Crea sito
RSS

MidnightBSD 0.6

29 Aprile 2015

MidnightBSD

MidnightBSD

MidnightBSD è un sistema operativo che deriva da FreeBSD (in origine è stato un fork di FreeBSD 6.1 beta). L’obiettivo principale del progetto è di creare un sistema desktop semplice da usare.

Versione 0.6

Questa versione contiene (in Inglese):

Security

OpenSSL: The receipt of a specifically crafted DTLS handshake message may cause OpenSSL to consume large amounts of memory. [CVE-2014-3506]

The receipt of a specifically crafted DTLS packet could cause OpenSSL to leak memory. [CVE-2014-3507]

A flaw in OBJ_obj2txt may cause pretty printing functions such as X509_name_oneline, X509_name_print_ex et al. to leak some information from the stack. [CVE-2014-3508]

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a denial of service attack. [CVE-2014-3510]

TCP SYN: When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window.

Fix several security vulnerabilities in routed, rtsold, and namei with respect to Capsicum sandboxes looking up nonexistent path names and leaking memory.

The input path in routed(8) will accept queries from any source and attempt to answer them. However, the output path assumes that the destination address for the response is on a directly connected network.

Due to a missing length check in the code that handles DNS parameters, a malformed router advertisement message can result in a stack buffer overflow in rtsold(8).

tnftp 20141031 fixes a security vulnerability with tnftp, CVE-2014-8517.

Fix a security issue with file and libmagic that can allow an attacker to create a denial of service attack on any program that uses libmagic.

BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using “dnssec-validation auto;” or “dnssec-lookaside auto;”) may exhibit unpredictable behavior due to the use of an improperly initialized variable.

CVE-2015-1349 An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. This can result in a DOS attack.

IPv6: The Neighbor Discover Protocol allows a local router to advertise a suggested Current Hop Limit value of a link, which will replace Current Hop Limit on an interface connected to the link on the MidnightBSD system.

sqlite 3.8.9 – Fix a potential 32-bit integer overflow problem in the sqlite3_blob_read() and sqlite3_blob_write() interfaces.

Enhancements

Fix building perl during buildworld when the GDBM port is installed.

Fixed a bug with our clearenv(3) implementation that caused segfaults with some programs including Dovecot.

Update USB quirks to support K70 Corsair keyboard, and several other devices.

Removed Features

none

New Software Versions

  • Apple mDNSResponder 561.1.1
  • mksh R50e
  • OpenSSH 6.6p1
  • OpenSSL 0.9.8.zf
  • serf 1.3.8
  • sudo 1.7.8
  • sqlite 3.8.9
  • tnftp 20141031
  • tzdata 2014i
  • xz 5.0.7

Risorse

La distribuzione può essere scaricata da:

Il sito web della distribuzione è: http://www.midnightbsd.org/

Conclusioni

Questa versione è dedicata a fix di sicurezza e al rilascio di mport package tool

Subscribe

Subscribe to our e-mail newsletter to receive updates.

No comments yet.

Leave a Reply