File:  [NetBSD Developer Wiki] / wikisrc / users / spz / secref.mdwn
Revision 1.3: download - view: text, annotated - select for diffs
Sat Jan 21 03:00:14 2012 UTC (11 years ago) by schmonz
Branches: MAIN
CVS tags: HEAD
Better living through less markup, fix meta title directives and a
broken link, wrap long lines that aren't table rows. Might benefit
from a template.

[[!meta title="Security Vulnerability Reference List"]]
# Security Vulnerability Reference List

[[!table data="""
Identifier|Topic|Fixed in HEAD|Fixed in netbsd-5|Fixed in netbsd-4|Advisory
[[CVE-2010-3613|]]|BIND DoS due to improper handling of RRSIG records|20101202|20110110|20110123|[[2011-001|]]
[[CVE-2011-0014|]]|OpenSSL TLS extension parsing race condition|20110211|20110217|not affected|[[2011-002|]]
-|Exhausting kernel memory from user controlled value|20110304|20110307|20110307|[[2011-003|]]
[[CVE-2011-1547|]]|Kernel stack overflow via nested IPCOMP packet|20110401|20110403|20110403|[[2011-004|]]
[[CVE-2011-0997|]]|ISC dhclient environment sanitizing|20110406|20110407|20110407|[[2011-005|]]
[[CVE-2011-2464|]]|BIND DoS via packet with rrtype zero|20110706|20110708|20110716|[[2011-006|]]
[[CVE-2011-2895|]]|LZW decoding loop on manipulated compressed files|20110816|20110819|20110819|[[2011-007|]]
[[CVE-2011-4122|]]|OpenPAM privilege escalation|20111109|20111119|20111119|[[2011-008|]]
[[CVE-2011-4313|]]|BIND resolver DoS|20111116|20111118|20111120|[[2011-009|]]
[[CVE-2011-4862|]]|telnetd unchecked encryption key length|20111223|20111231|20111231|
[[CVE-2010-1166|]]|incorrect macro definition in Xrender|20111230|20120101|not affected|

CVSweb for NetBSD wikisrc <> software: FreeBSD-CVSweb