===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- www/errata35.html 2014/03/31 03:12:47 1.47
+++ www/errata35.html 2014/03/31 03:36:54 1.48
@@ -76,11 +76,9 @@
-
-All architectures
-
-033: SECURITY FIX: April 28, 2005
+033: SECURITY FIX: April 28, 2005 All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
cvs(1)
. None of these issues are known to be exploitable.
@@ -92,7 +90,7 @@
-
-032: RELIABILITY FIX: April 4, 2005
+032: RELIABILITY FIX: April 4, 2005 All architectures
Handle an edge condition in
tcp(4)
timestamps.
@@ -102,7 +100,7 @@
-
-031: SECURITY FIX: March 30, 2005
+031: SECURITY FIX: March 30, 2005 All architectures
Due to buffer overflows in
telnet(1)
, a malicious server or man-in-the-middle attack could allow execution of
@@ -115,7 +113,7 @@
-
-030: RELIABILITY FIX: March 30, 2005
+030: RELIABILITY FIX: March 30, 2005 All architectures
Bugs in the
tcp(4)
stack can lead to memory exhaustion or processing of TCP segments with
@@ -127,7 +125,7 @@
-
-027: RELIABILITY FIX: January 11, 2005
+027: RELIABILITY FIX: January 11, 2005 All architectures
A bug in the
tcp(4)
stack allows an invalid argument to be used in calculating the TCP
@@ -139,7 +137,7 @@
-
-026: SECURITY FIX: January 12, 2005
+026: SECURITY FIX: January 12, 2005 All architectures
httpd(8)
's mod_include module fails to properly validate the length of
user supplied tag strings prior to copying them to a local buffer,
@@ -153,7 +151,7 @@
-
-025: RELIABILITY FIX: January 6, 2005
+025: RELIABILITY FIX: January 6, 2005 All architectures
The
getcwd(3)
library function contains a memory management error, which causes failure
@@ -164,7 +162,7 @@
-
-024: SECURITY FIX: December 14, 2004
+024: SECURITY FIX: December 14, 2004 All architectures
On systems running
isakmpd(8)
it is possible for a local user to cause kernel memory corruption
@@ -176,7 +174,7 @@
A source code patch exists which remedies this problem.
-
-023: RELIABILITY FIX: November 10, 2004
+023: RELIABILITY FIX: November 10, 2004 All architectures
Due to a bug in
lynx(1)
it is possible for pages such as
@@ -189,7 +187,7 @@
A source code patch exists which remedies this problem.
-
-022: RELIABILITY FIX: November 10, 2004
+022: RELIABILITY FIX: November 10, 2004 All architectures
pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
@@ -198,7 +196,7 @@
A source code patch exists which remedies this problem.
-
-021: RELIABILITY FIX: November 10, 2004
+021: RELIABILITY FIX: November 10, 2004 All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
@@ -207,7 +205,7 @@
A source code patch exists which remedies this problem.
-
-020: SECURITY FIX: September 20, 2004
+020: SECURITY FIX: September 20, 2004 All architectures
Eilko Bos reported that radius authentication, as implemented by
login_radius(8),
was not checking the shared secret used for replies sent by the radius server.
@@ -218,7 +216,7 @@
A source code patch exists which remedies this problem.
-
-019: SECURITY FIX: September 16, 2004
+019: SECURITY FIX: September 16, 2004 All architectures
Chris Evans reported several flaws (stack and integer overflows) in the
Xpm
library code that parses image files
@@ -231,7 +229,7 @@
A source code patch exists which remedies this problem.
-
-018: SECURITY FIX: September 10, 2004
+018: SECURITY FIX: September 10, 2004 All architectures
httpd(8)
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
position outside of a char array, causing a DoS or possibly buffer overflows.
@@ -242,7 +240,7 @@
A source code patch exists which remedies this problem.
-
-017: RELIABILITY FIX: August 29, 2004
+017: RELIABILITY FIX: August 29, 2004 All architectures
Due to incorrect error handling in zlib an attacker could potentially cause a Denial
of Service attack.
