NetBSD 6.0.1 security/bugfix released
The NetBSD Project is pleased to announce NetBSD 6.0.1, the first security/bugfix update of the NetBSD 6.0 release branch. It represents a selected subset of fixes deemed important for security or stability reasons.
To save you from searching, here is the list of relevant changes
from the release notes:
expat: Fix CVE-2012-1147, CVE-2012-1148 and CVE-2012-0876.
BIND: Address CVE-2012-5688: Named could die on specific queries
with dns64 enabled.
posix_spawn(): Fix processes with attributes.
Resolve races between vget() and vrele() resulting in vget()
returning dead vnodes.
Prevent crash when unsupported fd's are used with kevent.
Fix "atomic fragments" for IPv6.
ipf: Fix alignment issues in ipmon.
npf: handle delayed checksums in the network stack.
smbfs: Make smbfs actually work on big-endian ports.
ciss(4): don't try to handle sensors if there aren't any.
Work around a possible gcc bug generating bad assembler code.
Disable C1E on AMD K8 CPUs, to prevent freeze during boot.
Prevent a memory corruption issue that locks up a Xen DomU,
and can potentially cause file system corruption.
Fix: Xen Dom0 NetBSD kernel could crash by adding duplicate
The complete list of changes can be found in the
file in the top level directory of the NetBSD 6.0.1 release tree.
Update to tzdata2012j.
cdb: don't refuse to open databases without entries or keys.
Address graphics corruption in recent Cairo, manifested most
commonly by certain rendered text sections appearing as solid
rectangular blocks of color.
Complete source and binaries for NetBSD 6.0.1 are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, SUP, and other services may be found at
P.S.: Don't miss out on the
end of NetBSD 2012 fundraise!
[Tags: Release, Security]