=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata30.html,v retrieving revision 1.80 retrieving revision 1.81 diff -c -r1.80 -r1.81 *** www/errata30.html 2014/10/02 14:34:45 1.80 --- www/errata30.html 2015/02/14 04:36:51 1.81 *************** *** 82,88 ****

036: SECURITY FIX: November 14, 2002 All architectures
A buffer overflow in --- 82,88 ----
- 036: SECURITY FIX: November 14, 2002 All architectures
  A buffer overflow in *************** *** 93,99 **** A source code patch exists which remedies this problem.
  !
- 035: SECURITY FIX: November 6, 2002 All architectures
  Incorrect argument checking in the --- 93,99 ---- A source code patch exists which remedies this problem.
  !
- 035: SECURITY FIX: November 6, 2002 All architectures
  Incorrect argument checking in the *************** *** 102,108 **** A source code patch exists which remedies this problem.
  !
- 034: SECURITY FIX: November 6, 2002 All architectures
  An attacker can bypass the restrictions imposed by sendmail's restricted shell, --- 102,108 ---- A source code patch exists which remedies this problem.
  !
- 034: SECURITY FIX: November 6, 2002 All architectures
  An attacker can bypass the restrictions imposed by sendmail's restricted shell, *************** *** 111,117 **** A source code patch exists which remedies this problem.
  !
- 033: SECURITY FIX: October 21, 2002 All architectures
  A buffer overflow can occur in the --- 111,117 ---- A source code patch exists which remedies this problem.
  !
- 033: SECURITY FIX: October 21, 2002 All architectures
  A buffer overflow can occur in the *************** *** 120,126 **** A source code patch exists which remedies this problem.
  !
- 032: SECURITY FIX: October 7, 2002 All architectures
  Incorrect argument checking in the --- 120,126 ---- A source code patch exists which remedies this problem.
  !
- 032: SECURITY FIX: October 7, 2002 All architectures
  Incorrect argument checking in the *************** *** 128,134 **** A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: August 11, 2002 All architectures
  An insufficient boundary check in the --- 128,134 ---- A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: August 11, 2002 All architectures
  An insufficient boundary check in the *************** *** 138,144 **** A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: July 30, 2002 All architectures
  Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the --- 138,144 ---- A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: July 30, 2002 All architectures
  Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the *************** *** 151,157 ****
  This is the second version of the patch.
  !
- 029: SECURITY FIX: July 29, 2002 All architectures
  A buffer overflow can occur in the --- 151,157 ----
  This is the second version of the patch.
  !
- 029: SECURITY FIX: July 29, 2002 All architectures
  A buffer overflow can occur in the *************** *** 162,168 ****
  This is the second version of the patch.
  !
- 028: SECURITY FIX: July 29, 2002 All architectures
  A race condition exists in the --- 162,168 ----
  This is the second version of the patch.
  !
- 028: SECURITY FIX: July 29, 2002 All architectures
  A race condition exists in the *************** *** 171,177 **** A source code patch exists which remedies this problem.
  !
- 027: RELIABILITY FIX: July 5, 2002 All architectures
  Receiving IKE payloads out of sequence can cause --- 171,177 ---- A source code patch exists which remedies this problem.
  !
- 027: RELIABILITY FIX: July 5, 2002 All architectures
  Receiving IKE payloads out of sequence can cause *************** *** 181,201 ****
  This is the second version of the patch.
  !
- 026: SECURITY FIX: June 27, 2002 All architectures
  The kernel would let any user ktrace(2) set[ug]id processes.
  A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: June 25, 2002 All architectures
  A potential buffer overflow in the DNS resolver has been found.
  A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: June 24, 2002 All architectures
  All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation --- 181,201 ----
  This is the second version of the patch.
  !
- 026: SECURITY FIX: June 27, 2002 All architectures
  The kernel would let any user ktrace(2) set[ug]id processes.
  A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: June 25, 2002 All architectures
  A potential buffer overflow in the DNS resolver has been found.
  A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: June 24, 2002 All architectures
  All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation *************** *** 204,210 **** 3.4, and a patch for the vulnerable releases is available as part of the security advisory.
  !
- 023: SECURITY FIX: June 24, 2002 All architectures
  A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd --- 204,210 ---- 3.4, and a patch for the vulnerable releases is available as part of the security advisory.
  !
- 023: SECURITY FIX: June 24, 2002 All architectures
  A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd *************** *** 212,218 **** A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: June 19, 2002 All architectures
  A buffer overflow can occur during the interpretation of chunked --- 212,218 ---- A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: June 19, 2002 All architectures
  A buffer overflow can occur during the interpretation of chunked *************** *** 220,226 **** A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: May 8, 2002 All architectures
  A race condition exists where an attacker could fill the file descriptor --- 220,226 ---- A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: May 8, 2002 All architectures
  A race condition exists where an attacker could fill the file descriptor *************** *** 229,242 **** A source code patch exists which remedies this problem.
  !
- 020: SECURITY FIX: April 25, 2002 All architectures
  A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
  A source code patch exists which remedies this problem.
  !
- 019: SECURITY FIX: April 22, 2002 All architectures
  A local user can gain super-user privileges due to a buffer overflow --- 229,242 ---- A source code patch exists which remedies this problem.
