Four NetBSD Security Advisories, Fixes Released 40
Dan writes "The NetBSD security team has formally announced 4 security advisories and fixes for the following advisories: NetBSD-SA2003-014 Insufficient argument checking in sysctl(2); NetBSD-SA2003-015 Remote and local vulnerabilities in XFree86 font libraries;
NetBSD-SA2003-016 Sendmail - another prescan() bug CAN-2003-0694;
NetBSD-SA2003-017 OpenSSL multiple vulnerability. There is an integer overflow in the XFree86 font libraries, which could lead to potential privilege escalation and/or remote code execution. Sendmail advisory involves a prescan() bug in sendmail packages prior to 8.12.10. OpenSSL had multiple vulnerabilities, they were found by tests performed by NISCC. Finally, insufficient argument checking in sysctl(2) which could be exploited."
Damned Trolls (Score:2)
Anyways, this is a good advance for NetBSD, regardless of it having holes or not, getting an OS patched is always good.
Good job NetBSD, come on guys, give them some credit, they run netBSD on more platforms than almost anyone else.