===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata28.html,v
retrieving revision 1.63
retrieving revision 1.64
diff -c -r1.63 -r1.64
*** www/errata28.html 2014/03/31 03:12:47 1.63
--- www/errata28.html 2014/03/31 03:36:54 1.64
***************
*** 75,85 ****
-
- All architectures
! 013: SECURITY FIX: Dec 18, 2000 All architectures
Procfs contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD.
A source code patch exists which remedies this problem.
! 011: RELIABILITY FIX: Dec 13, 2000 All architectures
The crypto subsystem could incorrectly fail to run certain software ciphers,
if a hardware card existed in the machine.
A source code patch exists which remedies this problem.
! 010: RELIABILITY FIX: Dec 11, 2000 All architectures
A crash could occur during fast routing, if IPSEC was enabled.
A source code patch exists which remedies this problem.
! 009: SECURITY FIX: Dec 10, 2000 All architectures
Another problem exists in the Kerberos libraries.
A source code patch exists which remedies this problem.
! 008: SECURITY FIX: Dec 7, 2000 All architectures
Two problems have recently been discovered in the KerberosIV code.
1. A symlink problem was discovered in the KerberosIV password checking
routines /usr/bin/su and /usr/bin/login, which makes it possible for a
***************
*** 278,291 ****
A source code patch exists which remedies this problem.
! 005: SECURITY FIX: Dec 4, 2000
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
A source code patch exists which remedies this problem.
You can view the OpenBSD Advisory here.
! 004: RELIABILITY FIX: Nov 17, 2000
First off, AES (Rijndael) encryption and decryption were broken for IPsec
and swap encryption.
Secondly, the AES code did not work properly on big endian machines.
--- 275,288 ----
A source code patch exists which remedies this problem.
! 005: SECURITY FIX: Dec 4, 2000 All architectures
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
A source code patch exists which remedies this problem.
You can view the OpenBSD Advisory here.
! 004: RELIABILITY FIX: Nov 17, 2000 All architectures
First off, AES (Rijndael) encryption and decryption were broken for IPsec
and swap encryption.
Secondly, the AES code did not work properly on big endian machines.
***************
*** 294,300 ****
This is the second revision of the patch.
! 002: IMPLEMENTATION FIX: Nov 10, 2000
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider
that kind of important.
--- 291,297 ----
This is the second revision of the patch.
! 002: IMPLEMENTATION FIX: Nov 10, 2000 All architectures
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider
that kind of important.