===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata26.html,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- www/errata26.html	2014/03/31 03:36:54	1.57
+++ www/errata26.html	2014/03/31 04:11:40	1.58
@@ -142,12 +142,57 @@
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/018_procfs.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
+<li><a name="fortran"></a>
+<font color="#009000"><strong>017: FUNCTIONALITY ADDITION: Nov 14, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+Fortran doesn't work right.  The file /usr/include/g2c.h is missing in the
+release.<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/008_fortran.patch">
+A source code patch exists which remedies this problem.</a>
+The patch fixes the source tree and describes how to properly add
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/g2c.h">
+the include file</a> to your system.
+<p>
+<li><a name="sslUSA"></a>
+<font color="#009000"><strong>016: SECURITY FIX: Dec 2, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+A buffer overflow in the RSAREF code included in the
+USA version of the libssl package (called <strong>sslUSA</strong>, is
+possibly exploitable in isakmpd if SSL/RSA features
+are enabled or used.<br>
+<a href="http://www.openssh.com">OpenSSH</a> and httpd (with -DSSL) are not
+vulnerable.<br>
+<strong>NOTE: International users using the ssl26 package are not affected.</strong>
+<p>
+To check what package you are using, use
+<pre>
+<b>#</b> pkg_info sslUSA26
+</pre>
+The patched library says:<br>
+"ssl26.1 USA-only non-commercial crypto libs incl. SSL &amp; RSA"
+<p>
+Non-commercial USA users who installed the ssl package before December 3
+should upgrade their <strong>sslUSA26</strong> package using:<br>
+<pre>
+<b>#</b> pkg_delete sslUSA26
+<b>#</b> pkg_add -v sslUSA26.tar.gz
+</pre>
+Using the new <strong>sslUSA26.tar.gz</strong> files which have been placed
+on the FTP mirrors.<br>
+<a href=advisories/sslUSA>For more information, see the advisory</a>.<br>
+<strong>NOTE: this problem turned out to not be unexploitable in OpenSSH.</strong>
+<p>
 <li><a name="aty2k"></a>
 <font color="#009000"><strong>015: Y2K FIX: Jan 9, 2000</strong></font> &nbsp; <i>All architectures</i><br>
 The at(1) command was unable to parse some kinds of dates.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/015_aty2k.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
+<li><a name="eepromy2k"></a>
+<font color="#009000"><strong>014: Y2K FIX: Jan 3, 2000</strong></font><br>
+A minor problem; the sparc eeprom(8) command is not Y2K compliant.<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/sparc/014_eepromy2k.patch">
+A source code patch exists which remedies this problem.</a>
+This is the second revision of the patch.
+<p>
 <li><a name="addusery2k"></a>
 <font color="#009000"><strong>013: Y2K FIX: Jan 3, 2000</strong></font> &nbsp; <i>All architectures</i><br>
 A minor problem in the logging support for the adduser(8) command.<br>
@@ -181,43 +226,17 @@
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/009_atapi.patch"><br>
 Revision 1 of this jumbo source code patch exists.</a><br>
 <p>
-<li><a name="sslUSA"></a>
-<font color="#009000"><strong>016: SECURITY FIX: Dec 2, 1999</strong></font> &nbsp; <i>All architectures</i><br>
-A buffer overflow in the RSAREF code included in the
-USA version of the libssl package (called <strong>sslUSA</strong>, is
-possibly exploitable in isakmpd if SSL/RSA features
-are enabled or used.<br>
-<a href="http://www.openssh.com">OpenSSH</a> and httpd (with -DSSL) are not
-vulnerable.<br>
-<strong>NOTE: International users using the ssl26 package are not affected.</strong>
+<li><a name="hp300_locore"></a>
+<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font> &nbsp; <i>m68k architectures</i><br>
+All m68k kernels can possibly be crashed by a user.<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
+A source code patch exists which remedies this problem.</a>
 <p>
-To check what package you are using, use
-<pre>
-<b>#</b> pkg_info sslUSA26
-</pre>
-The patched library says:<br>
-"ssl26.1 USA-only non-commercial crypto libs incl. SSL &amp; RSA"
-<p>
-Non-commercial USA users who installed the ssl package before December 3
-should upgrade their <strong>sslUSA26</strong> package using:<br>
-<pre>
-<b>#</b> pkg_delete sslUSA26
-<b>#</b> pkg_add -v sslUSA26.tar.gz
-</pre>
-Using the new <strong>sslUSA26.tar.gz</strong> files which have been placed
-on the FTP mirrors.<br>
-<a href=advisories/sslUSA>For more information, see the advisory</a>.<br>
-<strong>NOTE: this problem turned out to not be unexploitable in OpenSSH.</strong>
-<p>
-<li><a name="fortran"></a>
-<font color="#009000"><strong>017: FUNCTIONALITY ADDITION: Nov 14, 1999</strong></font> &nbsp; <i>All architectures</i><br>
-Fortran doesn't work right.  The file /usr/include/g2c.h is missing in the
-release.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/008_fortran.patch">
+<li><a name="alpha_locore"></a>
+<font color="#009000"><strong>006: RELIABILITY FIX: Nov 13, 1999</strong></font> &nbsp; <i>alpha only</i><br>
+The alpha kernel can possibly be crashed by a user.<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/alpha/006_locore.patch">
 A source code patch exists which remedies this problem.</a>
-The patch fixes the source tree and describes how to properly add
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/g2c.h">
-the include file</a> to your system.