CAN-2004-0797
@@ -252,7 +250,7 @@
A source code patch exists which remedies this problem.
-
-016: RELIABILITY FIX: August 26, 2004
+016: RELIABILITY FIX: August 26, 2004 All architectures
As
reported
by Vafa Izadinia
@@ -263,7 +261,7 @@
A source code patch exists which remedies this problem.
-
-015: RELIABILITY FIX: August 25, 2004
+015: RELIABILITY FIX: August 25, 2004 All architectures
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
@@ -273,7 +271,7 @@
A source code patch exists which remedies this problem.
-
-014: RELIABILITY FIX: July 25, 2004
+014: RELIABILITY FIX: July 25, 2004 All architectures
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
@@ -282,7 +280,7 @@
A source code patch exists which remedies this problem.
-
-013: SECURITY FIX: June 12, 2004
+013: SECURITY FIX: June 12, 2004 All architectures
Multiple vulnerabilities have been found in
httpd(8)
/ mod_ssl.
@@ -295,7 +293,7 @@
A source code patch exists which remedies this problem.
-
-012: SECURITY FIX: June 10, 2004
+012: SECURITY FIX: June 10, 2004 All architectures
As
disclosed
by Thomas Walpuski
@@ -307,7 +305,7 @@
A source code patch exists which remedies this problem.
-
-011: SECURITY FIX: June 9, 2004
+011: SECURITY FIX: June 9, 2004 All architectures
Multiple remote vulnerabilities have been found in the
cvs(1)
server that allow an attacker to crash the server or possibly execute arbitrary
@@ -317,7 +315,7 @@
A source code patch exists which remedies this problem.
-
-010: RELIABILITY FIX: June 9, 2004
+010: RELIABILITY FIX: June 9, 2004 All architectures
A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
non-blocking mode for writing when there are no processes reading the FIFO.
One program affected by this is the qmail
@@ -327,7 +325,7 @@
A source code patch exists which remedies this problem.
-
-009: SECURITY FIX: May 30, 2004
+009: SECURITY FIX: May 30, 2004 All architectures
A flaw in the Kerberos V
kdc(8)
server could result in the administrator of a Kerberos realm having
@@ -341,7 +339,7 @@
A source code patch exists which remedies this problem.
-
-008: SECURITY FIX: May 26, 2004
+008: SECURITY FIX: May 26, 2004 All architectures
With the introduction of IPv6 code in
xdm(1),
one test on the 'requestPort' resource was deleted by accident. This
@@ -354,7 +352,7 @@
A source code patch exists which remedies this problem.
-
-007: SECURITY FIX: May 20, 2004
+007: SECURITY FIX: May 20, 2004 All architectures
A heap overflow in the
cvs(1)
server has been discovered that can be exploited by clients sending
@@ -365,21 +363,21 @@
A source code patch exists which remedies this problem.
-
-006: SECURITY FIX: May 13, 2004
+006: SECURITY FIX: May 13, 2004 All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
A source code patch exists which remedies this problem.
-
-005: RELIABILITY FIX: May 6, 2004
+005: RELIABILITY FIX: May 6, 2004 All architectures
Reply to in-window SYN with a rate-limited ACK.
A source code patch exists which remedies this problem.
-
-004: RELIABILITY FIX: May 5, 2004
+004: RELIABILITY FIX: May 5, 2004 All architectures
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
siop(4),
trm(4),
@@ -390,7 +388,7 @@
A source code patch exists which remedies this problem.
-
-003: RELIABILITY FIX: May 5, 2004
+003: RELIABILITY FIX: May 5, 2004 All architectures
Under load "recent model"
gdt(4)
controllers will lock up.
@@ -399,7 +397,7 @@
A source code patch exists which remedies this problem.
-
-002: SECURITY FIX: May 5, 2004
+002: SECURITY FIX: May 5, 2004 All architectures
Pathname validation problems have been found in
cvs(1),
allowing malicious clients to create files outside the repository, allowing