===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.61
retrieving revision 1.62
diff -c -r1.61 -r1.62
*** www/errata38.html 2016/08/15 02:22:06 1.61
--- www/errata38.html 2016/10/16 19:11:29 1.62
***************
*** 70,76 ****
--- 70,76 ----
***************
*** 99,105 ****
CVE-2006-4924,
CVE-2006-5051
!
A source code patch exists which remedies this problem.
--- 99,105 ----
CVE-2006-4924,
CVE-2006-5051
!
A source code patch exists which remedies this problem.
***************
*** 112,118 ****
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
--- 112,118 ----
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
***************
*** 130,136 ****
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
--- 130,136 ----
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
***************
*** 143,149 ****
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
--- 143,149 ----
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
***************
*** 155,161 ****
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
--- 155,161 ----
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
***************
*** 172,178 ****
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
--- 172,178 ----
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
***************
*** 185,191 ****
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
--- 185,191 ----
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
***************
*** 200,206 ****
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
--- 200,206 ----
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
***************
*** 210,216 ****
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
--- 210,216 ----
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
***************
*** 224,230 ****
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
--- 224,230 ----
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
***************
*** 235,241 ****
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
--- 235,241 ----
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
***************
*** 249,255 ****
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
--- 249,255 ----
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
***************
*** 263,269 ****
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
--- 263,269 ----
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
***************
*** 275,281 ****
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
--- 275,281 ----
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
***************
*** 286,292 ****
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
!
A source code patch exists which remedies this problem.
--- 286,292 ----
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
!
A source code patch exists which remedies this problem.
***************
*** 301,307 ****
This can be exploited to execute shell commands with privileges of the user running
scp(1).
!
A source code patch exists which remedies this problem.
--- 301,307 ----
This can be exploited to execute shell commands with privileges of the user running
scp(1).
!
A source code patch exists which remedies this problem.
***************
*** 313,319 ****
so even root is blocked from accessing the ioports
unless the machine is running at lower securelevels or with an open X11 aperture.
!
A source code patch exists which remedies this problem.
--- 313,319 ----
so even root is blocked from accessing the ioports
unless the machine is running at lower securelevels or with an open X11 aperture.
!
A source code patch exists which remedies this problem.
***************
*** 329,335 ****
requests need it to. This is now implemented using only GDT selectors
instead of the LDT so that it is more robust as well.
!
A source code patch exists which remedies this problem.
--- 329,335 ----
requests need it to. This is now implemented using only GDT selectors
instead of the LDT so that it is more robust as well.
!
A source code patch exists which remedies this problem.
***************
*** 338,344 ****
All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
!
A source code patch exists which remedies this problem.
--- 338,344 ----
All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
!
A source code patch exists which remedies this problem.
***************
*** 348,354 ****
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
!
A source code patch exists which remedies this problem.
--- 348,354 ----
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
!
A source code patch exists which remedies this problem.