transmission which could be tricked into rounding up to the nearest
page size, leaking up to a page of kernel memory. [13:11]
In IPv6 and NetATM, stop SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK at the socket layer rather than pass them on to the
link layer without validation or credential checks. [SA-13:12]
Prevent cross-mount hardlinks between different nullfs mounts of the
same underlying filesystem. [SA-13:13]
Security: CVE-2013-5666
Security: FreeBSD-SA-13:11.sendfile
Security: CVE-2013-5691
Security: FreeBSD-SA-13:12.ifioctl
Security: CVE-2013-5710
Security: FreeBSD-SA-13:13.nullfs
Approved by: so
Fix an integer overflow in computing the size of a temporary buffer
can result in a buffer which is too small for the requested
operation. [13:09]
Fix a bug that could lead to kernel memory disclosure with
SCTP state cookie. [13:10]
Add latest errata notices:
Fix a data corruption problem with mfi(4) operating on > 2TB
disks in a JBOD. [EN-13:03]
Fix Denial of Service vulnerability in named(8). [13:07]
Fix a bug that allows remote client bypass the normal
access checks when when -network or -host restrictions are
used at the same time with -mapall. [13:08]
to a memory-mapped file in the traced process's address space
even if neither the traced process nor the tracing process had
write access to that file.
Security: CVE-2013-2171
Security: FreeBSD-SA-13:06.mmap
Approved by: so
Fix Denial of Service vulnerability in named(8) with DNS64. [13:01]
Fix Denial of Service vulnerability in libc's glob(3) functionality.
[13:02]
Security: CVE-2012-5688
Security: FreeBSD-SA-13:01.bind
Security: CVE-2010-2632
Security: FreeBSD-SA-13:02.libc
