===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.467
retrieving revision 1.468
diff -u -r1.467 -r1.468
--- www/errata.html 2003/11/21 02:34:01 1.467
+++ www/errata.html 2003/11/21 13:09:32 1.468
@@ -8,6 +8,7 @@
+
@@ -51,37 +52,36 @@
consult the OpenBSD FAQ.
-
-
-
All architectures
+
+All architectures
-
-- 008: RELIABILITY FIX: November 20, 2003
+ -
+008: RELIABILITY FIX: November 20, 2003
An improper bounds check makes it possible for a local user to cause a crash
by passing the
-semctl(2) and
-semop(2) functions
+semctl(2) and
+semop(2) functions
certain arguments.
A source code patch exists which remedies the problem.
-
+
- 007: RELIABILITY FIX: November 20, 2003
It is possible for a local user to cause a crash via
-sysctl(3) with certain arguments.
+sysctl(3) with certain arguments.
A source code patch exists which remedies the problem.
-
+
- 005: RELIABILITY FIX: November 4, 2003
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
A source code patch exists which remedies the problem.
-
+
- 004: RELIABILITY FIX: November 1, 2003
A user with write permission to httpd.conf or a .htaccess
file can crash
@@ -92,14 +92,14 @@
A source code patch exists which remedies the problem.
-
+
- 003: RELIABILITY FIX: November 1, 2003
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
A source code patch exists which remedies the problem.
-
+
- 002: SECURITY FIX: November 1, 2003
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
@@ -108,7 +108,7 @@
A source code patch exists which remedies the problem.
-
+
- 001: DOCUMENTATION FIX: November 1, 2003
The CD insert documentation has an incorrect example for package installation.
Where it is written:
@@ -122,16 +122,16 @@
-
-
i386
+
+i386
-
-- 006: SECURITY FIX: November 17, 2003
+ -
+006: SECURITY FIX: November 17, 2003
It may be possible for a local user to overrun the stack in
-compat_ibcs2(8).
+compat_ibcs2(8).
ProPolice catches this, turning a potential privilege escalation into a denial
of service. iBCS2 emulation does not need to be enabled via
-sysctl(8)
+sysctl(8)
for this to happen.
@@ -139,61 +139,60 @@
-
-
alpha
+
+alpha
- No problems identified yet.
-
-
mac68k
+
+mac68k
- No problems identified yet.
-
-
sparc
+
+sparc
- No problems identified yet.
-
-
sparc64
+
+sparc64
- No problems identified yet.
-
-
hppa
+
+hppa
- No problems identified yet.
-
-
hp300
+
+hp300
- No problems identified yet.
-
-
mvme68k
+
+mvme68k
- No problems identified yet.
-
-
macppc
+
+macppc
- No problems identified yet.
-
-
vax
+
+vax
- No problems identified yet.
-
@@ -219,7 +218,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.467 2003/11/21 02:34:01 millert Exp $
+
$OpenBSD: errata.html,v 1.468 2003/11/21 13:09:32 henning Exp $