=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata36.html,v retrieving revision 1.21 retrieving revision 1.22 diff -u -r1.21 -r1.22 --- www/errata36.html 2010/03/08 21:53:37 1.21 +++ www/errata36.html 2010/07/08 19:00:07 1.22 @@ -54,7 +54,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. @@ -90,7 +90,7 @@ which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
- + A source code patch exists which remedies this problem.

@@ -100,7 +100,7 @@ compress(3) which may be exploitable.
- + A source code patch exists which remedies this problem.

@@ -112,7 +112,7 @@ is followed by an entry that grants sudo ALL privileges to another user.
- + A source code patch exists which remedies this problem.

@@ -124,7 +124,7 @@ ipsec(4) credentials for a socket can result in a kernel panic.
- + A source code patch exists which remedies this problem.

@@ -136,7 +136,7 @@ CAN-2005-0753 .
- + A source code patch exists which remedies this problem.

@@ -146,7 +146,7 @@ tcp(4) timestamps.
- + A source code patch exists which remedies this problem.

@@ -160,7 +160,7 @@ Noone should use telnet anymore. Please use ssh(1).
- + A source code patch exists which remedies this problem.

@@ -171,7 +171,7 @@ stack can lead to memory exhaustion or processing of TCP segments with invalid SACK options and cause a system crash.
- + A source code patch exists which remedies this problem.

@@ -181,7 +181,7 @@ copy(9) functions to prevent their misuse.
- + A source code patch exists which remedies this problem.

@@ -191,7 +191,7 @@ copy(9) functions to prevent their misuse.
- + A source code patch exists which remedies this problem.

@@ -203,7 +203,7 @@ retransmit timeout. By sending packets with specific values in the TCP timestamp option, an attacker can cause a system panic.
- + A source code patch exists which remedies this problem.

@@ -217,7 +217,7 @@ This would require enabling the XBitHack directive or server-side includes and making use of a malicious document.
- + A source code patch exists which remedies this problem.

@@ -228,7 +228,7 @@ library function contains a memory management error, which causes failure to retrieve the current working directory if the path is very long.
- + A source code patch exists which remedies this problem.

@@ -241,7 +241,7 @@ ipsec(4) credentials on a socket.
- + A source code patch exists which remedies this problem.

@@ -250,7 +250,7 @@ Fix for transmit side breakage on macppc and mbuf leaks with xl(4).
- + A source code patch exists which remedies this problem.

@@ -260,7 +260,7 @@ isakmpd(8) and other ISAKMP/IKE implementations.
- + A source code patch exists which remedies this problem.

@@ -274,7 +274,7 @@ lynx(1) to exhaust memory and then crash when parsing such pages.
- + A source code patch exists which remedies this problem.

@@ -284,7 +284,7 @@ contains a bug that allows an attacker to crash his own connection, but it cannot be used to deny service to other users.
- + A source code patch exists which remedies this problem.

@@ -294,7 +294,7 @@ cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and thus slow DNS queries.
- + A source code patch exists which remedies this problem.

@@ -303,7 +303,7 @@ Fix detection of tape blocksize during device open. Corrects problem with restore(8).
- + A source code patch exists which remedies this problem.

@@ -347,7 +347,7 @@

OpenBSD www@openbsd.org -
$OpenBSD: errata36.html,v 1.21 2010/03/08 21:53:37 deraadt Exp $ +
$OpenBSD: errata36.html,v 1.22 2010/07/08 19:00:07 sthen Exp $