===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- www/errata35.html 2014/03/28 03:04:30 1.46
+++ www/errata35.html 2014/03/31 03:12:47 1.47
@@ -6,7 +6,6 @@
-
@@ -65,13 +64,16 @@
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
+
-
The patches below are available in CVS via the
+The patches below are available in CVS via the
OPENBSD_3_5
patch branch.
-
+
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
+
+
@@ -86,7 +88,7 @@
.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -96,7 +98,7 @@
timestamps.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -109,7 +111,7 @@
.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -120,7 +122,7 @@
invalid SACK options and cause a system crash.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -133,7 +135,7 @@
timestamp option, an attacker can cause a system panic.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -147,7 +149,7 @@
includes and making use of a malicious document.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -158,7 +160,7 @@
to retrieve the current working directory if the path is very long.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -171,7 +173,7 @@
credentials on a socket.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
023: RELIABILITY FIX: November 10, 2004
@@ -184,7 +186,7 @@
to exhaust memory and then crash when parsing such pages.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
022: RELIABILITY FIX: November 10, 2004
@@ -193,7 +195,7 @@
be used to deny service to other users.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
021: RELIABILITY FIX: November 10, 2004
@@ -202,7 +204,7 @@
thus slow DNS queries.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
020: SECURITY FIX: September 20, 2004
@@ -213,7 +215,7 @@
attacker. Note that OpenBSD does not ship with radius authentication enabled.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
019: SECURITY FIX: September 16, 2004
@@ -226,7 +228,7 @@
an application that handles XPM images, if they could escape ProPolice.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
018: SECURITY FIX: September 10, 2004
@@ -237,7 +239,7 @@
dbm file.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
017: RELIABILITY FIX: August 29, 2004
@@ -247,7 +249,7 @@
.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
016: RELIABILITY FIX: August 26, 2004
@@ -258,7 +260,7 @@
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
015: RELIABILITY FIX: August 25, 2004
@@ -268,7 +270,7 @@
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
014: RELIABILITY FIX: July 25, 2004
@@ -277,7 +279,7 @@
manifested itself as a FPU related crash on boot up.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
013: SECURITY FIX: June 12, 2004
@@ -290,7 +292,7 @@
CAN-2004-0492.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
012: SECURITY FIX: June 10, 2004
@@ -302,7 +304,7 @@
tunnels at will.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
011: SECURITY FIX: June 9, 2004
@@ -312,7 +314,7 @@
code with the same privileges as the CVS server program.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
010: RELIABILITY FIX: June 9, 2004
@@ -322,13 +324,12 @@
mail server which could go into an infinite loop and consume all CPU.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-009: SECURITY FIX: May 30,
-2004
-A flaw in the Kerberos V kdc(8)
+009: SECURITY FIX: May 30, 2004
+A flaw in the Kerberos V
+kdc(8)
server could result in the administrator of a Kerberos realm having
the ability to impersonate any principal in any other realm which
has established a cross-realm trust with their realm. The flaw is due to
@@ -336,29 +337,24 @@
more details see
Heimdal's announcement.
-
-A source code patch exists which remedies this problem.
+
+A source code patch exists which remedies this problem.
-008: SECURITY FIX: May 26,
-2004
+008: SECURITY FIX: May 26, 2004
With the introduction of IPv6 code in
-xdm(1),
+xdm(1),
one test on the 'requestPort' resource was deleted by accident. This
makes xdm create the chooser socket even if xdmcp is disabled in
xdm-config, by setting requestPort to 0. See
XFree86
bugzilla for details.
-
-A source code patch exists which remedies this problem.
+
+A source code patch exists which remedies this problem.
-007: SECURITY FIX: May 20,
-2004
+007: SECURITY FIX: May 20, 2004
A heap overflow in the
cvs(1)
server has been discovered that can be exploited by clients sending
@@ -366,27 +362,24 @@
with the same privileges as the CVS server program.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-006: SECURITY FIX: May 13,
-2004
+006: SECURITY FIX: May 13, 2004
Check for integer overflow in procfs. Use of procfs is not recommended.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-005: RELIABILITY FIX: May 6,
-2004
+005: RELIABILITY FIX: May 6, 2004
Reply to in-window SYN with a rate-limited ACK.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-004: RELIABILITY FIX: May 5,
-2004
+004: RELIABILITY FIX: May 5, 2004
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
siop(4),
trm(4),
@@ -394,21 +387,19 @@
).
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-003: RELIABILITY FIX: May 5,
-2004
+003: RELIABILITY FIX: May 5, 2004
Under load "recent model"
gdt(4)
controllers will lock up.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-002: SECURITY FIX: May 5,
-2004
+002: SECURITY FIX: May 5, 2004
Pathname validation problems have been found in
cvs(1),
allowing malicious clients to create files outside the repository, allowing
@@ -417,7 +408,7 @@
repository.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
@@ -431,16 +422,10 @@
functions to prevent their misuse.
-A source code patch exists which remedies this problem.
+A source code patch exists which remedies this problem.
-
-
alpha
-
-- No problems identified yet.
-
-
amd64
-
-
cats
-
-- No problems identified yet.
-
-
-
-
mac68k
-
-- No problems identified yet.
-
-
-
-
sparc
-
-- No problems identified yet.
-
-
-
-
sparc64
-
-- No problems identified yet.
-
-
-
-
hppa
-
-- No problems identified yet.
-
-
-
-
hp300
-
-- No problems identified yet.
-
-
-
-
mvme68k
-
-- No problems identified yet.
-
-
-
-
mvme88k
-
-- No problems identified yet.
-
-
macppc
-
-
vax
-
-- No problems identified yet.