===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata26.html,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- www/errata26.html	2014/03/31 04:11:40	1.58
+++ www/errata26.html	2014/03/31 16:02:48	1.59
@@ -77,7 +77,8 @@
 
 <ul>
 <li><a name="semconfig"></a>
-<font color="#009000"><strong>024: SECURITY FIX: May 26, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>024: SECURITY FIX: May 26, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 Kernel contained an undocumented system call used to lock semaphore operations
 while they were being sampled by the ipcs(1) command.  This locking could be
 used as a local denial of service attack which would block the exiting of
@@ -87,7 +88,8 @@
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="ipf"></a>
-<font color="#009000"><strong>023: SECURITY FIX: May 25, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>023: SECURITY FIX: May 25, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 A misuse of ipf(8)
 <i>keep-state</i> rules can result in firewall rules being
 bypassed.
@@ -98,7 +100,8 @@
 It updates ipf to version 3.3.16.
 <p>
 <li><a name="xlockmore"></a>
-<font color="#009000"><strong>022: SECURITY FIX: May 25, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>022: SECURITY FIX: May 25, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 xlockmore has a localhost attack against it which allows recovery of the encrypted
 hash of the root password.  The damage to systems using DES passwords from this
 attack is pretty heavy, but to systems with a well-chosen root password under
@@ -113,28 +116,32 @@
 This is the 2nd patch designed to solve this problem.
 <p>
 <li><a name="rzsz"></a>
-<font color="#009000"><strong>021: RZSZ SNOOPING: Jan 31, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>021: RZSZ SNOOPING: Jan 31, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 The rzsz port was removed from the ports collection, as it collects and
 sends user information to a designated email address, effectively spying on
 you.  <em>It is recommended that you remove this package if you installed
 it</em>.
 <p>
 <li><a name="syslog"></a>
-<font color="#009000"><strong>020: LIBRARY IMPROVEMENT: Jan 26, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>020: LIBRARY IMPROVEMENT: Jan 26, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 syslog(3) would not try to reopen the socket, thus, nightly newsyslog(8)
 would cause syslogd(8) to not see new messages.
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/020_syslog.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="nsphy"></a>
-<font color="#009000"><strong>019: DRIVER IMPROVEMENT: Jan 20, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>019: DRIVER IMPROVEMENT: Jan 20, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 Intel fxp cards with National Semiconductor PHYs (nsphy) have trouble
 negotiating and maintaining 100Mb link integrity.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/019_nsphy.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="procfs"></a>
-<font color="#009000"><strong>018: SECURITY FIX: Jan 20, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>018: SECURITY FIX: Jan 20, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 Systems running with procfs enabled and mounted are vulnerable
 to having the stderr output of setuid processes directed onto
 a pre-seeked descriptor onto the stack in their own procfs memory.<br>
@@ -143,7 +150,8 @@
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="fortran"></a>
-<font color="#009000"><strong>017: FUNCTIONALITY ADDITION: Nov 14, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>017: FUNCTIONALITY ADDITION: Nov 14, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Fortran doesn't work right.  The file /usr/include/g2c.h is missing in the
 release.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/008_fortran.patch">
@@ -153,7 +161,8 @@
 the include file</a> to your system.
 <p>
 <li><a name="sslUSA"></a>
-<font color="#009000"><strong>016: SECURITY FIX: Dec 2, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>016: SECURITY FIX: Dec 2, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 A buffer overflow in the RSAREF code included in the
 USA version of the libssl package (called <strong>sslUSA</strong>, is
 possibly exploitable in isakmpd if SSL/RSA features
@@ -181,7 +190,8 @@
 <strong>NOTE: this problem turned out to not be unexploitable in OpenSSH.</strong>
 <p>
 <li><a name="aty2k"></a>
-<font color="#009000"><strong>015: Y2K FIX: Jan 9, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>015: Y2K FIX: Jan 9, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 The at(1) command was unable to parse some kinds of dates.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/015_aty2k.patch">
 A source code patch exists which remedies this problem.</a>
@@ -194,32 +204,37 @@
 This is the second revision of the patch.
