===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata33.html,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- www/errata33.html 2003/11/21 02:34:01 1.7
+++ www/errata33.html 2003/11/21 16:55:16 1.8
@@ -8,6 +8,7 @@
+
@@ -51,37 +52,36 @@
consult the OpenBSD FAQ.
-
-
-
All architectures
+
+All architectures
-
-- 013: RELIABILITY FIX: November 20, 2003
+ -
+013: RELIABILITY FIX: November 20, 2003
An improper bounds check makes it possible for a local user to cause a crash
by passing the
-semctl(2) and
-semop(2) functions
+semctl(2) and
+semop(2) functions
certain arguments.
A source code patch exists which remedies the problem.
-
-
- 012: RELIABILITY FIX: November 20, 2003
+ -
+012: RELIABILITY FIX: November 20, 2003
It is possible for a local user to cause a crash via
-sysctl(3) with certain arguments.
+sysctl(3) with certain arguments.
A source code patch exists which remedies the problem.
-
-
- 010: RELIABILITY FIX: November 4, 2003
+ -
+010: RELIABILITY FIX: November 4, 2003
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
A source code patch exists which remedies the problem.
-
-
- 009: RELIABILITY FIX: October 29, 2003
+ -
+009: RELIABILITY FIX: October 29, 2003
A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
@@ -91,15 +91,15 @@
A source code patch exists which remedies the problem.
-
-
- 008: RELIABILITY FIX: October 1, 2003
+ -
+008: RELIABILITY FIX: October 1, 2003
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
A source code patch exists which remedies the problem.
-
-
- 007: SECURITY FIX: October 1, 2003
+ -
+007: SECURITY FIX: October 1, 2003
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
ssl(3).
@@ -107,16 +107,16 @@
A source code patch exists which remedies the problem.
-
-
- 006: SECURITY FIX: September 24, 2003
+ -
+006: SECURITY FIX: September 24, 2003
Three cases of potential access to freed memory have been found in
pf(4).
At least one of them could be used to panic pf with active scrub rules remotely.
A source code patch exists which remedies the problem.
-
-
- 005: SECURITY FIX: September 17, 2003
+ -
+005: SECURITY FIX: September 17, 2003
A buffer overflow in the address parsing in
sendmail(8)
may allow an attacker to gain root privileges.
@@ -125,8 +125,8 @@
NOTE: this is the second revision of the patch that fixes an additional
problem.
-
-
- 004: SECURITY FIX: September 16, 2003
+ -
+004: SECURITY FIX: September 16, 2003
All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error.
It is unclear whether or not this bug is exploitable.
A
@@ -134,21 +134,21 @@
NOTE: this is the second revision of the patch that fixes an additional
problem.
-
-
- 003: SECURITY FIX: September 10, 2003
+ -
+003: SECURITY FIX: September 10, 2003
Root may be able to reduce the security level by taking advantage of
an integer overflow when the semaphore limits are made very large.
A source code patch exists which remedies the problem.
-
-
- 002: RELIABILITY FIX: August 20, 2003
+ -
+002: RELIABILITY FIX: August 20, 2003
An improper bounds check in the
semget(2)
system call can allow a local user to cause a kernel panic.
A source code patch exists which remedies the problem.
-
+
- 001: SECURITY FIX: August 4, 2003
An off-by-one error exists in the C library function
@@ -161,75 +161,73 @@
-
-
i386
+
+i386
-
-
alpha
+
+alpha
- No problems identified yet.
-
-
mac68k
+
+mac68k
- No problems identified yet.
-
-
sparc
+
+sparc
- No problems identified yet.
-
-
sparc64
+
+sparc64
- No problems identified yet.
-
-
hppa
+
+hppa
- No problems identified yet.
-
-
hp300
+
+hp300
- No problems identified yet.
-
-
mvme68k
+
+mvme68k
- No problems identified yet.
-
-
macppc
+
+macppc
- No problems identified yet.
-
-
vax
+
+vax
- No problems identified yet.
-
@@ -255,7 +253,7 @@
www@openbsd.org
-
$OpenBSD: errata33.html,v 1.7 2003/11/21 02:34:01 millert Exp $
+
$OpenBSD: errata33.html,v 1.8 2003/11/21 16:55:16 henning Exp $