===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata30.html,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -r1.70 -r1.71
--- www/errata30.html 2013/10/26 15:21:13 1.70
+++ www/errata30.html 2014/02/27 17:26:45 1.71
@@ -57,7 +57,8 @@
5.1,
5.2,
5.3,
-5.4.
+5.4,
+5.5.
@@ -79,7 +80,7 @@
036: SECURITY FIX: November 14, 2002
A buffer overflow in
-named(8)
+named(8)
could allow an attacker to execute code with the privileges of named.
On OpenBSD, named runs as a non-root user in a chrooted environment
which mitigates the effects of this bug.
@@ -88,7 +89,7 @@
035: SECURITY FIX: November 6, 2002
-Incorrect argument checking in the
+Incorrect argument checking in the
getrlimit(2)
system call may allow an attacker to crash the kernel.
A
@@ -111,7 +112,7 @@
032: SECURITY FIX: October 7, 2002
-Incorrect argument checking in the
+Incorrect argument checking in the
setitimer(2) system call may allow an attacker to write to kernel memory.
A source code patch exists which remedies the problem.
@@ -126,10 +127,10 @@
030: SECURITY FIX: July 30, 2002
-Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
-ssl(8)
-library, as in the ASN.1 parser code in the
-crypto(3)
+Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
+ssl(8)
+library, as in the ASN.1 parser code in the
+crypto(3)
library, all of them being potentially remotely exploitable.
A source code patch exists which remedies the problem.
@@ -137,8 +138,8 @@
029: SECURITY FIX: July 29, 2002
-A buffer overflow can occur in the
-xdr_array(3)
+A buffer overflow can occur in the
+xdr_array(3)
RPC code, leading to possible remote crash.
A source code patch exists which remedies the problem.
@@ -146,8 +147,8 @@
028: SECURITY FIX: July 29, 2002
-A race condition exists in the
-pppd(8)
+A race condition exists in the
+pppd(8)
daemon which may cause it to alter the file permissions of an arbitrary file.
A source code patch exists which remedies the problem.
@@ -329,7 +330,7 @@
patch as well.
A vulnerability in environment passing in the UseLogin
-sshd option
+sshd option
Various other non-critical fixes.
@@ -450,9 +451,9 @@
-
+
www@openbsd.org
-
$OpenBSD: errata30.html,v 1.70 2013/10/26 15:21:13 deraadt Exp $
+
$OpenBSD: errata30.html,v 1.71 2014/02/27 17:26:45 deraadt Exp $