NetBSD 5.1 released, security fixes abound

NetBSD 5.1 represents a selected subset of fixes deemed critical for security or stability reasons, as well as new features and enhancements.

Security advisory fixes:

  • NetBSD-SA2009-004, NetBSD OpenPAM passwd(1) changing weakness.
  • NetBSD-SA2009-005, Plaintext Recovery Attack Against SSH.
  • NetBSD-SA2009-006, Buffer overflows in ntp.
  • NetBSD-SA2009-007, Buffer overflows in hack(6).
  • NetBSD-SA2009-008, OpenSSL ASN1 parsing denial of service and CMS signature verification weakness.
  • NetBSD-SA2009-009, OpenSSL DTLS Memory Exhaustion and DSA signature verification vulnerabilities.
  • NetBSD-SA2009-010, ISC dhclient subnet-mask flag stack overflow.
  • NetBSD-SA2009-011, ISC DHCP server Denial of Service vulnerability.
  • NetBSD-SA2009-012, SHA2 implementation potential buffer overflow.
  • NetBSD-SA2009-013, BIND named dynamic update Denial of Service vulnerability.
  • NetBSD-SA2010-002, OpenSSL TLS renegotiation man in the middle vulnerability.
  • NetBSD-SA2010-003, azalia(4)/hdaudio(4) negative mixer index panic.
  • NetBSD-SA2010-004, amd64 per-page No-execute (NX) bit disabled.
  • NetBSD-SA2010-005, NTP server Denial of Service vulnerability.
  • NetBSD-SA2010-006, Buffer length checking errors in CODA.
  • NetBSD-SA2010-007, Integer overflow in libbz2 decompression code.
  • NetBSD-SA2010-008, sftp(1)/ftp(1)/glob(3) related resource exhaustion.
  • NetBSD-SA2010-010, Buffer Length Handling Errors in netsmb.
  • NetBSD-SA2010-011, OpenSSL Double Free Arbitrary Code Execution.

Other security fixes:

  • openssl: Fix CVE-2009-4355 and CVE-2010-0740.
  • Fix crash in openssl: handshake_dgst[] may be used without being allocated, causing NULL pointer dereference.
  • Update BIND server and tools to 9.5.2-P2, fixing CVE-2009-0025, CVE-2009-4022, and CVE-2010-0097.
  • ntpd(8): Fix CVE-2009-3563.
  • expat: Fix SA36425 and CVE-2009-3560.
  • fts(3): Avoid possible integer overflow on really deep dirs, and subsequent collateral damage. Received from OpenBSD via US-CERT as VU #590371.
  • Fix a couple issues with POSIX message queues
  • arc4random(3): Keep arc4_i and arc4_j synchronised after a rekeying. This prevents accidentally ending up in a short ARC4 cycle.
  • freetype: Fix CVE-2009-0946.
  • ftpd(8): Fix a remote crash. PR 43023.
  • openldap: Fix CVE-2009-3767.
  • Fix an NX regression observed on amd64 kernels, where per-page execution right was disabled (therefore leading to the inability of the kernel to detect fraudulent use of memory mappings marked as not being executable).

Don't miss