=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata36.html,v retrieving revision 1.55 retrieving revision 1.56 diff -u -r1.55 -r1.56 --- www/errata36.html 2017/03/28 06:41:18 1.55 +++ www/errata36.html 2017/06/26 17:18:57 1.56 @@ -87,7 +87,7 @@ 020: SECURITY FIX: July 21, 2005   All architectures
A buffer overflow has been found in -compress(3) +compress(3) which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
@@ -99,7 +99,7 @@ 019: SECURITY FIX: July 6, 2005   All architectures
A buffer overflow has been found in -compress(3) +compress(3) which may be exploitable.
@@ -110,7 +110,7 @@ 018: SECURITY FIX: June 20, 2005   All architectures
Due to a race condition in its command pathname handling, a user with -sudo(8) +sudo(8) privileges may be able to run arbitrary commands if the user's entry is followed by an entry that grants sudo ALL privileges to another user. @@ -123,9 +123,9 @@ 017: RELIABILITY FIX: June 15, 2005   All architectures
As discovered by Stefan Miltchev calling -getsockopt(2) +getsockopt(2) to get -ipsec(4) +ipsec(4) credentials for a socket can result in a kernel panic.
@@ -136,7 +136,7 @@ 016: SECURITY FIX: April 28, 2005   All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in -cvs(1) +cvs(1) . None of these issues are known to be exploitable. CAN-2005-0753 . @@ -149,7 +149,7 @@ 015: RELIABILITY FIX: April 4, 2005   All architectures
Handle an edge condition in -tcp(4) +tcp(4) timestamps.
@@ -160,12 +160,12 @@ 014: SECURITY FIX: March 30, 2005   All architectures
Due to buffer overflows in -telnet(1), +telnet(1), a malicious server or man-in-the-middle attack could allow execution of arbitrary code with the privileges of the user invoking -telnet(1). +telnet(1). Noone should use telnet anymore. Please use -ssh(1). +ssh(1).
A source code patch exists which remedies this problem. @@ -175,7 +175,7 @@ 013: RELIABILITY FIX: March 30, 2005   All architectures
Bugs in the -tcp(4) +tcp(4) stack can lead to memory exhaustion or processing of TCP segments with invalid SACK options and cause a system crash.
@@ -187,7 +187,7 @@ 012: SECURITY FIX: March 16, 2005   amd64 only
More stringent checking should be done in the -copy(9) +copy(9) functions to prevent their misuse.
@@ -198,7 +198,7 @@ 011: SECURITY FIX: February 28, 2005   i386 only
More stringent checking should be done in the -copy(9) +copy(9) functions to prevent their misuse.
@@ -209,7 +209,7 @@ 010: RELIABILITY FIX: January 11, 2005   All architectures
A bug in the -tcp(4) +tcp(4) stack allows an invalid argument to be used in calculating the TCP retransmit timeout. By sending packets with specific values in the TCP timestamp option, an attacker can cause a system panic. @@ -221,7 +221,7 @@
  • 009: SECURITY FIX: January 12, 2005   All architectures
    -httpd(8) +httpd(8) 's mod_include module fails to properly validate the length of user supplied tag strings prior to copying them to a local buffer, causing a buffer overflow. @@ -237,7 +237,7 @@ 008: RELIABILITY FIX: January 6, 2005   All architectures
    The -getcwd(3) +getcwd(3) library function contains a memory management error, which causes failure to retrieve the current working directory if the path is very long.
    @@ -249,10 +249,10 @@ 007: SECURITY FIX: December 14, 2004   All architectures
    On systems running -isakmpd(8) +isakmpd(8) it is possible for a local user to cause kernel memory corruption and system panic by setting -ipsec(4) +ipsec(4) credentials on a socket.
    @@ -263,7 +263,7 @@ 006: RELIABILITY FIX: November 21, 2004   All architectures
    Fix for transmit side breakage on macppc and mbuf leaks with -    xl(4). +xl(4).
    A source code patch exists which remedies this problem. @@ -273,7 +273,7 @@ 005: RELIABILITY FIX: November 21, 2004   All architectures
    Wrong calculation of NAT-D payloads may cause interoperability problems between -isakmpd(8) +isakmpd(8) and other ISAKMP/IKE implementations.
    @@ -284,11 +284,11 @@ 004: RELIABILITY FIX: November 10, 2004   All architectures
    Due to a bug in -    lynx(1) +lynx(1) it is possible for pages such as this to cause -lynx(1) +lynx(1) to exhaust memory and then crash when parsing such pages.
    @@ -298,7 +298,7 @@
  • 003: RELIABILITY FIX: November 10, 2004   All architectures
    -    pppd(8) +pppd(8) contains a bug that allows an attacker to crash his own connection, but it cannot be used to deny service to other users.
    @@ -321,7 +321,7 @@ 001: RELIABILITY FIX: November 10, 2004   All architectures
    Fix detection of tape blocksize during device open. Corrects problem with -restore(8). +restore(8).
    A source code patch exists which remedies this problem.