=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v retrieving revision 1.65 retrieving revision 1.66 diff -c -r1.65 -r1.66 *** www/errata34.html 2014/10/02 14:34:45 1.65 --- www/errata34.html 2015/02/14 04:36:51 1.66 *************** *** 80,86 ****

035: SECURITY FIX: December 13, 2004 All architectures
On systems running --- 80,86 ----
- 035: SECURITY FIX: December 13, 2004 All architectures
  On systems running *************** *** 93,99 **** A source code patch exists which remedies this problem.
  !
- 034: RELIABILITY FIX: November 10, 2004 All architectures
  Due to a bug in --- 93,99 ---- A source code patch exists which remedies this problem.
  !
- 034: RELIABILITY FIX: November 10, 2004 All architectures
  Due to a bug in *************** *** 107,113 **** A source code patch exists which remedies this problem.
  !
- 033: RELIABILITY FIX: November 10, 2004 All architectures
  pppd(8) --- 107,113 ---- A source code patch exists which remedies this problem.
  !
- 033: RELIABILITY FIX: November 10, 2004 All architectures
  pppd(8) *************** *** 117,123 **** A source code patch exists which remedies this problem.
  !
- 032: RELIABILITY FIX: November 10, 2004 All architectures
  BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in --- 117,123 ---- A source code patch exists which remedies this problem.
  !
- 032: RELIABILITY FIX: November 10, 2004 All architectures
  BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in *************** *** 127,133 **** A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: September 20, 2004 All architectures
  Eilko Bos reported that radius authentication, as implemented by --- 127,133 ---- A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: September 20, 2004 All architectures
  Eilko Bos reported that radius authentication, as implemented by *************** *** 139,145 **** A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: September 16, 2004 All architectures
  Chris Evans reported several flaws (stack and integer overflows) in the --- 139,145 ---- A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: September 16, 2004 All architectures
  Chris Evans reported several flaws (stack and integer overflows) in the *************** *** 153,159 **** A source code patch exists which remedies this problem.
  !
- 029: SECURITY FIX: September 10, 2004 All architectures
  httpd(8) --- 153,159 ---- A source code patch exists which remedies this problem.
  !
- 029: SECURITY FIX: September 10, 2004 All architectures
  httpd(8) *************** *** 166,172 **** A source code patch exists which remedies this problem.
  !
- 028: RELIABILITY FIX: August 26, 2004 All architectures
  As --- 166,172 ---- A source code patch exists which remedies this problem.
  !
- 028: RELIABILITY FIX: August 26, 2004 All architectures
  As *************** *** 178,184 **** A source code patch exists which remedies this problem.
  !
- 027: RELIABILITY FIX: August 25, 2004 All architectures
  Improved verification of ICMP errors in order to minimize the impact of ICMP attacks --- 178,184 ---- A source code patch exists which remedies this problem.
  !
- 027: RELIABILITY FIX: August 25, 2004 All architectures
  Improved verification of ICMP errors in order to minimize the impact of ICMP attacks *************** *** 189,195 **** A source code patch exists which remedies this problem.
  !
- 026: RELIABILITY FIX: Jul 25, 2004 All architectures
  Under a certain network load the kernel can run out of stack space. This was --- 189,195 ---- A source code patch exists which remedies this problem.
  !
- 026: RELIABILITY FIX: Jul 25, 2004 All architectures
  Under a certain network load the kernel can run out of stack space. This was *************** *** 199,205 **** A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: June 12, 2004 All architectures
  Multiple vulnerabilities have been found in --- 199,205 ---- A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: June 12, 2004 All architectures
  Multiple vulnerabilities have been found in *************** *** 213,219 **** A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: June 10, 2004 All architectures
  As --- 213,219 ---- A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: June 10, 2004 All architectures
  As *************** *** 226,232 **** A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: June 9, 2004 All architectures
  Multiple remote vulnerabilities have been found in the --- 226,232 ---- A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: June 9, 2004 All architectures
  Multiple remote vulnerabilities have been found in the *************** *** 237,243 **** A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: May 30, 2004 All architectures
  A flaw in the Kerberos V --- 237,243 ---- A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: May 30, 2004 All architectures
  A flaw in the Kerberos V *************** *** 252,258 **** A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: May 20, 2004 All architectures
  A heap overflow in the --- 252,258 ---- A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: May 20, 2004 All architectures
  A heap overflow in the *************** *** 264,270 **** A source code patch exists which remedies this problem.
  !
- 020: SECURITY FIX: May 13, 2004 All architectures
  Check for integer overflow in procfs. Use of procfs is not recommended. --- 264,270 ---- A source code patch exists which remedies this problem.
  !
- 020: SECURITY FIX: May 13, 2004 All architectures
  Check for integer overflow in procfs. Use of procfs is not recommended. *************** *** 272,278 **** A source code patch exists which remedies this problem.
  !
- 019: RELIABILITY FIX: May 6, 2004 All architectures
  Reply to in-window SYN with a rate-limited ACK. --- 272,278 ---- A source code patch exists which remedies this problem.
