===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata26.html,v
retrieving revision 1.75
retrieving revision 1.76
diff -c -r1.75 -r1.76
*** www/errata26.html 2016/08/15 02:22:06 1.75
--- www/errata26.html 2016/10/16 19:11:29 1.76
***************
*** 70,76 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 70,76 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 94,100 ****
used as a local denial of service attack which would block the exiting of
processes which had semaphore resources allocated. Processes not using
semaphores are not affected, so the actual effect is very minimal.
!
A source code patch exists which remedies this problem.
--- 94,100 ----
used as a local denial of service attack which would block the exiting of
processes which had semaphore resources allocated. Processes not using
semaphores are not affected, so the actual effect is very minimal.
!
A source code patch exists which remedies this problem.
***************
*** 105,111 ****
bypassed.
This patch also includes fixes for an unaligned timestamp issue,
and reliability fixes for ipmon and the in-kernel ftp proxy.
!
A source code patch exists which remedies this problem.
It updates ipf to version 3.3.16.
--- 105,111 ----
bypassed.
This patch also includes fixes for an unaligned timestamp issue,
and reliability fixes for ipmon and the in-kernel ftp proxy.
!
A source code patch exists which remedies this problem.
It updates ipf to version 3.3.16.
***************
*** 121,127 ****
the impact is much reduced.
(Aside: We do not consider this a localhost root hole in the default install,
since we have not seen a fast blowfish cracker yet ;-)
!
A source code patch exists which remedies this problem.
This is the 2nd patch designed to solve this problem.
--- 121,127 ----
the impact is much reduced.
(Aside: We do not consider this a localhost root hole in the default install,
since we have not seen a fast blowfish cracker yet ;-)
!
A source code patch exists which remedies this problem.
This is the 2nd patch designed to solve this problem.
***************
*** 138,144 ****
All architectures
syslog(3) would not try to reopen the socket, thus, nightly newsyslog(8)
would cause syslogd(8) to not see new messages.
!
A source code patch exists which remedies this problem.
--- 138,144 ----
All architectures
syslog(3) would not try to reopen the socket, thus, nightly newsyslog(8)
would cause syslogd(8) to not see new messages.
!
A source code patch exists which remedies this problem.
***************
*** 146,152 ****
All architectures
Intel fxp cards with National Semiconductor PHYs (nsphy) have trouble
negotiating and maintaining 100Mb link integrity.
!
A source code patch exists which remedies this problem.
--- 146,152 ----
All architectures
Intel fxp cards with National Semiconductor PHYs (nsphy) have trouble
negotiating and maintaining 100Mb link integrity.
!
A source code patch exists which remedies this problem.
***************
*** 156,162 ****
to having the stderr output of setuid processes directed onto
a pre-seeked descriptor onto the stack in their own procfs memory.
Note that procfs is not mounted by default in OpenBSD.
!
A source code patch exists which remedies this problem.
--- 156,162 ----
to having the stderr output of setuid processes directed onto
a pre-seeked descriptor onto the stack in their own procfs memory.
Note that procfs is not mounted by default in OpenBSD.
!
A source code patch exists which remedies this problem.
***************
*** 164,173 ****
All architectures
Fortran doesn't work right. The file /usr/include/g2c.h is missing in the
release.
!
A source code patch exists which remedies this problem.
The patch fixes the source tree and describes how to properly add
!
the include file to your system.
--- 164,173 ----
All architectures
Fortran doesn't work right. The file /usr/include/g2c.h is missing in the
release.
!
A source code patch exists which remedies this problem.
The patch fixes the source tree and describes how to properly add
!
the include file to your system.
***************
*** 177,183 ****
USA version of the libssl package (called sslUSA, is
possibly exploitable in isakmpd if SSL/RSA features
are enabled or used.
! OpenSSH and httpd (with -DSSL) are not
vulnerable.
NOTE: International users using the ssl26 package are not affected.
--- 177,183 ----
USA version of the libssl package (called sslUSA, is
possibly exploitable in isakmpd if SSL/RSA features
are enabled or used.
! OpenSSH and httpd (with -DSSL) are not
vulnerable.
NOTE: International users using the ssl26 package are not affected.
***************
*** 203,215 ****
015: Y2K FIX: Jan 9, 2000
All architectures
The at(1) command was unable to parse some kinds of dates.
!
A source code patch exists which remedies this problem.
014: Y2K FIX: Jan 3, 2000
A minor problem; the sparc eeprom(8) command is not Y2K compliant.
!
A source code patch exists which remedies this problem.
This is the second revision of the patch.
--- 203,215 ----
015: Y2K FIX: Jan 9, 2000
All architectures
The at(1) command was unable to parse some kinds of dates.
!
A source code patch exists which remedies this problem.
014: Y2K FIX: Jan 3, 2000
A minor problem; the sparc eeprom(8) command is not Y2K compliant.
