similar to: VuXML and FreeBSD

Displaying 20 results from an estimated 800 matches similar to: "VuXML and FreeBSD"

2005 Feb 22
0
VuXML.org improvements
Hello Everyone, I have made a few small changes to the VuXML.org web sites, http://www.vuxml.org/freebsd/ (aka vuxml.freebsd.org) and http://www.vuxml.org/openbsd/ - Date-oriented indices (e.g. entry date index) visually group entries from the same date. - The package name index is more useful, listing individual package names. - Each package referenced in VuXML now has its own index
2004 Apr 07
0
Note to Racoon users (IKE/ISAKMP daemon)
As was accidently posted here earlier by Ralf :-), you should be aware of this issue: http://vuxml.freebsd.org/d8769838-8814-11d8-90d1-0020ed76ef5a.html racoon fails to verify signature during Phase 1 Affected packages racoon < 20040407b Details VuXML ID d8769838-8814-11d8-90d1-0020ed76ef5a Discovery 2004-04-05 Entry 2004-04-07 Ralf Spenneberg discovered a serious
2004 Aug 17
1
remotely exploitable vulnerability in lukemftpd / tnftpd
Hi Everyone, http://vuxml.freebsd.org/c4b025bb-f05d-11d8-9837-000c41e2cdad.html A critical vulnerability was found in lukemftpd, which shipped with some FreeBSD versions (4.7 and later). However, with the exception of FreeBSD 4.7, lukemftpd was not built and installed by default. So, unless you are running FreeBSD 4.7-RELEASE or specified WANT_LUKEMFTP when building FreeBSD from source, you
2004 May 03
1
Bad VuXML check on PNG port ?
Hello, The current png-1.2.5_4 port has no more vulnerability. It has been corrected by ache@FreeBSD.org yesterday. But when i try to install the updated port to remplace the vulnerable one this is what i am told : # make install ===> png-1.2.5_4 has known vulnerabilities: >> libpng denial-of-service. Reference:
2004 Mar 29
1
cvs commit: ports/multimedia/xine Makefile
Jacques A. Vidrine wrote: > On Mon, Mar 29, 2004 at 08:14:29PM +0200, Oliver Eikemeier wrote: > >>Jacques A. Vidrine wrote: >> >>>On Sun, Mar 28, 2004 at 03:44:06PM -0800, Oliver Eikemeier wrote: >>> >>>>eik 2004/03/28 15:44:06 PST >>>> >>>>FreeBSD ports repository >>>> >>>>Modified files:
2003 Nov 26
0
HEADS-UP: BIND denial-of-service vulnerability
Hello Everyone, ISC has released new versions of BIND 8 which address a remotely exploitable denial-of-service vulnerability that may allow an attacker to perform `negative cache poisoning'--- convincing a name server that certain RRs do not exist (even though they may). I do not know of any workaround at this time. I have committed fixes to the RELENG_5_1 and RELENG_4_9 security branches.
2004 Jun 13
0
FYI: new port security/portaudit-db
Dear porters and port users, I've added a new port security/portaudit-db that complements security/portaudit for users that have a current ports tree and want to generate the portaudit database themselves, possibly distributing it over their local network. This will save you the traffic downloading information that is already on your local machine and avoid the lag that is currently
2003 Jul 14
0
Security Officer-supported branches update
Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent releases and EoL (end-of-life) events. The new list is below (and should appear at <URL: http://www.freebsd.org/security/ > soon). In particular, FreeBSD 4.6 and FreeBSD 5.0 have `expired'. If you wish to be certain to get critical bug fixes, it is recommended that you upgrade
2004 Jan 09
0
Security Officer-supported branches update
Hello Everyone, The branches supported by the FreeBSD Security Officer have been updated to reflect recent EoL (end-of-life) events. The new list is below (and should appear at <URL: http://www.freebsd.org/security/ > soon). FreeBSD 4.7 has `expired', but I have extended the EoL date for FreeBSD 5.1. If you are running FreeBSD 4.7 or older and you wish to be certain to get critical
2004 Mar 16
3
portaudit
Any reason why portaudit and its associated infrastructure was not announced to this list or security-notifications? I recently discovered it, and discovered the feature was added to bsd.port.mk in the beginning of feburary. Seeing as the security officer apparently (without announcement) no longer issues security notices (SNs) for ports, I am assuming that portaudit has replaced SNs entirely,
2004 Apr 03
1
Security branch lifetime changes
Hi Folks, I have extended the lifetime of the RELENG_4_8 security branch, and of security branches in general: ----- Forwarded message from Jacques Vidrine <nectar@FreeBSD.org> ----- Date: Sat, 3 Apr 2004 07:23:54 -0800 (PST) From: Jacques Vidrine <nectar@FreeBSD.org> To: doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit:
2003 Mar 29
0
HEADS UP: new sendmail issue
Hello, Expect to see commits to all branches today, and a FreeBSD advisory following sometime today or tomorrow. <URL: http://www.cert.org/advisories/CA-2003-12.html > <URL: http://www.sendmail.org/8.12.9.html > Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
2003 Sep 30
1
OpenSSL heads-up
Hello Everyone, You may have seen the recent announcement regarding new OpenSSL vulnerabilities. <URL: http://www.openssl.org/news/secadv_20030930.txt > Just thought I'd drop a line to head off the usual questions. :-) Don't panic. The vulnerability is denial-of-service. OpenSSL 0.9.7c will be imported into -CURRENT and -STABLE over the next couple of days, and included
2003 Sep 08
0
@BSDcon: FreeBSD Security Officer BoF
Hello, I have scheduled a birds-of-a-feather (BoF) meeting at BSDcon to discuss the FreeBSD Security Officer role. Details such as time, location, and topics are posted on the BSDcon unofficial Wiki <URL: http://bsdcon.kwiki.org/index.cgi?FreeBSDSecurityOfficerBoF >. Please attend if you are interested in what the SO team does currently and in participating in and improving its
2003 Aug 25
0
NOTE regarding sendmail DNS map issue
You may or may not have already seen: <URL: http://www.sendmail.org/dnsmap1.html> I thought I'd drop an explanatory note here until I publish an advisory. This problem has been known for some time (it was first reported in FreeBSD PR#54367). The default configuration of sendmail is unaffected, and it is unknown whether the issue is truly exploitable by any means. Nonetheless, I
2003 Oct 02
3
HEADS UP: upcoming security advisories
Hello Folks, Just a status on upcoming advisories. FreeBSD-SA-03:15.openssh This is in final review and should be released today. Fixes for this issue entered the tree on September 24. I apologize for the delay in getting this one out. FreeBSD-SA-03:16.filedesc A reference counting bug was discovered that could lead to kernel memory disclosure or a system panic.
2003 Sep 17
3
Sendmail vulnerability
You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #
2003 Sep 17
3
Sendmail vulnerability
You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #
2004 Apr 15
0
Testing redirection of security@FreeBSD.org
postmaster@ reports that <security@FreeBSD.org> is now an alias for the secteam list. -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
2005 May 23
1
TCP timestamp vulnerability
On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > Hi, > > fixes for the vulnerability described in http://www.kb.cert.org/ > vuls/id/637934 > were checked in to CURRENT and RELENG_5 by ps in April. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c > > Revisions 1.270 and 1.252.2.16 > > He didn't commit it to RELENG_5_4 for some