===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata30.html,v
retrieving revision 1.80
retrieving revision 1.81
diff -c -r1.80 -r1.81
*** www/errata30.html 2014/10/02 14:34:45 1.80
--- www/errata30.html 2015/02/14 04:36:51 1.81
***************
*** 82,88 ****
! -
036: SECURITY FIX: November 14, 2002
All architectures
A buffer overflow in
--- 82,88 ----
! -
036: SECURITY FIX: November 14, 2002
All architectures
A buffer overflow in
***************
*** 93,99 ****
A source code patch exists which remedies this problem.
!
-
035: SECURITY FIX: November 6, 2002
All architectures
Incorrect argument checking in the
--- 93,99 ----
A source code patch exists which remedies this problem.
!
-
035: SECURITY FIX: November 6, 2002
All architectures
Incorrect argument checking in the
***************
*** 102,108 ****
A source code patch exists which remedies this problem.
!
-
034: SECURITY FIX: November 6, 2002
All architectures
An attacker can bypass the restrictions imposed by sendmail's restricted shell,
--- 102,108 ----
A source code patch exists which remedies this problem.
!
-
034: SECURITY FIX: November 6, 2002
All architectures
An attacker can bypass the restrictions imposed by sendmail's restricted shell,
***************
*** 111,117 ****
A source code patch exists which remedies this problem.
!
-
033: SECURITY FIX: October 21, 2002
All architectures
A buffer overflow can occur in the
--- 111,117 ----
A source code patch exists which remedies this problem.
!
-
033: SECURITY FIX: October 21, 2002
All architectures
A buffer overflow can occur in the
***************
*** 120,126 ****
A source code patch exists which remedies this problem.
!
-
032: SECURITY FIX: October 7, 2002
All architectures
Incorrect argument checking in the
--- 120,126 ----
A source code patch exists which remedies this problem.
!
-
032: SECURITY FIX: October 7, 2002
All architectures
Incorrect argument checking in the
***************
*** 128,134 ****
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: August 11, 2002
All architectures
An insufficient boundary check in the
--- 128,134 ----
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: August 11, 2002
All architectures
An insufficient boundary check in the
***************
*** 138,144 ****
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: July 30, 2002
All architectures
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
--- 138,144 ----
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: July 30, 2002
All architectures
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
***************
*** 151,157 ****
This is the second version of the patch.
!
-
029: SECURITY FIX: July 29, 2002
All architectures
A buffer overflow can occur in the
--- 151,157 ----
This is the second version of the patch.
!
-
029: SECURITY FIX: July 29, 2002
All architectures
A buffer overflow can occur in the
***************
*** 162,168 ****
This is the second version of the patch.
!
-
028: SECURITY FIX: July 29, 2002
All architectures
A race condition exists in the
--- 162,168 ----
This is the second version of the patch.
!
-
028: SECURITY FIX: July 29, 2002
All architectures
A race condition exists in the
***************
*** 171,177 ****
A source code patch exists which remedies this problem.
!
-
027: RELIABILITY FIX: July 5, 2002
All architectures
Receiving IKE payloads out of sequence can cause
--- 171,177 ----
A source code patch exists which remedies this problem.
!
-
027: RELIABILITY FIX: July 5, 2002
All architectures
Receiving IKE payloads out of sequence can cause
***************
*** 181,201 ****
This is the second version of the patch.
!
-
026: SECURITY FIX: June 27, 2002
All architectures
The kernel would let any user ktrace(2) set[ug]id processes.
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: June 25, 2002
All architectures
A potential buffer overflow in the DNS resolver has been found.
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: June 24, 2002
All architectures
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
--- 181,201 ----
This is the second version of the patch.
!
-
026: SECURITY FIX: June 27, 2002
All architectures
The kernel would let any user ktrace(2) set[ug]id processes.
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: June 25, 2002
All architectures
A potential buffer overflow in the DNS resolver has been found.
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: June 24, 2002
All architectures
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
***************
*** 204,210 ****
3.4, and a patch for the vulnerable releases is available as part of the
security advisory.
!
-
023: SECURITY FIX: June 24, 2002
All architectures
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
--- 204,210 ----
3.4, and a patch for the vulnerable releases is available as part of the
security advisory.
!
-
023: SECURITY FIX: June 24, 2002
All architectures
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
***************
*** 212,218 ****
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: June 19, 2002
All architectures
A buffer overflow can occur during the interpretation of chunked
--- 212,218 ----
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: June 19, 2002
All architectures
A buffer overflow can occur during the interpretation of chunked
***************
*** 220,226 ****
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: May 8, 2002
All architectures
A race condition exists where an attacker could fill the file descriptor
--- 220,226 ----
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: May 8, 2002
All architectures
A race condition exists where an attacker could fill the file descriptor
***************
*** 229,242 ****
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: April 25, 2002
All architectures
A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: April 22, 2002
All architectures
A local user can gain super-user privileges due to a buffer overflow
--- 229,242 ----
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: April 25, 2002
All architectures
A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: April 22, 2002
All architectures
A local user can gain super-user privileges due to a buffer overflow
***************
*** 248,254 ****
A source code patch exists which remedies this problem.
