===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata36.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -c -r1.21 -r1.22
*** www/errata36.html 2010/03/08 21:53:37 1.21
--- www/errata36.html 2010/07/08 19:00:07 1.22
***************
*** 54,60 ****
--- 90,96 ----
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
!
A source code patch exists which remedies this problem.
***************
*** 100,106 ****
compress(3)
which may be exploitable.
!
A source code patch exists which remedies this problem.
--- 100,106 ----
compress(3)
which may be exploitable.
!
A source code patch exists which remedies this problem.
***************
*** 112,118 ****
is followed by an entry that grants sudo ALL privileges to
another user.
!
A source code patch exists which remedies this problem.
--- 112,118 ----
is followed by an entry that grants sudo ALL privileges to
another user.
!
A source code patch exists which remedies this problem.
***************
*** 124,130 ****
ipsec(4)
credentials for a socket can result in a kernel panic.
!
A source code patch exists which remedies this problem.
--- 124,130 ----
ipsec(4)
credentials for a socket can result in a kernel panic.
!
A source code patch exists which remedies this problem.
***************
*** 136,142 ****
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
--- 136,142 ----
CAN-2005-0753
.
!
A source code patch exists which remedies this problem.
***************
*** 146,152 ****
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
--- 146,152 ----
tcp(4)
timestamps.
!
A source code patch exists which remedies this problem.
***************
*** 160,166 ****
Noone should use telnet anymore. Please use
ssh(1).
!
A source code patch exists which remedies this problem.
--- 160,166 ----
Noone should use telnet anymore. Please use
ssh(1).
!
A source code patch exists which remedies this problem.
***************
*** 171,177 ****
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
--- 171,177 ----
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
!
A source code patch exists which remedies this problem.
***************
*** 181,187 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 181,187 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 191,197 ****
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
--- 191,197 ----
copy(9)
functions to prevent their misuse.
!
A source code patch exists which remedies this problem.
***************
*** 203,209 ****
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
--- 203,209 ----
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 217,223 ****
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
--- 217,223 ----
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
!
A source code patch exists which remedies this problem.
***************
*** 228,234 ****
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
--- 228,234 ----
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
!
A source code patch exists which remedies this problem.
***************
*** 241,247 ****
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
--- 241,247 ----
ipsec(4)
credentials on a socket.
!
A source code patch exists which remedies this problem.
***************
*** 250,256 ****
Fix for transmit side breakage on macppc and mbuf leaks with
xl(4).
!
A source code patch exists which remedies this problem.
--- 250,256 ----
Fix for transmit side breakage on macppc and mbuf leaks with
xl(4).
!
A source code patch exists which remedies this problem.
***************
*** 260,266 ****
isakmpd(8)
and other ISAKMP/IKE implementations.
!
A source code patch exists which remedies this problem.
--- 260,266 ----
isakmpd(8)
and other ISAKMP/IKE implementations.
!
A source code patch exists which remedies this problem.
***************
*** 274,280 ****
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
--- 274,280 ----
lynx(1)
to exhaust memory and then crash when parsing such pages.
!
A source code patch exists which remedies this problem.
***************
*** 284,290 ****
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
--- 284,290 ----
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
!
A source code patch exists which remedies this problem.
***************
*** 294,300 ****
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
--- 294,300 ----
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
!
A source code patch exists which remedies this problem.
***************
*** 303,309 ****
Fix detection of tape blocksize during device open. Corrects problem with
restore(8).
!
A source code patch exists which remedies this problem.
--- 303,309 ----
Fix detection of tape blocksize during device open. Corrects problem with
restore(8).
!
A source code patch exists which remedies this problem.
*************** *** 347,353 ****