===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata31.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -r1.55 -r1.56
--- www/errata31.html 2013/10/26 15:21:13 1.55
+++ www/errata31.html 2014/02/27 17:26:45 1.56
@@ -57,7 +57,8 @@
5.1,
5.2,
5.3,
-5.4.
+5.4,
+5.5.
@@ -126,7 +127,7 @@
021: SECURITY FIX: February 23, 2003
-In
+In
ssl(8) an information leak can occur via timing by performing a MAC computation
even if incorrect block cipher padding has been found, this is a
countermeasure. Also, check for negative sizes in memory allocation routines.
@@ -148,7 +149,7 @@
019: SECURITY FIX: November 14, 2002
A buffer overflow in
-named(8)
+named(8)
could allow an attacker to execute code with the privileges of named.
On OpenBSD, named runs as a non-root user in a chrooted environment
which mitigates the effects of this bug.
@@ -157,7 +158,7 @@
018: SECURITY FIX: November 6, 2002
-Incorrect argument checking in the
+Incorrect argument checking in the
getrlimit(2)
system call may allow an attacker to crash the kernel.
A
@@ -180,7 +181,7 @@
015: SECURITY FIX: October 2, 2002
-Incorrect argument checking in the
+Incorrect argument checking in the
setitimer(2) system call may allow an attacker to write to kernel memory.
A source code patch exists which remedies the problem.
@@ -195,10 +196,10 @@
013: SECURITY FIX: July 30, 2002
-Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
-ssl(8)
-library, as in the ASN.1 parser code in the
-crypto(3)
+Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
+ssl(8)
+library, as in the ASN.1 parser code in the
+crypto(3)
library, all of them being potentially remotely exploitable.
A source code patch exists which remedies the problem.
@@ -206,8 +207,8 @@
012: SECURITY FIX: July 29, 2002
-A buffer overflow can occur in the
-xdr_array(3)
+A buffer overflow can occur in the
+xdr_array(3)
RPC code, leading to possible remote crash.
A source code patch exists which remedies the problem.
@@ -215,8 +216,8 @@
011: SECURITY FIX: July 29, 2002
-A race condition exists in the
-pppd(8)
+A race condition exists in the
+pppd(8)
daemon which may cause it to alter the file permissions of an arbitrary file.
A source code patch exists which remedies the problem.
@@ -356,9 +357,9 @@
-
+
www@openbsd.org
-
$OpenBSD: errata31.html,v 1.55 2013/10/26 15:21:13 deraadt Exp $
+
$OpenBSD: errata31.html,v 1.56 2014/02/27 17:26:45 deraadt Exp $