===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.475
retrieving revision 1.476
diff -c -r1.475 -r1.476
*** www/errata.html 2004/02/19 03:30:52 1.475
--- www/errata.html 2004/02/26 07:33:56 1.476
***************
*** 55,62 ****
All architectures
!
! - 012: RELIABILITY FIX: February 14,
2004
Several buffer overflows exist in the code parsing
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
--- 55,62 ----
All architectures
! -
! 012: RELIABILITY FIX: February 14,
2004
Several buffer overflows exist in the code parsing
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
***************
*** 65,72 ****
A source code patch exists which remedies the problem.
!
!
- 011: SECURITY FIX: February 8, 2004
An IPv6 MTU handling problem exists that could be used by an attacker
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
--- 65,72 ----
A source code patch exists which remedies the problem.
!
-
! 011: SECURITY FIX: February 8, 2004
An IPv6 MTU handling problem exists that could be used by an attacker
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
***************
*** 74,81 ****
A source code patch exists which remedies the problem.
!
!
- 010: SECURITY FIX: February 5, 2004
A reference counting bug exists in the
shmat(2)
system call that could be used by an attacker to write to kernel memory
--- 74,81 ----
A source code patch exists which remedies the problem.
!
-
! 010: SECURITY FIX: February 5, 2004
A reference counting bug exists in the
shmat(2)
system call that could be used by an attacker to write to kernel memory
***************
*** 84,91 ****
A source code patch exists which remedies the problem.
!
!
- 009: SECURITY FIX: January 13, 2004
Several message handling flaws in
isakmpd(8)
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also
--- 84,91 ----
A source code patch exists which remedies the problem.
!
-
! 009: SECURITY FIX: January 13, 2004
Several message handling flaws in
isakmpd(8)
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also
***************
*** 95,102 ****
A source code patch exists which remedies these problems.
!
!
- 008: RELIABILITY FIX: November 20, 2003
An improper bounds check makes it possible for a local user to cause a crash
by passing the
semctl(2) and
--- 95,102 ----
A source code patch exists which remedies these problems.
!
-
! 008: RELIABILITY FIX: November 20, 2003
An improper bounds check makes it possible for a local user to cause a crash
by passing the
semctl(2) and
***************
*** 106,128 ****
A source code patch exists which remedies the problem.
!
!
- 007: RELIABILITY FIX: November 20, 2003
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
A source code patch exists which remedies the problem.
!
!
- 005: RELIABILITY FIX: November 4, 2003
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
A source code patch exists which remedies the problem.
!
!
- 004: RELIABILITY FIX: November 1, 2003
A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
--- 106,128 ----
A source code patch exists which remedies the problem.
!
-
! 007: RELIABILITY FIX: November 20, 2003
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
A source code patch exists which remedies the problem.
!
-
! 005: RELIABILITY FIX: November 4, 2003
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
A source code patch exists which remedies the problem.
!
-
! 004: RELIABILITY FIX: November 1, 2003
A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
***************
*** 132,146 ****
A source code patch exists which remedies the problem.
!
!
- 003: RELIABILITY FIX: November 1, 2003
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
A source code patch exists which remedies the problem.
!
!
- 002: SECURITY FIX: November 1, 2003
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
ssl(3).
--- 132,146 ----
A source code patch exists which remedies the problem.
!
-
! 003: RELIABILITY FIX: November 1, 2003
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
A source code patch exists which remedies the problem.
!
-
! 002: SECURITY FIX: November 1, 2003
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
ssl(3).
***************
*** 148,155 ****
A source code patch exists which remedies the problem.
!
!
- 001: DOCUMENTATION FIX: November 1, 2003
The CD insert documentation has an incorrect example for package installation.
Where it is written:
--- 148,155 ----
A source code patch exists which remedies the problem.
!
-
! 001: DOCUMENTATION FIX: November 1, 2003
The CD insert documentation has an incorrect example for package installation.
Where it is written:
***************
*** 258,264 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.475 2004/02/19 03:30:52 nick Exp $