</para></entry>
88 <entry><link xlink:href="&security.url;/FreeBSD-SA-14:31.ntp.asc">FreeBSD-SA-14:31.ntp</link></entry>
89 <entry>23 December 2014</entry>
90 <entry><para>Multiple vulnerabilities</para></entry>
94 <entry><link xlink:href="&security.url;/FreeBSD-SA-15:01.openssl.asc">FreeBSD-SA-15:01.openssl</link></entry>
95 <entry>14 January 2015</entry>
96 <entry><para>Multiple vulnerabilities</para></entry>
101 xlink:href="&security.url;/FreeBSD-SA-15:02.kmem.asc">FreeBSD-SA-15:02.kmem</link></entry>
102 <entry>27 January 2015</entry>
103 <entry><para>SCTP kernel memory corruption and
104 disclosure vulnerability</para></entry>
109 xlink:href="&security.url;/FreeBSD-SA-15:03.sctp.asc">FreeBSD-SA-15:03.sctp</link></entry>
110 <entry>27 January 2015</entry>
111 <entry><para>SCTP stream reset
112 vulnerability</para></entry>
117 xlink:href="&security.url;/FreeBSD-SA-15:04.igmp.asc">FreeBSD-SA-15:04.igmp</link></entry>
118 <entry>25 February 2015</entry>
119 <entry><para>Integer overflow in IGMP protocol</para></entry>
124 xlink:href="&security.url;/FreeBSD-SA-15:05.bind.asc">FreeBSD-SA-15:05.igmp</link></entry>
125 <entry>25 February 2015</entry>
126 <entry><para>Remote denial of service
127 vulnerability</para></entry>
132 xlink:href="&security.url;/FreeBSD-SA-15:06.openssl.asc">FreeBSD-SA-15:06.openssl</link></entry>
133 <entry>19 March 2015</entry>
134 <entry><para>Multiple vulnerabilities</para></entry>
139 xlink:href="&security.url;/FreeBSD-SA-15:07.ntp.asc">FreeBSD-SA-15:07.ntp</link></entry>
140 <entry>7 April 2015</entry>
141 <entry><para>Multiple vulnerabilities</para></entry>
146 xlink:href="&security.url;/FreeBSD-SA-15:09.ipv6.asc">FreeBSD-SA-15:09.ipv6</link></entry>
147 <entry>7 April 2015</entry>
148 <entry><para>Router advertisement Denial of
149 Service</para></entry>
154 xlink:href="&security.url;/FreeBSD-SA-15:10.openssl.asc">FreeBSD-SA-15:10.openssl</link></entry>
155 <entry>16 June 2015</entry>
156 <entry><para>Multiple vulnerabilities</para></entry>
161 xlink:href="&security.url;/FreeBSD-SA-15:11.bind.asc">FreeBSD-SA-15:11.bind</link></entry>
162 <entry>7 July 2015</entry>
163 <entry><para>Resolver remote denial of service</para></entry>
168 xlink:href="&security.url;/FreeBSD-SA-15:13.tcp.asc">FreeBSD-SA-15:13.tcp</link></entry>
169 <entry>21 July 2015</entry>
170 <entry><para>resource exhaustion due to sessions stuck in
171 <literal>LAST_ACK</literal> state.</para></entry>
176 xlink:href="&security.url;/FreeBSD-SA-15:15.tcp.asc">FreeBSD-SA-15:15.tcp</link></entry>
177 <entry>28 July 2015</entry>
178 <entry><para>resource exhaustion in <acronym>TCP</acronym>
179 reassembly</para></entry>
184 xlink:href="&security.url;/FreeBSD-SA-15:16.openssh.asc">FreeBSD-SA-15:16.openssh</link></entry>
185 <entry>28 July 2015</entry>
186 <entry><para>Multiple vulnerabilities</para></entry>
191 xlink:href="&security.url;/FreeBSD-SA-15:17.bind.asc">FreeBSD-SA-15:17.bind</link></entry>
192 <entry>28 July 2015</entry>
193 <entry><para>Remote denial of service
194 vulnerability</para></entry>
199 xlink:href="&security.url;/FreeBSD-SA-15:19.routed.asc">FreeBSD-SA-15:19.routed</link></entry>
200 <entry>5 August 2015</entry>
201 <entry><para>Remote denial of service
202 vulnerability</para></entry>
207 xlink:href="&security.url;/FreeBSD-SA-15:20.expat.asc">FreeBSD-SA-15:20.expat</link></entry>
