www/errata35.html - diff

Return to errata35.html CVS log

Up to [local] / www

Diff for /www/errata35.html between version 1.17 and 1.18

-version 1.17, 2005/03/17 17:25:20
+version 1.18, 2005/03/30 17:18:51
 Line 57
 Line 57
 Line 57
  <a name="all"></a>
  <h3><font color="#e00000">All architectures</font></h3>
  <ul>
+ <li><a name="telnet"></a>
+ <font color="#009000"><strong>031: SECURITY FIX: March 30, 2005</strong></font><br>
+ Due to buffer overflows in
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&amp;apropos=0&amp;sektion=1&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">telnet(1)</a>
+ , a malicious server or man-in-the-middle attack could allow execution of
+ arbitrary code with the privileges of the user invoking
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&amp;apropos=0&amp;sektion=1&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">telnet(1)</a>
+ .
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/031_telnet.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
+ <li><a name="sack"></a>
+ <font color="#009000"><strong>030: RELIABILITY FIX: March 30, 2005</strong></font><br>
+ Bugs in the
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&amp;apropos=0&amp;sektion=4&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html">tcp(4)</a>
+ stack can lead to memory exhaustion or processing of TCP segments with
+ invalid SACK options and cause a system crash.
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/030_sack.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
  <li><a name="rtt"></a>
  <font color="#009000"><strong>027: RELIABILITY FIX: January 11, 2005</strong></font><br>
  A bug in the