=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v retrieving revision 1.31 retrieving revision 1.32 diff -c -r1.31 -r1.32 *** www/errata38.html 2010/03/08 21:53:37 1.31 --- www/errata38.html 2010/07/08 19:00:07 1.32 *************** *** 54,60 ****
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. --- 54,60 ----
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. *************** *** 94,100 **** CVE-2006-4924, CVE-2006-5051
! A source code patch exists which remedies this problem.

--- 94,100 ---- CVE-2006-4924, CVE-2006-5051
! A source code patch exists which remedies this problem.

*************** *** 106,112 **** Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
! A source code patch exists which remedies this problem.

--- 106,112 ---- Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
! A source code patch exists which remedies this problem.

*************** *** 123,129 **** CVE-2006-4343, CVE-2006-2940
! A source code patch exists which remedies this problem.

--- 123,129 ---- CVE-2006-4343, CVE-2006-2940
! A source code patch exists which remedies this problem.

*************** *** 135,141 **** style attacks. CVE-2006-3918
! A source code patch exists which remedies this problem.

--- 135,141 ---- style attacks. CVE-2006-3918
! A source code patch exists which remedies this problem.

*************** *** 146,152 **** valid PKCS#1 v1.5 signature. CVE-2006-4339
! A source code patch exists which remedies this problem.

--- 146,152 ---- valid PKCS#1 v1.5 signature. CVE-2006-4339
! A source code patch exists which remedies this problem.

*************** *** 162,168 **** CVE-2006-4095 CVE-2006-4096
! A source code patch exists which remedies this problem.

--- 162,168 ---- CVE-2006-4095 CVE-2006-4096
! A source code patch exists which remedies this problem.

*************** *** 174,180 **** connection causing the kernel to panic. CVE-2006-4304
! A source code patch exists which remedies this problem.

--- 174,180 ---- connection causing the kernel to panic. CVE-2006-4304
! A source code patch exists which remedies this problem.

*************** *** 188,194 **** An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter.
! A source code patch exists which remedies this problem.

--- 188,194 ---- An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter.
! A source code patch exists which remedies this problem.

*************** *** 197,203 **** It is possible to cause the kernel to panic when more than the default number of sempahores have been allocated.
! A source code patch exists which remedies this problem.

--- 197,203 ---- It is possible to cause the kernel to panic when more than the default number of sempahores have been allocated.
! A source code patch exists which remedies this problem.

*************** *** 210,216 **** to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
! A source code patch exists which remedies this problem.

--- 210,216 ---- to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
! A source code patch exists which remedies this problem.

*************** *** 220,226 **** with really long header lines could trigger a use-after-free bug causing sendmail to crash.
! A source code patch exists which remedies this problem.

--- 220,226 ---- with really long header lines could trigger a use-after-free bug causing sendmail to crash.
! A source code patch exists which remedies this problem.

*************** *** 233,239 **** could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
! A source code patch exists which remedies this problem.

--- 233,239 ---- could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
! A source code patch exists which remedies this problem.

*************** *** 246,252 **** delivered. However, mail messages in the queue may not be reattempted if a malformed MIME message exists.
! A source code patch exists which remedies this problem.

--- 246,252 ---- delivered. However, mail messages in the queue may not be reattempted if a malformed MIME message exists.
! A source code patch exists which remedies this problem.

*************** *** 257,263 **** Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

--- 257,263 ---- Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

*************** *** 267,273 **** asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

--- 267,273 ---- asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

*************** *** 281,287 **** This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

--- 281,287 ---- This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

*************** *** 292,298 **** so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

--- 292,298 ---- so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

*************** *** 307,313 **** requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

--- 307,313 ---- requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

*************** *** 315,321 **** 002: SECURITY FIX: January 5, 2006   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

--- 315,321 ---- 002: SECURITY FIX: January 5, 2006   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

*************** *** 324,330 **** A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.

--- 324,330 ---- A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.

*************** *** 368,374 ****

OpenBSD www@openbsd.org !
$OpenBSD: errata38.html,v 1.31 2010/03/08 21:53:37 deraadt Exp $ --- 368,374 ----
OpenBSD www@openbsd.org !
$OpenBSD: errata38.html,v 1.32 2010/07/08 19:00:07 sthen Exp $