=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v retrieving revision 1.61 retrieving revision 1.62 diff -c -r1.61 -r1.62 *** www/errata38.html 2016/08/15 02:22:06 1.61 --- www/errata38.html 2016/10/16 19:11:29 1.62 *************** *** 70,76 ****
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

--- 70,76 ----

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

*************** *** 99,105 **** CVE-2006-4924, CVE-2006-5051
! A source code patch exists which remedies this problem.

--- 99,105 ---- CVE-2006-4924, CVE-2006-5051
! A source code patch exists which remedies this problem.

*************** *** 112,118 **** Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
! A source code patch exists which remedies this problem.

--- 112,118 ---- Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
! A source code patch exists which remedies this problem.

*************** *** 130,136 **** CVE-2006-4343, CVE-2006-2940
! A source code patch exists which remedies this problem.

--- 130,136 ---- CVE-2006-4343, CVE-2006-2940
! A source code patch exists which remedies this problem.

*************** *** 143,149 **** style attacks. CVE-2006-3918
! A source code patch exists which remedies this problem.

--- 143,149 ---- style attacks. CVE-2006-3918
! A source code patch exists which remedies this problem.

*************** *** 155,161 **** valid PKCS#1 v1.5 signature. CVE-2006-4339
! A source code patch exists which remedies this problem.

--- 155,161 ---- valid PKCS#1 v1.5 signature. CVE-2006-4339
! A source code patch exists which remedies this problem.

*************** *** 172,178 **** CVE-2006-4095 CVE-2006-4096
! A source code patch exists which remedies this problem.

--- 172,178 ---- CVE-2006-4095 CVE-2006-4096
! A source code patch exists which remedies this problem.

*************** *** 185,191 **** connection causing the kernel to panic. CVE-2006-4304
! A source code patch exists which remedies this problem.

--- 185,191 ---- connection causing the kernel to panic. CVE-2006-4304
! A source code patch exists which remedies this problem.

*************** *** 200,206 **** An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter.
! A source code patch exists which remedies this problem.

--- 200,206 ---- An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter.
! A source code patch exists which remedies this problem.

*************** *** 210,216 **** It is possible to cause the kernel to panic when more than the default number of sempahores have been allocated.
! A source code patch exists which remedies this problem.

--- 210,216 ---- It is possible to cause the kernel to panic when more than the default number of sempahores have been allocated.
! A source code patch exists which remedies this problem.

*************** *** 224,230 **** to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
! A source code patch exists which remedies this problem.

--- 224,230 ---- to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
! A source code patch exists which remedies this problem.

*************** *** 235,241 **** with really long header lines could trigger a use-after-free bug causing sendmail to crash.
! A source code patch exists which remedies this problem.

--- 235,241 ---- with really long header lines could trigger a use-after-free bug causing sendmail to crash.
! A source code patch exists which remedies this problem.

*************** *** 249,255 **** could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
! A source code patch exists which remedies this problem.

--- 249,255 ---- could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
! A source code patch exists which remedies this problem.

*************** *** 263,269 **** delivered. However, mail messages in the queue may not be reattempted if a malformed MIME message exists.
! A source code patch exists which remedies this problem.

--- 263,269 ---- delivered. However, mail messages in the queue may not be reattempted if a malformed MIME message exists.
! A source code patch exists which remedies this problem.

*************** *** 275,281 **** Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

--- 275,281 ---- Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
! A source code patch exists which remedies this problem.

*************** *** 286,292 **** asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

--- 286,292 ---- asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
! A source code patch exists which remedies this problem.

*************** *** 301,307 **** This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

--- 301,307 ---- This can be exploited to execute shell commands with privileges of the user running scp(1).
! A source code patch exists which remedies this problem.

*************** *** 313,319 **** so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

--- 313,319 ---- so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
! A source code patch exists which remedies this problem.

*************** *** 329,335 **** requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

--- 329,335 ---- requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
! A source code patch exists which remedies this problem.

*************** *** 338,344 ****   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

--- 338,344 ----   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
! A source code patch exists which remedies this problem.

*************** *** 348,354 **** A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.

--- 348,354 ---- A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
! A source code patch exists which remedies this problem.