208 <entry>18 August 2015</entry>
209 <entry><para>Fix multiple integer overflows in
210 &man.libbsdxml.3;.</para></entry>
215 xlink:href="&security.url;/FreeBSD-SA-15:21.amd64.asc">FreeBSD-SA-15:21.amd64</link></entry>
216 <entry>25 August 2015</entry>
217 <entry><para>Fix local privilege escalation in IRET
218 handler.</para></entry>
223 xlink:href="&security.url;/FreeBSD-SA-15:22.openssh.asc">FreeBSD-SA-15:22.openssh</link></entry>
224 <entry>25 August 2015</entry>
225 <entry><para>Multiple vulnerabilities</para></entry>
229 <entry><link xlink:href="&security.url;/FreeBSD-SA-15:23.bind.asc">FreeBSD-SA-15:23.bind</link></entry>
230 <entry>2 September 2015</entry>
231 <entry><para>Remote denial of service
232 vulnerability</para></entry>
237 xlink:href="&security.url;/FreeBSD-SA-15:24.rpcbind.asc">FreeBSD-SA-15:24.rpcbind</link></entry>
238 <entry>29 September 2015</entry>
239 <entry><para>Remote denial of service</para></entry>
244 xlink:href="&security.url;/FreeBSD-SA-15:25.ntp.asc">FreeBSD-SA-15:25.ntp</link></entry>
245 <entry>26 October 2015</entry>
246 <entry><para>Multiple vulnerabilities</para></entry>
251 xlink:href="&security.url;/FreeBSD-SA-15:26.openssl.asc">FreeBSD-SA-15:26.openssl</link></entry>
252 <entry>5 December 2015</entry>
253 <entry><para>Multiple vulnerabilities</para></entry>
258 xlink:href="&security.url;/FreeBSD-SA-15:27.bind.asc">FreeBSD-SA-15:27.bind</link></entry>
259 <entry>16 December 2015</entry>
260 <entry><para>Remote denial of service</para></entry>
265 xlink:href="&security.url;/FreeBSD-SA-16:01.sctp.asc">FreeBSD-SA-16:01.sctp</link></entry>
266 <entry>14 January 2016</entry>
267 <entry><para>ICMPv6 error message vulnerability</para></entry>
272 xlink:href="&security.url;/FreeBSD-SA-16:02.ntp.asc">FreeBSD-SA-16:02.ntp</link></entry>
273 <entry>14 January 2016</entry>
274 <entry><para>Panic threshold bypass
275 vulnerability</para></entry>
280 xlink:href="&security.url;/FreeBSD-SA-16:03.linux.asc">FreeBSD-SA-16:03.linux</link></entry>
281 <entry>14 January 2016</entry>
282 <entry><para>Incorrect <literal>futex</literal>
283 handling</para></entry>
288 xlink:href="&security.url;/FreeBSD-SA-16:04.linux.asc">FreeBSD-SA-16:04.linux</link></entry>
289 <entry>14 January 2016</entry>
290 <entry><para>&man.setgroups.2; system call
291 vulnerability</para></entry>
296 xlink:href="&security.url;/FreeBSD-SA-16:05.tcp.asc">FreeBSD-SA-16:05.tcp</link></entry>
297 <entry>14 January 2016</entry>
298 <entry><para>MD5 signature denial of service</para></entry>
303 xlink:href="&security.url;/FreeBSD-SA-16:06.bsnmpd.asc">FreeBSD-SA-16:06.bsnmpd</link></entry>
304 <entry>14 January 2016</entry>
305 <entry><para>Insecure default configuration file
306 permissions</para></entry>
311 xlink:href="&security.url;/FreeBSD-SA-16:07.openssh.asc">FreeBSD-SA-16:07.openssh</link></entry>
312 <entry>14 January 2016</entry>
313 <entry><para><application>OpenSSH</application> client
314 information leak</para></entry>
319 xlink:href="&security.url;/FreeBSD-SA-16:08.bind.asc">FreeBSD-SA-16:08.bind</link></entry>
320 <entry>27 January 2016</entry>
321 <entry><para>Remote denial of service
322 vulnerability.</para></entry>
327 xlink:href="&security.url;/FreeBSD-SA-16:09.ntp.asc">FreeBSD-SA-16:09.ntp</link></entry>
328 <entry>27 January 2016</entry>
329 <entry><para>Multiple vulnerabilities.</para></entry>
