=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata30.html,v retrieving revision 1.70 retrieving revision 1.71 diff -c -r1.70 -r1.71 *** www/errata30.html 2013/10/26 15:21:13 1.70 --- www/errata30.html 2014/02/27 17:26:45 1.71 *************** *** 57,63 **** 5.1, 5.2, 5.3, ! 5.4.
--- 57,64 ---- 5.1, 5.2, 5.3, ! 5.4, ! 5.5.
*************** *** 79,85 ****
  • 036: SECURITY FIX: November 14, 2002
    A buffer overflow in ! named(8) could allow an attacker to execute code with the privileges of named. On OpenBSD, named runs as a non-root user in a chrooted environment which mitigates the effects of this bug.
    --- 80,86 ----
  • 036: SECURITY FIX: November 14, 2002
    A buffer overflow in ! named(8) could allow an attacker to execute code with the privileges of named. On OpenBSD, named runs as a non-root user in a chrooted environment which mitigates the effects of this bug.
    *************** *** 88,94 ****

  • 035: SECURITY FIX: November 6, 2002
    ! Incorrect argument checking in the getrlimit(2) system call may allow an attacker to crash the kernel.
    A --- 89,95 ----

  • 035: SECURITY FIX: November 6, 2002
    ! Incorrect argument checking in the getrlimit(2) system call may allow an attacker to crash the kernel.
    A *************** *** 111,117 ****

  • 032: SECURITY FIX: October 7, 2002
    ! Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory.
    A source code patch exists which remedies the problem.

    --- 112,118 ----

  • 032: SECURITY FIX: October 7, 2002
    ! Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory.
    A source code patch exists which remedies the problem.

    *************** *** 126,135 ****

  • 030: SECURITY FIX: July 30, 2002
    ! Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the ! ssl(8) ! library, as in the ASN.1 parser code in the ! crypto(3) library, all of them being potentially remotely exploitable.
    A source code patch exists which remedies the problem.
    --- 127,136 ----

  • 030: SECURITY FIX: July 30, 2002
    ! Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the ! ssl(8) ! library, as in the ASN.1 parser code in the ! crypto(3) library, all of them being potentially remotely exploitable.
    A source code patch exists which remedies the problem.
    *************** *** 137,144 ****

  • 029: SECURITY FIX: July 29, 2002
    ! A buffer overflow can occur in the ! xdr_array(3) RPC code, leading to possible remote crash.
    A source code patch exists which remedies the problem.
    --- 138,145 ----

  • 029: SECURITY FIX: July 29, 2002
    ! A buffer overflow can occur in the ! xdr_array(3) RPC code, leading to possible remote crash.
    A source code patch exists which remedies the problem.
    *************** *** 146,153 ****

  • 028: SECURITY FIX: July 29, 2002
    ! A race condition exists in the ! pppd(8) daemon which may cause it to alter the file permissions of an arbitrary file.
    A source code patch exists which remedies the problem.

    --- 147,154 ----

  • 028: SECURITY FIX: July 29, 2002
    ! A race condition exists in the ! pppd(8) daemon which may cause it to alter the file permissions of an arbitrary file.
    A source code patch exists which remedies the problem.

    *************** *** 329,335 **** patch as well.

  • A vulnerability in environment passing in the UseLogin ! sshd option

  • Various other non-critical fixes. --- 330,336 ---- patch as well.

  • A vulnerability in environment passing in the UseLogin ! sshd option

  • Various other non-critical fixes. *************** *** 450,458 ****
    ! OpenBSD www@openbsd.org !
    $OpenBSD: errata30.html,v 1.70 2013/10/26 15:21:13 deraadt Exp $ --- 451,459 ----
    ! OpenBSD www@openbsd.org !
    $OpenBSD: errata30.html,v 1.71 2014/02/27 17:26:45 deraadt Exp $