===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.67
retrieving revision 1.68
diff -c -r1.67 -r1.68
*** www/errata35.html 2016/08/15 02:22:06 1.67
--- www/errata35.html 2016/10/16 19:11:29 1.68
***************
*** 70,76 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 70,76 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 95,101 ****
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
--- 95,101 ----
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
***************
*** 106,112 ****
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
--- 106,112 ----
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
***************
*** 120,126 ****
telnet(1)
.
!
A source code patch exists which remedies this problem.
--- 120,126 ----
telnet(1)
.
!
A source code patch exists which remedies this problem.
***************
*** 132,138 ****
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
--- 132,138 ----
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
***************
*** 143,149 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 143,149 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 154,160 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 154,160 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 167,173 ****
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
--- 167,173 ----
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 182,188 ****
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
--- 182,188 ----
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
***************
*** 194,200 ****
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
--- 194,200 ----
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
***************
*** 208,214 ****
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
--- 208,214 ----
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
***************
*** 222,228 ****
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
--- 222,228 ----
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
***************
*** 232,238 ****
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
--- 232,238 ----
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
***************
*** 242,248 ****
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
--- 242,248 ----
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
***************
*** 254,260 ****
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
--- 254,260 ----
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
!
A source code patch exists which remedies this problem.
***************
*** 268,274 ****
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
--- 268,274 ----
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
!
A source code patch exists which remedies this problem.
***************
*** 280,286 ****
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
--- 280,286 ----
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
!
A source code patch exists which remedies this problem.
***************
*** 291,297 ****
CAN-2004-0797
.
!
A source code patch exists which remedies this problem.
--- 291,297 ----
CAN-2004-0797
.
!
A source code patch exists which remedies this problem.
***************
*** 303,309 ****
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
--- 303,309 ----
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
!
A source code patch exists which remedies this problem.
***************
*** 314,320 ****
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
--- 314,320 ----
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
!
A source code patch exists which remedies this problem.
***************
*** 324,330 ****
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
--- 324,330 ----
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
!
A source code patch exists which remedies this problem.
***************
*** 338,344 ****
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
--- 338,344 ----
CAN-2004-0488,
CAN-2004-0492.
!
A source code patch exists which remedies this problem.
***************
*** 351,357 ****
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
--- 351,357 ----
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
!
A source code patch exists which remedies this problem.
***************
*** 362,368 ****
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 362,368 ----
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 373,379 ****
One program affected by this is the qmail
mail server which could go into an infinite loop and consume all CPU.
!
A source code patch exists which remedies this problem.
--- 373,379 ----
One program affected by this is the qmail
mail server which could go into an infinite loop and consume all CPU.
!
A source code patch exists which remedies this problem.
***************
*** 388,394 ****
more details see
Heimdal's announcement.
!
A source code patch exists which remedies this problem.
--- 388,394 ----
more details see
Heimdal's announcement.
!
A source code patch exists which remedies this problem.
***************
*** 402,408 ****
XFree86
bugzilla for details.
!
A source code patch exists which remedies this problem.
--- 402,408 ----
XFree86
bugzilla for details.
!
A source code patch exists which remedies this problem.
***************
*** 414,420 ****
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
--- 414,420 ----
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
!
A source code patch exists which remedies this problem.
***************
*** 422,428 ****
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
--- 422,428 ----
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
!
A source code patch exists which remedies this problem.
***************
*** 430,436 ****
All architectures
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
--- 430,436 ----
All architectures
Reply to in-window SYN with a rate-limited ACK.
!
A source code patch exists which remedies this problem.
***************
*** 442,448 ****
iha(4)
).
!
A source code patch exists which remedies this problem.
--- 442,448 ----
iha(4)
).
!
A source code patch exists which remedies this problem.
***************
*** 452,458 ****
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
--- 452,458 ----
gdt(4)
controllers will lock up.
!
A source code patch exists which remedies this problem.
***************
*** 465,471 ****
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.
--- 465,471 ----
the client and allowing clients to check out files outside the CVS
repository.
!
A source code patch exists which remedies this problem.