===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- www/errata38.html 2006/09/27 10:37:09 1.16
+++ www/errata38.html 2006/10/07 18:07:36 1.17
@@ -74,6 +74,45 @@
+-
+019: SECURITY FIX: October 7, 2006 All architectures
+Fix for an integer overflow in systrace's STRIOCREPLACE support, found by
+Chris Evans. This could be exploited for DoS, limited kmem reads or local
+privilege escalation.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+018: SECURITY FIX: October 7, 2006 All architectures
+Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
+structures an error condition is mishandled, possibly resulting in an infinite
+loop. A buffer overflow exists in the SSL_get_shared_ciphers function. A NULL
+pointer may be dereferenced in the SSL version 2 client code. In addition, many
+applications using OpenSSL do not perform any validation of the lengths of
+public keys being used.
+CVE-2006-2937,
+CVE-2006-3738,
+CVE-2006-4343,
+CVE-2006-2940
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+017: SECURITY FIX: October 7, 2006 All architectures
+httpd(8)
+does not sanitize the Expect header from an HTTP request when it is
+reflected back in an error message, which might allow cross-site scripting (XSS)
+style attacks.
+CVE-2006-3918
+
+
+A source code patch exists which remedies this problem.
+
+
-
016: SECURITY FIX: September 8, 2006 All architectures
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for
@@ -294,7 +333,7 @@
www@openbsd.org
-
$OpenBSD: errata38.html,v 1.16 2006/09/27 10:37:09 tom Exp $
+
$OpenBSD: errata38.html,v 1.17 2006/10/07 18:07:36 brad Exp $