!
-
018: SECURITY FIX: April 11, 2002
All architectures
mail(1)
--- 248,254 ----
A source code patch exists which remedies this problem.
!
-
018: SECURITY FIX: April 11, 2002
All architectures
mail(1)
***************
*** 258,264 ****
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: March 26, 2002
All architectures
isakmpd(8)
--- 258,264 ----
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: March 26, 2002
All architectures
isakmpd(8)
***************
*** 267,273 ****
A source code patch exists which remedies this problem.
!
-
016: SECURITY FIX: March 19, 2002
All architectures
Under certain conditions, on systems using YP with netgroups in the password
--- 267,273 ----
A source code patch exists which remedies this problem.
!
-
016: SECURITY FIX: March 19, 2002
All architectures
Under certain conditions, on systems using YP with netgroups in the password
***************
*** 284,290 ****
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: March 13, 2002
All architectures
Under some circumstances the zlib compression library can free dynamically
--- 284,290 ----
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: March 13, 2002
All architectures
Under some circumstances the zlib compression library can free dynamically
***************
*** 296,302 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 8, 2002
All architectures
A local user can gain super-user privileges due to an off-by-one check
--- 296,302 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 8, 2002
All architectures
A local user can gain super-user privileges due to an off-by-one check
***************
*** 304,317 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: February 4, 2002
All architectures
The wrong filedescriptors are released when pipe(2) failed.
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: January 21, 2002
All architectures
A race condition between the ptrace(2) and execve(2) system calls allows
--- 304,317 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: February 4, 2002
All architectures
The wrong filedescriptors are released when pipe(2) failed.
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: January 21, 2002
All architectures
A race condition between the ptrace(2) and execve(2) system calls allows
***************
*** 320,326 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: January 17, 2002
All architectures
If the Postfix sendmail replacement is installed on a system an
--- 320,326 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: January 17, 2002
All architectures
If the Postfix sendmail replacement is installed on a system an
***************
*** 334,340 ****
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: December 13, 2001
All architectures
Systems running with IP-in-IP encapsulation can be made to crash by
--- 334,340 ----
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: December 13, 2001
All architectures
Systems running with IP-in-IP encapsulation can be made to crash by
***************
*** 342,348 ****
A source code patch exists which remedies this problem.
!
-
009: INSTALLATION FIX: December 11, 2001
The 3.0 CD2 was created with an error which means that the instructions
--- 342,348 ----
A source code patch exists which remedies this problem.
!
-
009: INSTALLATION FIX: December 11, 2001
The 3.0 CD2 was created with an error which means that the instructions
***************
*** 352,358 ****
boot cd:,OFWBOOT /3.0/macppc/bsd.rd
!
-
008: SECURITY FIX: November 28, 2001
All architectures
A security issue exists in the lpd daemon that may allow an attacker
--- 352,358 ----
boot cd:,OFWBOOT /3.0/macppc/bsd.rd
!
-
008: SECURITY FIX: November 28, 2001
All architectures
A security issue exists in the lpd daemon that may allow an attacker
***************
*** 364,370 ****
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: November 13, 2001
All architectures
A security issue exists in the vi.recover script that may allow an attacker
--- 364,370 ----
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: November 13, 2001
All architectures
A security issue exists in the vi.recover script that may allow an attacker
***************
*** 373,379 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: November 13, 2001
All architectures
pf(4)
--- 373,379 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: November 13, 2001
All architectures
pf(4)
***************
*** 382,388 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: November 12, 2001
Execution of Altivec instructions will crash the kernel.
--- 382,388 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: November 12, 2001
Execution of Altivec instructions will crash the kernel.
***************
*** 390,396 ****
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: November 12, 2001
Hifn7751 based cards may stop working on certain motherboards due to
--- 390,396 ----
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: November 12, 2001
Hifn7751 based cards may stop working on certain motherboards due to
***************
*** 399,405 ****
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: November 12, 2001
Access to a CD drive on the PCI ultrasparc machines results in a continuous stream
--- 399,405 ----
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: November 12, 2001
Access to a CD drive on the PCI ultrasparc machines results in a continuous stream
***************
*** 408,414 ****
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: November 12, 2001
All architectures
sshd(8)
--- 408,414 ----
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: November 12, 2001
All architectures
sshd(8)
***************
*** 436,442 ****
A source code patch exists which remedies this problem.
This is the second version of this patch.
!
-
001: INSTALL ISSUE: November 12, 2001
All architectures
A small bug in the installation script causes the /etc/hosts file to
--- 436,442 ----
A source code patch exists which remedies this problem.
This is the second version of this patch.
!
-
001: INSTALL ISSUE: November 12, 2001
All architectures
A small bug in the installation script causes the /etc/hosts file to