===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.559
retrieving revision 1.560
diff -u -r1.559 -r1.560
--- www/errata.html 2006/07/30 17:35:57 1.559
+++ www/errata.html 2006/08/25 15:56:06 1.560
@@ -75,6 +75,52 @@
+-
+008: SECURITY FIX: August 25, 2006 All architectures
+A problem in
+isakmpd(8)
+caused IPsec to run partly without replay protection. If
+isakmpd(8)
+was acting as responder during SA negotiation, SA's with a replay window of size 0 were created.
+An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
+replay counter.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+007: SECURITY FIX: August 25, 2006 All architectures
+It is possible to cause the kernel to panic when more than the default number of
+sempahores have been allocated.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+006: SECURITY FIX: August 25, 2006 All architectures
+Due to an off-by-one error in
+dhcpd(8),
+it is possible to cause
+dhcpd(8)
+to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
+CVE-2006-3122
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+005: SECURITY FIX: August 25, 2006 All architectures
+A potential denial of service problem has been found in sendmail. A message
+with really long header lines could trigger a use-after-free bug causing
+sendmail to crash.
+
+
+A source code patch exists which remedies this problem.
+
+
-
004: SECURITY FIX: July 30, 2006 All architectures
httpd(8)
@@ -154,7 +200,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.559 2006/07/30 17:35:57 brad Exp $
+
$OpenBSD: errata.html,v 1.560 2006/08/25 15:56:06 brad Exp $