334 xlink:href="&security.url;/FreeBSD-SA-16:10.linux.asc">FreeBSD-SA-16:10.linux</link></entry>
335 <entry>27 January 2016</entry>
336 <entry><para>&man.issetugid.2; system call
337 vulnerability.</para></entry>
342 xlink:href="&security.url;/FreeBSD-SA-16:11.openssl.asc">FreeBSD-SA-16:11.openssl</link></entry>
343 <entry>30 January 2016</entry>
344 <entry><para>SSLv2 cipher suite downgrade
345 vulnerability.</para></entry>
350 xlink:href="&security.url;/FreeBSD-SA-16:12.openssl.asc">FreeBSD-SA-16:12.openssl</link></entry>
351 <entry>7 March 2016</entry>
352 <entry><para>Multiple vulnerabilities</para></entry>
357 xlink:href="&security.url;/FreeBSD-SA-16:13.bind.asc">FreeBSD-SA-16:13.bind</link></entry>
358 <entry>10 March 2016</entry>
359 <entry><para>Multiple vulnerabilities</para></entry>
364 xlink:href="&security.url;/FreeBSD-SA-16:14.openssh-xauth.asc">FreeBSD-SA-16:14.openssh-xauth</link></entry>
365 <entry>16 March 2016</entry>
366 <entry><para>OpenSSH xauth injection
367 vulnerability</para></entry>
372 xlink:href="&security.url;/FreeBSD-SA-16:15.sysarch.asc">FreeBSD-SA-16:15.sysarch</link></entry>
373 <entry>16 March 2016</entry>
374 <entry><para>Incorrect argument validation in
375 &man.sysarch.2;</para></entry>
380 xlink:href="&security.url;/FreeBSD-SA-16:09.ntp.asc">FreeBSD-SA-16:09.ntp</link></entry>
381 <entry>29 April 2016</entry>
382 <entry><para>Multiple <application>ntp</application>
383 vulnerabilities.</para></entry>
388 xlink:href="&security.url;/FreeBSD-SA-16:17.openssl.asc">FreeBSD-SA-16:17.openssl</link></entry>
389 <entry>29 April 2016</entry>
390 <entry><para>Multiple <application>OpenSSL</application>
391 vulnerabilities.</para></entry>
396 xlink:href="&security.url;/FreeBSD-SA-16:18.atkbd.asc">FreeBSD-SA-16:18.atkbd</link></entry>
397 <entry>17 May 2016</entry>
398 <entry><para>Keyboard driver buffer overflow</para></entry>
403 xlink:href="&security.url;/FreeBSD-SA-16:19.sendmsg.asc">FreeBSD-SA-16:19.sendmsg</link></entry>
404 <entry>17 May 2016</entry>
405 <entry><para>Incorrect argument handling in
406 &man.sendmsg.2;</para></entry>
411 xlink:href="&security.url;/FreeBSD-SA-16:20.linux.asc">FreeBSD-SA-16:20.linux</link></entry>
412 <entry>31 May 2016</entry>
413 <entry><para>Kernel stack disclosure in Linux compatibility
419 xlink:href="&security.url;/FreeBSD-SA-16:21.43bsd.asc">FreeBSD-SA-16:21.43bsd</link></entry>
420 <entry>31 May 2016</entry>
421 <entry><para>Kernel stack disclosure in 4.3BSD compatibility
427 xlink:href="&security.url;/FreeBSD-SA-16:22.libarchive.asc">FreeBSD-SA-16:22.libarchive</link></entry>
428 <entry>31 May 2016</entry>
429 <entry><para>Absolute path traversal
430 vulnerability</para></entry>
435 xlink:href="&security.url;/FreeBSD-SA-16:23.libarchive.asc">FreeBSD-SA-16:23.libarchive</link></entry>
436 <entry>31 May 2016</entry>
437 <entry><para>Absolute path traversal
438 vulnerability</para></entry>
443 xlink:href="&security.url;/FreeBSD-SA-16:24.ntp.asc">FreeBSD-SA-16:24.ntp</link></entry>
444 <entry>3 June 2016</entry>
445 <entry><para>Multiple <application>ntp</application>
446 vulnerabilties</para></entry>
451 xlink:href="&security.url;/FreeBSD-SA-16:25.bspatch.asc">FreeBSD-SA-16:25.bspatch</link></entry>
452 <entry>25 July 2016</entry>
453 <entry><para>heap overflow vulnerability</para></entry>