  !
- 019: RELIABILITY FIX: May 6, 2004 All architectures
  Reply to in-window SYN with a rate-limited ACK. *************** *** 280,286 **** A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: May 5, 2004 All architectures
  Under load "recent model" --- 280,286 ---- A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: May 5, 2004 All architectures
  Under load "recent model" *************** *** 290,296 **** A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: May 5, 2004 All architectures
  Pathname validation problems have been found in --- 290,296 ---- A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: May 5, 2004 All architectures
  Pathname validation problems have been found in *************** *** 303,309 **** A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: March 17, 2004 All architectures
  A missing check for a NULL-pointer dereference has been found in --- 303,309 ---- A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: March 17, 2004 All architectures
  A missing check for a NULL-pointer dereference has been found in *************** *** 314,320 **** A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: March 17, 2004 All architectures
  Defects in the payload validation and processing functions of --- 314,320 ---- A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: March 17, 2004 All architectures
  Defects in the payload validation and processing functions of *************** *** 326,332 **** A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: March 13, 2004 All architectures
  Due to a bug in the parsing of Allow/Deny rules for --- 326,332 ---- A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: March 13, 2004 All architectures
  Due to a bug in the parsing of Allow/Deny rules for *************** *** 337,343 **** A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: March 8, 2004 All architectures
  OpenBSD's TCP/IP stack did not impose limits on how many out-of-order --- 337,343 ---- A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: March 8, 2004 All architectures
  OpenBSD's TCP/IP stack did not impose limits on how many out-of-order *************** *** 348,354 **** A source code patch exists which remedies this problem.
  !
- 012: RELIABILITY FIX: February 14, 2004 All architectures
  Several buffer overflows exist in the code parsing --- 348,354 ---- A source code patch exists which remedies this problem.
  !
- 012: RELIABILITY FIX: February 14, 2004 All architectures
  Several buffer overflows exist in the code parsing *************** *** 358,364 **** A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: February 8, 2004 All architectures
  An IPv6 MTU handling problem exists that could be used by an attacker --- 358,364 ---- A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: February 8, 2004 All architectures
  An IPv6 MTU handling problem exists that could be used by an attacker *************** *** 368,374 **** A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: February 5, 2004 All architectures
  A reference counting bug exists in the --- 368,374 ---- A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: February 5, 2004 All architectures
  A reference counting bug exists in the *************** *** 379,385 **** A source code patch exists which remedies this problem.
  !
- 009: SECURITY FIX: January 13, 2004 All architectures
  Several message handling flaws in --- 379,385 ---- A source code patch exists which remedies this problem.
  !
- 009: SECURITY FIX: January 13, 2004 All architectures
  Several message handling flaws in *************** *** 391,397 **** A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: November 20, 2003 All architectures
  An improper bounds check makes it possible for a local user to cause a crash --- 391,397 ---- A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: November 20, 2003 All architectures
  An improper bounds check makes it possible for a local user to cause a crash *************** *** 403,409 **** A source code patch exists which remedies this problem.
  !
- 007: RELIABILITY FIX: November 20, 2003 All architectures
  It is possible for a local user to cause a crash via --- 403,409 ---- A source code patch exists which remedies this problem.
  !
- 007: RELIABILITY FIX: November 20, 2003 All architectures
  It is possible for a local user to cause a crash via *************** *** 412,418 **** A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: November 17, 2003 i386 only
  It may be possible for a local user to overrun the stack in --- 412,418 ---- A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: November 17, 2003 i386 only
  It may be possible for a local user to overrun the stack in *************** *** 425,431 **** A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: November 4, 2003 All architectures
  It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. --- 425,431 ---- A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: November 4, 2003 All architectures
  It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. *************** *** 433,439 **** A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: November 1, 2003 All architectures
  A user with write permission to httpd.conf or a .htaccess --- 433,439 ---- A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: November 1, 2003 All architectures
  A user with write permission to httpd.conf or a .htaccess *************** *** 445,451 **** A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: November 1, 2003 All architectures
  It is possible for a local user to cause a system panic by flooding it with spoofed ARP --- 445,451 ---- A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: November 1, 2003 All architectures
  It is possible for a local user to cause a system panic by flooding it with spoofed ARP *************** *** 453,459 **** A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: November 1, 2003 All architectures
  The use of certain ASN.1 encodings or malformed public keys may allow an --- 453,459 ---- A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: November 1, 2003 All architectures
  The use of certain ASN.1 encodings or malformed public keys may allow an *************** *** 463,469 **** A source code patch exists which remedies this problem.
  !
- 001: DOCUMENTATION FIX: November 1, 2003 All architectures
  The CD insert documentation has an incorrect example for package installation.
  --- 463,469 ---- A source code patch exists which remedies this problem.
  !
- 001: DOCUMENTATION FIX: November 1, 2003 All architectures
  The CD insert documentation has an incorrect example for package installation.