  !
- 020: SECURITY FIX: April 25, 2002 All architectures
  A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
  A source code patch exists which remedies this problem.
  !
- 019: SECURITY FIX: April 22, 2002 All architectures
  A local user can gain super-user privileges due to a buffer overflow *************** *** 248,254 **** A source code patch exists which remedies this problem.
  !
- 018: SECURITY FIX: April 11, 2002 All architectures
  mail(1) --- 248,254 ---- A source code patch exists which remedies this problem.
  !
- 018: SECURITY FIX: April 11, 2002 All architectures
  mail(1) *************** *** 258,264 **** A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: March 26, 2002 All architectures
  isakmpd(8) --- 258,264 ---- A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: March 26, 2002 All architectures
  isakmpd(8) *************** *** 267,273 **** A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: March 19, 2002 All architectures
  Under certain conditions, on systems using YP with netgroups in the password --- 267,273 ---- A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: March 19, 2002 All architectures
  Under certain conditions, on systems using YP with netgroups in the password *************** *** 284,290 **** A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: March 13, 2002 All architectures
  Under some circumstances the zlib compression library can free dynamically --- 284,290 ---- A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: March 13, 2002 All architectures
  Under some circumstances the zlib compression library can free dynamically *************** *** 296,302 **** A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: March 8, 2002 All architectures
  A local user can gain super-user privileges due to an off-by-one check --- 296,302 ---- A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: March 8, 2002 All architectures
  A local user can gain super-user privileges due to an off-by-one check *************** *** 304,317 **** A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: February 4, 2002 All architectures
  The wrong filedescriptors are released when pipe(2) failed.
  A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: January 21, 2002 All architectures
  A race condition between the ptrace(2) and execve(2) system calls allows --- 304,317 ---- A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: February 4, 2002 All architectures
  The wrong filedescriptors are released when pipe(2) failed.
  A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: January 21, 2002 All architectures
  A race condition between the ptrace(2) and execve(2) system calls allows *************** *** 320,326 **** A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: January 17, 2002 All architectures
  If the Postfix sendmail replacement is installed on a system an --- 320,326 ---- A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: January 17, 2002 All architectures
  If the Postfix sendmail replacement is installed on a system an *************** *** 334,340 **** A source code patch exists which remedies this problem.
  !
- 010: RELIABILITY FIX: December 13, 2001 All architectures
  Systems running with IP-in-IP encapsulation can be made to crash by --- 334,340 ---- A source code patch exists which remedies this problem.
  !
- 010: RELIABILITY FIX: December 13, 2001 All architectures
  Systems running with IP-in-IP encapsulation can be made to crash by *************** *** 342,348 **** A source code patch exists which remedies this problem.
  !
- 009: INSTALLATION FIX: December 11, 2001
  The 3.0 CD2 was created with an error which means that the instructions --- 342,348 ---- A source code patch exists which remedies this problem.
  !
- 009: INSTALLATION FIX: December 11, 2001
  The 3.0 CD2 was created with an error which means that the instructions *************** *** 352,358 ****
  boot cd:,OFWBOOT /3.0/macppc/bsd.rd
  !
- 008: SECURITY FIX: November 28, 2001 All architectures
  A security issue exists in the lpd daemon that may allow an attacker --- 352,358 ----
  boot cd:,OFWBOOT /3.0/macppc/bsd.rd
  !
- 008: SECURITY FIX: November 28, 2001 All architectures
  A security issue exists in the lpd daemon that may allow an attacker *************** *** 364,370 **** A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: November 13, 2001 All architectures
  A security issue exists in the vi.recover script that may allow an attacker --- 364,370 ---- A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: November 13, 2001 All architectures
  A security issue exists in the vi.recover script that may allow an attacker *************** *** 373,379 **** A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: November 13, 2001 All architectures
  pf(4) --- 373,379 ---- A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: November 13, 2001 All architectures
  pf(4) *************** *** 382,388 **** A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: November 12, 2001
  Execution of Altivec instructions will crash the kernel. --- 382,388 ---- A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: November 12, 2001
  Execution of Altivec instructions will crash the kernel. *************** *** 390,396 **** A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: November 12, 2001
  Hifn7751 based cards may stop working on certain motherboards due to --- 390,396 ---- A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: November 12, 2001
  Hifn7751 based cards may stop working on certain motherboards due to *************** *** 399,405 **** A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: November 12, 2001
  Access to a CD drive on the PCI ultrasparc machines results in a continuous stream --- 399,405 ---- A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: November 12, 2001
  Access to a CD drive on the PCI ultrasparc machines results in a continuous stream *************** *** 408,414 **** A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: November 12, 2001 All architectures
  sshd(8) --- 408,414 ---- A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: November 12, 2001 All architectures
  sshd(8) *************** *** 436,442 **** A source code patch exists which remedies this problem. This is the second version of this patch.
  !
- 001: INSTALL ISSUE: November 12, 2001 All architectures
  A small bug in the installation script causes the /etc/hosts file to --- 436,442 ---- A source code patch exists which remedies this problem. This is the second version of this patch.
  !
- 001: INSTALL ISSUE: November 12, 2001 All architectures
  A small bug in the installation script causes the /etc/hosts file to