===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.573
retrieving revision 1.574
diff -u -r1.573 -r1.574
--- www/errata.html 2006/11/01 08:30:16 1.573
+++ www/errata.html 2006/11/04 03:02:28 1.574
@@ -75,6 +75,48 @@
+-
+003: SECURITY FIX: October 7, 2006 All architectures
+Fix for an integer overflow in
+systrace(4)'s
+STRIOCREPLACE support, found by
+Chris Evans. This could be exploited for DoS, limited kmem reads or local
+privilege escalation.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+002: SECURITY FIX: October 7, 2006 All architectures
+Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
+structures an error condition is mishandled, possibly resulting in an infinite
+loop. A buffer overflow exists in the SSL_get_shared_ciphers function. A NULL
+pointer may be dereferenced in the SSL version 2 client code. In addition, many
+applications using OpenSSL do not perform any validation of the lengths of
+public keys being used.
+CVE-2006-2937,
+CVE-2006-3738,
+CVE-2006-4343,
+CVE-2006-2940
+
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+001: SECURITY FIX: October 7, 2006 All architectures
+httpd(8)
+does not sanitize the Expect header from an HTTP request when it is
+reflected back in an error message, which might allow cross-site scripting (XSS)
+style attacks.
+CVE-2006-3918
+
+
+
+A source code patch exists which remedies this problem.
+
@@ -108,7 +150,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.573 2006/11/01 08:30:16 steven Exp $
+
$OpenBSD: errata.html,v 1.574 2006/11/04 03:02:28 brad Exp $