===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata22.html,v
retrieving revision 1.76
retrieving revision 1.77
diff -c -r1.76 -r1.77
*** www/errata22.html 2014/10/02 14:34:45 1.76
--- www/errata22.html 2015/02/14 04:36:51 1.77
***************
*** 81,87 ****
! -
SECURITY FIX
All architectures
If IPSEC communication is attempted by starting photurisd(8) (which is
--- 81,87 ----
! -
SECURITY FIX
All architectures
If IPSEC communication is attempted by starting photurisd(8) (which is
***************
*** 90,96 ****
A source code patch exists which remedies this problem.
!
-
SECURITY FIX
All architectures
As stated in CERT advisory VB-98.04, there are buffer
--- 90,96 ----
A source code patch exists which remedies this problem.
!
-
SECURITY FIX
All architectures
As stated in CERT advisory VB-98.04, there are buffer
***************
*** 106,112 ****
We provide a version of this patch file specifically for the OpenBSD 2.2 tree.
!
-
SECURITY FIX
All architectures
An exploitable buffer mismanagement exists in a subroutine used by
--- 106,112 ----
We provide a version of this patch file specifically for the OpenBSD 2.2 tree.
!
-
SECURITY FIX
All architectures
An exploitable buffer mismanagement exists in a subroutine used by
***************
*** 116,122 ****
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A DNS-based vulnerability exists when uucpd is used. By default uucpd
--- 116,122 ----
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A DNS-based vulnerability exists when uucpd is used. By default uucpd
***************
*** 124,130 ****
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A vulnerability exists when (and only when) /etc/named.conf has the
--- 124,130 ----
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A vulnerability exists when (and only when) /etc/named.conf has the
***************
*** 132,138 ****
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A vulnerability exists in ping(8); if the -R option is used to record
--- 132,138 ----
A patch is available which corrects this behaviour.
!
-
SECURITY FIX
All architectures
A vulnerability exists in ping(8); if the -R option is used to record
***************
*** 142,148 ****
A patch is available which corrects this behaviour.
!
-
SECURITY FIX All architectures
If the sysctl variable net.inet.ip.forwarding is
enabled (value 1), but the variable net.inet.ip.sourceroute
--- 142,148 ----
A patch is available which corrects this behaviour.
!
-
SECURITY FIX All architectures
If the sysctl variable net.inet.ip.forwarding is
enabled (value 1), but the variable net.inet.ip.sourceroute
***************
*** 154,160 ****
A kernel patch is provided.
!
-
SECURITY FIX
All architectures
A combination localhost+remote host security problem exists if a
--- 154,160 ----
A kernel patch is provided.
!
-
SECURITY FIX
All architectures
A combination localhost+remote host security problem exists if a
***************
*** 187,193 ****
The problem with the ruserok() function appears to also exist in
ssh 1.2.21 and previous (the ssh people have been alerted).
!
-
SECURITY FIX All architectures
A bug in the vm system permits a file descriptor opened read-only on a
device, to later on be mmap(2)'d read-write, and then modified. This
--- 187,193 ----
The problem with the ruserok() function appears to also exist in
ssh 1.2.21 and previous (the ssh people have been alerted).
!
-
SECURITY FIX All architectures
A bug in the vm system permits a file descriptor opened read-only on a
device, to later on be mmap(2)'d read-write, and then modified. This
***************
*** 209,215 ****
A replacement source file exists.
!
-
SECURITY FIX
All architectures
If a line in /etc/exports which contains hostnames results in an empty
--- 209,215 ----
A replacement source file exists.
!
-
SECURITY FIX
All architectures
If a line in /etc/exports which contains hostnames results in an empty
***************
*** 225,231 ****
A patch to return EINVAL in this case is available.
!
-
RELIABILITY FIX
The Intel P5 F00F bug was discovered after the CDRs had already been
sent to the manufacturer. This problem permits any user who has an account
--- 225,231 ----
A patch to return EINVAL in this case is available.
!
-
RELIABILITY FIX
The Intel P5 F00F bug was discovered after the CDRs had already been
sent to the manufacturer. This problem permits any user who has an account
***************
*** 297,303 ****
bsd.scsi3,
and a replacement for bsd.rd is coming soon.
!
-
RELIABILITY FIX
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when
using a custom kernel configured for option sun4m only.
--- 297,303 ----
bsd.scsi3,
and a replacement for bsd.rd is coming soon.
!
-
RELIABILITY FIX
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when
using a custom kernel configured for option sun4m only.
***************
*** 333,339 ****
A source code patch is available.
!
-
SECURITY FIX
A security problem in the shared library linker ld.so
requires that you replace it with a new binary. The following binary
--- 333,339 ----
A source code patch is available.
!
-
SECURITY FIX
A security problem in the shared library linker ld.so
requires that you replace it with a new binary. The following binary