NetBSD: Changes and News in 2014
On this page you will find a summary of significant changes to NetBSD. For those interested in every change to the source tree, there is no substitute for subscribing to the source-changes mailing list. Significant news related to the NetBSD Project is also included here. Changes to pkgsrc are also listed here. All of this information is also available in rss/xml format.
- Significant Source changes from NetBSD 6.0 to 7.0 (Updated nightly)
- Significant Source changes from NetBSD 5.0 to 6.0 (Updated nightly)
- Significant Source changes from NetBSD 4.0 to 5.0 (Updated nightly)
- Changes to pkgsrc
- Security patches
November 2014
- 15 Nov 2014 - NetBSD 5.1.5 and 5.2.3 released
- 03 Nov 2014 - New Security Advisories: NetBSD-SA2014-013 through 015 affecting ftp(1), the mount kernel interface, and OpenSSL and SSLv3
September 2014
- 22 Sep 2014 - NetBSD 6.1.5 and 6.0.6 released
- 08 Sep 2014 - New Security Advisories: NetBSD-SA2014-009 through 012 affecting execve, the compatibility layer, module loading and the setsockopt call
- 02 Sep 2014 - Updated Security Advisory: NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
August 2014
July 2014
June 2014
May 2014
April 2014
- 12 Apr 2014 - NetBSD 6.1.4 and 6.0.5 released
- 09 Apr 2014 - New Security Advisory: NetBSD-SA2014-004 OpenSSL information disclosure ("heartbleed")
March 2014
January 2014
- 07 Jan 2014 - New Security Advisory: NetBSD-SA2014-002 ntpd used as DDoS amplifier
- 07 Jan 2014 - New Security Advisory: NetBSD-SA2014-001 Stack buffer overflow in libXfont
November 2014
15 Nov 2014 - NetBSD 5.1.5 and 5.2.3 released
NetBSD 5.1.5 and 5.2.3 have been released. Please see the release notes for 5.1.5 and 5.2.3 for details. As always, NetBSD can be downloaded from your nearest mirror.
03 Nov 2014 - New Security Advisories: NetBSD-SA2014-013 through 015 affecting ftp(1), the mount kernel interface, and OpenSSL and SSLv3
Three new security advisory were published:
- NetBSD-SA2014-013 ftp(1) can be made to execute arbitrary commands by a malicious webserver
- NetBSD-SA2014-014 Multiple vulnerabilities in the mount system call
- NetBSD-SA2014-015 OpenSSL and SSLv3 vulnerabilities
You can find more information about them on the Security and NetBSD page.
September 2014
22 Sep 2014 - NetBSD 6.1.5 and 6.0.6 released
NetBSD 6.1.5 and 6.0.6 are now available! Please see the release notes for 6.1.5 and 6.0.6 for details. As always, NetBSD can be downloaded from your nearest mirror.
08 Sep 2014 - New Security Advisories: NetBSD-SA2014-009 through 012 affecting execve, the compatibility layer, module loading and the setsockopt call
Four new security advisory were published:
- NetBSD-SA2014-009 Multiple vulnerabilities in the execve system call
- NetBSD-SA2014-010 Multiple vulnerabilities in the compatibility layers
- NetBSD-SA2014-011 User-controlled memory allocation in the modctl system call
- NetBSD-SA2014-012 Memory leak in the setsockopt system call
You can find more information about them on the Security and NetBSD page.
02 Sep 2014 - Updated Security Advisory: NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
One updated security advisory was published:
- NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
You can find more information about them on the Security and NetBSD page.
August 2014
27 Aug 2014 - New Security Advisory: NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
One new security advisory was published:
- NetBSD-SA2014-008 Multiple OpenSSL vulnerabilities
You can find more information about them on the Security and NetBSD page.
July 2014
17 Jul 2014 - New Security Advisory: NetBSD-SA2014-007 bozohttpd basic http authentication bypass
One new security advisory was published:
- NetBSD-SA2014-007 bozohttpd basic http authentication bypass
You can find more information about them on the Security and NetBSD page.
June 2014
09 Jun 2014 - New Security Advisory: NetBSD-SA2014-006 Multiple OpenSSL vulnerabilities
One new security advisory was published:
- NetBSD-SA2014-006 Multiple OpenSSL vulnerabilities
You can find more information about them on the Security and NetBSD page.
May 2014
28 May 2014 - New Security Advisory: NetBSD-SA2014-005 libXfont multiple vulnerabilities
One new security advisory was published:
- NetBSD-SA2014-005 libXfont multiple vulnerabilities
You can find more information about them on the Security and NetBSD page.
April 2014
12 Apr 2014 - NetBSD 6.1.4 and 6.0.5 released
NetBSD 6.1.4 and 6.0.5 are now available! Please see the release notes for 6.1.4 and 6.0.5 for details. As always, NetBSD can be downloaded from your nearest mirror.
09 Apr 2014 - New Security Advisory: NetBSD-SA2014-004 OpenSSL information disclosure ("heartbleed")
One new security advisory was published:
- NetBSD-SA2014-004 OpenSSL information disclosure ("heartbleed")
You can find more information about them on the Security and NetBSD page.
March 2014
05 Mar 2014 - New Security Advisory: NetBSD-SA2014-003 posix_spawn unbounded kernel memory allocation
One new security advisory was published:
- NetBSD-SA2014-003 posix_spawn unbounded kernel memory allocation
You can find more information about them on the Security and NetBSD page.
January 2014
07 Jan 2014 - New Security Advisory: NetBSD-SA2014-002 ntpd used as DDoS amplifier
One new security advisory was published:
- NetBSD-SA2014-002 ntpd used as DDoS amplifier
You can find more information about them on the Security and NetBSD page.
07 Jan 2014 - New Security Advisory: NetBSD-SA2014-001 Stack buffer overflow in libXfont
One new security advisory was published:
- NetBSD-SA2014-001 Stack buffer overflow in libXfont
You can find more information about them on the Security and NetBSD page.