=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata33.html,v retrieving revision 1.57 retrieving revision 1.58 diff -c -r1.57 -r1.58 *** www/errata33.html 2014/10/02 14:34:45 1.57 --- www/errata33.html 2015/02/14 04:36:51 1.58 *************** *** 82,88 ****

022: SECURITY FIX: May 5, 2004 All architectures
Pathname validation problems have been found in --- 82,88 ----
- 022: SECURITY FIX: May 5, 2004 All architectures
  Pathname validation problems have been found in *************** *** 95,101 **** A source code patch exists which remedies this problem.
  !
- 021: RELIABILITY FIX: March 17, 2004 All architectures
  A missing check for a NULL-pointer dereference has been found in --- 95,101 ---- A source code patch exists which remedies this problem.
  !
- 021: RELIABILITY FIX: March 17, 2004 All architectures
  A missing check for a NULL-pointer dereference has been found in *************** *** 106,112 **** A source code patch exists which remedies this problem.
  !
- 020: RELIABILITY FIX: March 17, 2004 All architectures
  Defects in the payload validation and processing functions of --- 106,112 ---- A source code patch exists which remedies this problem.
  !
- 020: RELIABILITY FIX: March 17, 2004 All architectures
  Defects in the payload validation and processing functions of *************** *** 118,124 **** A source code patch exists which remedies this problem.
  !
- 019: SECURITY FIX: March 13, 2004 All architectures
  Due to a bug in the parsing of Allow/Deny rules for --- 118,124 ---- A source code patch exists which remedies this problem.
  !
- 019: SECURITY FIX: March 13, 2004 All architectures
  Due to a bug in the parsing of Allow/Deny rules for *************** *** 129,135 **** A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: March 8, 2004 All architectures
  OpenBSD's TCP/IP stack did not impose limits on how many out-of-order --- 129,135 ---- A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: March 8, 2004 All architectures
  OpenBSD's TCP/IP stack did not impose limits on how many out-of-order *************** *** 140,146 **** A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: February 14, 2004 All architectures
  Several buffer overflows exist in the code parsing --- 140,146 ---- A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: February 14, 2004 All architectures
  Several buffer overflows exist in the code parsing *************** *** 150,156 **** A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: February 8, 2004 All architectures
  An IPv6 MTU handling problem exists that could be used by an attacker --- 150,156 ---- A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: February 8, 2004 All architectures
  An IPv6 MTU handling problem exists that could be used by an attacker *************** *** 160,166 **** A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: February 5, 2004 All architectures
  A reference counting bug exists in the --- 160,166 ---- A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: February 5, 2004 All architectures
  A reference counting bug exists in the *************** *** 171,177 **** A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: January 15, 2004 All architectures
  Several message handling flaws in --- 171,177 ---- A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: January 15, 2004 All architectures
  Several message handling flaws in *************** *** 181,187 **** A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: November 20, 2003 All architectures
  An improper bounds check makes it possible for a local user to cause a crash --- 181,187 ---- A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: November 20, 2003 All architectures
  An improper bounds check makes it possible for a local user to cause a crash *************** *** 193,199 **** A source code patch exists which remedies this problem.
  !
- 012: RELIABILITY FIX: November 20, 2003 All architectures
  It is possible for a local user to cause a crash via --- 193,199 ---- A source code patch exists which remedies this problem.
  !
- 012: RELIABILITY FIX: November 20, 2003 All architectures
  It is possible for a local user to cause a crash via *************** *** 201,208 **** A source code patch exists which remedies this problem.
  -
- 011: SECURITY FIX: November 17, 2003 i386 only
  It is possible for a local user to execute arbitrary code resulting in escalation of --- 201,208 ---- A source code patch exists which remedies this problem.
  +
- 011: SECURITY FIX: November 17, 2003 i386 only
  It is possible for a local user to execute arbitrary code resulting in escalation of *************** *** 211,217 **** A source code patch exists which remedies this problem.
  !
- 010: RELIABILITY FIX: November 4, 2003 All architectures
  It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. --- 211,217 ---- A source code patch exists which remedies this problem.
  !
- 010: RELIABILITY FIX: November 4, 2003 All architectures
  It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. *************** *** 219,225 **** A source code patch exists which remedies this problem.
  !
- 009: RELIABILITY FIX: October 29, 2003 All architectures
  A user with write permission to httpd.conf or a .htaccess --- 219,225 ---- A source code patch exists which remedies this problem.
  !
- 009: RELIABILITY FIX: October 29, 2003 All architectures
  A user with write permission to httpd.conf or a .htaccess *************** *** 231,237 **** A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: October 1, 2003 All architectures
  It is possible for a local user to cause a system panic by flooding it with spoofed ARP --- 231,237 ---- A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: October 1, 2003 All architectures
  It is possible for a local user to cause a system panic by flooding it with spoofed ARP *************** *** 239,245 **** A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: October 1, 2003 All architectures
  The use of certain ASN.1 encodings or malformed public keys may allow an --- 239,245 ---- A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: October 1, 2003 All architectures
  The use of certain ASN.1 encodings or malformed public keys may allow an *************** *** 249,255 **** A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: September 24, 2003 All architectures
  Three cases of potential access to freed memory have been found in --- 249,255 ---- A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: September 24, 2003 All architectures
  Three cases of potential access to freed memory have been found in *************** *** 258,264 **** A source code patch exists which remedies this problem.
  !
- 005: SECURITY FIX: September 17, 2003 All architectures
  A buffer overflow in the address parsing in --- 258,264 ---- A source code patch exists which remedies this problem.
  !
- 005: SECURITY FIX: September 17, 2003 All architectures
  A buffer overflow in the address parsing in *************** *** 269,275 **** NOTE: this is the second revision of the patch that fixes an additional problem.
  !
- 004: SECURITY FIX: September 16, 2003 All architectures
  All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. --- 269,275 ---- NOTE: this is the second revision of the patch that fixes an additional problem.
  !
- 004: SECURITY FIX: September 16, 2003 All architectures
  All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. *************** *** 279,285 **** NOTE: this is the second revision of the patch that fixes an additional problem.
  !
- 003: SECURITY FIX: September 10, 2003 All architectures
  Root may be able to reduce the security level by taking advantage of --- 279,285 ---- NOTE: this is the second revision of the patch that fixes an additional problem.
  !
- 003: SECURITY FIX: September 10, 2003 All architectures
  Root may be able to reduce the security level by taking advantage of *************** *** 287,293 **** A source code patch exists which remedies this problem.
  !
- 002: RELIABILITY FIX: August 20, 2003 All architectures
  An improper bounds check in the --- 287,293 ---- A source code patch exists which remedies this problem.
  !
- 002: RELIABILITY FIX: August 20, 2003 All architectures
  An improper bounds check in the *************** *** 296,302 **** A source code patch exists which remedies this problem.
  !
- 001: SECURITY FIX: August 4, 2003 All architectures
  An off-by-one error exists in the C library function --- 296,302 ---- A source code patch exists which remedies this problem.
  !
- 001: SECURITY FIX: August 4, 2003 All architectures
  An off-by-one error exists in the C library function