===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata36.html,v
retrieving revision 1.45
retrieving revision 1.46
diff -c -r1.45 -r1.46
*** www/errata36.html 2016/03/21 05:46:20 1.45
--- www/errata36.html 2016/03/22 10:54:42 1.46
***************
*** 88,94 ****
020: SECURITY FIX: July 21, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
--- 88,94 ----
020: SECURITY FIX: July 21, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
***************
*** 100,106 ****
019: SECURITY FIX: July 6, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
--- 100,106 ----
019: SECURITY FIX: July 6, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
***************
*** 111,117 ****
018: SECURITY FIX: June 20, 2005
All architectures
Due to a race condition in its command pathname handling, a user with
! sudo(8)
privileges may be able to run arbitrary commands if the user's entry
is followed by an entry that grants sudo ALL privileges to
another user.
--- 111,117 ----
018: SECURITY FIX: June 20, 2005
All architectures
Due to a race condition in its command pathname handling, a user with
! sudo(8)
privileges may be able to run arbitrary commands if the user's entry
is followed by an entry that grants sudo ALL privileges to
another user.
***************
*** 124,132 ****
017: RELIABILITY FIX: June 15, 2005
All architectures
As discovered by Stefan Miltchev calling
! getsockopt(2)
to get
! ipsec(4)
credentials for a socket can result in a kernel panic.
--- 124,132 ----
017: RELIABILITY FIX: June 15, 2005
All architectures
As discovered by Stefan Miltchev calling
! getsockopt(2)
to get
! ipsec(4)
credentials for a socket can result in a kernel panic.
***************
*** 137,143 ****
016: SECURITY FIX: April 28, 2005
All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
! cvs(1)
. None of these issues are known to be exploitable.
CAN-2005-0753
.
--- 137,143 ----
016: SECURITY FIX: April 28, 2005
All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
! cvs(1)
. None of these issues are known to be exploitable.
CAN-2005-0753
.
***************
*** 150,156 ****
015: RELIABILITY FIX: April 4, 2005
All architectures
Handle an edge condition in
! tcp(4)
timestamps.
--- 150,156 ----
015: RELIABILITY FIX: April 4, 2005
All architectures
Handle an edge condition in
! tcp(4)
timestamps.
***************
*** 161,172 ****
014: SECURITY FIX: March 30, 2005
All architectures
Due to buffer overflows in
! telnet(1),
a malicious server or man-in-the-middle attack could allow execution of
arbitrary code with the privileges of the user invoking
! telnet(1).
Noone should use telnet anymore. Please use
! ssh(1).
A source code patch exists which remedies this problem.
--- 161,172 ----
014: SECURITY FIX: March 30, 2005
All architectures
Due to buffer overflows in
! telnet(1),
a malicious server or man-in-the-middle attack could allow execution of
arbitrary code with the privileges of the user invoking
! telnet(1).
Noone should use telnet anymore. Please use
! ssh(1).
A source code patch exists which remedies this problem.
***************
*** 176,182 ****
013: RELIABILITY FIX: March 30, 2005
All architectures
Bugs in the
! tcp(4)
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
--- 176,182 ----
013: RELIABILITY FIX: March 30, 2005
All architectures
Bugs in the
! tcp(4)
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
***************
*** 188,194 ****
012: SECURITY FIX: March 16, 2005
amd64 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
--- 188,194 ----
012: SECURITY FIX: March 16, 2005
amd64 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
***************
*** 199,205 ****
011: SECURITY FIX: February 28, 2005
i386 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
--- 199,205 ----
011: SECURITY FIX: February 28, 2005
i386 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
***************
*** 210,216 ****
010: RELIABILITY FIX: January 11, 2005
All architectures
A bug in the
! tcp(4)
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
--- 210,216 ----
010: RELIABILITY FIX: January 11, 2005
All architectures
A bug in the
! tcp(4)
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
***************
*** 222,228 ****