=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata37.html,v retrieving revision 1.57 retrieving revision 1.58 diff -c -r1.57 -r1.58 *** www/errata37.html 2016/08/15 02:22:06 1.57 --- www/errata37.html 2016/10/16 19:11:29 1.58 *************** *** 70,76 ****
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

--- 70,76 ----

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

*************** *** 95,101 **** Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

--- 95,101 ---- Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

*************** *** 106,112 **** asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

--- 106,112 ---- asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

*************** *** 121,127 **** This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

--- 121,127 ---- This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

*************** *** 133,139 **** so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

--- 133,139 ---- so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

*************** *** 149,155 **** requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

--- 149,155 ---- requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

*************** *** 158,164 ****   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

--- 158,164 ----   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

*************** *** 168,174 **** A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.

--- 168,174 ---- A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.

*************** *** 179,185 **** isakmpd(8) may occur.
! A source code patch exists which remedies this problem.

--- 179,185 ---- isakmpd(8) may occur.
! A source code patch exists which remedies this problem.

*************** *** 191,197 **** which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
! A source code patch exists which remedies this problem.

--- 191,197 ---- which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
! A source code patch exists which remedies this problem.

*************** *** 202,208 **** compress(3) which may be exploitable.
! A source code patch exists which remedies this problem.

--- 202,208 ---- compress(3) which may be exploitable.
! A source code patch exists which remedies this problem.

*************** *** 215,221 **** is followed by an entry that grants sudo ALL privileges to another user.
! A source code patch exists which remedies this problem.

--- 215,221 ---- is followed by an entry that grants sudo ALL privileges to another user.
! A source code patch exists which remedies this problem.

*************** *** 228,234 **** ipsec(4) credentials for a socket can result in a kernel panic.
! A source code patch exists which remedies this problem.

--- 228,234 ---- ipsec(4) credentials for a socket can result in a kernel panic.
! A source code patch exists which remedies this problem.

*************** *** 242,248 **** CAN-2005-0753 .
! A source code patch exists which remedies this problem.

--- 242,248 ---- CAN-2005-0753 .
! A source code patch exists which remedies this problem.