===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.9
retrieving revision 1.10
diff -c -r1.9 -r1.10
*** www/errata38.html 2006/07/30 17:35:57 1.9
--- www/errata38.html 2006/08/25 15:56:06 1.10
***************
*** 75,80 ****
--- 75,126 ----
+ -
+ 013: SECURITY FIX: August 25, 2006 All architectures
+ A problem in
+ isakmpd(8)
+ caused IPsec to run partly without replay protection. If
+ isakmpd(8)
+ was acting as responder during SA negotiation, SA's with a replay window of size 0 were created.
+ An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
+ replay counter.
+
+
+ A source code patch exists which remedies this problem.
+
+
+
-
+ 012: SECURITY FIX: August 25, 2006 All architectures
+ It is possible to cause the kernel to panic when more than the default number of
+ sempahores have been allocated.
+
+
+ A source code patch exists which remedies this problem.
+
+
+
-
+ 011: SECURITY FIX: August 25, 2006 All architectures
+ Due to an off-by-one error in
+ dhcpd(8),
+ it is possible to cause
+ dhcpd(8)
+ to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
+ CVE-2006-3122
+
+
+ A source code patch exists which remedies this problem.
+
+
+
-
+ 010: SECURITY FIX: August 25, 2006 All architectures
+ A potential denial of service problem has been found in sendmail. A message
+ with really long header lines could trigger a use-after-free bug causing
+ sendmail to crash.
+
+
+ A source code patch exists which remedies this problem.
+
+
-
009: SECURITY FIX: July 30, 2006 All architectures
httpd
***************
*** 211,217 ****
www@openbsd.org
!
$OpenBSD: errata38.html,v 1.9 2006/07/30 17:35:57 brad Exp $