===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.35
retrieving revision 1.36
diff -c -r1.35 -r1.36
*** www/errata35.html 2010/03/08 21:53:37 1.35
--- www/errata35.html 2010/07/08 19:00:07 1.36
***************
*** 54,60 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 54,60 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 77,83 ****
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
--- 77,83 ----
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
***************
*** 87,93 ****
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
--- 87,93 ----
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
***************
*** 100,106 ****
telnet(1)
.
!
A source code patch exists which remedies this problem.
--- 100,106 ----
telnet(1)
.
!
A source code patch exists which remedies this problem.
***************
*** 111,117 ****
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
--- 111,117 ----
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
***************
*** 124,130 ****
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
--- 124,130 ----
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 138,144 ****
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
--- 138,144 ----
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
***************
*** 149,155 ****
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
--- 149,155 ----
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
***************
*** 162,168 ****
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
--- 162,168 ----
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
***************
*** 175,181 ****
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
--- 175,181 ----
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
***************
*** 184,190 ****
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
--- 184,190 ----
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
***************
*** 193,199 ****
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
--- 193,199 ----
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
***************
*** 204,210 ****
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
--- 204,210 ----
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
***************
*** 217,223 ****
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
--- 217,223 ----
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
***************
*** 228,234 ****
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
--- 228,234 ----
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
CAN-2004-0797
.
!
A source code patch exists which remedies this problem.
--- 238,244 ----
CAN-2004-0797
.
!
A source code patch exists which remedies this problem.
***************
*** 249,255 ****
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
--- 249,255 ----
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
***************
*** 259,265 ****
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
--- 259,265 ----
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
***************
*** 268,274 ****
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
--- 268,274 ----
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
***************
*** 281,287 ****
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
--- 281,287 ----
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
***************
*** 293,299 ****
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
--- 293,299 ----
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
***************
*** 303,309 ****
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 303,309 ----
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 313,319 ****
One program affected by this is the qmail
mail server which could go into an infinite loop and consume all CPU.
!
A source code patch exists which remedies this problem.
--- 313,319 ----
One program affected by this is the qmail
mail server which could go into an infinite loop and consume all CPU.
!
A source code patch exists which remedies this problem.
***************
*** 329,335 ****
Heimdal's announcement.
A source code patch exists which remedies this problem.
--- 329,335 ----
Heimdal's announcement.
A source code patch exists which remedies this problem.
***************
*** 345,351 ****
bugzilla for details.
A source code patch exists which remedies this problem.
--- 345,351 ----
bugzilla for details.
A source code patch exists which remedies this problem.
***************
*** 357,363 ****
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 357,363 ----
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 365,371 ****
2004
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
--- 365,371 ----
2004
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
***************
*** 373,379 ****
2004
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
--- 373,379 ----
2004
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
***************
*** 385,391 ****
iha(4)
).
!
A source code patch exists which remedies this problem.
--- 385,391 ----
iha(4)
).
!
A source code patch exists which remedies this problem.
***************
*** 395,401 ****
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
--- 395,401 ----
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
***************
*** 408,414 ****
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.
--- 408,414 ----
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.
***************
*** 422,428 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 422,428 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 442,448 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 442,448 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 551,557 ****
www@openbsd.org
!
$OpenBSD: errata35.html,v 1.35 2010/03/08 21:53:37 deraadt Exp $