===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata36.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -c -r1.55 -r1.56
*** www/errata36.html 2017/03/28 06:41:18 1.55
--- www/errata36.html 2017/06/26 17:18:57 1.56
***************
*** 87,93 ****
020: SECURITY FIX: July 21, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
--- 87,93 ----
020: SECURITY FIX: July 21, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
***************
*** 99,105 ****
019: SECURITY FIX: July 6, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
--- 99,105 ----
019: SECURITY FIX: July 6, 2005
All architectures
A buffer overflow has been found in
! compress(3)
which may be exploitable.
***************
*** 110,116 ****
018: SECURITY FIX: June 20, 2005
All architectures
Due to a race condition in its command pathname handling, a user with
! sudo(8)
privileges may be able to run arbitrary commands if the user's entry
is followed by an entry that grants sudo ALL privileges to
another user.
--- 110,116 ----
018: SECURITY FIX: June 20, 2005
All architectures
Due to a race condition in its command pathname handling, a user with
! sudo(8)
privileges may be able to run arbitrary commands if the user's entry
is followed by an entry that grants sudo ALL privileges to
another user.
***************
*** 123,131 ****
017: RELIABILITY FIX: June 15, 2005
All architectures
As discovered by Stefan Miltchev calling
! getsockopt(2)
to get
! ipsec(4)
credentials for a socket can result in a kernel panic.
--- 123,131 ----
017: RELIABILITY FIX: June 15, 2005
All architectures
As discovered by Stefan Miltchev calling
! getsockopt(2)
to get
! ipsec(4)
credentials for a socket can result in a kernel panic.
***************
*** 136,142 ****
016: SECURITY FIX: April 28, 2005
All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
! cvs(1)
. None of these issues are known to be exploitable.
CAN-2005-0753
.
--- 136,142 ----
016: SECURITY FIX: April 28, 2005
All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
! cvs(1)
. None of these issues are known to be exploitable.
CAN-2005-0753
.
***************
*** 149,155 ****
015: RELIABILITY FIX: April 4, 2005
All architectures
Handle an edge condition in
! tcp(4)
timestamps.
--- 149,155 ----
015: RELIABILITY FIX: April 4, 2005
All architectures
Handle an edge condition in
! tcp(4)
timestamps.
***************
*** 160,171 ****
014: SECURITY FIX: March 30, 2005
All architectures
Due to buffer overflows in
! telnet(1),
a malicious server or man-in-the-middle attack could allow execution of
arbitrary code with the privileges of the user invoking
! telnet(1).
Noone should use telnet anymore. Please use
! ssh(1).
A source code patch exists which remedies this problem.
--- 160,171 ----
014: SECURITY FIX: March 30, 2005
All architectures
Due to buffer overflows in
! telnet(1),
a malicious server or man-in-the-middle attack could allow execution of
arbitrary code with the privileges of the user invoking
! telnet(1).
Noone should use telnet anymore. Please use
! ssh(1).
A source code patch exists which remedies this problem.
***************
*** 175,181 ****
013: RELIABILITY FIX: March 30, 2005
All architectures
Bugs in the
! tcp(4)
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
--- 175,181 ----
013: RELIABILITY FIX: March 30, 2005
All architectures
Bugs in the
! tcp(4)
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
***************
*** 187,193 ****
012: SECURITY FIX: March 16, 2005
amd64 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
--- 187,193 ----
012: SECURITY FIX: March 16, 2005
amd64 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
***************
*** 198,204 ****
011: SECURITY FIX: February 28, 2005
i386 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
--- 198,204 ----
011: SECURITY FIX: February 28, 2005
i386 only
More stringent checking should be done in the
! copy(9)
functions to prevent their misuse.
***************
*** 209,215 ****
010: RELIABILITY FIX: January 11, 2005
All architectures
A bug in the
! tcp(4)
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
--- 209,215 ----
010: RELIABILITY FIX: January 11, 2005
All architectures
A bug in the
! tcp(4)
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
***************
*** 221,227 ****