===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata31.html,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- www/errata31.html 2014/10/02 14:34:45 1.64
+++ www/errata31.html 2015/02/14 04:36:51 1.65
@@ -82,7 +82,7 @@
--
+
-
027: SECURITY FIX: March 31, 2003
All architectures
A buffer overflow in the address parsing in
@@ -91,7 +91,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
026: SECURITY FIX: March 24, 2003
All architectures
The cryptographic weaknesses in the Kerberos v4 protocol can be exploited
@@ -100,7 +100,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
025: SECURITY FIX: March 19, 2003
All architectures
OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack designed
@@ -109,7 +109,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
024: SECURITY FIX: March 18, 2003
All architectures
Various SSL and TLS operations in OpenSSL are vulnerable to timing attacks.
@@ -117,7 +117,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
023: SECURITY FIX: March 5, 2003
All architectures
A fix for an
@@ -127,7 +127,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
022: SECURITY FIX: March 3, 2003
All architectures
A buffer overflow in the envelope comments processing in
@@ -136,7 +136,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
021: SECURITY FIX: February 23, 2003
All architectures
In
@@ -146,7 +146,7 @@
A source code patch exists which fixes these two issues.
-
-
+
-
020: SECURITY FIX: January 20, 2003
All architectures
A double free in
@@ -159,7 +159,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
019: SECURITY FIX: November 14, 2002
All architectures
A buffer overflow in
@@ -170,7 +170,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
018: SECURITY FIX: November 6, 2002
All architectures
Incorrect argument checking in the
@@ -179,7 +179,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
017: SECURITY FIX: November 6, 2002
All architectures
An attacker can bypass the restrictions imposed by sendmail's restricted shell,
@@ -188,7 +188,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
016: SECURITY FIX: October 21, 2002
All architectures
A buffer overflow can occur in the
@@ -197,7 +197,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: SECURITY FIX: October 2, 2002
All architectures
Incorrect argument checking in the
@@ -205,7 +205,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
014: SECURITY FIX: August 11, 2002
All architectures
An insufficient boundary check in the
@@ -215,7 +215,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: SECURITY FIX: July 30, 2002
All architectures
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
@@ -228,7 +228,7 @@
This is the second version of the patch.
-
-
+
-
012: SECURITY FIX: July 29, 2002
All architectures
A buffer overflow can occur in the
@@ -239,7 +239,7 @@
This is the second version of the patch.
-
-
+
-
011: SECURITY FIX: July 29, 2002
All architectures
A race condition exists in the
@@ -248,7 +248,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
010: RELIABILITY FIX: July 5, 2002
All architectures
Receiving IKE payloads out of sequence can cause
@@ -258,14 +258,14 @@
This is the second version of the patch.
-
-
+
-
009: SECURITY FIX: June 27, 2002
All architectures
The kernel would let any user ktrace(2) set[ug]id processes.
A source code patch exists which remedies this problem.
-
-
+
-
008: SECURITY FIX: June 26, 2002
All architectures
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
@@ -273,14 +273,14 @@
A source code patch exists which remedies this problem.
-
-
+
-
007: SECURITY FIX: June 25, 2002
All architectures
A potential buffer overflow in the DNS resolver has been found.
A source code patch exists which remedies this problem.
-
-
+
-
006: SECURITY FIX: June 24, 2002
All architectures
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
@@ -289,7 +289,7 @@
3.4, and a patch for the vulnerable releases is available as part of the
security advisory.
-
-
+
-
005: SECURITY FIX: June 19, 2002
All architectures
A buffer overflow can occur during the interpretation of chunked
@@ -297,7 +297,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: SECURITY FIX: May 22, 2002
All architectures
Under certain conditions, on systems using YP with netgroups in the
@@ -310,7 +310,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: SECURITY FIX: May 8, 2002
All architectures
A race condition exists where an attacker could fill the file descriptor
@@ -319,14 +319,14 @@
A source code patch exists which remedies this problem.
-
-
+
-
002: SECURITY FIX: April 25, 2002
All architectures
A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
A source code patch exists which remedies this problem.
-
-
+
-
001: SECURITY FIX: April 22, 2002
All architectures
A local user can gain super-user privileges due to a buffer overflow