===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata28.html,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- www/errata28.html 2014/03/31 03:36:54 1.64
+++ www/errata28.html 2014/03/31 04:11:40 1.65
@@ -175,6 +175,12 @@
A source code patch exists which remedies this problem.
+
+022: SECURITY FIX: Mar 2, 2001
+The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default.
+
+A source code patch exists which remedies this problem.
+
021: SECURITY FIX: Feb 22, 2001 All architectures
There is an exploitable heap corruption bug in
@@ -215,6 +221,12 @@
A source code patch exists which remedies this problem.
+
+015: STABILITY FIX: Dec 22, 2000
+Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.
+
+A source code patch exists which remedies this problem.
+
014: SECURITY FIX: Dec 22, 2000 All architectures
Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.
@@ -240,6 +252,13 @@
A source code patch exists which remedies this problem.
+
+012: INSTALL PROBLEM: Dec 14, 2000
+The IMac DV+ (and probably some other machines) incorrectly identify their video
+hardware, but it is possible to work around the problem.
+
+A source code patch exists which remedies this problem.
+
011: RELIABILITY FIX: Dec 13, 2000 All architectures
The crypto subsystem could incorrectly fail to run certain software ciphers,
@@ -274,45 +293,19 @@
A source code patch exists which remedies this problem.
-
-005: SECURITY FIX: Dec 4, 2000 All architectures
-OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
-
-A source code patch exists which remedies this problem.
-You can view the OpenBSD Advisory here.
+
+007: INSTALL PROBLEM: Dec 4, 2000
+The X packages
+share28.tgz
+and
+font28.tgz
+were not on the CD, and only available via FTP install. These packages can be
+added post-install by using the following command:
+
+ # cd /; tar xvfpz xshare28.tgz
+ # cd /; tar xvfpz xfont28.tgz
+
-
-004: RELIABILITY FIX: Nov 17, 2000 All architectures
-First off, AES (Rijndael) encryption and decryption were broken for IPsec
-and swap encryption.
-Secondly, the AES code did not work properly on big endian machines.
-
-A source code patch exists which remedies this problem.
-This is the second revision of the patch.
-
-
-002: IMPLEMENTATION FIX: Nov 10, 2000 All architectures
-In ssh(1), skey support for SSH1 protocol was broken. Some people might consider
-that kind of important.
-
-A source code patch exists which remedies this problem.
-
-
-
-
i386
-
--
-022: SECURITY FIX: Mar 2, 2001
-The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default.
-
-A source code patch exists which remedies this problem.
-
-
-
-015: STABILITY FIX: Dec 22, 2000
-Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.
-
-A source code patch exists which remedies this problem.
-
-
006: STABILITY FIX: Dec 4, 2000
On some machines, a PCIBIOS device driver interrupt allocation bug can cause a
@@ -330,134 +323,44 @@
permanently.
-
+
+005: SECURITY FIX: Dec 4, 2000 All architectures
+OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
+
+A source code patch exists which remedies this problem.
+You can view the OpenBSD Advisory here.
-
-
mac68k
-
+
+004: RELIABILITY FIX: Nov 17, 2000 All architectures
+First off, AES (Rijndael) encryption and decryption were broken for IPsec
+and swap encryption.
+Secondly, the AES code did not work properly on big endian machines.
+
+A source code patch exists which remedies this problem.
+This is the second revision of the patch.
-
-
sparc
-
-
-
amiga
-
-
-
hp300
-
-
-
-
mvme68k
-
-
-
-
powerpc
-
-
-
-
sun3
-