===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.65
retrieving revision 1.66
diff -c -r1.65 -r1.66
*** www/errata34.html 2014/10/02 14:34:45 1.65
--- www/errata34.html 2015/02/14 04:36:51 1.66
***************
*** 80,86 ****
! -
035: SECURITY FIX: December 13, 2004
All architectures
On systems running
--- 80,86 ----
! -
035: SECURITY FIX: December 13, 2004
All architectures
On systems running
***************
*** 93,99 ****
A source code patch exists which remedies this problem.
!
-
034: RELIABILITY FIX: November 10, 2004
All architectures
Due to a bug in
--- 93,99 ----
A source code patch exists which remedies this problem.
!
-
034: RELIABILITY FIX: November 10, 2004
All architectures
Due to a bug in
***************
*** 107,113 ****
A source code patch exists which remedies this problem.
!
-
033: RELIABILITY FIX: November 10, 2004
All architectures
pppd(8)
--- 107,113 ----
A source code patch exists which remedies this problem.
!
-
033: RELIABILITY FIX: November 10, 2004
All architectures
pppd(8)
***************
*** 117,123 ****
A source code patch exists which remedies this problem.
!
-
032: RELIABILITY FIX: November 10, 2004
All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
--- 117,123 ----
A source code patch exists which remedies this problem.
!
-
032: RELIABILITY FIX: November 10, 2004
All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
***************
*** 127,133 ****
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: September 20, 2004
All architectures
Eilko Bos reported that radius authentication, as implemented by
--- 127,133 ----
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: September 20, 2004
All architectures
Eilko Bos reported that radius authentication, as implemented by
***************
*** 139,145 ****
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: September 16, 2004
All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
--- 139,145 ----
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: September 16, 2004
All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
***************
*** 153,159 ****
A source code patch exists which remedies this problem.
!
-
029: SECURITY FIX: September 10, 2004
All architectures
httpd(8)
--- 153,159 ----
A source code patch exists which remedies this problem.
!
-
029: SECURITY FIX: September 10, 2004
All architectures
httpd(8)
***************
*** 166,172 ****
A source code patch exists which remedies this problem.
!
-
028: RELIABILITY FIX: August 26, 2004
All architectures
As
--- 166,172 ----
A source code patch exists which remedies this problem.
!
-
028: RELIABILITY FIX: August 26, 2004
All architectures
As
***************
*** 178,184 ****
A source code patch exists which remedies this problem.
!
-
027: RELIABILITY FIX: August 25, 2004
All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
--- 178,184 ----
A source code patch exists which remedies this problem.
!
-
027: RELIABILITY FIX: August 25, 2004
All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
***************
*** 189,195 ****
A source code patch exists which remedies this problem.
!
-
026: RELIABILITY FIX: Jul 25, 2004
All architectures
Under a certain network load the kernel can run out of stack space. This was
--- 189,195 ----
A source code patch exists which remedies this problem.
!
-
026: RELIABILITY FIX: Jul 25, 2004
All architectures
Under a certain network load the kernel can run out of stack space. This was
***************
*** 199,205 ****
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: June 12, 2004
All architectures
Multiple vulnerabilities have been found in
--- 199,205 ----
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: June 12, 2004
All architectures
Multiple vulnerabilities have been found in
***************
*** 213,219 ****
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: June 10, 2004
All architectures
As
--- 213,219 ----
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: June 10, 2004
All architectures
As
***************
*** 226,232 ****
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: June 9, 2004
All architectures
Multiple remote vulnerabilities have been found in the
--- 226,232 ----
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: June 9, 2004
All architectures
Multiple remote vulnerabilities have been found in the
***************
*** 237,243 ****
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: May 30, 2004
All architectures
A flaw in the Kerberos V
--- 237,243 ----
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: May 30, 2004
All architectures
A flaw in the Kerberos V
***************
*** 252,258 ****
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: May 20, 2004
All architectures
A heap overflow in the
--- 252,258 ----
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: May 20, 2004
All architectures
A heap overflow in the
***************
*** 264,270 ****
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: May 13, 2004
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
--- 264,270 ----
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: May 13, 2004
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
***************
*** 272,278 ****
A source code patch exists which remedies this problem.
