=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata27.html,v retrieving revision 1.85 retrieving revision 1.86 diff -u -r1.85 -r1.86 --- www/errata27.html 2016/08/15 02:22:06 1.85 +++ www/errata27.html 2016/10/16 19:11:29 1.86 @@ -70,7 +70,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

@@ -97,7 +97,7 @@ application is mysql). Additionally, if the HOME environment variable is not set, the current working directory is used; this patch disables the history file if HOME is not set.
- + A source code patch exists which remedies this problem.

  • @@ -106,20 +106,20 @@ There is an exploitable heap corruption bug in sudo.
    - + A source code patch exists which remedies this problem.

  • 037: SECURITY FIX: Dec 4, 2000   All architectures
    OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.
    - + A source code patch exists which remedies this problem.

  • 036: RELIABILITY FIX: Nov 17, 2000
    Configuring a qec+qe causes a NMI panic.
    - + A source code patch exists which remedies this problem.

  • @@ -127,21 +127,21 @@   All architectures
    Hostile servers can force OpenSSH clients to do agent or X11 forwarding. This problem is fixed as of OpenSSH 2.3.0.
    - + A source code patch exists which remedies this problem.

  • 034: RELIABILITY FIX: Nov 10, 2000
    When running a sparc with a serial console, certain types of interrupts would cause great grief.
    - + A source code patch exists which remedies this problem.

  • 033: RELIABILITY FIX: Nov 6, 2000   All architectures
    Invalid fields in the exec header could cause a crash.
    - + A source code patch exists which remedies this problem.

  • @@ -153,7 +153,7 @@ BUGTRAQ mailing list.
    - + A source code patch exists which remedies this problem.

  • @@ -164,7 +164,7 @@ to be exposed under certain configurations when these modules are used. (These modules are not active by default).
    - + A source code patch exists which remedies this problem.

  • @@ -173,7 +173,7 @@ The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH and TERMCAP (when it starts with a '/') environment variables.
    - + A source code patch exists which remedies this problem.

  • @@ -181,7 +181,7 @@   All architectures
    There is a non-exploitable buffer overflow in sendmail's test mode.
    - + A source code patch exists which remedies this problem.

  • @@ -189,7 +189,7 @@   All architectures
    There are printf-style format string bugs in several privileged programs.
    - + A source code patch exists which remedies this problem.

  • @@ -199,7 +199,7 @@ as well as in the TERMCAP environment variable for setuid and setgid applications.
    - + A source code patch exists which remedies this problem.

  • @@ -208,7 +208,7 @@ A format string vulnerability exists in talkd(8). It is not clear yet what the impact is.
    - + A source code patch exists which remedies this problem.

  • @@ -220,14 +220,14 @@ 
     # chmod u-s /usr/bin/chpass
    - + A source code patch exists which remedies this problem.

  • 024: SECURITY FIX: Sep 18, 2000   All architectures
    Bad ESP/AH packets could cause a crash under certain conditions. -
    +
    A source code patch exists which remedies this problem.

  • @@ -238,7 +238,7 @@ 
     # chmod u-s /usr/X11R6/bin/xlock
    - + A source code patch exists which remedies this problem.

  • @@ -283,7 +283,7 @@ the XFree86 Xwrapper already has tests for bad arguments.
    - + A source code patch exists which remedies this problem. Note 1: tcl/tk is required to build X11 from source.
    Note 2: When re-building use the command @@ -303,7 +303,7 @@ stable release source tree or apply the provided patch to a 2.7 source tree.
    - + A source code patch exists which remedies this problem.

  • @@ -313,7 +313,7 @@ ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default. The problem exists if anonymous ftp is enabled.
    - + A source code patch exists which remedies this problem.

  • @@ -321,7 +321,7 @@   All architectures
    Mopd contained a buffer overflow.
    - + A source code patch exists which remedies this problem.

  • @@ -332,7 +332,7 @@ screen-3.9.5.tgz.old and a replacement package has been provided under the name screen-3.9.5p1.tgz.
    - + A source code patch exists which remedies this problem.

  • @@ -342,7 +342,7 @@ filter from working correctly on the 3c905B, thus preventing many IPv6 things from working.
    - + A source code patch exists which remedies this problem.

  • @@ -352,7 +352,7 @@ (i.e., the D-Link 550TX) has a bug which causes the machine to panic at boot-time.
    - + A source code patch exists which remedies this problem.

  • @@ -362,7 +362,7 @@ fixes a problem with scrolling region handling that has been seen by many users trying to use the BitchX irc client with the screen program.

    - + A source code patch exists which remedies this problem. This is the second revision of the patch.

    @@ -373,7 +373,7 @@ That behaviour is not nice; this does not turn into a security problem in any real world situation that we know of, but a patch is available anyways.
    - + A source code patch exists which remedies this problem.

  • @@ -382,7 +382,7 @@ A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root.
    - + A source code patch exists which remedies this problem.

  • @@ -391,7 +391,7 @@ Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents ancontrol(8) from working correctly, instead causing a panic.
    - + A source code patch exists which remedies this problem.

  • @@ -423,7 +423,7 @@ A serious bug in isakmpd(8) policy handling wherein policy verification could be completely bypassed in isakmpd.
    - + A source code patch exists which remedies this problem.

  • @@ -431,7 +431,7 @@   All architectures
    Some operations in msdosfs could result in a system panic.
    - + A source code patch exists which remedies this problem.

  • @@ -439,7 +439,7 @@   All architectures
    NFS exporting of CD filesystems caused a system panic.
    - + A source code patch exists which remedies this problem.

  • @@ -455,7 +455,7 @@ Parse IPv4 options more carefully. It is not yet clear if this can even be used to crash the machine remote or locally.
    - + A source code patch exists which remedies this problem.

  • @@ -463,7 +463,7 @@   All architectures
    Certain routing table modifications by the superuser could cause a system panic.
    - + A source code patch exists which remedies this problem.

  • @@ -473,7 +473,7 @@ go directly to the machine acting as a bridge.
    - + A source code patch exists which remedies this problem.

  • @@ -483,7 +483,7 @@ ef(4) driver will complain when adding an address with ifconfig (ifconfig: SIOCAIFADDR: Invalid argument).
    - + A source code patch exists which remedies this problem.

  • @@ -491,7 +491,7 @@   All architectures
    A misuse of ipf(8) keep-state rules can result in firewall rules being bypassed.
    - + A source code patch exists which remedies this problem. It updates ipf to version 3.3.16.