===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- www/errata34.html 2010/03/08 21:53:37 1.47
+++ www/errata34.html 2010/07/08 19:00:07 1.48
@@ -54,7 +54,7 @@
-
+
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
@@ -78,7 +78,7 @@
ipsec(4)
credentials on a socket.
-
+
A source code patch exists which remedies this problem.
@@ -91,7 +91,7 @@
lynx(1)
to exhaust memory and then crash when parsing such pages.
-
+
A source code patch exists which remedies this problem.
@@ -100,7 +100,7 @@
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
-
+
A source code patch exists which remedies this problem.
@@ -109,7 +109,7 @@
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
-
+
A source code patch exists which remedies this problem.
@@ -120,7 +120,7 @@
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
-
+
A source code patch exists which remedies this problem.
@@ -133,7 +133,7 @@
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
-
+
A source code patch exists which remedies this problem.
@@ -144,7 +144,7 @@
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
-
+
A source code patch exists which remedies this problem.
@@ -156,7 +156,7 @@
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
-
+
A source code patch exists which remedies this problem.
@@ -166,7 +166,7 @@
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
-
+
A source code patch exists which remedies this problem.
@@ -175,7 +175,7 @@
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
-
+
A source code patch exists which remedies this problem.
@@ -188,7 +188,7 @@
CAN-2004-0488,
CAN-2004-0492.
-
+
A source code patch exists which remedies this problem.
@@ -200,7 +200,7 @@
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
-
+
A source code patch exists which remedies this problem.
@@ -210,7 +210,7 @@
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
-
+
A source code patch exists which remedies this problem.
@@ -226,7 +226,7 @@
Heimdal's announcement.
+href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/022_kerberos.patch">
A source code patch exists which remedies this problem.
@@ -238,7 +238,7 @@
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
-
+
A source code patch exists which remedies this problem.
@@ -246,7 +246,7 @@
2004
Check for integer overflow in procfs. Use of procfs is not recommended.
-
+
A source code patch exists which remedies this problem.
@@ -254,7 +254,7 @@
2004
Reply to in-window SYN with a rate-limited ACK.
-
+
A source code patch exists which remedies this problem.
@@ -264,7 +264,7 @@
gdt(4)
controllers will lock up.
-
+
A source code patch exists which remedies this problem.
@@ -277,7 +277,7 @@
the client and allowing clients to check out files outside the CVS
repository.
-
+
A source code patch exists which remedies this problem.
@@ -288,7 +288,7 @@
A remote attacker can use the bug to cause an OpenSSL application to crash;
this may lead to a denial of service.
-
+
A source code patch exists which remedies this problem.
@@ -300,7 +300,7 @@
cause isakmpd to crash or to loop endlessly. This patch fixes these problems
and removes some memory leaks.
-
+
A source code patch exists which remedies this problem.
@@ -311,7 +311,7 @@
access module, using IP addresses without a netmask on big endian 64-bit
platforms causes the rules to fail to match. This only affects sparc64.
-
+
A source code patch exists which remedies the problem.
@@ -322,7 +322,7 @@
send out-of-order TCP segments and trick the system into using all
available memory buffers.
-
+
A source code patch exists which remedies the problem.
@@ -332,7 +332,7 @@
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
exploited to gain privileges, but they can cause the X server to abort.
-
+
A source code patch exists which remedies the problem.
@@ -341,7 +341,7 @@
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
-
+
A source code patch exists which remedies the problem.
@@ -351,7 +351,7 @@
system call that could be used by an attacker to write to kernel memory
under certain circumstances.
-
+
A source code patch exists which remedies the problem.
@@ -362,7 +362,7 @@
includes a reliability fix for a filedescriptor leak that causes problems when a crypto card is
installed.
-
+
A source code patch exists which remedies these problems.
@@ -373,7 +373,7 @@
semop(2) functions
certain arguments.
-
+
A source code patch exists which remedies the problem.
@@ -381,14 +381,14 @@
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
-
+
A source code patch exists which remedies the problem.
005: RELIABILITY FIX: November 4, 2003
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
-
+
A source code patch exists which remedies the problem.
@@ -399,14 +399,14 @@
or potentially run arbitrary code as the user www (although it
is believed that ProPolice will prevent code execution).
-
+
A source code patch exists which remedies the problem.
003: RELIABILITY FIX: November 1, 2003
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
-
+
A source code patch exists which remedies the problem.
@@ -415,7 +415,7 @@
attacker to mount a denial of service attack against applications linked with
ssl(3).
This does not affect OpenSSH.
-
+
A source code patch exists which remedies the problem.
@@ -423,10 +423,10 @@
The CD insert documentation has an incorrect example for package installation.
Where it is written:
-# pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386
+# pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386
It should instead read:
-# pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/
+# pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/
The extra / at the end is important. We do not make
patch files available for things printed on paper.
@@ -444,7 +444,7 @@
sysctl(8)
for this to happen.
-
+
A source code patch exists which remedies the problem.
@@ -542,7 +542,7 @@
www@openbsd.org
-
$OpenBSD: errata34.html,v 1.47 2010/03/08 21:53:37 deraadt Exp $
+
$OpenBSD: errata34.html,v 1.48 2010/07/08 19:00:07 sthen Exp $