Josh Soref
ac865f04fc
Correct Spelling ( #458 )
...
* spelling: accepts
* spelling: account
* spelling: accept
* spelling: accumulate
* spelling: adapter
* spelling: address
* spelling: additional
* spelling: aggressive
* spelling: adhered
* spelling: allowed
* spelling: ambiguous
* spelling: amount
* spelling: anonymous
* spelling: acquisition
* spelling: assemble
* spelling: associated
* spelling: assigns
* spelling: attach
* spelling: attempt
* spelling: attribute
* spelling: authenticate
* spelling: authentication
* spelling: available
* spelling: bridging
* spelling: cascade
* spelling: cancel
* spelling: check
* spelling: challenge
* spelling: changing
* spelling: characters
* spelling: cloud
* spelling: compare
* spelling: communication
* spelling: compatible
* spelling: compatibility
* spelling: completion
* spelling: complete
* spelling: computers
* spelling: configure
* spelling: configuration
* spelling: conformant
* spelling: connection
* spelling: contains
* spelling: continuously
* spelling: continue
* spelling: convert
* spelling: counters
* spelling: create
* spelling: created
* spelling: cumulate
* spelling: currently
* spelling: debugging
* spelling: decryption
* spelling: description
* spelling: default
* spelling: driver
* spelling: delete
* spelling: destination
* spelling: disabled
* spelling: different
* spelling: dynamically
* spelling: directory
* spelling: disappeared
* spelling: disable
* spelling: doesn't
* spelling: download
* spelling: dropped
* spelling: enable
* spelling: established
* spelling: ether
* spelling: except
* spelling: expired
* spelling: field
* spelling: following
* spelling: forever
* spelling: firewall
* spelling: first
* spelling: fragment
* spelling: function
* spelling: gateway
* spelling: identifier
* spelling: identify
* spelling: incoming
* spelling: information
* spelling: initialize
* spelling: injection
* spelling: inner
* spelling: instead
* spelling: installation
* spelling: inserted
* spelling: integer
* spelling: interrupt
* spelling: intuitive
* spelling: interval
* spelling: january
* spelling: keybytes
* spelling: know
* spelling: language
* spelling: length
* spelling: library
* spelling: listener
* spelling: maintain
* spelling: modified
* spelling: necessary
* spelling: number
* spelling: obsoleted
* spelling: occurred
* spelling: occurring
* spelling: occur
* spelling: original
* spelling: omittable
* spelling: omit
* spelling: opening
* spelling: operation
* spelling: packet
* spelling: parameters
* spelling: pointed
* spelling: popupmenuopen
* spelling: privilege
* spelling: product
* spelling: protection
* spelling: promiscuous
* spelling: prompt
* spelling: query
* spelling: random
* spelling: reconnection
* spelling: revocation
* spelling: received
* spelling: red hat
* spelling: registry
* spelling: release
* spelling: retrieve
2018-05-16 23:47:10 +02:00
Daiyuu Nobori
7de986dcca
7 missing memory boundaries checks and similar memory problems. There are no risk of arbitrary code execution or intrusion on these bugs in my analysis. However, these problems may lead to crash the running server process. So these bugs must be fixed.
...
Buffer overread in ParseL2TPPacket()
Memory corruption in IcmpParseResult
Missing bounds check in ParseUDP() can lead to invalid memory access
Out-of-bounds read in IPsec_PPP.c (unterminated string buffer)
Overlapping parameters to memcpy() via StrToIp6()
PACK ReadValue() crash vulnerability
Potential use of uninitialized memory via IPToInAddr6()
4 memory leaks. While the amount of leakage is very small per time, these bugs can finally cause process crash by out of memory. So these bugs must be fixed.
Memory leak in NnReadDnsRecord
Memory leak in RadiusLogin()
Memory leak via ParsePacketIPv4WithDummyMacHeader
Remote memory leak in OpenVPN server code
1 coding improvement. This is not a bug, however, I fixed the code to avoid furture misunderstanding.
RecvAll can return success on failure (leading to use of uninitialized memory)
Contributors for this bugfix:
- Max Planck Institute for Molecular Genetics
- Guido Vranken
2018-01-15 10:25:10 +09:00
Daiyuu Nobori
9f9dc459a7
Preparing the development branch
2017-10-19 15:00:41 +09:00
dnobori
faee11ff09
v4.23-9647-beta
2017-10-18 18:24:21 +09:00
dnobori
17e624ac26
v4.19-9605-beta
2016-03-06 23:16:01 +09:00
dnobori
4e862a7e40
v4.19-9582-beta
2015-10-06 20:18:00 +09:00
dnobori
860f743dd7
v4.17-9566-beta
2015-07-17 00:31:57 +09:00
dnobori
10d4b2c43d
v4.10-9505-beta
2014-10-04 00:09:23 +09:00
dnobori
9f7d8578a7
v4.10-9472-beta
2014-07-12 02:06:20 +09:00
dnobori
719ee999d6
v4.07-9448-rtm
2014-06-06 06:53:20 +09:00
dnobori
cf2a6a42bc
v4.06-9430-beta
2014-03-20 05:45:05 +09:00
dnobori
001fd910fe
v4.04-9412-rtm
2014-01-15 18:01:42 +09:00
dnobori
749497dde0
v4.03-9408-rtm
2014-01-04 22:00:08 +09:00