=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v retrieving revision 1.9 retrieving revision 1.10 diff -c -r1.9 -r1.10 *** www/errata38.html 2006/07/30 17:35:57 1.9 --- www/errata38.html 2006/08/25 15:56:06 1.10 *************** *** 75,80 **** --- 75,126 ----

+ 013: SECURITY FIX: August 25, 2006 All architectures
+ A problem in + isakmpd(8) + caused IPsec to run partly without replay protection. If + isakmpd(8) + was acting as responder during SA negotiation, SA's with a replay window of size 0 were created. + An attacker could reinject sniffed IPsec packets, which will be accepted without checking the + replay counter. +
+ + A source code patch exists which remedies this problem.
+
+ +
+ 012: SECURITY FIX: August 25, 2006 All architectures
+ It is possible to cause the kernel to panic when more than the default number of + sempahores have been allocated. +
+ + A source code patch exists which remedies this problem.
+
+ +
+ 011: SECURITY FIX: August 25, 2006 All architectures
+ Due to an off-by-one error in + dhcpd(8), + it is possible to cause + dhcpd(8) + to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. + CVE-2006-3122 +
+ + A source code patch exists which remedies this problem.
+
+ +
+ 010: SECURITY FIX: August 25, 2006 All architectures
+ A potential denial of service problem has been found in sendmail. A message + with really long header lines could trigger a use-after-free bug causing + sendmail to crash. +
+ + A source code patch exists which remedies this problem.
+
+
009: SECURITY FIX: July 30, 2006 All architectures
httpd *************** *** 211,217 ****
www@openbsd.org !
$OpenBSD: errata38.html,v 1.9 2006/07/30 17:35:57 brad Exp $ --- 257,263 ----
www@openbsd.org !
$OpenBSD: errata38.html,v 1.10 2006/08/25 15:56:06 brad Exp $