!
A source code patch exists which remedies this problem.
This is the second revision of the patch.
***************
*** 217,223 ****
013: Y2K FIX: Jan 3, 2000
All architectures
A minor problem in the logging support for the adduser(8) command.
!
A source code patch exists which remedies this problem.
--- 217,223 ----
013: Y2K FIX: Jan 3, 2000
All architectures
A minor problem in the logging support for the adduser(8) command.
!
A source code patch exists which remedies this problem.
***************
*** 225,245 ****
All architectures
The 3C900B-TPO fails to select the correct media type (it never sees or
sends packets).
!
A source code patch exists which remedies this problem.
011: SECURITY FIX: Dec 4, 1999
All architectures
Various bugs in poll(2) may cause a kernel crash.
!
A source code patch exists which remedies this problem.
010: SECURITY FIX: Dec 4, 1999
All architectures
Sendmail had a race in aliases file handling, which this patch fixes.
!
A source code patch exists which remedies this problem.
--- 225,245 ----
All architectures
The 3C900B-TPO fails to select the correct media type (it never sees or
sends packets).
!
A source code patch exists which remedies this problem.
011: SECURITY FIX: Dec 4, 1999
All architectures
Various bugs in poll(2) may cause a kernel crash.
!
A source code patch exists which remedies this problem.
010: SECURITY FIX: Dec 4, 1999
All architectures
Sendmail had a race in aliases file handling, which this patch fixes.
!
A source code patch exists which remedies this problem.
***************
*** 248,268 ****
Various improvements have been made to the IDE/ATAPI subsystem since
the 2.6 release shipped.
Some of these improvements make some recalcitrant devices work much better.
!
Revision 1 of this jumbo source code patch exists.
007: RELIABILITY FIX: Nov 12, 1999
m68k architectures
All m68k kernels can possibly be crashed by a user.
!
A source code patch exists which remedies this problem.
006: RELIABILITY FIX: Nov 13, 1999
alpha only
The alpha kernel can possibly be crashed by a user.
!
A source code patch exists which remedies this problem.
--- 248,268 ----
Various improvements have been made to the IDE/ATAPI subsystem since
the 2.6 release shipped.
Some of these improvements make some recalcitrant devices work much better.
!
Revision 1 of this jumbo source code patch exists.
007: RELIABILITY FIX: Nov 12, 1999
m68k architectures
All m68k kernels can possibly be crashed by a user.
!
A source code patch exists which remedies this problem.
006: RELIABILITY FIX: Nov 13, 1999
alpha only
The alpha kernel can possibly be crashed by a user.
!
A source code patch exists which remedies this problem.
***************
*** 271,277 ****
Various OpenSSH improvements have been made since the 2.6 release shipped.
To resolve the various (non-security related) features which users may want,
we are making a jumbo patch available. This is now at VERSION FOUR.
!
Revision 4 of this jumbo source code patch exists.
NOTE: /etc/sshd_config and /etc/ssh_config may need changes.
--- 271,277 ----
Various OpenSSH improvements have been made since the 2.6 release shipped.
To resolve the various (non-security related) features which users may want,
we are making a jumbo patch available. This is now at VERSION FOUR.
!
Revision 4 of this jumbo source code patch exists.
NOTE: /etc/sshd_config and /etc/ssh_config may need changes.
***************
*** 279,292 ****
004: RELIABILITY FIX: Nov 12, 1999
sparc only
The sparc kernel can be crashed by a user.
!
A source code patch exists which remedies this problem.
003: FUNCTIONALITY FIX: Nov 10, 1999
All architectures
m4 is quite broken in the 2.6 release.
!
A source code patch exists which remedies this problem.
This is the 3rd revision of the patch.
--- 279,292 ----
004: RELIABILITY FIX: Nov 12, 1999
sparc only
The sparc kernel can be crashed by a user.
!
A source code patch exists which remedies this problem.
003: FUNCTIONALITY FIX: Nov 10, 1999
All architectures
m4 is quite broken in the 2.6 release.
!
A source code patch exists which remedies this problem.
This is the 3rd revision of the patch.
***************
*** 294,307 ****
002: SECURITY FIX: Nov 9, 1999
All architectures
Any user can change interface media configurations.
!
A source code patch exists which remedies this problem.
001: RELIABILITY FIX: Nov 8, 1999
All architectures
A race condition in newsyslog(8) can cause errors in log file rotation.
!
A source code patch exists which remedies this problem.
--- 294,307 ----
002: SECURITY FIX: Nov 9, 1999
All architectures
Any user can change interface media configurations.
!
A source code patch exists which remedies this problem.
001: RELIABILITY FIX: Nov 8, 1999
All architectures
A race condition in newsyslog(8) can cause errors in log file rotation.
!
A source code patch exists which remedies this problem.