Four NetBSD Security Advisories, Fixes Released

Dan writes "The NetBSD security team has formally announced 4 security advisories and fixes for the following advisories: NetBSD-SA2003-014 Insufficient argument checking in sysctl(2); NetBSD-SA2003-015 Remote and local vulnerabilities in XFree86 font libraries; NetBSD-SA2003-016 Sendmail - another prescan() bug CAN-2003-0694; NetBSD-SA2003-017 OpenSSL multiple vulnerability. There is an integer overflow in the XFree86 font libraries, which could lead to potential privilege escalation and/or remote code execution. Sendmail advisory involves a prescan() bug in sendmail packages prior to 8.12.10. OpenSSL had multiple vulnerabilities, they were found by tests performed by NISCC. Finally, insufficient argument checking in sysctl(2) which could be exploited."