www/errata.html - diff

Return to errata.html CVS log

Up to [local] / www

Diff for /www/errata.html between version 1.528 and 1.529

-version 1.528, 2005/03/17 01:30:03
+version 1.529, 2005/03/30 17:18:51
 Line 72
 Line 72
 Line 72
  <a name="vax"></a>
  <ul>
+ <li><a name="telnet"></a>
+ <font color="#009000"><strong>014: SECURITY FIX: March 30, 2005</strong></font> &nbsp; <i>All architectures</i><br>
+ Due to buffer overflows in
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&amp;apropos=0&amp;sektion=1&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">telnet(1)</a>
+ , a malicious server or man-in-the-middle attack could allow execution of
+ arbitrary code with the privileges of the user invoking
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&amp;apropos=0&amp;sektion=1&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">telnet(1)</a>
+ .
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.6/common/014_telnet.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
+ <li><a name="sack"></a>
+ <font color="#009000"><strong>013: RELIABILITY FIX: March 30, 2005</strong></font> &nbsp; <i>All architectures</i><br>
+ Bugs in the
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&amp;apropos=0&amp;sektion=4&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">tcp(4)</a>
+ stack can lead to memory exhaustion or processing of TCP segments with
+ invalid SACK options and cause a system crash.
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.6/common/013_sack.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
  <li><a name="copy"></a>
  <font color="#009000"><strong>012: SECURITY FIX: March 16, 2005</strong></font> &nbsp; <strong>amd64 only</strong><br>
  More stringent checking should be done in the