 <p>
 <li><a name="sshjumbo"></a>
 <font color="#009000"><strong>005: FUNCTIONALITY ADDITION: Nov 11, 1999</strong></font> &nbsp; <i>All architectures</i><br>
@@ -228,6 +247,12 @@
 Revision 4 of this jumbo source code patch exists.</a><br>
 <strong>NOTE: /etc/sshd_config and /etc/ssh_config may need changes.</strong>
 <p>
+<li><a name="sparc_locore"></a>
+<font color="#009000"><strong>004: RELIABILITY FIX: Nov 12, 1999</strong></font> &nbsp; <i>sparc only</i><br>
+The sparc kernel can be crashed by a user.<br>
+<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/sparc/004_locore.patch">
+A source code patch exists which remedies this problem.</a>
+<p>
 <li><a name="m4"></a>
 <font color="#009000"><strong>003: FUNCTIONALITY FIX: Nov 10, 1999</strong></font> &nbsp; <i>All architectures</i><br>
 m4 is quite broken in the 2.6 release.<br>
@@ -245,80 +270,6 @@
 <font color="#009000"><strong>001: RELIABILITY FIX: Nov 8, 1999</strong></font> &nbsp; <i>All architectures</i><br>
 A race condition in newsyslog(8) can cause errors in log file rotation.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/001_newsyslog.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="mac68k"></a>
-<h3><font color="#e00000">mac68k</font></h3>
-<ul>
-<li><a name="m68k_locore"></a>
-<a name="mac68k_locore"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font><br>
-All m68k kernels can possibly be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="sparc"></a>
-<h3><font color="#e00000">sparc</font></h3>
-<ul>
-<li><a name="eepromy2k"></a>
-<font color="#009000"><strong>014: Y2K FIX: Jan 3, 2000</strong></font><br>
-A minor problem; the sparc eeprom(8) command is not Y2K compliant.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/sparc/014_eepromy2k.patch">
-A source code patch exists which remedies this problem.</a>
-This is the second revision of the patch.
-<p>
-<li><a name="sparc_locore"></a>
-<font color="#009000"><strong>004: RELIABILITY FIX: Nov 12, 1999</strong></font><br>
-The sparc kernel can be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/sparc/004_locore.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="amiga"></a>
-<h3><font color="#e00000">amiga</font></h3>
-<ul>
-<li><a name="amiga_locore"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font><br>
-All m68k kernels can possibly be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="alpha"></a>
-<h3><font color="#e00000">alpha</font></h3>
-<ul>
-<li><a name="alpha_locore"></a>
-<font color="#009000"><strong>006: RELIABILITY FIX: Nov 13, 1999</strong></font><br>
-The alpha kernel can possibly be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/alpha/006_locore.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="hp300"></a>
-<h3><font color="#e00000">hp300</font></h3>
-<ul>
-<li><a name="hp300_locore"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font><br>
-All m68k kernels can possibly be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
-A source code patch exists which remedies this problem.</a>
-<p>
-</ul>
-<p>
-<a name="mvme68k"></a>
-<h3><font color="#e00000">mvme68k</font></h3>
-<ul>
-<li><a name="mvme68k_locore"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font><br>
-All m68k kernels can possibly be crashed by a user.<br>
-<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 </ul>
