Diff for /wikisrc/users/spz/secref.mdwn between versions 1.2 and 1.3

version 1.2, 2012/01/15 11:00:58 version 1.3, 2012/01/21 03:00:14
Line 1 Line 1
 [[!meta title Security Vulnerability Reference List]]  [[!meta title="Security Vulnerability Reference List"]]
 # Security Vulnerability Reference List  # Security Vulnerability Reference List
   
 <table>  [[!table data="""
 <tr><th>Identifier</th><th>Topic</th><th>Fixed in HEAD</th><th>Fixed in netbsd-5</th><th>Fixed in netbsd-4</th><th>Advisory</th></tr>  Identifier|Topic|Fixed in HEAD|Fixed in netbsd-5|Fixed in netbsd-4|Advisory
 <tr><td>[[CVE-2010-3613|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613]]</td><td>BIND DoS due to improper handling of RRSIG records</td><td>20101202</td><td>20110110</td><td>20110123</td><td>[[2011-001|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc]]</td></tr>  [[CVE-2010-3613|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613]]|BIND DoS due to improper handling of RRSIG records|20101202|20110110|20110123|[[2011-001|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-001.txt.asc]]
 <tr><td>[[CVE-2011-0014|http://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2011-0014]]</td><td>OpenSSL TLS extension parsing race condition</td><td>20110211</td><td>20110217</td><td>not affected</td><td>[[2011-002|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc]]</td></tr>  [[CVE-2011-0014|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014]]|OpenSSL TLS extension parsing race condition|20110211|20110217|not affected|[[2011-002|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc]]
 <tr><td>-</td><td>Exhausting kernel memory from user controlled value</td><td>20110304</td><td>20110307</td><td>20110307</td><td>[[2011-003|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-003.txt.asc]]</td></tr>  -|Exhausting kernel memory from user controlled value|20110304|20110307|20110307|[[2011-003|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-003.txt.asc]]
 <tr><td>[[CVE-2011-1547|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1547]]</td><td>Kernel stack overflow via nested IPCOMP packet</td><td>20110401</td><td>20110403</td><td>20110403</td><td>[[2011-004|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc]]</td></tr>  [[CVE-2011-1547|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1547]]|Kernel stack overflow via nested IPCOMP packet|20110401|20110403|20110403|[[2011-004|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-004.txt.asc]]
 <tr><td>[[CVE-2011-0997|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997]]</td><td>ISC dhclient environment sanitizing</td><td>20110406</td><td>20110407</td><td>20110407</td><td>[[2011-005|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-005.txt.asc]]</td></tr>  [[CVE-2011-0997|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997]]|ISC dhclient environment sanitizing|20110406|20110407|20110407|[[2011-005|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-005.txt.asc]]
 <tr><td>[[CVE-2011-2464|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464]]</td><td>BIND DoS via packet with rrtype zero</td><td>20110706</td><td>20110708</td><td>20110716</td><td>[[2011-006|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-006.txt.asc]]</td></tr>  [[CVE-2011-2464|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464]]|BIND DoS via packet with rrtype zero|20110706|20110708|20110716|[[2011-006|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-006.txt.asc]]
 <tr><td>[[CVE-2011-2895|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895]]</td><td>LZW decoding loop on manipulated compressed files</td><td>20110816</td><td>20110819</td><td>20110819</td><td>[[2011-007|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc]]</td></tr>  [[CVE-2011-2895|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895]]|LZW decoding loop on manipulated compressed files|20110816|20110819|20110819|[[2011-007|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc]]
 <tr><td>[[CVE-2011-4122|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4122]]</td><td>OpenPAM privilege escalation</td><td>20111109</td><td>20111119</td><td>20111119</td><td>[[2011-008|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-008.txt.asc]]</td></tr>  [[CVE-2011-4122|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4122]]|OpenPAM privilege escalation|20111109|20111119|20111119|[[2011-008|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-008.txt.asc]]
 <tr><td>[[CVE-2011-4313|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313]]</td><td>BIND resolver DoS</td><td>20111116</td><td>20111118</td><td>20111120</td><td>[[2011-009|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-009.txt.asc]]</td></tr>  [[CVE-2011-4313|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313]]|BIND resolver DoS|20111116|20111118|20111120|[[2011-009|http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2011-009.txt.asc]]
 <tr><td>[[CVE-2011-4862|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862]]</td><td>telnetd unchecked encryption key length</td><td>20111223</td><td>20111231</td><td>20111231</td><td></td></tr>  [[CVE-2011-4862|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862]]|telnetd unchecked encryption key length|20111223|20111231|20111231|
 <tr><td>[[CVE-2010-1166|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166]]</td><td>incorrect macro definition in Xrender</td><td>20111230</td><td>20120101</td><td>not affected</td><td></td></tr>  [[CVE-2010-1166|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166]]|incorrect macro definition in Xrender|20111230|20120101|not affected|
 <tr><td></td><td></td><td></td><td></td><td></td><td></td></tr>  """]]
 </table>  

Removed from v.1.2  
changed lines
  Added in v.1.3


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb