===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata33.html,v
retrieving revision 1.57
retrieving revision 1.58
diff -c -r1.57 -r1.58
*** www/errata33.html 2014/10/02 14:34:45 1.57
--- www/errata33.html 2015/02/14 04:36:51 1.58
***************
*** 82,88 ****
! -
022: SECURITY FIX: May 5, 2004
All architectures
Pathname validation problems have been found in
--- 82,88 ----
! -
022: SECURITY FIX: May 5, 2004
All architectures
Pathname validation problems have been found in
***************
*** 95,101 ****
A source code patch exists which remedies this problem.
!
-
021: RELIABILITY FIX: March 17, 2004
All architectures
A missing check for a NULL-pointer dereference has been found in
--- 95,101 ----
A source code patch exists which remedies this problem.
!
-
021: RELIABILITY FIX: March 17, 2004
All architectures
A missing check for a NULL-pointer dereference has been found in
***************
*** 106,112 ****
A source code patch exists which remedies this problem.
!
-
020: RELIABILITY FIX: March 17, 2004
All architectures
Defects in the payload validation and processing functions of
--- 106,112 ----
A source code patch exists which remedies this problem.
!
-
020: RELIABILITY FIX: March 17, 2004
All architectures
Defects in the payload validation and processing functions of
***************
*** 118,124 ****
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: March 13, 2004
All architectures
Due to a bug in the parsing of Allow/Deny rules for
--- 118,124 ----
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: March 13, 2004
All architectures
Due to a bug in the parsing of Allow/Deny rules for
***************
*** 129,135 ****
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: March 8, 2004
All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
--- 129,135 ----
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: March 8, 2004
All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
***************
*** 140,146 ****
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: February 14, 2004
All architectures
Several buffer overflows exist in the code parsing
--- 140,146 ----
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: February 14, 2004
All architectures
Several buffer overflows exist in the code parsing
***************
*** 150,156 ****
A source code patch exists which remedies this problem.
!
-
016: SECURITY FIX: February 8, 2004
All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
--- 150,156 ----
A source code patch exists which remedies this problem.
!
-
016: SECURITY FIX: February 8, 2004
All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
***************
*** 160,166 ****
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: February 5, 2004
All architectures
A reference counting bug exists in the
--- 160,166 ----
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: February 5, 2004
All architectures
A reference counting bug exists in the
***************
*** 171,177 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: January 15, 2004
All architectures
Several message handling flaws in
--- 171,177 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: January 15, 2004
All architectures
Several message handling flaws in
***************
*** 181,187 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: November 20, 2003
All architectures
An improper bounds check makes it possible for a local user to cause a crash
--- 181,187 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: November 20, 2003
All architectures
An improper bounds check makes it possible for a local user to cause a crash
***************
*** 193,199 ****
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: November 20, 2003
All architectures
It is possible for a local user to cause a crash via
--- 193,199 ----
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: November 20, 2003
All architectures
It is possible for a local user to cause a crash via
***************
*** 201,208 ****
A source code patch exists which remedies this problem.
-
-
011: SECURITY FIX: November 17, 2003
i386 only
It is possible for a local user to execute arbitrary code resulting in escalation of
--- 201,208 ----
A source code patch exists which remedies this problem.
+
-
011: SECURITY FIX: November 17, 2003
i386 only
It is possible for a local user to execute arbitrary code resulting in escalation of
***************
*** 211,217 ****
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: November 4, 2003
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
--- 211,217 ----
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: November 4, 2003
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
***************
*** 219,225 ****
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: October 29, 2003
All architectures
A user with write permission to httpd.conf or a .htaccess
--- 219,225 ----
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: October 29, 2003
All architectures
A user with write permission to httpd.conf or a .htaccess
***************
*** 231,237 ****
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: October 1, 2003
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
--- 231,237 ----
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: October 1, 2003
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
***************
*** 239,245 ****
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: October 1, 2003
All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
--- 239,245 ----
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: October 1, 2003
All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
***************
*** 249,255 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: September 24, 2003
All architectures
Three cases of potential access to freed memory have been found in
--- 249,255 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: September 24, 2003
All architectures
Three cases of potential access to freed memory have been found in
***************
*** 258,264 ****
A source code patch exists which remedies this problem.
!
-
005: SECURITY FIX: September 17, 2003
All architectures
A buffer overflow in the address parsing in
--- 258,264 ----
A source code patch exists which remedies this problem.
!
-
005: SECURITY FIX: September 17, 2003
All architectures
A buffer overflow in the address parsing in
***************
*** 269,275 ****
NOTE: this is the second revision of the patch that fixes an additional
problem.
!
-
004: SECURITY FIX: September 16, 2003
All architectures
All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error.
--- 269,275 ----
NOTE: this is the second revision of the patch that fixes an additional
problem.
!
-
004: SECURITY FIX: September 16, 2003
All architectures
All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error.
***************
*** 279,285 ****
NOTE: this is the second revision of the patch that fixes an additional
problem.
!
-
003: SECURITY FIX: September 10, 2003
All architectures
Root may be able to reduce the security level by taking advantage of
--- 279,285 ----
NOTE: this is the second revision of the patch that fixes an additional
problem.
!
-
003: SECURITY FIX: September 10, 2003
All architectures
Root may be able to reduce the security level by taking advantage of
***************
*** 287,293 ****
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: August 20, 2003
All architectures
An improper bounds check in the
--- 287,293 ----
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: August 20, 2003
All architectures
An improper bounds check in the
***************
*** 296,302 ****
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: August 4, 2003
All architectures
An off-by-one error exists in the C library function
--- 296,302 ----
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: August 4, 2003
All architectures
An off-by-one error exists in the C library function