=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v retrieving revision 1.563 retrieving revision 1.564 diff -u -r1.563 -r1.564 --- www/errata.html 2006/09/09 03:04:22 1.563 +++ www/errata.html 2006/09/09 13:05:53 1.564 @@ -106,7 +106,7 @@ 009: SECURITY FIX: September 2, 2006   All architectures
Due to the failure to correctly validate LCP configuration option lengths, it is possible for an attacker to send LCP packets via an -sppp(4) +sppp(4) connection causing the kernel to panic. CVE-2006-4304
@@ -117,9 +117,9 @@
  • 008: SECURITY FIX: August 25, 2006   All architectures
    A problem in -isakmpd(8) +isakmpd(8) caused IPsec to run partly without replay protection. If -isakmpd(8) +isakmpd(8) was acting as responder during SA negotiation, SA's with a replay window of size 0 were created. An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter. @@ -140,9 +140,9 @@
  • 006: SECURITY FIX: August 25, 2006   All architectures
    Due to an off-by-one error in -dhcpd(8), +dhcpd(8), it is possible to cause -dhcpd(8) +dhcpd(8) to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
    @@ -162,8 +162,8 @@
  • 004: SECURITY FIX: July 30, 2006   All architectures
    -httpd(8) -'s mod_rewrite has a potentially exploitable off-by-one buffer overflow. +httpd(8)'s +mod_rewrite has a potentially exploitable off-by-one buffer overflow. The buffer overflow may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. The default install is not affected by the @@ -239,7 +239,7 @@
    OpenBSD www@openbsd.org -
    $OpenBSD: errata.html,v 1.563 2006/09/09 03:04:22 brad Exp $ +
    $OpenBSD: errata.html,v 1.564 2006/09/09 13:05:53 steven Exp $