===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.31
retrieving revision 1.32
diff -c -r1.31 -r1.32
*** www/errata38.html 2010/03/08 21:53:37 1.31
--- www/errata38.html 2010/07/08 19:00:07 1.32
***************
*** 54,60 ****
--- 94,100 ----
CVE-2006-4924,
CVE-2006-5051
!
A source code patch exists which remedies this problem.
***************
*** 106,112 ****
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
--- 106,112 ----
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
***************
*** 123,129 ****
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
--- 123,129 ----
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
***************
*** 135,141 ****
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
--- 135,141 ----
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
***************
*** 146,152 ****
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
--- 146,152 ----
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
***************
*** 162,168 ****
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
--- 162,168 ----
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
***************
*** 174,180 ****
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
--- 174,180 ----
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
***************
*** 188,194 ****
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
--- 188,194 ----
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
***************
*** 197,203 ****
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
--- 197,203 ----
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
***************
*** 210,216 ****
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
--- 210,216 ----
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
***************
*** 220,226 ****
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
--- 220,226 ----
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
***************
*** 233,239 ****
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
--- 233,239 ----
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
***************
*** 246,252 ****
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
--- 246,252 ----
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
***************
*** 257,263 ****
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
--- 257,263 ----
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
***************
*** 267,273 ****
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
!
A source code patch exists which remedies this problem.
--- 267,273 ----
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
!
A source code patch exists which remedies this problem.
***************
*** 281,287 ****
This can be exploited to execute shell commands with privileges of the user running
scp(1).
!
A source code patch exists which remedies this problem.
--- 281,287 ----
This can be exploited to execute shell commands with privileges of the user running
scp(1).
!
A source code patch exists which remedies this problem.
***************
*** 292,298 ****
so even root is blocked from accessing the ioports
unless the machine is running at lower securelevels or with an open X11 aperture.
!
A source code patch exists which remedies this problem.
--- 292,298 ----
so even root is blocked from accessing the ioports
unless the machine is running at lower securelevels or with an open X11 aperture.
!
A source code patch exists which remedies this problem.
***************
*** 307,313 ****
requests need it to. This is now implemented using only GDT selectors
instead of the LDT so that it is more robust as well.
!
A source code patch exists which remedies this problem.
--- 307,313 ----
requests need it to. This is now implemented using only GDT selectors
instead of the LDT so that it is more robust as well.
!
A source code patch exists which remedies this problem.
***************
*** 315,321 ****
002: SECURITY FIX: January 5, 2006 All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
!
A source code patch exists which remedies this problem.
--- 315,321 ----
002: SECURITY FIX: January 5, 2006 All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
!
A source code patch exists which remedies this problem.
***************
*** 324,330 ****
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
!
A source code patch exists which remedies this problem.
--- 324,330 ----
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
!
A source code patch exists which remedies this problem.
*************** *** 368,374 ****