 <p>
 <li><a name="addusery2k"></a>
-<font color="#009000"><strong>013: Y2K FIX: Jan 3, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>013: Y2K FIX: Jan 3, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 A minor problem in the logging support for the adduser(8) command.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/013_addusery2k.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="3c900b"></a>
-<font color="#009000"><strong>012: DRIVER IMPROVEMENT: Jan 3, 2000</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>012: DRIVER IMPROVEMENT: Jan 3, 2000</strong></font>
+&nbsp; <i>All architectures</i><br>
 The 3C900B-TPO fails to select the correct media type (it never sees or
 sends packets).<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/012_3c900b.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="poll"></a>
-<font color="#009000"><strong>011: SECURITY FIX: Dec 4, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>011: SECURITY FIX: Dec 4, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Various bugs in poll(2) may cause a kernel crash.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/011_poll.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="sendmail"></a>
-<font color="#009000"><strong>010: SECURITY FIX: Dec 4, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>010: SECURITY FIX: Dec 4, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Sendmail had a race in aliases file handling, which this patch fixes.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/010_sendmail.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="atapijumbo"></a>
-<font color="#009000"><strong>009: DRIVER IMPROVEMENTS: Dec 4, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>009: DRIVER IMPROVEMENTS: Dec 4, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Various improvements have been made to the IDE/ATAPI subsystem since
 the 2.6 release shipped.<br>
 Some of these improvements make some recalcitrant devices work much better.
@@ -227,19 +242,22 @@
 Revision 1 of this jumbo source code patch exists.</a><br>
 <p>
 <li><a name="hp300_locore"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font> &nbsp; <i>m68k architectures</i><br>
+<font color="#009000"><strong>007: RELIABILITY FIX: Nov 12, 1999</strong></font>
+&nbsp; <i>m68k architectures</i><br>
 All m68k kernels can possibly be crashed by a user.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/m68k/007_locore.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="alpha_locore"></a>
-<font color="#009000"><strong>006: RELIABILITY FIX: Nov 13, 1999</strong></font> &nbsp; <i>alpha only</i><br>
+<font color="#009000"><strong>006: RELIABILITY FIX: Nov 13, 1999</strong></font>
+&nbsp; <i>alpha only</i><br>
 The alpha kernel can possibly be crashed by a user.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/alpha/006_locore.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="sshjumbo"></a>
-<font color="#009000"><strong>005: FUNCTIONALITY ADDITION: Nov 11, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>005: FUNCTIONALITY ADDITION: Nov 11, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Various OpenSSH improvements have been made since the 2.6 release shipped.<br>
 To resolve the various (non-security related) features which users may want,
 we are making a jumbo patch available.  <strong>This is now at VERSION FOUR.</strong><br>
@@ -248,26 +266,30 @@
 <strong>NOTE: /etc/sshd_config and /etc/ssh_config may need changes.</strong>
 <p>
 <li><a name="sparc_locore"></a>
-<font color="#009000"><strong>004: RELIABILITY FIX: Nov 12, 1999</strong></font> &nbsp; <i>sparc only</i><br>
+<font color="#009000"><strong>004: RELIABILITY FIX: Nov 12, 1999</strong></font>
+&nbsp; <i>sparc only</i><br>
 The sparc kernel can be crashed by a user.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/sparc/004_locore.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="m4"></a>
-<font color="#009000"><strong>003: FUNCTIONALITY FIX: Nov 10, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>003: FUNCTIONALITY FIX: Nov 10, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 m4 is quite broken in the 2.6 release.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/003_m4.patch">
 A source code patch exists which remedies this problem.</a>
 This is the 3rd revision of the patch.
 <p>
 <li><a name="ifmedia"></a>
-<font color="#009000"><strong>002: SECURITY FIX: Nov 9, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>002: SECURITY FIX: Nov 9, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 Any user can change interface media configurations.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/002_ifmedia.patch">
 A source code patch exists which remedies this problem.</a>
 <p>
 <li><a name="newsyslog"></a>
-<font color="#009000"><strong>001: RELIABILITY FIX: Nov 8, 1999</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>001: RELIABILITY FIX: Nov 8, 1999</strong></font>
+&nbsp; <i>All architectures</i><br>
 A race condition in newsyslog(8) can cause errors in log file rotation.<br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.6/common/001_newsyslog.patch">
 A source code patch exists which remedies this problem.</a>