===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- www/errata35.html 2016/08/15 02:22:06 1.67
+++ www/errata35.html 2016/10/16 19:11:29 1.68
@@ -70,7 +70,7 @@
-
+
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
@@ -95,7 +95,7 @@
CAN-2005-0753
.
-
+
A source code patch exists which remedies this problem.
@@ -106,7 +106,7 @@
tcp(4)
timestamps.
-
+
A source code patch exists which remedies this problem.
@@ -120,7 +120,7 @@
telnet(1)
.
-
+
A source code patch exists which remedies this problem.
@@ -132,7 +132,7 @@
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
-
+
A source code patch exists which remedies this problem.
@@ -143,7 +143,7 @@
copy(9)
functions to prevent their misuse.
-
+
A source code patch exists which remedies this problem.
@@ -154,7 +154,7 @@
copy(9)
functions to prevent their misuse.
-
+
A source code patch exists which remedies this problem.
@@ -167,7 +167,7 @@
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
-
+
A source code patch exists which remedies this problem.
@@ -182,7 +182,7 @@
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
-
+
A source code patch exists which remedies this problem.
@@ -194,7 +194,7 @@
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
-
+
A source code patch exists which remedies this problem.
@@ -208,7 +208,7 @@
ipsec(4)
credentials on a socket.
-
+
A source code patch exists which remedies this problem.
@@ -222,7 +222,7 @@
lynx(1)
to exhaust memory and then crash when parsing such pages.
-
+
A source code patch exists which remedies this problem.
@@ -232,7 +232,7 @@
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
-
+
A source code patch exists which remedies this problem.
@@ -242,7 +242,7 @@
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
-
+
A source code patch exists which remedies this problem.
@@ -254,7 +254,7 @@
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
-
+
A source code patch exists which remedies this problem.
@@ -268,7 +268,7 @@
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
-
+
A source code patch exists which remedies this problem.
@@ -280,7 +280,7 @@
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
-
+
A source code patch exists which remedies this problem.
@@ -291,7 +291,7 @@
CAN-2004-0797
.
-
+
A source code patch exists which remedies this problem.
@@ -303,7 +303,7 @@
bridge(4)
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
-
+
A source code patch exists which remedies this problem.
@@ -314,7 +314,7 @@
http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
-
+
A source code patch exists which remedies this problem.
@@ -324,7 +324,7 @@
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
-
+
A source code patch exists which remedies this problem.
@@ -338,7 +338,7 @@
CAN-2004-0488,
CAN-2004-0492.
-
+
A source code patch exists which remedies this problem.
@@ -351,7 +351,7 @@
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
-
+
A source code patch exists which remedies this problem.
@@ -362,7 +362,7 @@
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
-
+
A source code patch exists which remedies this problem.
@@ -373,7 +373,7 @@
One program affected by this is the qmail
mail server which could go into an infinite loop and consume all CPU.
-
+
A source code patch exists which remedies this problem.
@@ -388,7 +388,7 @@
more details see
Heimdal's announcement.
-
+
A source code patch exists which remedies this problem.
@@ -402,7 +402,7 @@
XFree86
bugzilla for details.
-
+
A source code patch exists which remedies this problem.
@@ -414,7 +414,7 @@
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
-
+
A source code patch exists which remedies this problem.
@@ -422,7 +422,7 @@
All architectures
Check for integer overflow in procfs. Use of procfs is not recommended.
-
+
A source code patch exists which remedies this problem.
@@ -430,7 +430,7 @@
All architectures
Reply to in-window SYN with a rate-limited ACK.
-
+
A source code patch exists which remedies this problem.
@@ -442,7 +442,7 @@
iha(4)
).
-
+
A source code patch exists which remedies this problem.
@@ -452,7 +452,7 @@
gdt(4)
controllers will lock up.
-
+
A source code patch exists which remedies this problem.
@@ -465,7 +465,7 @@
the client and allowing clients to check out files outside the CVS
repository.
-
+
A source code patch exists which remedies this problem.