!
-
019: RELIABILITY FIX: May 6, 2004
All architectures
Reply to in-window SYN with a rate-limited ACK.
--- 272,278 ----
A source code patch exists which remedies this problem.
!
-
019: RELIABILITY FIX: May 6, 2004
All architectures
Reply to in-window SYN with a rate-limited ACK.
***************
*** 280,286 ****
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: May 5, 2004
All architectures
Under load "recent model"
--- 280,286 ----
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: May 5, 2004
All architectures
Under load "recent model"
***************
*** 290,296 ****
A source code patch exists which remedies this problem.
!
-
017: SECURITY FIX: May 5, 2004
All architectures
Pathname validation problems have been found in
--- 290,296 ----
A source code patch exists which remedies this problem.
!
-
017: SECURITY FIX: May 5, 2004
All architectures
Pathname validation problems have been found in
***************
*** 303,309 ****
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: March 17, 2004
All architectures
A missing check for a NULL-pointer dereference has been found in
--- 303,309 ----
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: March 17, 2004
All architectures
A missing check for a NULL-pointer dereference has been found in
***************
*** 314,320 ****
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: March 17, 2004
All architectures
Defects in the payload validation and processing functions of
--- 314,320 ----
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: March 17, 2004
All architectures
Defects in the payload validation and processing functions of
***************
*** 326,332 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 13, 2004
All architectures
Due to a bug in the parsing of Allow/Deny rules for
--- 326,332 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 13, 2004
All architectures
Due to a bug in the parsing of Allow/Deny rules for
***************
*** 337,343 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: March 8, 2004
All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
--- 337,343 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: March 8, 2004
All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
***************
*** 348,354 ****
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: February 14, 2004
All architectures
Several buffer overflows exist in the code parsing
--- 348,354 ----
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: February 14, 2004
All architectures
Several buffer overflows exist in the code parsing
***************
*** 358,364 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: February 8, 2004
All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
--- 358,364 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: February 8, 2004
All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
***************
*** 368,374 ****
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: February 5, 2004
All architectures
A reference counting bug exists in the
--- 368,374 ----
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: February 5, 2004
All architectures
A reference counting bug exists in the
***************
*** 379,385 ****
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: January 13, 2004
All architectures
Several message handling flaws in
--- 379,385 ----
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: January 13, 2004
All architectures
Several message handling flaws in
***************
*** 391,397 ****
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: November 20, 2003
All architectures
An improper bounds check makes it possible for a local user to cause a crash
--- 391,397 ----
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: November 20, 2003
All architectures
An improper bounds check makes it possible for a local user to cause a crash
***************
*** 403,409 ****
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: November 20, 2003
All architectures
It is possible for a local user to cause a crash via
--- 403,409 ----
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: November 20, 2003
All architectures
It is possible for a local user to cause a crash via
***************
*** 412,418 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: November 17, 2003
i386 only
It may be possible for a local user to overrun the stack in
--- 412,418 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: November 17, 2003
i386 only
It may be possible for a local user to overrun the stack in
***************
*** 425,431 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: November 4, 2003
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
--- 425,431 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: November 4, 2003
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
***************
*** 433,439 ****
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: November 1, 2003
All architectures
A user with write permission to httpd.conf or a .htaccess
--- 433,439 ----
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: November 1, 2003
All architectures
A user with write permission to httpd.conf or a .htaccess
***************
*** 445,451 ****
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: November 1, 2003
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
--- 445,451 ----
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: November 1, 2003
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
***************
*** 453,459 ****
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: November 1, 2003
All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
--- 453,459 ----
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: November 1, 2003
All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
***************
*** 463,469 ****
A source code patch exists which remedies this problem.
!
-
001: DOCUMENTATION FIX: November 1, 2003
All architectures
The CD insert documentation has an incorrect example for package installation.
--- 463,469 ----
A source code patch exists which remedies this problem.
!
-
001: DOCUMENTATION FIX: November 1, 2003
All architectures
The CD insert documentation has an incorrect example for package installation.