2. Security Advisories

Problems described in the following security advisories have been fixed in 8.4-RELEASE. For more information, consult the individual advisories available from http://security.FreeBSD.org/.

FreeBSD-SA-13:07.bind26 July 2013

Denial of Service vulnerability in named(8)

FreeBSD-SA-13:09.ip_multicast21 August 2013

Integer overflow in computing the size of a temporary buffer can result in a buffer which is too small for the requested operation

FreeBSD-SA-13:10.sctp21 August 2013

Fix a bug that could lead to kernel memory disclosure with SCTP state cookie

FreeBSD-SA-13:12.ifioctl10 September 2013

In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK at the socket layer rather than pass them on to the link layer without validation or credential checks

FreeBSD-SA-13:13.nullfs10 September 2013

Prevent cross-mount hardlinks between different nullfs mounts of the same underlying filesystem

FreeBSD-SA-14:01.bsnmpd14 January 2014

bsnmpd remote denial of service vulnerability

FreeBSD-SA-14:02.ntpd14 January 2014

ntpd distributed reflection Denial of Service vulnerability

FreeBSD-SA-14:04.bind14 January 2014

BIND remote denial of service vulnerability

FreeBSD-SA-14:05.nfsserver8 April 2014

NFS deadlock vulnerability

FreeBSD-SA-14:06.openssl8 April 2014

ECDSA Cache Side-channel Attack in OpenSSL

FreeBSD-SA-14:08.tcp30 April 2014

TCP reassembly vulnerability

FreeBSD-SA-14:11.sendmail5 June 2014

sendmail improper close-on-exec flag handling

FreeBSD-SA-14:12.ktrace5 June 2014

ktrace memory disclosure

FreeBSD-SA-14:14.openssl5 June 2014

OpenSSL multiple vulnerabilities

FreeBSD-SA-14:16.file5 June 2014

Multiple vulnerabilities in file(1) and libmagic(3)

FreeBSD-SA-14:17.kmem8 July 2014

kernel memory disclosure in control message and SCTP notifications

FreeBSD-SA-14:18.openssl9 September 2014

Multiple vulnerabilities in OpenSSL

FreeBSD-SA-14:19.tcp16 September 2014

Denial of Service in TCP packet processing

FreeBSD-SA-14:21.routed21 October 2014

routed(8) denial of service vulnerability

FreeBSD-SA-14:23.openssl21 October 2014

Multiple vulnerabilities in OpenSSL

FreeBSD-SA-14:25.setlogin4 November 2014

kernel stack disclosure in setlogin(2) and getlogin(2)

FreeBSD-SA-14:26.ftp4 November 2014

Remote command execution in ftp(1)

FreeBSD-SA-14:28.file10 December 2014

Multiple vulnerabilities in file(1) and libmagic(3)

FreeBSD-SA-14:29.bind10 December 2014

BIND remote denial of service vulnerability

FreeBSD-SA-14:31.ntp23 December 2014

Multiple vulnerabilities in NTP suite

FreeBSD-SA-15:01.ntp14 January 2015

Multiple vulnerabilities in OpenSSL

FreeBSD-SA-15:02.kmem27 January 2015

Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability

FreeBSD-SA-15:03.sctp27 January 2015

Fix SCTP stream reset vulnerability

FreeBSD-SA-15:04.igmp25 February 2015

Integer overflow in IGMP protocol

FreeBSD-SA-15:05.igmp25 February 2015

Remote denial of service vulnerability

FreeBSD-SA-15:06.openssl19 March 2015

Multiple vulnerabilities

FreeBSD-SA-15:07.ntp7 April 2015

Multiple vulnerabilities

FreeBSD-SA-15:09.ipv67 April 2015

Router advertisement Denial of Service

FreeBSD-SA-15:10.openssl16 June 2015

Multiple vulnerabilities

FreeBSD-SA-15:11.bind7 July 2015

Resolver remote denial of service

FreeBSD-SA-15:13.tcp21 July 2015

resource exhaustion due to sessions stuck in LAST_ACK state.

All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/

Questions that are not answered by the documentation may be sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.