=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata33.html,v retrieving revision 1.71 retrieving revision 1.72 diff -u -r1.71 -r1.72 --- www/errata33.html 2016/08/15 02:22:06 1.71 +++ www/errata33.html 2016/10/16 19:11:29 1.72 @@ -70,7 +70,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

@@ -96,7 +96,7 @@ the client and allowing clients to check out files outside the CVS repository.
- + A source code patch exists which remedies this problem.

  • @@ -107,7 +107,7 @@ A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.
    - + A source code patch exists which remedies this problem.

  • @@ -119,7 +119,7 @@ cause isakmpd to crash or to loop endlessly. This patch fixes these problems and removes some memory leaks.
    - + A source code patch exists which remedies this problem.

  • @@ -130,7 +130,7 @@ access module, using IP addresses without a netmask on big endian 64-bit platforms causes the rules to fail to match. This only affects sparc64.
    - + A source code patch exists which remedies this problem.

  • @@ -141,7 +141,7 @@ send out-of-order TCP segments and trick the system into using all available memory buffers.
    - + A source code patch exists which remedies this problem.

  • @@ -151,7 +151,7 @@ font.aliases files in XFree86. Thanks to ProPolice, these cannot be exploited to gain privileges, but they can cause the X server to abort.
    - + A source code patch exists which remedies this problem.

  • @@ -161,7 +161,7 @@ to cause a denial of service attack against hosts with reachable IPv6 TCP ports.
    - + A source code patch exists which remedies this problem.

  • @@ -172,7 +172,7 @@ system call that could be used by an attacker to write to kernel memory under certain circumstances.
    - + A source code patch exists which remedies this problem.

  • @@ -182,7 +182,7 @@ isakmpd(8) have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs.
    - + A source code patch exists which remedies this problem.

  • @@ -194,7 +194,7 @@ semop(2) functions certain arguments.
    - + A source code patch exists which remedies this problem.

  • @@ -202,7 +202,7 @@   All architectures
    It is possible for a local user to cause a crash via sysctl(3) with certain arguments.
    - + A source code patch exists which remedies this problem.

  • @@ -212,7 +212,7 @@ It is possible for a local user to execute arbitrary code resulting in escalation of privileges due to a stack overrun in compat_ibcs2(8).
    - + A source code patch exists which remedies this problem.

  • @@ -220,7 +220,7 @@   All architectures
    It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
    - + A source code patch exists which remedies this problem.

  • @@ -232,7 +232,7 @@ or potentially run arbitrary code as the user www (although it is believed that ProPolice will prevent code execution).
    - + A source code patch exists which remedies this problem.

  • @@ -240,7 +240,7 @@   All architectures
    It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.
    - + A source code patch exists which remedies this problem.

  • @@ -250,7 +250,7 @@ attacker to mount a denial of service attack against applications linked with ssl(3). This does not affect OpenSSH.
    - + A source code patch exists which remedies this problem.

  • @@ -259,7 +259,7 @@ Three cases of potential access to freed memory have been found in pf(4). At least one of them could be used to panic pf with active scrub rules remotely.
    - + A source code patch exists which remedies this problem.

  • @@ -268,7 +268,7 @@ A buffer overflow in the address parsing in sendmail(8) may allow an attacker to gain root privileges.
    - + A source code patch exists which remedies this problem. NOTE: this is the second revision of the patch that fixes an additional problem. @@ -278,7 +278,7 @@   All architectures
    All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is unclear whether or not this bug is exploitable.
    - + A source code patch exists which remedies this problem. NOTE: this is the second revision of the patch that fixes an additional problem. @@ -288,7 +288,7 @@   All architectures
    Root may be able to reduce the security level by taking advantage of an integer overflow when the semaphore limits are made very large.
    - + A source code patch exists which remedies this problem.

  • @@ -297,7 +297,7 @@ An improper bounds check in the semget(2) system call can allow a local user to cause a kernel panic.
    - + A source code patch exists which remedies this problem.

  • @@ -308,7 +308,7 @@ Since this same bug resulted in a root compromise in the wu-ftpd ftp server it is possible that this bug may allow an attacker to gain escalated privileges on OpenBSD.
    - + A source code patch exists which remedies this problem.