===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.79
retrieving revision 1.80
diff -c -r1.79 -r1.80
*** www/errata34.html 2016/08/15 02:22:06 1.79
--- www/errata34.html 2016/10/16 19:11:29 1.80
***************
*** 68,74 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 68,74 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 94,100 ****
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
--- 94,100 ----
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
***************
*** 108,114 ****
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
--- 108,114 ----
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
***************
*** 118,124 ****
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
--- 118,124 ----
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
***************
*** 128,134 ****
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
--- 128,134 ----
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
***************
*** 140,146 ****
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
--- 140,146 ----
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
***************
*** 154,160 ****
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
--- 154,160 ----
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
***************
*** 166,172 ****
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
--- 166,172 ----
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
***************
*** 179,185 ****
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
--- 179,185 ----
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
***************
*** 190,196 ****
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
--- 190,196 ----
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
***************
*** 200,206 ****
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
--- 200,206 ----
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
***************
*** 214,220 ****
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
--- 214,220 ----
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
***************
*** 227,233 ****
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
--- 227,233 ----
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 238,244 ----
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 253,259 ****
more details see
Heimdal's announcement.
!
A source code patch exists which remedies this problem.
--- 253,259 ----
more details see
Heimdal's announcement.
!
A source code patch exists which remedies this problem.
***************
*** 265,271 ****
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 265,271 ----
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 273,279 ****
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
--- 273,279 ----
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
***************
*** 281,287 ****
All architectures
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
--- 281,287 ----
All architectures
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
***************
*** 291,297 ****
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
--- 291,297 ----
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
***************
*** 304,310 ****
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.
--- 304,310 ----
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.
***************
*** 315,321 ****
A remote attacker can use the bug to cause an OpenSSL application to crash;
this may lead to a denial of service.
!
A source code patch exists which remedies this problem.
--- 315,321 ----
A remote attacker can use the bug to cause an OpenSSL application to crash;
this may lead to a denial of service.
!
A source code patch exists which remedies this problem.
***************
*** 327,333 ****
cause isakmpd to crash or to loop endlessly. This patch fixes these problems
and removes some memory leaks.
!
A source code patch exists which remedies this problem.
--- 327,333 ----
cause isakmpd to crash or to loop endlessly. This patch fixes these problems
and removes some memory leaks.
!
A source code patch exists which remedies this problem.
***************
*** 338,344 ****
access module, using IP addresses without a netmask on big endian 64-bit
platforms causes the rules to fail to match. This only affects sparc64.
!
A source code patch exists which remedies this problem.
--- 338,344 ----
access module, using IP addresses without a netmask on big endian 64-bit
platforms causes the rules to fail to match. This only affects sparc64.
!
A source code patch exists which remedies this problem.
***************
*** 349,355 ****
send out-of-order TCP segments and trick the system into using all
available memory buffers.
!
A source code patch exists which remedies this problem.
--- 349,355 ----
send out-of-order TCP segments and trick the system into using all
available memory buffers.
!
A source code patch exists which remedies this problem.
***************
*** 359,365 ****
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
exploited to gain privileges, but they can cause the X server to abort.
!
A source code patch exists which remedies this problem.
--- 359,365 ----
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
exploited to gain privileges, but they can cause the X server to abort.
!
A source code patch exists which remedies this problem.
***************
*** 369,375 ****
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
!
A source code patch exists which remedies this problem.
--- 369,375 ----
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
!
A source code patch exists which remedies this problem.
***************
*** 380,386 ****
system call that could be used by an attacker to write to kernel memory
under certain circumstances.
!
A source code patch exists which remedies this problem.
--- 380,386 ----
system call that could be used by an attacker to write to kernel memory
under certain circumstances.
!
A source code patch exists which remedies this problem.
***************
*** 392,398 ****
includes a reliability fix for a filedescriptor leak that causes problems when a crypto card is
installed.
!
A source code patch exists which remedies this problem.
--- 392,398 ----
includes a reliability fix for a filedescriptor leak that causes problems when a crypto card is
installed.
!
A source code patch exists which remedies this problem.
***************
*** 404,410 ****
semop(2) functions
certain arguments.
!
A source code patch exists which remedies this problem.
--- 404,410 ----
semop(2) functions
certain arguments.
!
A source code patch exists which remedies this problem.
***************
*** 413,419 ****
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
!
A source code patch exists which remedies this problem.
--- 413,419 ----
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
!
A source code patch exists which remedies this problem.
***************
*** 426,432 ****
sysctl(8)
for this to happen.
!
A source code patch exists which remedies this problem.
--- 426,432 ----
sysctl(8)
for this to happen.
!
A source code patch exists which remedies this problem.
***************
*** 434,440 ****
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
!
A source code patch exists which remedies this problem.
--- 434,440 ----
All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
!
A source code patch exists which remedies this problem.
***************
*** 446,452 ****
or potentially run arbitrary code as the user www (although it
is believed that ProPolice will prevent code execution).
!
A source code patch exists which remedies this problem.
--- 446,452 ----
or potentially run arbitrary code as the user www (although it
is believed that ProPolice will prevent code execution).
!
A source code patch exists which remedies this problem.
***************
*** 454,460 ****
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
!
A source code patch exists which remedies this problem.
--- 454,460 ----
All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
!
A source code patch exists which remedies this problem.
***************
*** 464,470 ****
attacker to mount a denial of service attack against applications linked with
ssl(3).
This does not affect OpenSSH.
!
A source code patch exists which remedies this problem.
--- 464,470 ----
attacker to mount a denial of service attack against applications linked with
ssl(3).
This does not affect OpenSSH.
!
A source code patch exists which remedies this problem.
***************
*** 473,482 ****
The CD insert documentation has an incorrect example for package installation.
Where it is written:
! # pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386
It should instead read:
! # pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/
The extra / at the end is important. We do not make
patch files available for things printed on paper.
--- 473,482 ----
The CD insert documentation has an incorrect example for package installation.
Where it is written:
! # pkg_add https://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386
It should instead read:
! # pkg_add https://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/
The extra / at the end is important. We do not make
patch files available for things printed on paper.