===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata29.html,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -r1.72 -r1.73
--- www/errata29.html 2014/10/02 14:34:45 1.72
+++ www/errata29.html 2015/02/14 04:36:51 1.73
@@ -81,14 +81,14 @@
--
+
-
027: SECURITY FIX: June 25, 2002
All architectures
A potential buffer overflow in the DNS resolver has been found.
A source code patch exists which remedies this problem.
-
-
+
-
026: SECURITY FIX: May 8, 2002
All architectures
A race condition exists where an attacker could fill the file descriptor
@@ -97,14 +97,14 @@
A source code patch exists which remedies this problem.
-
-
+
-
025: SECURITY FIX: April 25, 2002
All architectures
A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
A source code patch exists which remedies this problem.
-
-
+
-
024: SECURITY FIX: April 22, 2002
All architectures
A local user can gain super-user privileges due to a buffer overflow
@@ -116,7 +116,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
023: SECURITY FIX: April 11, 2002
All architectures
mail(1)
@@ -126,7 +126,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
022: RELIABILITY FIX: March 13, 2002
All architectures
Under some circumstances the zlib compression library can free dynamically
@@ -138,7 +138,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
021: SECURITY FIX: March 8, 2002
All architectures
A local user can gain super-user privileges due to an off-by-one check
@@ -146,7 +146,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
020: SECURITY FIX: February 20, 2002
All architectures
A race condition between the ptrace(2) and execve(2) system calls allows
@@ -155,7 +155,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
019: SECURITY FIX: January 17, 2002
All architectures
If the Postfix sendmail replacement is installed on a system an
@@ -169,7 +169,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
018: INSTALL PROBLEM: Dec 11, 2001
The X binary sets shipped with OpenBSD 2.9 do not contain several files. These
missing files can be added manually from the sparc tarballs after the
@@ -186,7 +186,7 @@
# cd /usr/X11R6/bin/; ln -fs Xmac68k X
-
-
+
-
017: SECURITY FIX: November 28, 2001
All architectures
A security issue exists in the lpd daemon that may allow an attacker
@@ -198,7 +198,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
016: SECURITY FIX: November 13, 2001
All architectures
A security issue exists in the vi.recover script that may allow an attacker
@@ -207,7 +207,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: SECURITY FIX: September 11, 2001
All architectures
A security hole exists in uuxqt(8)
@@ -221,7 +221,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
014: SECURITY FIX: August 29, 2001
All architectures
A security hole exists in lpd(8)
@@ -234,7 +234,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: SECURITY FIX: August 21, 2001
All architectures
A security hole exists in sendmail(8)
@@ -244,7 +244,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
012: SECURITY FIX: July 30, 2001
All architectures
A kernel buffer overflow exists in the NFS mount code. An attacker may
@@ -256,7 +256,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
011: RELIABILITY FIX: July 15, 2001
All architectures
The
@@ -270,7 +270,7 @@
by forcing /usr/sbin/pkg
to be more careful in checking
version numbers.
-
-
+
-
010: RELIABILITY FIX: Jul 9, 2001
The NVIDIA driver for XFree86 4.0.3 is incorrectly restoring the text
mode palette upon exit of the X server.
--
+
-
009: RELIABILITY FIX: Jun 23, 2001
The XF86Setup(1) configuration tool for XFree86 3.3.6 is producing
corrupted /etc/XF86Config files.
@@ -295,7 +295,7 @@
"USB Mouse Support" options in the BIOS. Otherwise, the i8042
keyboard controller doesn't acknowledge commands, confusing OpenBSD.
-
-
+
-
008: RELIABILITY FIX: June 15, 2001
All architectures
twe(4)
@@ -309,7 +309,7 @@
A source code patch exists which remedies this problem.
This is the second version of the patch.
-
-
+
-
007: SECURITY FIX: June 15, 2001
All architectures
A race condition exists in the kernel execve(2) implementation that opens a small window of vulnerability for a non-privileged user to ptrace(2) attach to a suid/sgid process.
@@ -317,7 +317,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
006: SECURITY FIX: June 12, 2001
All architectures
sshd(8)
@@ -327,7 +327,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
005: RELIABILITY FIX: June 7, 2001
All architectures
pwd_mkdb(8)
@@ -336,7 +336,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: RELIABILITY FIX: June 5, 2001
All architectures
isakmpd(8)
@@ -346,7 +346,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: DOCUMENTATION FIX: June 1, 2001
All architectures
The 2.9 CD cover states that XFree86 3.3.6-current is included. This is only half-true.
@@ -354,7 +354,7 @@
3.3.6 Xservers have also been included, because 4.0.3 still has weak support for
some devices which 3.3.6 supported better.
-
-
+
-
002: SECURITY FIX: May 30, 2001
All architectures
Programs using the fts(3)
@@ -368,7 +368,7 @@
A source code patch exists which remedies this problem.
This is the second version of the patch.
-
-
+
-
001: SECURITY FIX: May 29, 2001
All architectures
The signal handlers in sendmail(8) contain code that is unsafe in the