Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > September 2005 > NetBSD - NetBSD 2.1 Release Candidate 5 binaries available for download

September 2005

NetBSD - NetBSD 2.1 Release Candidate 5 binaries available for download

ID: 00835
Ref: 778/05
Date: 26 September 2005:16:32:38
Version: 1
Title: NetBSD - NetBSD 2.1 Release Candidate 5 binaries available for download
Abstract: This release fixes a security hole reported in CAN-2005-2495
Vendors affected: NetBSD
Operating systems affected: NetBSD
Applications affected: NetBSD

Title
=====
NetBSD - NetBSD 2.1 Release Candidate 5 binaries available for download


Detail
======

The NetBSD Release Engineering Team have announced the release of NetBSD 2.1 RC5.
The following is the text of the announcement:

" On behalf of the NetBSD Release Engineering team, I'm happy to announce
the availability of NetBSD 2.1 RC5 for testing. (A security issue
came up shortly after RC4 was tagged, so it was never announced).

NetBSD 2.1 RC5 is available in the "daily builds" section of your
local FTP mirror (in the /pub/NetBSD-daily/netbsd-2-1-RC5 directory
on most mirrors), and we encourage you to test it out and report any
bugs using send-pr(1).

We anticipate that this will be the final release candidate for
NetBSD 2.1, barring any major issues or security problems.

Here is a brief summary of changes from NetBSD 2.1_RC3 to 2.1_RC4:

- protect ipsec ioctls from negative offsets
- fix the 'postinstall' phase of sysinst
- update to tzdata2005m (includes US DST changes for 2007)
- Avoid an infinite loop in gzip decompressing invalid files
- Avoid panic trying to write files to msdosfs of 4GB or greater
- remove an unsafe /tmp file creation in X
- add a missing range check in FreeBSD compat code
- add missing bootxx_ffsv2 to amd64 bootfloppies
- Initialize CP0 pagemask register properly on mips
- make /usr/bin/which return a proper error indicator
- add freebsd_sched.c when building compat_freebsd as an LKM
- various minor sysinst fixes and language improvements
- fixes for the sk(4) driver to make dhclient work better
- kqueue: EOF on pipe gains no EVFILT_READ event - fix
- Update the OpenBlockS266 support

Here is a brief summary of changes from NetBSD 2.1_RC4 to 2.1_RC5:

- fix security hole reported in CAN-2005-2495 "



  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |