===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- www/errata34.html 2014/03/31 03:12:47 1.59
+++ www/errata34.html 2014/03/31 03:36:54 1.60
@@ -76,11 +76,9 @@
-
-All architectures
-
-035: SECURITY FIX: December 13, 2004
+035: SECURITY FIX: December 13, 2004 All architectures
On systems running
isakmpd(8)
it is possible for a local user to cause kernel memory corruption
@@ -92,7 +90,7 @@
A source code patch exists which remedies this problem.
-
-034: RELIABILITY FIX: November 10, 2004
+034: RELIABILITY FIX: November 10, 2004 All architectures
Due to a bug in
lynx(1)
it is possible for pages such as
@@ -105,7 +103,7 @@
A source code patch exists which remedies this problem.
-
-033: RELIABILITY FIX: November 10, 2004
+033: RELIABILITY FIX: November 10, 2004 All architectures
pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
@@ -114,7 +112,7 @@
A source code patch exists which remedies this problem.
-
-032: RELIABILITY FIX: November 10, 2004
+032: RELIABILITY FIX: November 10, 2004 All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
@@ -123,7 +121,7 @@
A source code patch exists which remedies this problem.
-
-031: SECURITY FIX: September 20, 2004
+031: SECURITY FIX: September 20, 2004 All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
was not checking the shared secret used for replies sent by the radius server.
@@ -134,7 +132,7 @@
A source code patch exists which remedies this problem.
-
-030: SECURITY FIX: September 16, 2004
+030: SECURITY FIX: September 16, 2004 All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
library code that parses image files
@@ -147,7 +145,7 @@
A source code patch exists which remedies this problem.
-
-029: SECURITY FIX: September 10, 2004
+029: SECURITY FIX: September 10, 2004 All architectures
httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
position outside of a char array, causing a DoS or possibly buffer overflows.
@@ -159,7 +157,7 @@
-
-028: RELIABILITY FIX: August 26, 2004
+028: RELIABILITY FIX: August 26, 2004 All architectures
As
reported
by Vafa Izadinia
@@ -170,7 +168,7 @@
A source code patch exists which remedies this problem.
-
-027: RELIABILITY FIX: August 25, 2004
+027: RELIABILITY FIX: August 25, 2004 All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
@@ -180,7 +178,7 @@
A source code patch exists which remedies this problem.
-
-026: RELIABILITY FIX: Jul 25, 2004
+026: RELIABILITY FIX: Jul 25, 2004 All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
@@ -189,7 +187,7 @@
A source code patch exists which remedies this problem.
-
-025: SECURITY FIX: June 12, 2004
+025: SECURITY FIX: June 12, 2004 All architectures
Multiple vulnerabilities have been found in
httpd(8)
/ mod_ssl.
@@ -202,7 +200,7 @@
A source code patch exists which remedies this problem.
-
-024: SECURITY FIX: June 10, 2004
+024: SECURITY FIX: June 10, 2004 All architectures
As
disclosed
by Thomas Walpuski
@@ -214,7 +212,7 @@
A source code patch exists which remedies this problem.
-
-023: SECURITY FIX: June 9, 2004
+023: SECURITY FIX: June 9, 2004 All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
server that allow an attacker to crash the server or possibly execute arbitrary
@@ -224,7 +222,7 @@
A source code patch exists which remedies this problem.
-
-022: SECURITY FIX: May 30, 2004
+022: SECURITY FIX: May 30, 2004 All architectures
A flaw in the Kerberos V
kdc(8)
server could result in the administrator of a Kerberos realm having
@@ -238,7 +236,7 @@
A source code patch exists which remedies this problem.
-
-021: SECURITY FIX: May 20, 2004
+021: SECURITY FIX: May 20, 2004 All architectures
A heap overflow in the
cvs(1)
server has been discovered that can be exploited by clients sending
@@ -249,21 +247,21 @@
A source code patch exists which remedies this problem.
-
-020: SECURITY FIX: May 13, 2004
+020: SECURITY FIX: May 13, 2004 All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
A source code patch exists which remedies this problem.
-
-019: RELIABILITY FIX: May 6, 2004
+019: RELIABILITY FIX: May 6, 2004 All architectures
Reply to in-window SYN with a rate-limited ACK.
A source code patch exists which remedies this problem.
-
-018: RELIABILITY FIX: May 5, 2004
+018: RELIABILITY FIX: May 5, 2004 All architectures
Under load "recent model"
gdt(4)
controllers will lock up.
@@ -272,7 +270,7 @@
A source code patch exists which remedies this problem.
-
-017: SECURITY FIX: May 5, 2004
+017: SECURITY FIX: May 5, 2004 All architectures
Pathname validation problems have been found in
cvs(1),
allowing malicious clients to create files outside the repository, allowing
@@ -284,7 +282,7 @@
A source code patch exists which remedies this problem.
-
-016: RELIABILITY FIX: March 17, 2004
+016: RELIABILITY FIX: March 17, 2004 All architectures
A missing check for a NULL-pointer dereference has been found in
ssl(3).
A remote attacker can use the bug to cause an OpenSSL application to crash;
@@ -294,7 +292,7 @@
A source code patch exists which remedies this problem.
-
-015: RELIABILITY FIX: March 17, 2004
+015: RELIABILITY FIX: March 17, 2004 All architectures
Defects in the payload validation and processing functions of
isakmpd(8)
have been discovered. An attacker could send malformed ISAKMP messages and
@@ -305,7 +303,7 @@
A source code patch exists which remedies this problem.
-
-014: SECURITY FIX: March 13, 2004
+014: SECURITY FIX: March 13, 2004 All architectures
Due to a bug in the parsing of Allow/Deny rules for
httpd(8)'s
access module, using IP addresses without a netmask on big endian 64-bit
@@ -315,7 +313,7 @@
A source code patch exists which remedies this problem.
-
-013: RELIABILITY FIX: March 8, 2004
+013: RELIABILITY FIX: March 8, 2004 All architectures
OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
TCP segments are queued in the system. An attacker could
send out-of-order TCP segments and trick the system into using all
@@ -325,7 +323,7 @@
A source code patch exists which remedies this problem.
-
-012: RELIABILITY FIX: February 14, 2004
+012: RELIABILITY FIX: February 14, 2004 All architectures
Several buffer overflows exist in the code parsing
font.aliases files in XFree86. Thanks to ProPolice, these cannot be
exploited to gain privileges, but they can cause the X server to abort.
@@ -334,7 +332,7 @@
A source code patch exists which remedies this problem.
-
-011: SECURITY FIX: February 8, 2004
+011: SECURITY FIX: February 8, 2004 All architectures
An IPv6 MTU handling problem exists that could be used by an attacker
to cause a denial of service attack against hosts with reachable IPv6
TCP ports.
@@ -343,7 +341,7 @@
A source code patch exists which remedies this problem.
-
-010: SECURITY FIX: February 5, 2004
+010: SECURITY FIX: February 5, 2004 All architectures
A reference counting bug exists in the
shmat(2)
system call that could be used by an attacker to write to kernel memory
@@ -353,7 +351,7 @@
A source code patch exists which remedies this problem.
-
-009: SECURITY FIX: January 13, 2004
+009: SECURITY FIX: January 13, 2004 All architectures
Several message handling flaws in
isakmpd(8)
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also
@@ -364,7 +362,7 @@
A source code patch exists which remedies this problem.
-
-008: RELIABILITY FIX: November 20, 2003
+008: RELIABILITY FIX: November 20, 2003 All architectures
An improper bounds check makes it possible for a local user to cause a crash
by passing the
semctl(2) and
@@ -375,7 +373,7 @@
A source code patch exists which remedies this problem.
-
-007: RELIABILITY FIX: November 20, 2003
+007: RELIABILITY FIX: November 20, 2003 All architectures
It is possible for a local user to cause a crash via
sysctl(3) with certain arguments.
@@ -383,14 +381,14 @@
A source code patch exists which remedies this problem.
-
-005: RELIABILITY FIX: November 4, 2003
+005: RELIABILITY FIX: November 4, 2003 All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
A source code patch exists which remedies this problem.
-
-004: RELIABILITY FIX: November 1, 2003
+004: RELIABILITY FIX: November 1, 2003 All architectures
A user with write permission to httpd.conf or a .htaccess
file can crash
httpd(8)
@@ -401,14 +399,14 @@
A source code patch exists which remedies this problem.
-
-003: RELIABILITY FIX: November 1, 2003
+003: RELIABILITY FIX: November 1, 2003 All architectures
It is possible for a local user to cause a system panic by flooding it with spoofed ARP
requests.
A source code patch exists which remedies this problem.
-
-002: SECURITY FIX: November 1, 2003
+002: SECURITY FIX: November 1, 2003 All architectures
The use of certain ASN.1 encodings or malformed public keys may allow an
attacker to mount a denial of service attack against applications linked with
ssl(3).
@@ -417,7 +415,7 @@
A source code patch exists which remedies this problem.
-
-001: DOCUMENTATION FIX: November 1, 2003
+001: DOCUMENTATION FIX: November 1, 2003 All architectures
The CD insert documentation has an incorrect example for package installation.
Where it is written: